Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
214,262 Commits 606 Branches 0 Tags 3.1 GiB
c7bda8e080
Commit Graph

243 Commits

Author SHA1 Message Date
dsl
0836a9f544 Add support for unsigned decimal values. 2012-06-02 21:38:09 +00:00
joerg
66dd2755f5 Add __printflike attribution to use vprintf and friends with an argument 
as format string.
 2012-03-15 02:02:20 +00:00
christos
3ddbe03f5e PR/44961: Jukka Ruohonen: for sysctl's with built-in handlers, return OPNOTSUPP 
if we don't have handlers instead of using the handler we have and silently
failing on attempts to write a node that cannot be written.
 2012-03-11 23:33:00 +00:00
christos
b678a11dc2 Only print errors when -A or required. Fix the error message to match others. 2012-02-12 20:54:07 +00:00
drochner
8fd6dadaf8 include <netipsec/ipsec.h> rather than <netinet6/ipsec.h> from userland 
where possible, for consistency and compatibility to FreeBSD
(exception: KAME specific statistics gathering in netstat(1) and systat(1))
 2012-01-04 16:09:40 +00:00
joerg
baa8e84b6f Use __dead 2011-08-29 14:34:58 +00:00
christos
a14203e91d Instead of using strncat and re-scanning the strings all the time, use and 
append printf function.
 2011-08-24 12:15:44 +00:00
christos
94a8b1353c no -A or -a with -q 2011-08-03 01:58:30 +00:00
christos
daf90d3763 allow -q flag to work for reads. 2011-08-03 01:47:40 +00:00
christos
00740dd48f PR/44864: Paul Ripke: Compile regular expressions on demand and only once. 2011-04-16 01:15:54 +00:00
pooka
67a4f392d8 use crunchops for crunchables 2010-12-13 21:48:01 +00:00
pooka
f9740ada7f RUMP_ACTION -> RUMPPRG 2010-12-13 17:42:17 +00:00
pooka
08fc937c06 make sysctl(8) work as a rump client 2010-11-05 15:55:23 +00:00
mrg
e00e7bd5c0 implement CTLTYPE_BOOL support. it was entirely missing. HI MATT! 2010-04-11 01:52:10 +00:00
elad
55a6f2a937 Remove stale references to the "read only at securelevel [12]" flags in 
the documentation and code comments.
 2009-09-30 04:30:50 +00:00
christos
e048bed6b3 Don't print an error with sysctl -w name?=value if name does not exist. 
Should be pulled up to 5.0
 2009-04-01 15:55:27 +00:00
lukem
deb4c0bbb3 fix sign-compare issues 2009-03-20 13:18:50 +00:00
pgoyette
dab2b670bf Format the address/offset of hexdump in hex, not decimal. 
Addresses my PR bin/41035
 2009-03-18 01:28:25 +00:00
njoly
e4bf6d925f Add missing free() in machdep_diskinfo(). 2009-03-05 15:35:59 +00:00
uebayasi
a6533b8fed Comment out CFLAGS+=-g. 2009-02-13 16:02:05 +00:00
christos
118c87a6fe fix dev_t format. 2008-12-28 20:17:11 +00:00
reed
a4bfac4a14 Reference secmodel_securelevel(9) manual page. 2008-11-11 00:09:36 +00:00
lukem
6543a91fea Remove the \n and tabs from the __COPYRIGHT() strings. 
(Tweak some to use a consistent format.)
 2008-07-20 01:20:21 +00:00
martin
cd22f25e6f Move TNF licenses to 2 clause form 2008-05-02 18:11:04 +00:00
martin
3028e483e4 Convert to new 2 clause license 2008-04-29 06:53:00 +00:00
elad
aede3e59fc PR/35304: C J Coleman: Off-by-one nul byte overwrite in mode_bits routine 
of sbin/sysctl
 2006-12-21 22:25:39 +00:00
christos
b311ec9d52 Exit with non-zero on errors. 2006-12-18 12:50:08 +00:00
pavel
edab74570a Move the description of sysctl MIBs from sysctl.3 to a new manual page 
sysctl.7. Remove the list of MIBs from sysctl.8 so we don't have to
maintain duplicate information, as proposed by YAMAMOTO Takashi on
tech-userlevel. Also remove references to header files from sysctl.8.

