1/*- 2 * Copyright (c) 1982, 1986, 1989, 1993 3 * The Regents of the University of California. All rights reserved. 4 * 5 * This code is derived from software contributed to Berkeley by 6 * Mike Karels at Berkeley Software Design, Inc. 7 * 8 * Quite extensively rewritten by Poul-Henning Kamp of the FreeBSD --- 23 unchanged lines hidden (view full) --- 32 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 33 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 34 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 35 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 36 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 37 * SUCH DAMAGE. 38 * 39 * @(#)kern_sysctl.c 8.4 (Berkeley) 4/14/94 |
40 * $FreeBSD: head/sys/kern/kern_mib.c 83990 2001-09-26 20:39:48Z rwatson $ |
41 */ 42 43#include <sys/param.h> 44#include <sys/kernel.h> 45#include <sys/systm.h> 46#include <sys/sysctl.h> 47#include <sys/proc.h> 48#include <sys/jail.h> --- 118 unchanged lines hidden (view full) --- 167 168int securelevel = -1; 169 170static int 171sysctl_kern_securelvl(SYSCTL_HANDLER_ARGS) 172{ 173 int error, level; 174 |
175 /* 176 * If the process is in jail, return the maximum of the 177 * global and local levels; otherwise, return the global 178 * level. 179 */ 180 if (req->p->p_ucred->cr_prison != NULL) 181 level = imax(securelevel, 182 req->p->p_ucred->cr_prison->pr_securelevel); 183 else 184 level = securelevel; |
185 error = sysctl_handle_int(oidp, &level, 0, req); 186 if (error || !req->newptr) 187 return (error); |
188 /* 189 * Permit update only if the new securelevel exceeds the 190 * global level, and local level if any. 191 */ 192 if (req->p->p_ucred->cr_prison != NULL) { 193 if (level < imax(securelevel, 194 req->p->p_ucred->cr_prison->pr_securelevel)) 195 return (EPERM); 196 req->p->p_ucred->cr_prison->pr_securelevel = level; 197 } else { 198 if (level < securelevel) 199 return (EPERM); 200 securelevel = level; 201 } |
202 return (error); 203} 204 |
205SYSCTL_PROC(_kern, KERN_SECURELVL, securelevel, 206 CTLTYPE_INT|CTLFLAG_RW|CTLFLAG_PRISON, 0, 0, sysctl_kern_securelvl, 207 "I", "Current secure level"); |
208 209char domainname[MAXHOSTNAMELEN]; 210SYSCTL_STRING(_kern, KERN_NISDOMAINNAME, domainname, CTLFLAG_RW, 211 &domainname, sizeof(domainname), "Name of the current YP/NIS domain"); 212 213unsigned long hostid; 214SYSCTL_ULONG(_kern, KERN_HOSTID, hostid, CTLFLAG_RW, &hostid, 0, "Host ID"); 215 --- 67 unchanged lines hidden --- |