From 63873d692fea51f2af32d47da3b6bc7a25663eea Mon Sep 17 00:00:00 2001 From: cenhuilin Date: Mon, 20 Oct 2025 15:32:58 +0800 Subject: [PATCH] sysctl: return error on permission denied --- ...tl-return-error-on-permission-denied.patch | 48 +++++++++++++++++++ procps-ng.spec | 6 ++- 2 files changed, 53 insertions(+), 1 deletion(-) create mode 100644 backport-sysctl-return-error-on-permission-denied.patch diff --git a/backport-sysctl-return-error-on-permission-denied.patch b/backport-sysctl-return-error-on-permission-denied.patch new file mode 100644 index 0000000..e34f402 --- /dev/null +++ b/backport-sysctl-return-error-on-permission-denied.patch @@ -0,0 +1,48 @@ +From cd3a440b562e6efc713ce1524678dd068a85bf91 Mon Sep 17 00:00:00 2001 +From: Matteo Croce +Date: Mon, 20 Oct 2025 15:22:23 +0800 +Subject: [PATCH] sysctl: return error on permission denied + +When trying to write to a readonly sysctl or a directory by mistake, +sysctl still returns success: + + # sysctl kernel.version=foo + sysctl: setting key "kernel.version": Operation not permitted + # echo $? + 0 + # sysctl kernel=foo + sysctl: setting key "kernel": Operation not permitted + # echo $? + 0 + +Let sysctl return error in both the cases above. + +Signed-off-by: Matteo Croce +--- + src/sysctl.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/sysctl.c b/src/sysctl.c +index 1cb548c..5a5c21b 100644 +--- a/src/sysctl.c ++++ b/src/sysctl.c +@@ -563,14 +563,14 @@ static int WriteSetting( + errno = EPERM; + xwarn(_("setting key \"%s\""), dotted_key); + free(dotted_key); +- return rc; ++ return EXIT_FAILURE; + } + + if (S_ISDIR(ts.st_mode)) { + errno = EISDIR; + xwarn(_("setting key \"%s\""), dotted_key); + free(dotted_key); +- return rc; ++ return EXIT_FAILURE; + } + + if (!DryRun) { +-- +2.43.0 + diff --git a/procps-ng.spec b/procps-ng.spec index ca141ee..314b9ec 100644 --- a/procps-ng.spec +++ b/procps-ng.spec @@ -1,6 +1,6 @@ Name: procps-ng Version: 4.0.4 -Release: 8 +Release: 9 Summary: Utilities that provide system information. License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ URL: https://sourceforge.net/projects/procps-ng/ @@ -24,6 +24,7 @@ Patch12: backport-0002-ps-check-for-null-on-escape-source.patch Patch13: backport-0003-ps-mv-check-for-null-from-escape_str_utf8-to-escape_.patch Patch14: backport-0001-library-address-a-potential-race-resulting-in-a-fault.patch Patch15: backport-0002-library-avoid-strdup-calls-in-sd2proc-if-possible.patch +Patch16: backport-sysctl-return-error-on-permission-denied.patch BuildRequires: ncurses-devel libtool autoconf automake gcc gettext-devel systemd-devel @@ -106,6 +107,9 @@ ln -s %{_bindir}/pidof %{buildroot}%{_sbindir}/pidof %{_mandir}/man* %changelog +* Mon Oct 20 2025 cenhuilin - 4.0.4-9 +- sysctl: return error on permission denied + * Thu Aug 28 2025 Zhu Jin - 4.0.4-8 - library: address a potential race resulting in a fault and avoid strdup() calls in sd2proc() if possible -- Gitee