The numeric constants remain documented, they are still needed in some
cases. See the discussion on tech-userlevel. ("mib list in sysctl.8")

OK by YAMAMOTO Takashi.
 2006-12-04 08:59:13 +00:00
christos
df031f1edc PR/34837: Mindaguas: Add SysV SHM dynamic reallocation and locking to the 
physical memory
 2006-11-25 21:40:04 +00:00
elad
a84fee7faf Initial implementation of PaX Segvguard (this is still work-in-progress, 
it's just to get it out of my local tree).
 2006-11-22 02:02:51 +00:00
christos
9f4a7c8c31 PR/34965: Nicolas Joly: sysctl(1) small memory leak 2006-11-02 14:54:21 +00:00
christos
09012c9606 prefix name in kern.drivers 2006-11-01 22:26:36 +00:00
christos
5bc3ea6c79 support printing kern.drivers 2006-10-15 21:33:34 +00:00
elad
5c38108d28 Change the PaX mprotect(2) restrictions' "global_protection" knob to 
just "global" -- it's shorter and more readable. Update documentation.
 2006-09-26 14:48:40 +00:00
rpaulo
2fb2ae3251 Import of TCP ECN algorithm for congestion control. 
Both available for IPv4 and IPv6.
Basic implementation test results are available at
http://netbsd-soc.sourceforge.net/projects/ecn/testresults.html.

Work sponsored by the Google Summer of Code project 2006.
Special thanks to Kentaro Kurahone, Allen Briggs and Matt Thomas for their
help, comments and support during the project.
 2006-09-05 00:29:35 +00:00
liamjfoy
2e60755ac8 add net.inet.ip.maxflows. Bump date. 2006-09-04 23:40:18 +00:00
wiz
4a3dddea24 Bump date for previous. 2006-08-08 22:11:42 +00:00
kardel
64e74c80df document timecounter sysctls 2006-08-08 19:47:44 +00:00
elad
f1d99e7dfa CTLFLAG_READONLY1 and CTLFLAG_READONLY2 were deprecated in earlier commit, remove them here too 2006-07-30 19:53:20 +00:00
elad
1c8d298b89 move security.setid_core.* to kern.coredump.setid.*, as requested by yamt@. 2006-07-14 21:55:19 +00:00
elad
b5d09ef065 okay, since there was no way to divide this to two commits, here it goes.. 
introduce fileassoc(9), a kernel interface for associating meta-data with
files using in-kernel memory. this is very similar to what we had in
veriexec till now, only abstracted so it can be used more easily by more
consumers.

this also prompted the redesign of the interface, making it work on vnodes
and mounts and not directly on devices and inodes. internally, we still
use file-id but that's gonna change soon... the interface will remain
consistent.

as a result, veriexec went under some heavy changes to conform to the new
interface. since we no longer use device numbers to identify file-systems,
the veriexec sysctl stuff changed too: kern.veriexec.count.dev_N is now
kern.veriexec.tableN.* where 'N' is NOT the device number but rather a
way to distinguish several mounts.

also worth noting is the plugging of unmount/delete operations
wrt/fileassoc and veriexec.

tons of input from yamt@, wrstuden@, martin@, and christos@.
 2006-07-14 18:41:40 +00:00
liamjfoy
27f99986a6 bump date (.Dd) 2006-05-29 19:35:31 +00:00
liamjfoy
10f12d58af document Common Address Redundancy Protocol sysctls, aka CARP 
ok joerg@
 2006-05-29 19:11:16 +00:00
elad
04d63f90b5 Introduce PaX MPROTECT -- mprotect(2) restrictions used to strengthen 
W^X mappings.

Disabled by default.

First proposed in:

	http://mail-index.netbsd.org/tech-security/2005/12/18/0000.html

More information in:

	http://pax.grsecurity.net/docs/mprotect.txt

Read relevant parts of options(4) and sysctl(3) before using!

Lots of thanks to the PaX author and Matt Thomas.
 2006-05-16 00:08:24 +00:00
jnemeth
7b95c00460 Coverity CID 2784: Add more checks for value==NULL. 2006-03-30 08:02:40 +00:00
christos
fbe98ede0f Coverity CID 2763: Add more checks for value==NULL. 2006-03-26 23:12:48 +00:00
christos
48ce3c5d75 Coverity CID 2764: Avoid null reference 2006-03-26 23:10:26 +00:00
christos
86bc6ef985 Coverity CID 786: Avoid NULL dereference. 2006-03-22 02:25:44 +00:00
christos
421a9c133c add the 3 opencrypto sysctls. 2006-03-06 00:51:48 +00:00
christos
238f1027f9 detect integer overflow differently. previous change broke negative sysctl 
values.
 2006-02-08 18:13:56 +00:00