[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
bin/43587: stupid error message during boot from sysctl if no COMPAT40 in kernel
>Synopsis: stupid error message during boot from sysctl if no COMPAT40 in
>Arrival-Date: Fri Jul 09 10:20:00 +0000 2010
>Originator: Wolfgang Stukenbrock
>Release: NetBSD 5.0.2
Dr. Nagler & Company GmbH
System: NetBSD s013 5.0.2 NetBSD 5.0.2 (NSW-S013) #2: Fri Jul 9 11:02:34 CEST
2010 root@s013:/usr/src/sys/arch/amd64/compile/NSW-S013 amd64
In /etc/sysctl.conf the line "kern.no_sa_support?=1" tries to disable
the COMPAT40 as default for security reasons. This is OK.
But if the kernel is compiled without COMPAT40, the option KERN_SA is
in the kernel build and this variable gets read-only with the value 1.
This conflicts with the intention of "?=" of sysctl. The "?=" assumes,
that the variable
is not there and will ignore the line silently.
But the variable is present (with value "1"), so sysctl is gooing to
set the variable.
Due to the fact that it is read-only, this fails with an error message
during boot on the console.
Compile a kernel without COMPAT40 support and boot it.
There are two ways to "fix" this problem.
1. do not create the kernel variable if KERN_SA is not defined.
2. keep sysctl from setting a variable to the same value with "?=" it
I'm not shure about any effects of version 1.
So I would prefer version 2, but I don't know, if some other variables
in the kernel
depends on the ability to set the same value again (with "?=") and
trigger some actions.
As a workaround for now I ignore the error message on the console,
because it sounds to
dangerous for me to comment out this security setting in
/etc/sysctl.conf for the case
that another kernel with COMPAT40 gets build on the system.
(I'm shure no onw will remember the change to /etc/sysctl.conf in that
I've not the time to create a patch for version 2 at the moment.
Perhaps in one or two
months if this report is still open. sorry.
Main Index |
Thread Index |