CD installation and file flags

Lowell Gilbert freebsd-questions-local at
Fri Feb 10 10:56:14 PST 2006

Alex Renn <ray at> writes:

> I installed FreeBSD 6.0 from CD and noticed that file flags were not
> applied by default to /boot, /bin, /sbin.

Right.  suid files get the flags, but nothing else.  

> I set kernel_securelevel to 3 but it does not help a lot while there
> are no schg flags on system files.

File flags are enforced at a securelevel of 1.  If they are all you
care about, then there's no reason to add the filesystem mounting,
clock, and firewall restrictions of levels 2 and 3.

> Is there any script to set proper flags for all files in the default
> installation?

There is not widespread agreement on the definition of "proper" in
that sentence.  Once you have a precise idea of what you think it
should be, writing a script for your particular needs will be

Be well.
Lowell Gilbert, embedded/networking software engineer, Boston area

More information about the freebsd-questions mailing list