Commit Graph

196 Commits

Author SHA1 Message Date
christos 86bc6ef985 Coverity CID 786: Avoid NULL dereference. 2006-03-22 02:25:44 +00:00
christos 421a9c133c add the 3 opencrypto sysctls. 2006-03-06 00:51:48 +00:00
christos 238f1027f9 detect integer overflow differently. previous change broke negative sysctl
values.
2006-02-08 18:13:56 +00:00
christos 404831da9c PR/17441: John F. Woods: integer sysctl does not accept numbers > 0x7fffffff
Use unsigned int in the range comparison, and use strerror() instead of
home brewed error strings.
2006-02-05 22:42:55 +00:00
wiz e1a202b1cb Bump date for security.* 2006-02-04 18:37:58 +00:00
elad 81ed970f39 - make use of the recently added mode_bits for security.setid_core.mode;
- document setid_core variables.
2006-02-02 18:00:07 +00:00
elad 202872db03 add support for parsing file mode bits.
when printed, you'll see something like "0600 (rw-------)", like the
ls output. when reading input you can either specify octal mode (0600)
or chmod-like (u=rw).

ideas from atatat@ and kjk@; okay and lots of help from atatat@.
2006-02-02 16:23:25 +00:00
elad 48c362c085 add some more to kern. 2006-01-14 11:52:20 +00:00
elad 0fd32b39ab remove dup cnmagic. 2006-01-14 11:11:08 +00:00
elad 8ff7a54798 Sync and sort ddb, hw, kern, vm. 2006-01-14 10:33:11 +00:00
elad 3b0d736d23 oops - this should not have been commited. remove sugid_coredump line. 2006-01-13 21:10:34 +00:00
elad 6aa189f3fb grrr... another space -> tab... 2006-01-13 18:45:47 +00:00
elad 7ddc0d80bd space -> tab 2006-01-13 18:44:51 +00:00
elad 0e7647e2dd Sync net.{inet,inet6,key} 2006-01-13 18:37:06 +00:00
yamt a71fb9d9ab add vm.inactivepct. 2005-12-21 12:21:06 +00:00
yamt a83111c7d8 add vm.idlezero. noted by Hubert Feyrer. 2005-12-13 10:07:21 +00:00
yamt f00c1d8ace bump date for the previous. 2005-11-27 13:12:32 +00:00
yamt 0ae701e533 add ddb.commandonenter. 2005-11-27 13:12:03 +00:00
xtraeme eda099ea39 Mention "kern.bufq.strategies", bump date. 2005-10-15 23:05:45 +00:00
wiz 1638f02bd8 Add missing comma. 2005-10-06 11:17:38 +00:00
elad 8358410265 Document security level for sysctl and security.curtain.
Hi Hubert! :)
2005-10-03 22:22:10 +00:00
rpaulo 6f844bf524 Document kern.hardclock_ticks. Pointed out by Hubert. 2005-09-24 12:05:45 +00:00
wiz e904ea2e97 Drop trailing whitespace. 2005-09-23 19:58:28 +00:00
xtraeme b11450ab76 Mention vfs.sync.*, bump date. 2005-09-21 19:08:44 +00:00
rpaulo dcc35c7ff8 Handle net.inet.tcp.debug, net.inet.tcp.debx, net.ns.spp.debug and
net.ns.spp.debx. Bump man page date.
2005-09-06 03:22:58 +00:00
rpaulo a49638942e net.inet?.*.stats are viewable with netstat(1). 2005-08-28 16:18:04 +00:00
rpaulo 92c6f16501 Added net.bpf.peers and net.bpf.stats and bumped the date. 2005-08-04 20:10:24 +00:00
rpaulo 78d05017af Inform the user that net.bpf.stats and net.bpf.peers are viewable with
netstat(1).
2005-08-04 19:44:18 +00:00
christos 2c6eadc9ce Move WARNS=3 to the Makefile.inc, and add a little const to the remaining
programs that did not compile before.
2005-06-27 01:00:04 +00:00
christos 29a6465002 Add code to handle cp_id. From atatat. 2005-06-16 14:56:36 +00:00
wiz e45ea581c3 Bump date for previous. <> -> \*[Lt]\*[Gt]. 2005-05-24 16:00:11 +00:00
elad 6755bac719 Add man-page bits about the 'count' node. 2005-05-24 15:47:46 +00:00
elad cd0c4134f1 Remove common code for returning supported fingerprints. This is done now
via sysctl(8) using kern.veriexec.algorithms.

