summaryrefslogtreecommitdiff
path: root/sbin/sysctl
AgeCommit message (Collapse)Author
2016-03-31Don't use .Aq for syntax elements that require ASCII "<>".Ingo Schwarze
Patch from Christian Heckendorf <mbie at ulmus dot me>. OK jmc@ bentley@
2016-03-03Remove option USER_LDT and everything depending on it.Christian Weisgerber
Remove machdep.userldt sysctl. Remove i386_[gs]et_ldt syscall stub from libi386. Remove i386_[gs]et_ldt regression test. ok mlarkin@ millert@ guenther@
2016-02-29delete the kern.emul/KERN_EMUL sysctl bits since there are noChristian Weisgerber
emulations left; ok millert@ deraadt@, jmc@ (man pages)
2015-11-05document the other two net.inet6.ip6.ifq variables, ok logan mikebStuart Henderson
2015-11-05Correct my mistake in the previous patch:Loganaden Velvindron
net.inet6.ip6.ifq -> net.inet6.ip6.ifq.len Pointed out by Mike Belopuhov
2015-11-05Add an entry for net.inet6.ip6.ifq that dlg@ committed a while ago.Loganaden Velvindron
OK dlg@
2015-10-03If we care about placing core files from SUID programs in a safe place,Vadim Zhukov
lets do not suggest to provoke races and use -m option of mkdir(1). ok guenther@, "don't care" deraadt@ :)
2015-04-18Convert many atoi() calls to strtonum(), adding range checks and failureTheo de Raadt
handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert
2015-02-13Direct people to netstat for the new multicast routing sysctls.Philip Guenther
problem noted by dcoppa@ ok claudio@
2015-02-09provide a net.inet6.ip6.ifq sysctl so people can see and fiddleDavid Gwynne
with the ip6intrq. ok claudio@
2015-01-16Replace <sys/param.h> with <limits.h> and other less dirty headers whereTheo de Raadt
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol)
2015-01-14pathconf(1) never happened.Theo de Raadt
ok guenther
2014-12-12put global_ptrace here too so users know how to spell it. poke by jmcTed Unangst
2014-11-19delete the KERN_VNODE sysctl. it fails to provide any isolation from theTed Unangst
kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi
2014-10-26Add a format specifier for the printf.Brad Smith
ok guenther@
2014-10-25Remove unnecessary netinet/in_systm.h include.Lawrence Teo
ok millert@
2014-10-23mention hw.perfpolicy; Daniel JakotsTheo de Raadt
2014-09-15Remove non-standard <sys/dkstat.h> header. It has not contained anythingMiod Vallat
related to disk stastics for almost 17 years, and the remaining userland-visible defines duplicate those found in <sys/sched.h>. Move the remaining _KERNEL defines to <sys/tty.h> where they belong, and update all users to cope with this. ok kettenis@
2014-08-27Nuke net.inet6.icmp6.rediraccept and allow redirects on interfacesFlorian Obser
with autoconf enabled. If one is doing SLAAC one does already trust link local icmp6 so the policy for icmp6 redirects should be the same. pointed out by & OK bluhm@; OK henning@
2014-08-20Remove userland bits related to the crypto(4) interface; ok deraadtMike Belopuhov
2014-08-16repair operation of kern.arandom, which will only allow a buffer ofTheo de Raadt
512 bytes. As a result, it stopped working... ok miod
2014-07-11net.inet6.ip6.accept_rtadv bit the bucketHenning Brauer
ok florian bluhm benno stsp
2014-07-11Remove rfc 4620 Node Information Query support (from the kernel).Sebastian Benoit
ok henning@ stu@, Yay! weerd@
2014-05-07Kill the {nd6_,}useloopback buttons, using the loopback interface forMartin Pieuchot
local traffic is not optional. ok mikeb@, stsp@, jca@
2014-05-07missing word in error message. ok millertTed Unangst
2014-05-07delete some crusty castsTed Unangst
2014-05-04tweak previous;Jason McIntyre
2014-05-04When kern.nosuidcoredump=3, act like =2 but try to dump cores intoTheo de Raadt
the /var/crash/programname/ directory, as root. For instance, # mkdir /var/crash/bgpd/ # chmod 700 /var/crash/bgpd/ # If you skip this step, you are a moron # sysctl kern.nosuidcoredump=3 # bgpd # pkill -ABRT bgpd # ls /var/crash/bgpd/ 14764.core 23207.core 6423.core Of course, in real life the idea is that you don't kill the daemon but it crashes and you collect parallel cores. Careful you don't fill your /var. Further tuneables are being considered. Sorry to be picking on bgpd for this example. I've watched the "too difficult to debug privsep code" angst for far too long. ok guenther
2014-04-27sort the ip6 sysctls;Jason McIntyre
2014-04-27Document net.inet6.ip6.dad_pending.Loganaden Velvindron
OK from jmc@, and thanks to sthen@ for pointing out my mistake in the first version of the diff.
