4

I'm running Debian Bullseye and I've configured Yama security module by writing:

kernel.yama.ptrace_scope=3

in /etc/sysctl.d/local.conf

In fact it seems all's well:

# sysctl -a | grep -i yama kernel.yama.ptrace_scope = 3

However, even after a reboot, I keep having the following in the boot messages:

# dmesg | grep -i yama [ 0.100679] Yama: disabled by default; enable with sysctl kernel.yama.*

Why the kernel continues to have Yama disabled?

Thank you in advance for answering...

Improve this question
2

1 Answer 1

Reset to default
3

Look at the timestamp of the message: This message is printed by the kernel during boot right at startup, to tell you, that its default configuration (which is not what sysctl.conf sets) is to have Yama disabled, and that it must be enabled explicitly, later on.

The settings in /etc/sysctl.conf are applied only much, much later when the system init process is going through its motions, which happens half an eternity (= a couple of seconds) later.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.