From romain@blogreen.org  Sun Mar  9 10:09:54 2008
Return-Path: <romain@blogreen.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 0C27C1065674
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  9 Mar 2008 10:09:54 +0000 (UTC)
	(envelope-from romain@blogreen.org)
Received: from postfix1-g20.free.fr (postfix1-g20.free.fr [212.27.60.42])
	by mx1.freebsd.org (Postfix) with ESMTP id BAA5B8FC19
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  9 Mar 2008 10:09:53 +0000 (UTC)
	(envelope-from romain@blogreen.org)
Received: from smtp3-g19.free.fr (smtp3-g19.free.fr [212.27.42.29])
	by postfix1-g20.free.fr (Postfix) with ESMTP id 1D43623A7C86
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  9 Mar 2008 10:39:12 +0100 (CET)
Received: from smtp3-g19.free.fr (localhost.localdomain [127.0.0.1])
	by smtp3-g19.free.fr (Postfix) with ESMTP id D6FF217B597
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  9 Mar 2008 10:39:10 +0100 (CET)
Received: from marvin.blogreen.org (marvin.blogreen.org [82.247.213.140])
	by smtp3-g19.free.fr (Postfix) with ESMTP id BBB6D17B5C3
	for <FreeBSD-gnats-submit@freebsd.org>; Sun,  9 Mar 2008 10:39:10 +0100 (CET)
Received: by marvin.blogreen.org (Postfix, from userid 1001)
	id 51AB55C052; Sun,  9 Mar 2008 10:39:10 +0100 (CET)
Message-Id: <20080309093910.51AB55C052@marvin.blogreen.org>
Date: Sun,  9 Mar 2008 10:39:10 +0100 (CET)
From: Romain Tartiere <romain@blogreen.org>
Reply-To: Romain Tartiere <romain@blogreen.org>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: [sysctl] [patch] sysctl(8) should return 1 if the user is not allowed to change values
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         121512
>Category:       bin
>Synopsis:       [sysctl] [patch] sysctl(8) should return 1 if the user is not allowed to change values
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    mtm
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Sun Mar 09 10:10:01 UTC 2008
>Closed-Date:    Tue Mar 09 18:02:12 UTC 2010
>Last-Modified:  Tue Mar 09 18:02:12 UTC 2010
>Originator:     Romain Tartiere
>Release:        FreeBSD 7.0-STABLE i386
>Organization:
>Environment:
System: FreeBSD marvin.blogreen.org 7.0-STABLE FreeBSD 7.0-STABLE #12: Tue Mar 4 14:26:24 CET 2008 root@marvin.blogreen.org:/usr/obj/usr/src/sys/MARVIN i386


	
>Description:

Launching sysctl(8) to tune the system as a regular user will fail because of
permissions ...

> % sysctl vfs.usermount=1
> vfs.usermount: 1
> sysctl: vfs.usermount: Operation not permitted
> %

... but the program still returns 0.  Exiting with 1 may be more consistent.
The attached patch handle this very particular case.  Maybe it is even possible
to change the default statement to call err(3) whatever the error is.

	
>How-To-Repeat:

% sysctl vfs.usermount=1 && echo Success || echo Failed
vfs.usermount: 1
sysctl: vfs.usermount: Operation not permitted
Success
%

>Fix:

	

--- patch-sysctl.c begins here ---
--- /usr/src/sbin/sysctl/sysctl.c	2007-06-11 15:02:15.000000000 +0200
+++ sysctl/sysctl.c	2008-03-09 10:23:57.000000000 +0100
@@ -302,6 +302,8 @@
 			case ENOMEM:
 				errx(1, "%s: type is unknown to this program",
 					string);
+			case EPERM:
+				err(1, "%s", string);
 			default:
 				warn("%s", string);
 				return;
--- patch-sysctl.c ends here ---


>Release-Note:
>Audit-Trail:

From: Jaakko Heinonen <jh@saunalahti.fi>
To: bug-followup@FreeBSD.org, romain@blogreen.org
Cc: mtm@FreeBSD.org
Subject: Re: bin/121512: [sysctl] [patch] sysctl(8) should return 1 if the
	user is not allowed to change values
Date: Tue, 24 Jun 2008 13:46:55 +0300

 This bug (bin/121512) was fixed by this change:
 
 ----- Forwarded message from Mike Makonnen -----
 
 mtm         2008-06-23 22:06:28 UTC
 
   FreeBSD src repository
 
   Modified files:
     etc/rc.d             auto_linklocal power_profile sysctl 
     sbin/sysctl          sysctl.c 
   Log:
   SVN rev 179965 on 2008-06-23 22:06:28Z by mtm
   
   The sysctl(8) program exits on some errors and only emits warnings on
   others. In the case where it displayed warnings it would still return
   succesfully. Modify it so that it returns the number of sysctls that
   it was not able to set.
   
   Make use of this in rc.d to display only *unsuccessfull* attempts to
   set sysctls.
   
   Revision  Changes    Path
   1.6       +4 -1      src/etc/rc.d/auto_linklocal
   1.13      +5 -1      src/etc/rc.d/power_profile
   1.19      +3 -1      src/etc/rc.d/sysctl
   1.89      +5 -2      src/sbin/sysctl/sysctl.c
 ----- End forwarded message -----
State-Changed-From-To: open->patched 
State-Changed-By: mtm 
State-Changed-When: Tue Jun 24 20:14:46 UTC 2008 
State-Changed-Why:  
I've committed a fix for this. MFC in a couple of weeks. 


Responsible-Changed-From-To: freebsd-bugs->mtm 
Responsible-Changed-By: mtm 
Responsible-Changed-When: Tue Jun 24 20:14:46 UTC 2008 
Responsible-Changed-Why:  
I've committed a fix for this. MFC in a couple of weeks. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=121512 

From: Romain =?iso-8859-1?Q?Tarti=E8re?= <romain@FreeBSD.org>
To: bug-followup@FreeBSD.org, romain@FreeBSD.org
Cc:  
Subject: Re: bin/121512: [sysctl] [patch] sysctl(8) should return 1 if the user is not allowed to change values
Date: Mon, 8 Feb 2010 09:59:56 +0100

 Hi
 
 I guess we can close this PR now ;-)
 
 Thanks,
 Romain
State-Changed-From-To: patched->closed 
State-Changed-By: mtm 
State-Changed-When: Tue Mar 9 17:59:09 UTC 2010 
State-Changed-Why:  
No longer an issue since we're in 9-CURRENT now. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=121512 
>Unformatted:
