So users do not have to contact the source code to tell whether a variable is a jail prison / vnet one or not.
MFC after: 1 week
Differential D47107
sysctl: Add flags to filter jail prison and vnet variables zlei on Mon, Oct 14, 2:03 PM. Authored by Tags None Referenced Files
Details So users do not have to contact the source code to tell whether a variable is a jail prison / vnet one or not. MFC after: 1 week # sysctl -aJ kern.securelevel: -1 kern.hostname: kern.hostid: 34950370 kern.domainname: kern.hostuuid: 00000000-0000-0000-0000-50e54943d215 security.bsd.unprivileged_proc_debug: 0 security.bsd.suser_enabled: 1 # sysctl -aV net net.inet.ip.portrange.randomized: 1 net.inet.ip.portrange.reservedhigh: 1023 net.inet.ip.portrange.hilast: 65535 net.inet.ip.portrange.hifirst: 49152 net.inet.ip.portrange.last: 65535 net.inet.ip.portrange.first: 10000 net.inet.ip.portrange.lowlast: 600 net.inet.ip.portrange.lowfirst: 1023 net.inet.ip.forwarding: 0 net.inet.ip.redirect: 1 net.inet.ip.ttl: 64 ...
Diff Detail
Event Timeline
Comment Actions This change is focusing on VNET variables, but is open for -J ( CTLFLAG_PRISON ) if requested. Comment Actions OK, requested :-). I think it makes sense to roll both nearly-identical changes together. |