Also add an entry for the 'algorithms' variable in sysctl.8 forgotten in
the last commit.
2005-05-20 19:52:52 +00:00
elad 5888b16eef Some changes in veriexec.
New features:

  - Add a veriexec_report() routine to make most reporting consistent and
    remove some common code.
  - Add 'strict' mode that controls how veriexec behaves.
  - Add sysctl knobs:
     o kern.veriexec.verbose controls verbosity levels. Value: 0, 1.
     o kern.veriexec.strict controls strict level. Values: 0, 1, 2. See
       documentation in sysctl(3) for details.
     o kern.veriexec.algorithms returns a string with a space separated
       list of supported hashing algorithms in veriexec.
  - Updated documentation in man pages for sysctl(3) and sysctl(8).

Bug fixes:

  - veriexec_removechk(): Code cleanup + handle FINGERPRINT_NOTEVAL
    correctly.
  - exec_script(): Don't pass 0 as flag when executing a script; use the
    defined VERIEXEC_INDIRECT - which is 1. Makes indirect execution
    enforcement work.
  - Fix some printing formats and types..
2005-05-19 20:16:19 +00:00
christos ad6c31cee3 PPR/29909: Manuel Bouyer: sysctl dumps core if kern.consdev returns unknown
device.  If we cannot determine the device name of the console, print the
console dev_t in hex.
2005-04-06 21:13:03 +00:00
christos 7a221682eb make sysctl -n print the real console tty name and -nn print the numeric
value.
XXX: -n means don't print name, not numeric. We should stop overloading
it and use a different flag.
2005-03-28 04:03:13 +00:00
atatat 0f48b53686 If a "create" or "destroy" operation succeeds, mark the cached tree as
"stale" so that the next time we try to read or write to it, we can
purge (and refresh) it.

Addresses PR 29222.
2005-03-23 03:45:25 +00:00
atatat 160438234d Fix possible segmentation fault when retrieving descriptions. Thought
I committed this a while ago.  I guess the fact that no one filed a pr
meant no one else found it.  :)
2005-03-19 23:19:17 +00:00
atatat 64dd54edba Use regexes instead of static lists of annoying numbers to recognize
sysctl nodes that have "helpers".  This is more concise, imho more
easy to understand, and has the added bonus of making it *possible* to
assign helpers to dynamically numbered nodes.
2005-03-18 04:52:24 +00:00
atatat 6472d0c335 Make requestors of kern.file2 be referred to pstat (the same as
kern.file) and add EINVAL to the list of errno values which are
silently ignored when walking the tree.
2005-03-15 13:59:35 +00:00
christos 4eb7659c2c PR/28782: OBATA Akio: Document that kern.rtc_offset is writable. 2004-12-26 16:57:09 +00:00
atatat 2971543eb5 Pass dynamic buffer pointer to display_string(), not static buffer
pointer.  Causes...misfunction if the kernel says the buffer needs to
be too much larger.
2004-12-17 05:03:03 +00:00
jdolecek a9ebca7170 add vfs.cd9660.utf8_joliet, and couple other vfs.* entries while here
bump date and add TNF copyright
2004-11-21 22:18:10 +00:00
jdolecek 0154132fed constify handlers[] 2004-10-17 11:04:39 +00:00
daniel 84a34aedec Add vm.bufcache, vm.bufmem, vm.bufmem_lowater, m.bufmem_hiwater (PR misc/27247, misc/27233). 2004-10-15 08:47:16 +00:00
wiz 484705032c Bump date for removal of net.key.random_int. 2004-08-27 14:35:11 +00:00
itojun 8ba8c58e74 remove net.key.random_int 2004-08-27 04:58:10 +00:00
snj 7c289c6773 Bump date for last. 2004-04-28 20:28:39 +00:00
ragge e79327fe4a Note net.inet.arp.* entries. 2004-04-28 14:15:10 +00:00
atatat 605d2000dd When converting a string to a number, also make sure that you didn't
convert an empty string to a zero.

Follow on to PR bin/25115 in private email.
2004-04-25 05:36:49 +00:00