mirror of
https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git
synced 2024-11-24 00:11:05 +01:00
sysctl: Add flags to filter jail prison and vnet variables
So users do not have to contact the source code to tell whether a variable is a jail prison / vnet one or not. Reviewed by: cy (previous version), markj, jamie (for #jails) MFC after: 2 weeks Relnotes: yes Differential Revision: https://reviews.freebsd.org/D47107
This commit is contained in:
parent
d652801574
commit
5ec83c660a
@ -28,7 +28,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.Dd August 18, 2023
|
||||
.Dd October 29, 2024
|
||||
.Dt SYSCTL 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -111,6 +111,8 @@ The purpose is to make use of
|
||||
.Nm
|
||||
for collecting data from a variety of machines (not all of which
|
||||
are necessarily running exactly the same software) easier.
|
||||
.It Fl J
|
||||
Display only jail prision sysctl variables (CTLFLAG_PRISON).
|
||||
.It Fl l
|
||||
Show the length of variables along with their values.
|
||||
This option cannot be combined with the
|
||||
@ -153,6 +155,8 @@ to standard error.
|
||||
Display only variables that are settable via loader (CTLFLAG_TUN).
|
||||
.It Fl t
|
||||
Print the type of the variable.
|
||||
.It Fl V
|
||||
Display only VNET sysctl variables (CTLFLAG_VNET).
|
||||
.It Fl W
|
||||
Display only writable variables that are not statistical.
|
||||
Useful for determining the set of runtime tunable sysctls.
|
||||
@ -325,7 +329,8 @@ option has been deprecated and is silently ignored.
|
||||
.Xr loader.conf 5 ,
|
||||
.Xr sysctl.conf 5 ,
|
||||
.Xr security 7 ,
|
||||
.Xr loader 8
|
||||
.Xr loader 8 ,
|
||||
.Xr jail 8
|
||||
.Sh HISTORY
|
||||
A
|
||||
.Nm
|
||||
|
@ -63,7 +63,7 @@ static const char *conffile;
|
||||
|
||||
static int aflag, bflag, Bflag, dflag, eflag, hflag, iflag;
|
||||
static int Nflag, nflag, oflag, qflag, tflag, Tflag, Wflag, xflag;
|
||||
static bool Fflag, lflag;
|
||||
static bool Fflag, Jflag, lflag, Vflag;
|
||||
|
||||
static int oidfmt(int *, int, char *, u_int *);
|
||||
static int parsefile(const char *);
|
||||
@ -136,7 +136,7 @@ main(int argc, char **argv)
|
||||
setbuf(stdout,0);
|
||||
setbuf(stderr,0);
|
||||
|
||||
while ((ch = getopt(argc, argv, "AabB:def:FhilNnoqtTwWxX")) != -1) {
|
||||
while ((ch = getopt(argc, argv, "AabB:def:FhiJlNnoqtTVwWxX")) != -1) {
|
||||
switch (ch) {
|
||||
case 'A':
|
||||
/* compatibility */
|
||||
@ -169,6 +169,9 @@ main(int argc, char **argv)
|
||||
case 'i':
|
||||
iflag = 1;
|
||||
break;
|
||||
case 'J':
|
||||
Jflag = true;
|
||||
break;
|
||||
case 'l':
|
||||
lflag = true;
|
||||
break;
|
||||
@ -190,6 +193,9 @@ main(int argc, char **argv)
|
||||
case 'T':
|
||||
Tflag = 1;
|
||||
break;
|
||||
case 'V':
|
||||
Vflag = true;
|
||||
break;
|
||||
case 'w':
|
||||
/* compatibility */
|
||||
/* ignored */
|
||||
@ -1048,10 +1054,18 @@ show_var(int *oid, int nlen, bool honor_skip)
|
||||
if (Wflag && ((kind & CTLFLAG_WR) == 0 || (kind & CTLFLAG_STATS) != 0))
|
||||
return (1);
|
||||
|
||||
/* if Jflag then only list sysctls that are prison variables. */
|
||||
if (Jflag && (kind & CTLFLAG_PRISON) == 0)
|
||||
return (1);
|
||||
|
||||
/* if Tflag then only list sysctls that are tuneables. */
|
||||
if (Tflag && (kind & CTLFLAG_TUN) == 0)
|
||||
return (1);
|
||||
|
||||
/* if Vflag then only list sysctls that are vnet variables. */
|
||||
if (Vflag && (kind & CTLFLAG_VNET) == 0)
|
||||
return (1);
|
||||
|
||||
if (Nflag) {
|
||||
printf("%s", name);
|
||||
return (0);
|
||||
|
Loading…
Reference in New Issue
Block a user