Subject: sysctl securelevel -1 Index: src/sys/conf/param.c src/sys/sys/kern_sysctl.c src/sys/GENERIC/param.c Description: By default the securelevel is set to 1 by init when going multiuser. However, both common behavior in other systems, as well as explicit comments in init mentions that if the operator have set securelevel to -1, init will not bump it to 1. The problem is that it is not possible to set securelevel to -1, not even in single user mode. The only component allowed to lower the securelevel is init, and init only does it in two places and gives no further control. The solution is to allow, only if securelevel is 0, root to both raise *and* lower the securelevel via sysctl -w kern.securelevel Repeat-By: Observation. Going init always raises the securelevel to 1. This patch implments a runtime (via sysctl) method of setting securelevel to -1 rather than compiling (via param.c) -1 into the kernel. Fix: This patch (and description) are from Johnny Billquist (bqt@softjar.se). Thanks! The compile time setting of securelevel is removed in the template param.c file and GENERIC build directories only. It is only necessary to edit your local kernel param.c if you keep synchronized with the system config templates. Cut where indicated and save to a file (/tmp/451 for example), change into the root directory and apply the patch: cd / patch -p0 < /tmp/451 For the change to take effect a new kernel is built and installed: cd /sys/YOUR_KERNEL make mv /unix /ounix (and optionally for a networking kernel) mv /netnix /onetnix mv netnix /netnix reboot This and previous updates to 2.11BSD are available at the following locations: ftp://ftp.update.uu.se/pub/pdp11/2.11BSD https://www.tuhs.org/Archive/Distributions/UCB/2.11BSD/Patches/ ftp://ftp.2bsd.com/2.11BSD ---------------------------cut here-------------------- *** ./usr/src/sys/conf/param.c.old Fri Feb 14 23:22:50 1997 --- ./usr/src/sys/conf/param.c Wed Dec 19 23:28:13 2018 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.2 (2.11BSD GTE) 1997/2/14 */ #include "../h/param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.3 (2.11BSD) 2018/12/19 */ #include "../h/param.h" *************** *** 71,86 **** struct mount mount[NMOUNT]; struct buf buf[NBUF], bfreelist[BQUEUES]; struct bufhd bufhash[BUFHSZ]; - - /* - * Remove the ifdef/endif to run the kernel in unsecure mode even when in - * a multiuser state. Normally 'init' raises the security level to 1 - * upon transitioning to multiuser. Setting the securelevel to -1 prevents - * the secure level from being raised by init. - */ - #ifdef PERMANENTLY_INSECURE - int securelevel = -1; - #endif #ifdef UCB_CLIST u_int clstdesc = ((((btoc(NCLIST*sizeof(struct cblock)))-1) << 8) | RW); --- 71,76 ---- *** ./usr/src/sys/sys/kern_sysctl.c.old Fri Oct 13 23:54:52 2000 --- ./usr/src/sys/sys/kern_sysctl.c Thu Dec 20 20:44:23 2018 *************** *** 33,39 **** * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ! * @(#)kern_sysctl.c 8.4.12 (2.11BSD) 2000/5/17 */ /* --- 33,39 ---- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * ! * @(#)kern_sysctl.c 8.4.13 (2.11BSD) 2018/12/20 */ /* *************** *** 230,236 **** if ((error = sysctl_int(oldp, oldlenp, newp, newlen, &level)) || newp == NULL) return (error); ! if (level < securelevel && u.u_procp->p_pid != 1) return (EPERM); securelevel = level; return (0); --- 230,236 ---- if ((error = sysctl_int(oldp, oldlenp, newp, newlen, &level)) || newp == NULL) return (error); ! if (level < securelevel && u.u_procp->p_pid != 1 && securelevel > 0) return (EPERM); securelevel = level; return (0); *** ./usr/src/sys/GENERIC/param.c.old Fri Feb 14 23:35:37 1997 --- ./usr/src/sys/GENERIC/param.c Thu Dec 20 21:50:02 2018 *************** *** 3,9 **** * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.2 (2.11BSD GTE) 1997/2/14 */ #include "../h/param.h" --- 3,9 ---- * All rights reserved. The Berkeley software License Agreement * specifies the terms and conditions for redistribution. * ! * @(#)param.c 2.3 (2.11BSD) 2018/12/19 */ #include "../h/param.h" *************** *** 71,86 **** struct mount mount[NMOUNT]; struct buf buf[NBUF], bfreelist[BQUEUES]; struct bufhd bufhash[BUFHSZ]; - - /* - * Remove the ifdef/endif to run the kernel in unsecure mode even when in - * a multiuser state. Normally 'init' raises the security level to 1 - * upon transitioning to multiuser. Setting the securelevel to -1 prevents - * the secure level from being raised by init. - */ - #ifdef PERMANENTLY_INSECURE - int securelevel = -1; - #endif #ifdef UCB_CLIST u_int clstdesc = ((((btoc(NCLIST*sizeof(struct cblock)))-1) << 8) | RW); --- 71,76 ---- *** ./VERSION.old Wed Mar 16 08:05:36 2016 --- ./VERSION Sat Dec 22 08:22:27 2018 *************** *** 1,5 **** ! Current Patch Level: 450 ! Date: March 16, 2016 2.11 BSD ============ --- 1,5 ---- ! Current Patch Level: 451 ! Date: December 22, 2018 2.11 BSD ============