sysctl/
ctl_flags.rs

1// ctl_flags.rs
2
3use super::consts::*;
4
5// Represents control flags of a sysctl
6bitflags! {
7    pub struct CtlFlags : libc::c_uint {
8        /// Allow reads of variable
9        const RD = CTLFLAG_RD;
10
11        /// Allow writes to the variable
12        const WR = CTLFLAG_WR;
13
14        const RW = Self::RD.bits() | Self::WR.bits();
15
16        /// This sysctl is not active yet
17        const DORMANT = CTLFLAG_DORMANT;
18
19        /// All users can set this var
20        const ANYBODY = CTLFLAG_ANYBODY;
21
22        /// Permit set only if securelevel<=0
23        const SECURE = CTLFLAG_SECURE;
24
25        /// Prisoned roots can fiddle
26        const PRISON = CTLFLAG_PRISON;
27
28        /// Dynamic oid - can be freed
29        const DYN = CTLFLAG_DYN;
30
31        /// Skip this sysctl when listing
32        const SKIP = CTLFLAG_DORMANT;
33
34        /// Secure level
35        const SECURE_MASK = 0x00F00000;
36
37        /// Default value is loaded from getenv()
38        const TUN = CTLFLAG_TUN;
39
40        /// Readable tunable
41        const RDTUN = Self::RD.bits() | Self::TUN.bits();
42
43        /// Readable and writeable tunable
44        const RWTUN = Self::RW.bits() | Self::TUN.bits();
45
46        /// Handler is MP safe
47        const MPSAFE = CTLFLAG_MPSAFE;
48
49        /// Prisons with vnet can fiddle
50        const VNET = CTLFLAG_VNET;
51
52        /// Oid is being removed
53        const DYING = CTLFLAG_DYING;
54
55        /// Can be read in capability mode
56        const CAPRD = CTLFLAG_CAPRD;
57
58        /// Can be written in capability mode
59        const CAPWR = CTLFLAG_CAPWR;
60
61        /// Statistics; not a tuneable
62        const STATS = CTLFLAG_STATS;
63
64        /// Don't fetch tunable from getenv()
65        const NOFETCH = CTLFLAG_NOFETCH;
66
67        /// Can be read and written in capability mode
68        const CAPRW = Self::CAPRD.bits() | Self::CAPWR.bits();
69    }
70}
71
72#[cfg(test)]
73mod tests {
74    use crate::Sysctl;
75
76    #[test]
77    fn ctl_flags() {
78        // This sysctl should be read-only.
79        #[cfg(any(target_os = "freebsd", target_os = "macos", target_os = "ios", target_os = "tvos", target_os = "visionos"))]
80        let ctl: crate::Ctl = crate::Ctl::new("kern.ostype").unwrap();
81        #[cfg(any(target_os = "android", target_os = "linux"))]
82        let ctl: crate::Ctl = crate::Ctl::new("kernel.ostype").unwrap();
83
84        let flags: crate::CtlFlags = ctl.flags().unwrap();
85
86        assert_eq!(flags.bits() & crate::CTLFLAG_RD, crate::CTLFLAG_RD);
87        assert_eq!(flags.bits() & crate::CTLFLAG_WR, 0);
88    }
89}