[Status update] sysctlreg project

Ilya Bakulin webmaster at kibab.com
Mon Jun 14 20:03:55 UTC 2010

On Mon, 14 Jun 2010 08:55:53 -0400
John Baldwin <jhb at freebsd.org> wrote:

> > This week (14.06 -- 21.06) I will continue to add more and more FEATUREs. My 
> plan is to finish adding Netgraph-related features by the end of this week. 
> Also I plan to do some research work to understand how to handle sysctl change 
> attempts in the kernel. This will be required to implement systcl change 
> handler.
> Hmm, what are you planning to do in regards to a sysctl change handler?  I 
> believe the kern.feature.* sysctls should be read-only by design.

There should be a way to change their state (to allow "spoof-off" of these values). In the simpliest case, invoking "sysctl kern.feature.foo=0" should hide feature "foo", and it won't be listed any more, but "sysctl kern.feature.foo=1" should bring it back. Changing the state of these sysctls may only be allowed for root, and only if securelevel is lower than X (To Be Discussed).
If such scenario is possible, then it's not nessesary to bring new entities in the base system, we'll use existing "sysctl" application.
Ilya Bakulin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/soc-status/attachments/20100614/8ebf8b1c/signature.pgp

More information about the soc-status mailing list