Bug #1572

DFBSD 2.5.0 - securelevel not working?

Added by ahuete.devel almost 7 years ago. Updated almost 7 years ago.

Status:ClosedStart date:
Priority:HighDue date:
Assignee:tuxillo% Done:


Target version:-


Hi all,

Maybe I'm doing something wrong, but securelevel(8) seems to be non-working.
I've done the following:

# grep secure /etc/rc.conf
# sysctl kern.securelevel
kern.securelevel: 2
# ktrace ./od
Descriptor is 3
# kdump -f ./ktrace.out
892 od CALL open(0x8048687,O_RDWR,<unused>0x804977c)
892 od NAMI "/dev/da0s1d"
892 od RET open 3

I could open it for read-write! Following the definition in the
manpage for secure level 2:

"2 Highly secure mode - same as secure mode, plus disks may not be
opened for writing (except by mount(2)) whether mounted or not.
This level precludes tampering with file systems by unmounting
them, but also inhibits running newfs(8) while the system is multi-

Am I missing something or securelevel is not working here?

Antonio Huete


#1 Updated by alexh almost 7 years ago

Is anything else related to securelevel not working? I might have broken
something related to that when rewriting the disk subsystem.
Am a bit busy at the time, so I won't be able to look at it for a few days.

Alex Hornung

#2 Updated by tuxillo almost 7 years ago


Can you please review this commit? It fixes the issue here, but maybe I'm
missing something.


#3 Updated by tuxillo almost 7 years ago

#4 Updated by tuxillo almost 7 years ago

Committed a fix in d894b0eb3f9e4c41a183cdbfa6c59de4208958a4

#5 Updated by thomas.nikolajsen almost 7 years ago

Update status; issue fixed, as noted in prev. msg.

Also available in: Atom PDF