| 1 |
Isn't that expected behavior?. Sysctl settings are activated on the |
| 2 |
boot runlevel. Setting kernel.grsecurity.disable_modules to 1 will |
| 3 |
disable loading modules. Of course loading modules afterwards will |
| 4 |
fail. |
| 5 |
|
| 6 |
Ed |
| 7 |
|
| 8 |
On Dec 16, 2007 2:43 AM, René Rhéaume <rene.rheaume@×××××.com> wrote: |
| 9 |
> I added kernel.grsecurity.disable_modules = 1 to my /etc/sysctl.conf . |
| 10 |
> However, iptables and net.eth1 init scripts were unable to start. I |
| 11 |
> already had the module for my NIC (8139too) in |
| 12 |
> /etc/modules.autoload.d/kernel-2.6 . I added iptable_filter and |
| 13 |
> nf_conntrack_ipv4 to it, then rebooted, but the init scripts were |
| 14 |
> still unable to start. What other modules must I load? To send this |
| 15 |
> message, I had to comment the line in /etc/sysctl.conf and reboot |
| 16 |
> again. |
| 17 |
> |
| 18 |
> By the way, why the runtime module disabling feature is a sysctl |
| 19 |
> setting, regardless of the sysctl support kernel configuration option? |
| 20 |
> -- |
| 21 |
> gentoo-hardened@g.o mailing list |
| 22 |
> |
| 23 |
> |
| 24 |
éí¢ˆZקyØ�žÚ(¢¸&j)bž b² |
Archives