disable (new)syslog rotation and raise securelevel ... possible?
Bryan Drewery
bryan at xzibition.com
Mon Jul 12 22:53:15 UTC 2010
Fernan,
You can disable newsyslog by adding newsyslog_enable="NO" to your
/etc/rc.conf or /etc/rc.conf.local
Also be aware that you will need to reboot with
kern_securelevel_enable="NO" in one of those files, to lower the
securelevel.
You should also consider a remote syslog host.
Bryan
Fernan Aguero wrote:
> Hi,
>
> I'd like to harden my FreeBSD installation, and thus would like to, e.g.
>
> i) chflags sappnd /var/log/*
> ii) raise the securelevel of the system
>
> Is this possible? I've read elsewhere that newsyslog would not work in
> such a system ... what are the possible workarounds?
>
> I wouldn't bother taking the system down once a week or every other
> week, and manually lowering the securelevel, running newsyslog, etc.
> Is there a guide somewhere on how to go about this?
>
> Thanks!
>
>
More information about the freebsd-security
mailing list