f4b38c360e
/etc/rc.d/securelevel is supposed to run /etc/rc.d/sysctl lastload late at boot time to apply /etc/sysctl.conf settings that fail to apply early. However, this does not work in default configuration because of kern_securelevel_enable="NO" by default. Add new script /etc/rc.d/sysctl lastload that starts unconditionally. Reported by: Marek Zarychta MFC after: 1 month
27 lines
440 B
Bash
Executable File
27 lines
440 B
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# $FreeBSD$
|
|
#
|
|
|
|
# PROVIDE: securelevel
|
|
# REQUIRE: adjkerntz ipfw pf sysctl_lastload
|
|
|
|
. /etc/rc.subr
|
|
|
|
name="securelevel"
|
|
desc="Securelevel configuration"
|
|
rcvar='kern_securelevel_enable'
|
|
start_cmd="securelevel_start"
|
|
stop_cmd=":"
|
|
|
|
securelevel_start()
|
|
{
|
|
if [ ${kern_securelevel} -ge 0 ]; then
|
|
echo 'Raising kernel security level: '
|
|
${SYSCTL} kern.securelevel=${kern_securelevel}
|
|
fi
|
|
}
|
|
|
|
load_rc_config $name
|
|
run_rc_command "$1"
|