# console error message: /etc/rc.conf: /root: Permission denied on boot



## afreeb (Jan 12, 2013)

Hello all, 

would greatly appreciate some assistance with this problem. 

I've been using FreeBSD for about 10 years but this issue has me stumped!

In the midst of upgrading to a new server with FreeBSD 9.1-RELEASE-p0 and so far so good but I am having the following issue and can not track it down.

Upon boot up I get about 20-30 messages on the console stating:


```
/etc/rc.conf: /: Permission denied
```

All of my services which I have enabled in rc.conf and rc.local load fine..

When I log in and try to start some of the other services manually I get the message:

(such as # ./etc/rc.d/dmesg start)

```
/etc/rc.conf: /root: Permission denied
```

I don't know what to do here, no entries in /var/log/messages to assist in the answer..


Please help, Thanks.

Lou


----------



## wblock@ (Jan 12, 2013)

First, boot in single user mode and fsck(8) the filesystems.


----------



## afreeb (Jan 12, 2013)

*done*

rebooted into single user mode and fsck'd all drive partitions with no problems to correct, all marked clean. same issue upon boot...


----------



## wblock@ (Jan 12, 2013)

Okay, good.  Now: what are the permissions on /etc/rc.conf?
`# ls -lh /etc/rc.conf`
`# stat -f "%Sp == %Lp" /etc/rc.conf`


----------



## afreeb (Jan 12, 2013)

*output requested*



			
				wblock@ said:
			
		

> Okay, good.  Now: what are the permissions on /etc/rc.conf?
> `# ls -lh /etc/rc.conf`




```
-rw-r--r--  1 root  wheel   673B Jan 12 11:51 /etc/rc.conf
```



> `# stat -f "%Sp == %Lp" /etc/rc.conf`




```
-rw-r--r-- == 644
```

As an aside, I took apart the /etc/rc.d/dmesg file and tried to run each line from /bin/sh. When I did this, i got the permission denied on the second to last line in the file if that helps at all.


```
root@shep:/tmp # /bin/sh
# . /etc/rc.subr
# name="dmesg"
# rcvar="dmesg_enable"
# dmesg_file="/var/run/dmesg.boot"
# start_cmd="do_dmesg"
# stop_cmd=":"
# rm -f ${dmesg_file}
# umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file}
# load_rc_config $name
/etc/rc.conf: /root: Permission denied
```


----------



## wblock@ (Jan 12, 2013)

Okay, so it's not rc.conf, but access to other directories the rc scripts are trying to read.  What are the permissions on /root and /?
`# ls -ld / /root`

Have you set securelevel in /etc/rc.conf?  Or some other security setting, like ACLs?


----------



## afreeb (Jan 12, 2013)

wblock@ said:
			
		

> Okay, so it's not rc.conf, but access to other directories the rc scripts are trying to read.  What are the permissions on /root and /?
> `# ls -ld / /root`




```
root@shep:/tmp # ls -ld / /root
drwxr-xr-x  19 root  wheel  1024 Jan 12 13:19 /
drwxr-xr-x  12 root  wheel  1536 Jan 12 13:42 /root
```



> Have you set securelevel in /etc/rc.conf?  Or some other security setting, like ACLs?



I currently have the securelevel set at follows:

```
kern_securelevel="1"
kern_securelevel_enable="YES"
```

in rc.conf. The problem existed before this was set though and I see it successfully get set to that level at boot via the console.


----------



## afreeb (Jan 12, 2013)

*Another possible clue*

Ok, so I tried to run the following command on a working install of FreeBSD:

`# . /etc/rc.subr`

When I run it on the working system i just get a # returned BUT when I run this on the problematic system *I* get the message:

```
.: Command not found.
```

Now, when I first enter into the /bin/sh shell and run that command it functions normally. Do you think that maybe there is something wrong with my shells?


----------



## afreeb (Jan 12, 2013)

*T*hat may be irrelevant, I just realized that root uses csh and not sh.


----------



## wblock@ (Jan 12, 2013)

Do the errors appear before or after the securelevel setting in the output?  The way it works may have changed.


----------



## afreeb (Jan 12, 2013)

Before.


----------



## afreeb (Jan 13, 2013)

*(solved) Fixed!*

I've tracked the problem down and have fixed it.

What was happening was that the rc.subr file was attempting to "Source" the rc.conf file as a part of its operations. 

what happened was that I had copied (copy/paste w/ a laptop) from an old server to my new server so I knew what I needed to do, what I didn't realize was that I had accidentally copied a tilde ~ so in vi it just looked like a blank line, but when the /bin/sh attempted to source the file it read the error, every time a new rc.d service was started.

Anyway, I fixed the file, removed the tilde and problem solved.

Thanks for your help.

-Lou


----------

