When the globbing update was put into sysctl, you could no longer
simply use the keys because one key could potentially be
multiple paths once the glob expansion occured. Using the path
instead gave a unique output.
Except certain programs, such as salt, expected the output to use
the dotted path "kernel.hostname" and not "kernel/hostname".
We can no longer use the original key, so now for each path:
Copy the path
strip off /proc/
convert all / to .
The sysctl testsuite was also updated to check for a few different
types of conversion failures.
References:
commit 6389deca5bhttps://www.freelists.org/post/procps/some-procpsn4400-fixes,4https://repo.saltproject.io/
Signed-off-by: Craig Small <csmall@dropbear.xyz>
[ and in the affected function, we'll also eliminate ]
[ all those f**king tab characters making a hot mess ]
[ of any attempt at a properly formatted C function! ]
[ plus i adjusted a little non-tab misalignment too! ]
Signed-off-by: Jim Warner <james.warner@comcast.net>
Real usecase:
'sysctl -w user.max_uts_namespaces=2147483648; echo $?'
returns 0 even though it failed with EINVAL
The close_stream() realised there was an issue and printed an
error but didn't change the return value.
Slightly modified merge request.
References:
procps-ng/procps!76
Signed-off-by: Craig Small <csmall@dropbear.xyz>
systemd-sysctl handles glob patterns along with overrides and
exceptions. Now the procps sysctl does it too.
The return value for sysctl is consistently either 0 or 1.
Added tests to check sysctl functions.
References:
procps-ng/procps#191
Signed-off-by: Craig Small <csmall@dropbear.xyz>
sysctl would try to read/write any path you gave it either on
the command line or configuration file. It would append /proc/sys
on the path but not check for any sneaky path traversal with ../
This commit means it first resolves all paths using realpath(3)
and then checks the path starts with "/proc/sys/"
At first I thought this might be a non-issue, but perhaps someone
could put a file into the sysctl configuration path and.. do
something? Anyway its a 8-line fix and makes things more correct.
References:
#179
Signed-off-by: Craig Small <csmall@dropbear.xyz>
As we're using buffered I/O when writing kernel parameters, write errors
may get delayed until we close the `FILE` stream. As we are currently
outputting the key that is to be set disregarding the return value of
`close_stream`, we may end up in a situation where we report error and
success:
$ sysctl kernel.printk_ratelimit=100000000000000
sysctl: setting key "kernel.printk_ratelimit": error code 22
kernel.printk_ratelimit = 100000000000000
Fix the issue by only outputting the updated value in case
`close_stream` does not report an error.
Signed-off-by: Patrick Steinhardt <ps@pks.im>
--------------- Original Master Branch Commit Message:
Changed "a variables" to "the given variable(s)"
References:
procps-ng/procps#84
Signed-off-by: Jim Warner <james.warner@comcast.net>
Now that the procio logic was removed from the library
we must move the header file, lest we break make dist.
In the process, we will relocate that source file too.
[ we'll take a slightly different approach than that ]
[ used under the master branch by exploiting those 2 ]
[ non-library directories 'include' and 'lib', while ]
[ avoiding any sysctl hard coded function prototype. ]
Signed-off-by: Jim Warner <james.warner@comcast.net>
thereby use one allocated buffer for I/O which now might
be increased by the stdio function getline(3) on the
file if required.
Signed-off-by: Werner Fink <werner@suse.de>
by using getline(3) to use a dynamically increased buffer
if required by the input found in sysctl configuration files.
Signed-off-by: Werner Fink <werner@suse.de>
The commit referenced below put a setvbuf() before checking what
fopen() returned. If the file could not be opened then the file
handle was NULL at setvbuf() crashed.
setvbuf() is now called after checking what fopen() returns and only
when it was successful.
References:
procps-ng/procps#76
commit 58ae084c27
read huge informations at once as otherwise all files below
/proc/sys, not using the seq_file API at the kernel side,
will return EOF on a second read.
Signed-off-by: Werner Fink <werner@suse.de>
as well do not open /proc/sys files if only the names of the
system control names of the kernel parameters should be shown.
Avoid leaking tmpname in case of a pattern mismatch.
Signed-off-by: Werner Fink <werner@suse.de>
index() is a legacy function, which is no longer implemented by all C
libraries (example: uClibc). Instead, use the POSIX defined strchr()
function.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
sysctl --system fails when the file /etc/sysctl.conf doesn't
exists. This happens due to wrong check of stat(2) return code.
Reference:
https://www.freelists.org/post/procps/sysctl
Signed-off-by: Craig Small <csmall@enc.com.au>
GLOB_TILDE is a GNU extension and may not be present on all systems.
