Subject: securelevel support incomplete, 'sysctl' missing (#220 - part 2 of 5) Index: sys,bin,lib,usr.lib,usr.bin/many 2.11BSD Description: The support for 'securelevel' is incomplete, part of it was added back in updates #197 thru 210 (when the 'chflags' syscall was implemented). But without a means of setting the security level of the system the level was fixed at -1. There is no 'sysctl' system call present. In addition to retrieving and setting the security level of the system the sysctl() call can be used to read many other kernel data structures without having to perform a nlist(3) on the kernel image. Also, there are present in the C library several obsolete (they were obsolete even when 2.11BSD was new) routines. Repeat-By: Observation. You may wish to refer to update #197 in which mention is made of the 'securelevel' feature. The manpages for sysctl(3) and sysctl(8) are in the shar file below. Fix: sysctl() was borrowed from 4.4BSD-Lite. Everything except the 'networking' portion has been ported - that will be done in the future. Initially only enough of sysctl() was going to be ported to manipulate the 'securelevel' of the system. As the porting effort got underway it became apparent that with not much extra effort the whole sysctl() call could be implemented. As a demonstration of how much faster sysctl() is than 'nlist()' a couple of the programs in the system have been converted to use sysctl() instead of nlist()+read() to fetch information from the kernel. You may wish to save the 'w' and 'welcome' programs in order to compare the runtimes before and after being converted. As time goes on additional utilities will be switched over from nlist() to sysctl(). This is part 2 of 5 (updates 219 thru 223). The contents of each part are as follow: Part/Update# Contents ============ ======== 1 / 219 shar file of new files added to the system 2 / 220 shell script to remove obsolete files 3 / 221 patch file 1 4 / 222 patch file 2 5 / 223 patch file 3 Save the shell script below to a file (/tmp/foo), then extract the files with: sh /tmp/foo DO NOT compile anything yet. Several of the kernel Makefiles need to be updated before the kernel can be built, and so on. The 'gldav(2)' syscall and 'loadav(3)' library routine are both superseded by the new library routine 'getloadavg(3)'. 'vlimit', 'vtimes', 'tell', 'getpw' are all 4.1BSD compatibility routines which should have been removed ages ago. The few (1 or 2) remaining programs which had references to these routines are updated later in the patching proceedure. In the sendmail source tree there was yet another copy of the directory reading routines ('lib/libndir'). The directory reading routines (opendir, readdir, etc) have _long_ been present in libc.a - there is no sense at all in keeping an out of date copy around (the 2.11BSD directory format would be not be recognized by the old directory routines anyways). ==============cut here============= #! /bin/sh rm -f /usr/man/cat2/gldav.0 rm -f /usr/man/cat3/loadav.0 rm -f /usr/man/cat3/getpw.0 rm -f /usr/man/cat3/vtimes.0 rm -f /usr/man/cat3/vlimit.0 rm -f /usr/src/lib/libc/pdp/compat-2.9/gldav.s rm -f /usr/src/lib/libc/pdp/compat-2.9/loadav.c rm -f /usr/src/lib/libc/compat-4.1/vlimit.c rm -f /usr/src/lib/libc/compat-4.1/vtimes.c rm -f /usr/src/lib/libc/compat-4.1/tell.c rm -f /usr/src/lib/libc/compat-4.1/getpw.c rm -f /usr/src/man/man2/gldav.2 rm -f /usr/src/man/man3/vlimit.3 rm -f /usr/src/man/man3/loadav.3 rm -f /usr/src/man/man3/getpw.3 rm -f /usr/src/man/man3/vtimes.3 rm -f /usr/src/usr.lib/sendmail/lib/crontab rm -fr /usr/src/usr.lib/sendmail/lib/libndir rm -f /usr/src/usr.lib/sendmail/lib/nsyslog.c rm -f /usr/src/usr.lib/sendmail/lib/newsyslog.sh rm -f /usr/include/sys/vlimit.h rm -f /usr/include/sys/vtimes.h