1 |
Isn't that expected behavior?. Sysctl settings are activated on the |
2 |
boot runlevel. Setting kernel.grsecurity.disable_modules to 1 will |
3 |
disable loading modules. Of course loading modules afterwards will |
4 |
fail. |
5 |
|
6 |
Ed |
7 |
|
8 |
On Dec 16, 2007 2:43 AM, René Rhéaume <rene.rheaume@×××××.com> wrote: |
9 |
> I added kernel.grsecurity.disable_modules = 1 to my /etc/sysctl.conf . |
10 |
> However, iptables and net.eth1 init scripts were unable to start. I |
11 |
> already had the module for my NIC (8139too) in |
12 |
> /etc/modules.autoload.d/kernel-2.6 . I added iptable_filter and |
13 |
> nf_conntrack_ipv4 to it, then rebooted, but the init scripts were |
14 |
> still unable to start. What other modules must I load? To send this |
15 |
> message, I had to comment the line in /etc/sysctl.conf and reboot |
16 |
> again. |
17 |
> |
18 |
> By the way, why the runtime module disabling feature is a sysctl |
19 |
> setting, regardless of the sysctl support kernel configuration option? |
20 |
> -- |
21 |
> gentoo-hardened@g.o mailing list |
22 |
> |
23 |
> |
24 |
éí¢ˆZקyØžÚ(¢¸&j)bž b² |