[Bug 177821] sysctl: Some security.jail nodes are funky, duplicate entries, ending in dots (.)

From: <bugzilla-noreply_at_freebsd.org>
Date: Sun, 25 Jul 2021 01:08:03 +0000
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=177821

--- Comment #4 from Alfonso S. Siciliano <alfix86_at_gmail.com> ---
The sysctl name that have a trailing '.' are normal: they are normal sysctl
objects with a `struct sysctl_oid` in the MIB but their name
`sysctl_oid.oid_name` is just "\0".

I mentioned them at the BSDCan 2020 and in some quarterly status report to
describe sysutils/sysctlinfo-kmod, sysutils/sysctlbyname-improved-kmod and
devel/sysctlmibinfo2.

We can use sysutils/nsysctl to know their properties:

% nsysctl -OFIHtN -s ', ' security
2147482851, security, node, N, Undefined
...
2147482851.2147482945, security.jail, node, N, Undefined
...
2147482851.2147482945.2147482932, security.jail.param, node, N, Undefined
2147482851.2147482945.2147482932.2147482549, security.jail.param.sysvshm, node,
N, Undefined
2147482851.2147482945.2147482932.2147482549.2147482548,
security.jail.param.sysvshm., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482560, security.jail.param.sysvsem, node,
N, Undefined
2147482851.2147482945.2147482932.2147482560.2147482559,
security.jail.param.sysvsem., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482573, security.jail.param.sysvmsg, node,
N, Undefined
2147482851.2147482945.2147482932.2147482573.2147482572,
security.jail.param.sysvmsg., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482900, security.jail.param.allow, node,
N, Undefined
2147482851.2147482945.2147482932.2147482900.2147482888,
security.jail.param.allow.mount, node, N, Undefined
2147482851.2147482945.2147482932.2147482900.2147482888.2147471913,
security.jail.param.allow.mount.debugfs, integer, B, Defined
2147482851.2147482945.2147482932.2147482900.2147482888.2147471916,
security.jail.param.allow.mount.anon_inodefs, integer, B, Defined
2147482851.2147482945.2147482932.2147482900.2147482888.2147473599,
security.jail.param.allow.mount.devfs, integer, B, Defined
2147482851.2147482945.2147482932.2147482900.2147482888.2147473671,
security.jail.param.allow.mount.tmpfs, integer, B, Defined
2147482851.2147482945.2147482932.2147482900.2147482888.2147473673,
security.jail.param.allow.mount.procfs, integer, B, Defined
2147482851.2147482945.2147482932.2147482900.2147482888.2147482887,
security.jail.param.allow.mount., integer, B, Defined
...
2147482851.2147482945.2147482932.2147482904, security.jail.param.ip6, node, N,
Undefined
2147482851.2147482945.2147482932.2147482904.2147482901,
security.jail.param.ip6.saddrsel, integer, B, Defined
2147482851.2147482945.2147482932.2147482904.2147482902,
security.jail.param.ip6.addr, opaque, S,in6_addr,a, Defined
2147482851.2147482945.2147482932.2147482904.2147482903,
security.jail.param.ip6., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482908, security.jail.param.ip4, node, N,
Undefined
2147482851.2147482945.2147482932.2147482908.2147482905,
security.jail.param.ip4.saddrsel, integer, B, Defined
2147482851.2147482945.2147482932.2147482908.2147482906,
security.jail.param.ip4.addr, opaque, S,in_addr,a, Defined
2147482851.2147482945.2147482932.2147482908.2147482907,
security.jail.param.ip4., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482910, security.jail.param.cpuset, node,
N, Undefined
2147482851.2147482945.2147482932.2147482910.2147482909,
security.jail.param.cpuset.id, integer, I, Defined
2147482851.2147482945.2147482932.2147482916, security.jail.param.host, node, N,
Undefined
2147482851.2147482945.2147482932.2147482916.2147482911,
security.jail.param.host.hostid, unsigned long, LU, Defined
2147482851.2147482945.2147482932.2147482916.2147482912,
security.jail.param.host.hostuuid, string, A, Defined
2147482851.2147482945.2147482932.2147482916.2147482913,
security.jail.param.host.domainname, string, A, Defined
2147482851.2147482945.2147482932.2147482916.2147482914,
security.jail.param.host.hostname, string, A, Defined
2147482851.2147482945.2147482932.2147482916.2147482915,
security.jail.param.host., integer, E,jailsys, Defined
2147482851.2147482945.2147482932.2147482919, security.jail.param.children,
node, N, Undefined
2147482851.2147482945.2147482932.2147482919.2147482917,
security.jail.param.children.max, integer, I, Defined
2147482851.2147482945.2147482932.2147482919.2147482918,
security.jail.param.children.cur, integer, I, Defined
...


The complete output is attached, it prints: OID, name, type, format and handler
status, for example 

2147482851.2147482945.2147482932.2147482908, security.jail.param.ip4, node, N,
Undefined
2147482851.2147482945.2147482932.2147482908.2147482905,
security.jail.param.ip4.saddrsel, integer, B, Defined
2147482851.2147482945.2147482932.2147482908.2147482906,
security.jail.param.ip4.addr, opaque, S,in_addr,a, Defined
2147482851.2147482945.2147482932.2147482908.2147482907,
security.jail.param.ip4., integer, E,jailsys, Defined

Obviously "security.jail.param.ip4" is the (internal node) father and
"security.jail.param.ip4." is a (leaf) child, they are not dublicates but
distinct objects.

We can use deskutils/sysctlview for a real GUI representation, in asciiart:

2147482851 "security"
      |
2147482945 "jail"
      |
2147482932 "param"
      |
2147482908 "ip4"
   ___|_____________________________________
   |                      |                |
2147482905 "saddrsel" 2147482906 "addr" 2147482907 "\0"
(<-"security.jail.param.ip4.\0")


Conclusion, the output of sysctl is correct, of course a jail expert could
update the descriptions to avoid confusion.

-- 
You are receiving this mail because:
You are the assignee for the bug.
Received on Sun Jul 25 2021 - 01:08:03 UTC

Original text of this message