Date: Fri, 18 May 2018 16:16:00 +0200 From: Andreas Nilsson <andrnils@gmail.com> To: Allan Jude <allanjude@freebsd.org> Cc: Mailinglists FreeBSD <freebsd-jail@freebsd.org> Subject: Re: rc.conf kld_list vs kern.securelevel Message-ID: <CAPS9%2BSu21o5iaxm6uHm3gU-cA0Qy2yK71vRMfUrqLfS%2BsxUp_Q@mail.gmail.com> In-Reply-To: <d6295dfb-2764-5438-670f-f2dedefd6a3e@freebsd.org> References: <CAPS9%2BSuj=nKeePbC0M3c=YZECGCAowLhtO_GXDAKt_qJf6sXmA@mail.gmail.com> <d6295dfb-2764-5438-670f-f2dedefd6a3e@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 18, 2018 at 3:48 PM, Allan Jude <allanjude@freebsd.org> wrote: > On 2018-05-18 07:04, Andreas Nilsson wrote: > > Hello, > > > > I recently configured a system where kern.securelevel=1 would be good, > but > > noticed that modules listed in kld_list in rc.conf is then not loaded. > > Would it not be a good to either explicitly state that kld_list cannot be > > used with kern.securelevel, or have kld run before sysctl? > > > > Best regards > > Andreas > > _______________________________________________ > > freebsd-jail@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-jail > > To unsubscribe, send any mail to "freebsd-jail-unsubscribe@freebsd.org" > > > > It would seem that kld_list would need to be loaded before sysctl run > anyway, since the sysctl you are trying to set might not exist until the > kernel modules are loaded. Is the securelevel actually set by the sysctl > service? > > -- > Allan Jude > > Hello Seems I managed to send to wrong list :/ Yes, values from sysctl.conf are being applied, i guess by rc.d/sysctl script, so that seems to work. Adding # BEFORE: sysctl to rc.d/kld didn't help, does one have to do anything special to reevaluate rc-script order? Best regards Andreas
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPS9%2BSu21o5iaxm6uHm3gU-cA0Qy2yK71vRMfUrqLfS%2BsxUp_Q>