On Sun, 19 Nov 2006, Chuck Swiger wrote:
Darrel wrote:
With OpenBSD securelevel=2 I can install a kernel, make build, and
install programs which are compiled using Systrace.
What is the highest securelevel that I can configure on RELENG_6_2
which will not affect compiling and installing; e.g., perhaps not
much local difference but having to reboot for a firewall change?
This installation is new and the AUDIT option will be in the kernel.
securelevel = 0.
Because the kernel is installed using the schg flag: if you have securelevel
set to 1 or higher, you will not be able to over-write the kernel without
rebooting into single-user mode. See "man init" for details.
[ Of course, reinstalling the kernel and/or world is something which you are
encouraged to do under single-user mode... ]
Thanks, Chuck.
Excepting my amd64 the computers are servers at work, so I will use
'securelevel = 0' to facilitate system upgrades while "up"- only shutting
down now for install world.
6.2 rc1 'install world' failed on my amd64. I can csup next month
and try out 'securelevel = 3' on that. Probably build the world,
etc., installkernel, mergemaster and installworld could all be run
from single user then.
Darrel
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