Note (jcapik): The original patch from Michael Forney didn't
apply cleanly due to my recent addition of the GLOB_BRACE flag
in the list of flags. I had to edit the patch to make it apply,
but that produces an inconsistent state. It's gonna be fixed
in the next commit.
This commit adds the GLOB_BRACE flag in the glob flags.
That allows to expand the csh style braces {a,b} and
define multiple independent patterns for config file
locations.
I ran into this limit with net.ipv4.ip_local_reserved_ports ,
sysctl complained about the line after the long line, further
slowing down my error hunting.
Due to fgets usage, increase buffer size to 4096 chars with
minimum amount of code changes.
Signed-off-by: Sami Farin <hvtaifwkbgefbaei@gmail.com>
To assist the translators, each option is a separate string.
This means if we add/change/delete an option the remaining ones
will just keep working and only the impacted option needs some
translation work on it.
Gilles brought up a warning message in sysctl.c
sysctl.c: In function 'main':
sysctl.c:767: warning: value computed is not used
The return value of Preload was not being applied correctly to ret
meaning sysctl would not return the correct value.
Reference: http://www.freelists.org/post/procps/procpsng-337,18
Signed-off-by: Craig Small <csmall@enc.com.au>
For portabiliy, check for program_invocation_name during configure and
define HAVE_PROGRAM_INVOCATION_NAME accordingly. Use of this symbol is
now enclosed with the appropriate #ifdef block.
The symbol program_invocation_name is only used for error message
handling using error(), so it's safe to omit this if it is not
available.
sysctl.c:293:5: warning: no previous declaration for 'is_deprecated' [-Wmissing-declarations]
sysctl.c:472:58: warning: declaration of 'pattern' shadows a global declaration [-Wshadow]
sysctl.c:67:14: warning: shadowed declaration is here [-Wshadow]
sysctl.c:650:7: warning: variable 'SwitchesAllowed' set but not used [-Wunused-but-set-variable]
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Commit e01765d30b added is_deprecated(), which
crashed when user had input without without /proc/sys/ subdirectory. The below
should illustrate how exactly the bug got to be trickered.
$ cat ~/foo
cause = crash
$ ./sysctl -p ~/foo
Segmentation fault
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
The previous version of sysctl had the form:
sysctl -p [file]
In other words, it required a space between the -p and the [file].
Omitting the space would lead to an error.
The new version though is the opposite:
sysctl -p[file]
In other words, it requires there to not be a space.
Considering the old behavior has been around for a decade, and runtime
checking for this mismatch in behavior is silly, and supporting the old
syntax is trivial, add support for it.
When '-p regexp' is glob is used to make reqular expression to be
expanded to argument list, which also means that -p option will
allow multiple files being specified as input.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
There's an off-by-one error in the count (".conf" is 5 bytes, not 6),
and the logic is inverted for the strcmp return value -- we want to
skip the files when they *don't* end in .conf, not when they *do*.
Also fix the off-by-one len check.
Bug-Debian: http://bugs.debian.org/669128
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
The stdbool.h header is part of C99 and has been usable on systems for
more than a decade. Let's drop these manual hacks.
Signed-off-by: Mike Frysinger <vapier@gentoo.org>
If stream status is not checked at the end of execution below problem
would not report error, or non-zero exit code. The uptime is just an
example same was true with all commands of the project.
$ uptime >&- ; echo $?
uptime: write error: Bad file descriptor
1
$ uptime >/dev/full ; echo $?
uptime: write error: No space left on device
1
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Any key=value pair following the first one are dropped after
commit 81df8e2630, due to changing
from the while loop to using getopt.
Broken behavior:
sysctl net.ipv6.conf.tun0.optimistic_dad net.ipv6.conf.tun0.mc_forwarding
net.ipv6.conf.tun0.optimistic_dad = 0
Good behavior:
sysctl net.ipv6.conf.tun0.optimistic_dad net.ipv6.conf.tun0.mc_forwarding
net.ipv6.conf.tun0.optimistic_dad = 0
net.ipv6.conf.tun0.mc_forwarding = 0
Reference: http://www.freelists.org/post/procps/BUG-Commit-81df8e2-allows-only-one-keyvalue-arg
Reported-By: Sven Ulland <sveniu@opera.com>
Signed-off-by: Jim Warner <james.warner@comcast.net>
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
Strings with lower caps & no trailing dots have greater change to
have multiple occurences, meaning less effort for translators, than
strings with them.
Signed-off-by: Sami Kerola <kerolasa@iki.fi>
