mirror of
https://git.FreeBSD.org/src.git
synced 2024-12-12 09:58:36 +00:00
Fixes per PR 2850:
(a) Note that the default securelevel value is -1, in -current and -stable. (b) Mention kernel sysctl variable that controls securelevel. (c) Add warning the `fsck' will fail if securelevel >= 2. (d) Suggest end of /etc/rc as the right place to raise securelevel. and one spelling fix. PR: 2850
This commit is contained in:
parent
ad5b0e8be6
commit
6ebaa024df
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=37055
@ -33,7 +33,7 @@
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" @(#)init.8 8.3 (Berkeley) 4/18/94
|
||||
.\" $Id: init.8,v 1.9 1997/04/01 20:41:04 mpp Exp $
|
||||
.\" $Id: init.8,v 1.10 1997/08/02 00:22:48 davidn Exp $
|
||||
.\"
|
||||
.Dd April 18, 1994
|
||||
.Dt INIT 8
|
||||
@ -92,6 +92,7 @@ The security levels are:
|
||||
.Bl -tag -width flag
|
||||
.It Ic -1
|
||||
Permanently insecure mode \- always run the system in level 0 mode.
|
||||
This is the default initial value.
|
||||
.It Ic 0
|
||||
Insecure mode \- immutable and append-only flags may be turned off.
|
||||
All devices may be read or written subject to their permissions.
|
||||
@ -125,7 +126,10 @@ If level 2 mode is desired while running multiuser,
|
||||
it can be set while single user, e.g., in the startup script
|
||||
.Pa /etc/rc ,
|
||||
using
|
||||
.Xr sysctl 8 .
|
||||
.Xr sysctl 8
|
||||
to set the
|
||||
.Dq kern.securelevel
|
||||
variable to the required security level.
|
||||
.Pp
|
||||
In multi-user operation,
|
||||
.Nm init
|
||||
@ -241,7 +245,7 @@ signal, i.e.
|
||||
This is useful for shutting the machine down cleanly from inside the kernel
|
||||
or from X when the machine appears to be hung.
|
||||
.Pp
|
||||
When shuting down the machine,
|
||||
When shutting down the machine,
|
||||
.Nm init
|
||||
will try to run the
|
||||
.Pa /etc/rc.shutdown
|
||||
@ -302,13 +306,22 @@ System shutdown commands.
|
||||
.Xr halt 8 ,
|
||||
.Xr rc 8 ,
|
||||
.Xr reboot 8 ,
|
||||
.Xr shutdown 8
|
||||
.Xr shutdown 8 ,
|
||||
.Xr sysctl 8
|
||||
.Sh HISTORY
|
||||
A
|
||||
.Nm
|
||||
command appeared in
|
||||
.At v6 .
|
||||
.Sh BUGS
|
||||
.Sh CAVEATS
|
||||
Systems without
|
||||
.Xr sysctl
|
||||
behave as though they have security level \-1.
|
||||
.Pp
|
||||
Setting the security level to 2 too early in the boot sequence can
|
||||
prevent
|
||||
.Xr fsck 8
|
||||
from repairing inconsistent filesystems. The
|
||||
preferred location to set the security level is at the end of
|
||||
.Pa /etc/rc
|
||||
after all multi-user startup actions are complete.
|
||||
|
Loading…
Reference in New Issue
Block a user