Age | Commit message (Collapse) | Author | |
---|---|---|---|
2016-03-31 | Don't use .Aq for syntax elements that require ASCII "<>". | Ingo Schwarze | |
Patch from Christian Heckendorf <mbie at ulmus dot me>. OK jmc@ bentley@ | |||
2016-03-03 | Remove option USER_LDT and everything depending on it. | Christian Weisgerber | |
Remove machdep.userldt sysctl. Remove i386_[gs]et_ldt syscall stub from libi386. Remove i386_[gs]et_ldt regression test. ok mlarkin@ millert@ guenther@ | |||
2016-02-29 | delete the kern.emul/KERN_EMUL sysctl bits since there are no | Christian Weisgerber | |
emulations left; ok millert@ deraadt@, jmc@ (man pages) | |||
2015-11-05 | document the other two net.inet6.ip6.ifq variables, ok logan mikeb | Stuart Henderson | |
2015-11-05 | Correct my mistake in the previous patch: | Loganaden Velvindron | |
net.inet6.ip6.ifq -> net.inet6.ip6.ifq.len Pointed out by Mike Belopuhov | |||
2015-11-05 | Add an entry for net.inet6.ip6.ifq that dlg@ committed a while ago. | Loganaden Velvindron | |
OK dlg@ | |||
2015-10-03 | If we care about placing core files from SUID programs in a safe place, | Vadim Zhukov | |
lets do not suggest to provoke races and use -m option of mkdir(1). ok guenther@, "don't care" deraadt@ :) | |||
2015-04-18 | Convert many atoi() calls to strtonum(), adding range checks and failure | Theo de Raadt | |
handling along the way. Reviews by Brendan MacDonell, Jeremy Devenport, florian, doug, millert | |||
2015-02-13 | Direct people to netstat for the new multicast routing sysctls. | Philip Guenther | |
problem noted by dcoppa@ ok claudio@ | |||
2015-02-09 | provide a net.inet6.ip6.ifq sysctl so people can see and fiddle | David Gwynne | |
with the ip6intrq. ok claudio@ | |||
2015-01-16 | Replace <sys/param.h> with <limits.h> and other less dirty headers where | Theo de Raadt | |
possible. Annotate <sys/param.h> lines with their current reasons. Switch to PATH_MAX, NGROUPS_MAX, HOST_NAME_MAX+1, LOGIN_NAME_MAX, etc. Change MIN() and MAX() to local definitions of MINIMUM() and MAXIMUM() where sensible to avoid pulling in the pollution. These are the files confirmed through binary verification. ok guenther, millert, doug (helped with the verification protocol) | |||
2015-01-14 | pathconf(1) never happened. | Theo de Raadt | |
ok guenther | |||
2014-12-12 | put global_ptrace here too so users know how to spell it. poke by jmc | Ted Unangst | |
2014-11-19 | delete the KERN_VNODE sysctl. it fails to provide any isolation from the | Ted Unangst | |
kernel struct vnode defintion, and the only consumer (pstat) still needs kvm to read much of the required information. no great loss to always use kvm until there's a better replacement interface. ok deraadt millert uebayasi | |||
2014-10-26 | Add a format specifier for the printf. | Brad Smith | |
ok guenther@ | |||
2014-10-25 | Remove unnecessary netinet/in_systm.h include. | Lawrence Teo | |
ok millert@ | |||
2014-10-23 | mention hw.perfpolicy; Daniel Jakots | Theo de Raadt | |
2014-09-15 | Remove non-standard <sys/dkstat.h> header. It has not contained anything | Miod Vallat | |
related to disk stastics for almost 17 years, and the remaining userland-visible defines duplicate those found in <sys/sched.h>. Move the remaining _KERNEL defines to <sys/tty.h> where they belong, and update all users to cope with this. ok kettenis@ | |||
2014-08-27 | Nuke net.inet6.icmp6.rediraccept and allow redirects on interfaces | Florian Obser | |
with autoconf enabled. If one is doing SLAAC one does already trust link local icmp6 so the policy for icmp6 redirects should be the same. pointed out by & OK bluhm@; OK henning@ | |||
2014-08-20 | Remove userland bits related to the crypto(4) interface; ok deraadt | Mike Belopuhov | |
2014-08-16 | repair operation of kern.arandom, which will only allow a buffer of | Theo de Raadt | |
512 bytes. As a result, it stopped working... ok miod | |||
2014-07-11 | net.inet6.ip6.accept_rtadv bit the bucket | Henning Brauer | |
ok florian bluhm benno stsp | |||
2014-07-11 | Remove rfc 4620 Node Information Query support (from the kernel). | Sebastian Benoit | |
