From owner-soc-status@FreeBSD.ORG Mon Jun 14 20:03:55 2010 Return-Path: Delivered-To: soc-status@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id A00191065670 for ; Mon, 14 Jun 2010 20:03:55 +0000 (UTC) (envelope-from webmaster@kibab.com) Received: from mx0.deglitch.com (backbone.deglitch.com [78.110.53.255]) by mx1.freebsd.org (Postfix) with ESMTP id 526078FC18 for ; Mon, 14 Jun 2010 20:03:55 +0000 (UTC) Received: from localhost (95-25-240-181.broadband.corbina.ru [95.25.240.181]) by mx0.deglitch.com (Postfix) with ESMTPA id 2263D8FC4E; Tue, 15 Jun 2010 00:03:23 +0400 (MSD) Date: Tue, 15 Jun 2010 00:03:24 +0400 From: Ilya Bakulin To: John Baldwin Message-ID: <20100615000324.3b089478@kibab.com> In-Reply-To: <201006140855.53558.jhb@freebsd.org> References: <20100614151113.17a1c368@kibab.com> <201006140855.53558.jhb@freebsd.org> Organization: Deglitch Networks X-Mailer: Claws Mail 3.7.6 (GTK+ 2.20.1; i386-portbld-freebsd8.0) Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/7u68AympJK1o0qbKps3UgYh"; protocol="application/pgp-signature" Cc: Alexander Leidinger , soc-status@freebsd.org Subject: Re: [Status update] sysctlreg project X-BeenThere: soc-status@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Summer of Code Status Reports and Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Jun 2010 20:03:55 -0000 --Sig_/7u68AympJK1o0qbKps3UgYh Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Mon, 14 Jun 2010 08:55:53 -0400 John Baldwin wrote: > > This week (14.06 -- 21.06) I will continue to add more and more FEATURE= s. My=20 > plan is to finish adding Netgraph-related features by the end of this wee= k.=20 > Also I plan to do some research work to understand how to handle sysctl c= hange=20 > attempts in the kernel. This will be required to implement systcl change= =20 > handler. >=20 > Hmm, what are you planning to do in regards to a sysctl change handler? = I=20 > believe the kern.feature.* sysctls should be read-only by design. There should be a way to change their state (to allow "spoof-off" of these = values). In the simpliest case, invoking "sysctl kern.feature.foo=3D0" shou= ld hide feature "foo", and it won't be listed any more, but "sysctl kern.fe= ature.foo=3D1" should bring it back. Changing the state of these sysctls ma= y only be allowed for root, and only if securelevel is lower than X (To Be = Discussed). If such scenario is possible, then it's not nessesary to bring new entities= in the base system, we'll use existing "sysctl" application. --=20 Regards, Ilya Bakulin http://kibab.com xmpp://kibab612@jabber.ru --Sig_/7u68AympJK1o0qbKps3UgYh Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (FreeBSD) iEYEARECAAYFAkwWixMACgkQo9vlj1oadwgToQCfVcDIcH6g1Yhw7uwElkhylKrb XiIAn3enXfuuPqyeQSgwQ6AeEJMmcquG =3WT0 -----END PGP SIGNATURE----- --Sig_/7u68AympJK1o0qbKps3UgYh--