After a semi-lengthy discussion, it turns out that EACCES can and would be set in cases where a sysctl(2) isn't available [in the old model, pending a bug in test_perm] or the file isn't accessible [in the new model]. This currently isn't documented as such in the manpage. It would probably be prudent to add the following to the manpage: EACCES The requested access to the sysctl is not allowed. More testing will need to be performed to ensure that other unexpected errors don't pop up with sysctl(2), if possible time-wise. Credit goes to Shi Weihua for finding the documentation bug, and Eric W. Biederman for noting the bug in the original sysctl(2) implementation.
Would someone please look into patching the manpage for this requirement?
(In reply to comment #1) > Would someone please look into patching the manpage for this requirement? Garret, could you provide a pointer to the discussion that you mentioned in the report?
Sorry -- I canceled my Yahoo email account. Here's a link to this discussion: https://lkml.org/lkml/2010/3/4/309 .
Garrett, I've applied a different patch from what you suggest, essentially just making EACCES a synonym of EPERM. index bb2d9a5..b1772d5 100644 --- a/man2/sysctl.2 +++ b/man2/sysctl.2 @@ -78,6 +78,7 @@ Otherwise, a value of \-1 is returned and is set to indicate the error. .SH ERRORS .TP +.TP .B EFAULT The invocation asked for the previous value by setting .I oldval @@ -88,7 +89,7 @@ non-NULL, but allowed zero room in .I name was not found. .TP -.B EPERM +.BR EACCES ", " EPERM No search permission for one of the encountered "directories", or no read permission where .I oldval lines 1-21/21 (END)
LGTM. Thanks!