Bug 23502

Summary: date(1) doesn't detail kern_time.c securelevel check
Product: Documentation Reporter: rboyd <rboyd>
Component: Books & ArticlesAssignee: freebsd-doc (Nobody) <doc>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Latest   
Hardware: Any   
OS: Any   

Description rboyd 2000-12-12 14:50:01 UTC 
the securelevel check in kern_time.c is non-intuitive.  This should be documented somewhere people would look when realizing they are unable to set the date.  date(1) is probably the best candidate.

Fix: 

sys/kern/kern_time.c checks securelevel > 1 before allowing date changes higher than 1 second.
How-To-Repeat: sysctl -w kern.securelevel=2
gdate --set blah
Comment 1 dima 2000-12-12 23:48:01 UTC 
rboyd@pokerspot.com wrote:
> 
> 
> >Number:         23502
> >Category:       docs
> >Synopsis:       date(1) doesn't detail kern_time.c securelevel check
> >Description:
> the securelevel check in kern_time.c is non-intuitive.  This should
> be documented somewhere people would look when realizing they are
> unable to set the date.  date(1) is probably the best candidate.

This is documented in init(8), also known as securelevel(8) (see
src/sbin/init/init.8 rev. 1.21).  This makes more sense than
documenting it in date(1) since date(1) is by no means the only way to
change the time.  People should read init(8) to realize the
implications of raising the securelevel before they do it, anyway.

Regards

-- 
Dima Dorfman <dima@unixfreak.org>
Finger dima@unixfreak.org for PGP public key.
Comment 2 ben freebsd_committer freebsd_triage 2001-01-17 21:28:54 UTC 
State Changed
From-To: open->closed

Restriction mentioned in date(1).  Thanks!