diff options
| -rw-r--r-- | lib/libc/gen/getdomainname.3 | 6 | ||||
| -rw-r--r-- | sys/kern/kern_sysctl.c | 9 |
2 files changed, 10 insertions, 5 deletions
diff --git a/lib/libc/gen/getdomainname.3 b/lib/libc/gen/getdomainname.3 index 2b982311bf0..1eef9433d3f 100644 --- a/lib/libc/gen/getdomainname.3 +++ b/lib/libc/gen/getdomainname.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: getdomainname.3,v 1.28 2022/07/17 08:33:01 jsg Exp $ +.\" $OpenBSD: getdomainname.3,v 1.29 2022/07/26 14:53:29 deraadt Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -27,7 +27,7 @@ .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.Dd $Mdocdate: July 17 2022 $ +.Dd $Mdocdate: July 26 2022 $ .Dt GETDOMAINNAME 3 .Os .Sh NAME @@ -61,6 +61,8 @@ which has length .Fa namelen . This call is restricted to the superuser and is normally used only when the system is bootstrapped. +Under normal operation once the domainname is set, it cannot be +changed. .Sh RETURN VALUES If the call succeeds, a value of 0 is returned. If the call fails, a value of \-1 is returned and an error code is diff --git a/sys/kern/kern_sysctl.c b/sys/kern/kern_sysctl.c index f9d1f04a845..1be54b0c156 100644 --- a/sys/kern/kern_sysctl.c +++ b/sys/kern/kern_sysctl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sysctl.c,v 1.403 2022/07/05 15:06:16 visa Exp $ */ +/* $OpenBSD: kern_sysctl.c,v 1.404 2022/07/26 14:53:45 deraadt Exp $ */ /* $NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $ */ /*- @@ -486,8 +486,11 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp, hostnamelen = newlen; return (error); case KERN_DOMAINNAME: - error = sysctl_tstring(oldp, oldlenp, newp, newlen, - domainname, sizeof(domainname)); + if (securelevel >= 1 && domainnamelen && newp) + error = EPERM; + else + error = sysctl_tstring(oldp, oldlenp, newp, newlen, + domainname, sizeof(domainname)); if (newp && !error) domainnamelen = newlen; return (error); |