Re-linewrap help file on securelevels in sysinstall: sysinstall is

mostly used on 80x25 displays, and the actual window is about ten characters narrower than that, resulting in the need for horizontal scrolling. No functional change. RELENG_5_2 candidate.
2003-12-16 22:55:28 +00:00 · 2003-12-16 22:55:28 +00:00 · 1d1daa2f00
commit 1d1daa2f00
parent 14d7f69797
1 changed files with 21 additions and 19 deletions
--- a/usr.sbin/sysinstall/help/securelevel.hlp
+++ b/usr.sbin/sysinstall/help/securelevel.hlp
@ -5,30 +5,32 @@ root user in multi-user mode, which in turn may limit the effects of
 a root compromise, at the cost of reducing administrative functions.
 Refer to the init(8) manual page for complete details.

-   -1    Permanently insecure mode - always run the system in level 0 mode.
-         This is the default initial value.
+   -1    Permanently insecure mode - always run the system in level 0
+         mode.  This is the default initial value.

-   0     Insecure mode - immutable and append-only flags may be turned off.
-         All devices may be read or written subject to their permissions.
+   0     Insecure mode - immutable and append-only flags may be turned
+         off.  All devices may be read or written subject to their
+         permissions.

-   1     Secure mode - the system immutable and system append-only flags may
-         not be turned off; disks for mounted file systems, /dev/mem, and
-         /dev/kmem may not be opened for writing; kernel modules (see
-         kld(4)) may not be loaded or unloaded.
+   1     Secure mode - the system immutable and system append-only
+         flags may not be turned off; disks for mounted file systems,
+         /dev/mem, and /dev/kmem may not be opened for writing; kernel
+         modules (see kld(4)) may not be loaded or unloaded.

-   2     Highly secure mode - same as secure mode, plus disks may not be
-         opened for writing (except by mount(2)) whether mounted or not.
-         This level precludes tampering with file systems by unmounting
-         them, but also inhibits running newfs(8) while the system is multi-
-         user.
+   2     Highly secure mode - same as secure mode, plus disks may not
+         be opened for writing (except by mount(2)) whether mounted or
+         not.  This level precludes tampering with file systems by
+         unmounting them, but also inhibits running newfs(8) while the
+         system is multi- user.

-         In addition, kernel time changes are restricted to less than or
-         equal to one second.  Attempts to change the time by more than this
-         will log the message ``Time adjustment clamped to +1 second''.
+         In addition, kernel time changes are restricted to less than
+         or equal to one second.  Attempts to change the time by more
+         than this will log the message ``Time adjustment clamped to +1
+         second''.

-   3     Network secure mode - same as highly secure mode, plus IP packet
-         filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and
-         dummynet(4) configuration cannot be adjusted.
+   3     Network secure mode - same as highly secure mode, plus IP
+         packet filter rules (see ipfw(8) and ipfirewall(4)) cannot be
+         changed and dummynet(4) configuration cannot be adjusted.

 Securelevels must be used in combination with careful system design and
 application of protective mechanisms to prevent system configuration