[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Lowering securelevel
Bummer. I've totally missed the part "Lower securelevels require the
kernel to be compiled with options INSECURE, causing it to always
default to securelevel -1."
Checking GENERIC reveals amd64 has INSECURE build in, evbarm not.
Thanks for the heads up.
Am 30.04.20 um 22:39 schrieb Harold Gutch:
On Thu, Apr 30, 2020 at 10:29:51PM +0200, Ede Wolf wrote:
I am trying to lower my securelevel and I seem to be stuck. Contrary to
amd64, setting both or either securelevel=-1 in rc.conf and
kern.securelevel=-1 in sysctl.conf, after booting I am always ending up
with good old securelevel of 1.
This behaviour is somewhat different from what I am experiencing on the
amd64 port. Where I have interesting results with different value in
rc.conf and sysctl.conf. But different story.
What are my options to get down to 0 or -1 on my cubietruck?
You'll need to compile your own kernel with "options INSECURE", see
also "man secmodel_securelevel".
If it's about loading modules, modules.conf is evaluated before the
securelevel is raised from 0 to 1.
Main Index |
Thread Index |