ok henning@ stu@, Yay! weerd@ | |||
2014-05-07 | Kill the {nd6_,}useloopback buttons, using the loopback interface for | Martin Pieuchot | |
local traffic is not optional. ok mikeb@, stsp@, jca@ | |||
2014-05-07 | missing word in error message. ok millert | Ted Unangst | |
2014-05-07 | delete some crusty casts | Ted Unangst | |
2014-05-04 | tweak previous; | Jason McIntyre | |
2014-05-04 | When kern.nosuidcoredump=3, act like =2 but try to dump cores into | Theo de Raadt | |
the /var/crash/programname/ directory, as root. For instance, # mkdir /var/crash/bgpd/ # chmod 700 /var/crash/bgpd/ # If you skip this step, you are a moron # sysctl kern.nosuidcoredump=3 # bgpd # pkill -ABRT bgpd # ls /var/crash/bgpd/ 14764.core 23207.core 6423.core Of course, in real life the idea is that you don't kill the daemon but it crashes and you collect parallel cores. Careful you don't fill your /var. Further tuneables are being considered. Sorry to be picking on bgpd for this example. I've watched the "too difficult to debug privsep code" angst for far too long. ok guenther | |||
2014-04-27 | sort the ip6 sysctls; | Jason McIntyre | |
2014-04-27 | Document net.inet6.ip6.dad_pending. | Loganaden Velvindron | |
OK from jmc@, and thanks to sthen@ for pointing out my mistake in the first version of the diff. | |||
2014-04-19 | Add missing description for IPv6 mtudisctimeout sysctl and | logan | |
rework the wording for both IPv4 and IPv6. OK from sthen@, henning@ and claudio@ | |||
2014-04-19 | Add missing man page descriptions for the following IPv6 sysctls: | logan | |
-maxdynroutes -maxifprefixes -maxifdefrouters -neighborgcthresh OK from sthen@, claudio@ and henning@ | |||
2014-04-08 | Use VM_UVMEXP instead of VM_METER for memory usages and directly | Martin Pieuchot | |
include <sys/vmmeter.h> where it is needed instead of relying on it being included by <uvm/uvm_extern.h>. miod@ likes it, ok guenther@ | |||
2014-01-23 | kern.intrcnt is viewable with vmstat+systat | Philip Guenther | |
2013-11-22 | Whole bunch of (unsigned char) casts carefully added for ctype calls. | Theo de Raadt | |
Careful second audit by millert | |||
2013-11-15 | Include unistd.h as it is the standard location for getopt(). | Todd C. Miller | |
2013-11-12 | satisfy proto requirement | Theo de Raadt | |
2013-10-28 | kill kame version symbols and sysctl | Theo de Raadt | |
ports tree grep run by sthen | |||
2013-10-22 | - add UNIX-domain socket info to struct kinfo_file2 | Philip Guenther | |
- convert netstat from kvm_getfiles() to kvm_getfile2() using that - delete kvm_getfiles() and KERN_FILE as no longer used (bump libkvm's major) - rename kvm_getfile2() to kvm_getfiles(), kinfo_file2 to kinfo_file and KERN_FILE2 to KERN_FILE. ok deraadt@, millert@ ports scan sthen@ | |||
2013-08-14 | some Bx/Ox conversion; | Jason McIntyre | |
From: Jan Stary | |||
2013-07-18 | Revert 1.191 and 1.193 and fix the original problem (access to the last | Philip Guenther | |
filesystem, currently ext2fs) by increasing maxtypenum sufficiently. suggested by Rafael Neves (rafaelneves (at) gmail.com) | |||
2013-07-18 | Correct off-by-one in naming of nodes below vfs.mounts. | Philip Guenther | |
problem noted by Rafael Neves (rafaelneves (at) gmail.com) ok jca@ | |||
2013-06-09 | add fuse sysctls, from Sylvestre Gallon | Ted Unangst | |
2013-06-09 | fix an off by one preventing access to the last filesystem. | Ted Unangst | |
from Sylvestre Gallon | |||
2013-06-08 | Add new sysctl for pipex packet input/output queue length and | YASUOKA Masahiko | |
counters. ok guenther, feedback jmc | |||
2013-06-02 | Add mentions about net.mpls and net.inet.ip.ifq. | YASUOKA Masahiko | |
input from jmc claudio | |||
2013-04-16 | handle big time_t types; ok guenther | Theo de Raadt | |
2013-04-15 | Remove CTL_USER hierarchy from sysctl() | Philip Guenther | |
(Use sysconf() or confstr() instead) ok miod@ millert@ | |||
2013-04-06 | remove kern.rthreads | Ted Unangst | |
2013-03-29 | remove some of the unused fields from rndstats and stop printing zeroes. | Ted Unangst | |
print labels before stats so people can tell what's what. |