2014-04-19Add missing description for IPv6 mtudisctimeout sysctl andlogan
rework the wording for both IPv4 and IPv6. OK from sthen@, henning@ and claudio@
2014-04-19Add missing man page descriptions for the following IPv6 sysctls:logan
-maxdynroutes -maxifprefixes -maxifdefrouters -neighborgcthresh OK from sthen@, claudio@ and henning@
2014-04-08Use VM_UVMEXP instead of VM_METER for memory usages and directlyMartin Pieuchot
include <sys/vmmeter.h> where it is needed instead of relying on it being included by <uvm/uvm_extern.h>. miod@ likes it, ok guenther@
2014-01-23kern.intrcnt is viewable with vmstat+systatPhilip Guenther
2013-11-22Whole bunch of (unsigned char) casts carefully added for ctype calls.Theo de Raadt
Careful second audit by millert
2013-11-15Include unistd.h as it is the standard location for getopt().Todd C. Miller
2013-11-12satisfy proto requirementTheo de Raadt
2013-10-28kill kame version symbols and sysctlTheo de Raadt
ports tree grep run by sthen
2013-10-22- add UNIX-domain socket info to struct kinfo_file2Philip Guenther
- convert netstat from kvm_getfiles() to kvm_getfile2() using that - delete kvm_getfiles() and KERN_FILE as no longer used (bump libkvm's major) - rename kvm_getfile2() to kvm_getfiles(), kinfo_file2 to kinfo_file and KERN_FILE2 to KERN_FILE. ok deraadt@, millert@ ports scan sthen@
2013-08-14some Bx/Ox conversion;Jason McIntyre
From: Jan Stary
2013-07-18Revert 1.191 and 1.193 and fix the original problem (access to the lastPhilip Guenther
filesystem, currently ext2fs) by increasing maxtypenum sufficiently. suggested by Rafael Neves (rafaelneves (at) gmail.com)
2013-07-18Correct off-by-one in naming of nodes below vfs.mounts.Philip Guenther
problem noted by Rafael Neves (rafaelneves (at) gmail.com) ok jca@
2013-06-09add fuse sysctls, from Sylvestre GallonTed Unangst
2013-06-09fix an off by one preventing access to the last filesystem.Ted Unangst
from Sylvestre Gallon
2013-06-08Add new sysctl for pipex packet input/output queue length andYASUOKA Masahiko
counters. ok guenther, feedback jmc
2013-06-02Add mentions about net.mpls and net.inet.ip.ifq.YASUOKA Masahiko
input from jmc claudio
2013-04-16handle big time_t types; ok guentherTheo de Raadt
2013-04-15Remove CTL_USER hierarchy from sysctl()Philip Guenther
(Use sysconf() or confstr() instead) ok miod@ millert@
2013-04-06remove kern.rthreadsTed Unangst
2013-03-29remove some of the unused fields from rndstats and stop printing zeroes.Ted Unangst
print labels before stats so people can tell what's what.