Bug#978989: /sbin/sysctl: options given after --system are ignored

Fri, 01 Jan 2021 10:39:15 -0800 

Package: procps
Version: 2:3.3.16-5
Severity: normal
File: /sbin/sysctl

The man page gives this example command:

    /sbin/sysctl --system --pattern '^net.ipv6'

However, if you run a command like this, the --pattern is ignored, and
all parameters are applied, not just the ones that match the --pattern
(notice that the fs. parameters are not skipped here, even though they
do not match the --pattern that I specified):

    $ sudo sysctl --system --pattern '^kernel\.'
    * Applying /usr/lib/sysctl.d/30-tracker.conf ...
    fs.inotify.max_user_watches = 65536
    * Applying /usr/lib/sysctl.d/50-coredump.conf ...
    kernel.core_pattern = |/lib/systemd/systemd-coredump %P %u %g %s %t 
9223372036854775808 %h
    kernel.core_pipe_limit = 16
    fs.suid_dumpable = 2
    * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
    kernel.pid_max = 4194304

This can be worked around by making sure --system is the last argument
(notice that the fs. parameters are correctly skipped here):

    $ sudo sysctl --pattern '^kernel\.' --system
    * Applying /usr/lib/sysctl.d/30-tracker.conf ...
    * Applying /usr/lib/sysctl.d/50-coredump.conf ...
    kernel.core_pattern = |/lib/systemd/systemd-coredump %P %u %g %s %t 
9223372036854775808 %h
    kernel.core_pipe_limit = 16
    * Applying /usr/lib/sysctl.d/50-pid-max.conf ...
    kernel.pid_max = 4194304

The problem appears to be that all other options just set a variable, but
SYSTEM_OPTION does an early-return with "return PreloadSystem()", ignoring
the rest of the command-line.

I think the solution would be something like this:

    bool AllSystemFiles = false;

    ...

    case SYSTEM_OPTION:
        IgnoreError = true;
        AllSystemFiles = true;
        break;

    ...

    if (preloadFileOpt) {
        ...
    } else if (AllSystemFiles) {
        return PreloadSystem();
    }

-- System Information:
Debian Release: bullseye/sid
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'stable-debug'), (500, 
'buildd-unstable'), (500, 'unstable'), (500, 'testing'), (500, 'stable'), (500, 
'oldstable'), (1, 'experimental-debug'), (1, 'buildd-experimental'), (1, 
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 5.10.0-trunk-amd64 (SMP w/8 CPU threads)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE=en_GB:en
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled

Versions of packages procps depends on:
ii  init-system-helpers  1.60
ii  libc6                2.31-6
ii  libncurses6          6.2+20201114-2
ii  libncursesw6         6.2+20201114-2
ii  libprocps8           2:3.3.16-5
ii  libtinfo6            6.2+20201114-2
ii  lsb-base             11.1.0

Versions of packages procps recommends:
ii  psmisc  23.3-1

procps suggests no packages.

-- no debconf information

Reply via email to