Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 14 Jun 2010 16:36:02 -0400
From:      John Baldwin <jhb@freebsd.org>
To:        Ilya Bakulin <webmaster@kibab.com>
Cc:        Alexander Leidinger <Alexander@leidinger.net>, soc-status@freebsd.org
Subject:   Re: [Status update] sysctlreg project
Message-ID:  <201006141636.02843.jhb@freebsd.org>
In-Reply-To: <20100615000324.3b089478@kibab.com>
References:  <20100614151113.17a1c368@kibab.com> <201006140855.53558.jhb@freebsd.org> <20100615000324.3b089478@kibab.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Monday 14 June 2010 4:03:24 pm Ilya Bakulin wrote:
> On Mon, 14 Jun 2010 08:55:53 -0400
> John Baldwin <jhb@freebsd.org> wrote:
> 
> > > This week (14.06 -- 21.06) I will continue to add more and more 
FEATUREs. My 
> > plan is to finish adding Netgraph-related features by the end of this 
week. 
> > Also I plan to do some research work to understand how to handle sysctl 
change 
> > attempts in the kernel. This will be required to implement systcl change 
> > handler.
> > 
> > Hmm, what are you planning to do in regards to a sysctl change handler?  I 
> > believe the kern.feature.* sysctls should be read-only by design.
> 
> There should be a way to change their state (to allow "spoof-off" of these 
values). In the simpliest case, invoking "sysctl kern.feature.foo=0" should 
hide feature "foo", and it won't be listed any more, but "sysctl 
kern.feature.foo=1" should bring it back. Changing the state of these sysctls 
may only be allowed for root, and only if securelevel is lower than X (To Be 
Discussed).
> If such scenario is possible, then it's not nessesary to bring new entities 
in the base system, we'll use existing "sysctl" application.

Hmmm, is this spoofing a desired feature?  If so, perhaps it should be done in 
userland via environment options that affect the feature_present(3) API in 
libc?  (In that case you would write a little feature_present(1) util that 
uses the userland API and use this instead of direct sysctls in ports, etc.)

-- 
John Baldwin

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201006141636.02843.jhb>