1.\" $NetBSD: sysctl.3,v 1.202 2014/06/13 22:05:15 wiz Exp $ 2.\" 3.\" Copyright (c) 1993 4.\" The Regents of the University of California. All rights reserved. 5.\" 6.\" Redistribution and use in source and binary forms, with or without 7.\" modification, are permitted provided that the following conditions 8.\" are met: 9.\" 1. Redistributions of source code must retain the above copyright 10.\" notice, this list of conditions and the following disclaimer. 11.\" 2. Redistributions in binary form must reproduce the above copyright 12.\" notice, this list of conditions and the following disclaimer in the 13.\" documentation and/or other materials provided with the distribution. 14.\" 3. Neither the name of the University nor the names of its contributors 15.\" may be used to endorse or promote products derived from this software 16.\" without specific prior written permission. 17.\" 18.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 19.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 22.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28.\" SUCH DAMAGE. 29.\" 30.\" @(#)sysctl.3 8.4 (Berkeley) 5/9/95 31.\" 32.Dd June 13, 2014 33.Dt SYSCTL 3 34.Os 35.Sh NAME 36.Nm sysctl , 37.Nm sysctlbyname , 38.Nm sysctlgetmibinfo , 39.Nm sysctlnametomib , 40.Nm asysctl , 41.Nm asysctlbyname 42.Nd get or set system information 43.Sh LIBRARY 44.Lb libc 45.Sh SYNOPSIS 46.In sys/param.h 47.In sys/sysctl.h 48.Ft int 49.Fn sysctl "const int *name" "u_int namelen" "void *oldp" "size_t *oldlenp" \ 50"const void *newp" "size_t newlen" 51.Ft int 52.Fn sysctlbyname "const char *sname" "void *oldp" "size_t *oldlenp" \ 53"const void *newp" "size_t newlen" 54.Ft int 55.Fn sysctlgetmibinfo "const char *sname" "int *name" "u_int *namelenp" \ 56"char *cname" "size_t *csz" "struct sysctlnode **rnode" "int v" 57.Ft int 58.Fn sysctlnametomib "const char *sname" "int *name" "size_t *namelenp" 59.Ft void * 60.Fn asysctl "const int *name" "size_t namelen" "size_t *len" 61.Ft void * 62.Fn asysctlbyname "const char *sname" "size_t *len" 63.Sh DESCRIPTION 64The 65.Nm 66function retrieves system information and allows processes with 67appropriate privileges to set system information. 68The information available from 69.Nm 70consists of integers, strings, and tables. 71Information may be retrieved and set from the command interface 72using the 73.Xr sysctl 8 74utility. 75.Pp 76Unless explicitly noted below, 77.Nm 78returns a consistent snapshot of the data requested. 79Consistency is obtained by locking the destination 80buffer into memory so that the data may be copied out without blocking. 81Calls to 82.Nm 83are serialized to avoid deadlock. 84.Pp 85The state is described using a ``Management Information Base'' (MIB) 86style name, listed in 87.Fa name , 88which is a 89.Fa namelen 90length array of integers. 91.Pp 92The 93.Fn sysctlbyname 94function accepts a string representation of a MIB entry and internally 95maps it to the appropriate numeric MIB representation. 96Its semantics are otherwise no different from 97.Fn sysctl . 98.Pp 99The information is copied into the buffer specified by 100.Fa oldp . 101The size of the buffer is given by the location specified by 102.Fa oldlenp 103before the call, 104and that location gives the amount of data copied after a successful call. 105If the amount of data available is greater 106than the size of the buffer supplied, 107the call supplies as much data as fits in the buffer provided 108and returns with the error code ENOMEM. 109If the old value is not desired, 110.Fa oldp 111and 112.Fa oldlenp 113should be set to 114.Dv NULL . 115.Pp 116The size of the available data can be determined by calling 117.Nm 118with a 119.Dv NULL 120parameter for 121.Fa oldp . 122The size of the available data will be returned in the location pointed to by 123.Fa oldlenp . 124For some operations, the amount of space may change often. 125For these operations, 126the system attempts to round up so that the returned size is 127large enough for a call to return the data shortly thereafter. 128.Pp 129To set a new value, 130.Fa newp 131is set to point to a buffer of length 132.Fa newlen 133from which the requested value is to be taken. 134If a new value is not to be set, 135.Fa newp 136should be set to 137.Dv NULL 138and 139.Fa newlen 140set to 0. 141.Pp 142The 143.Fn sysctlnametomib 144function can be used to map the string representation of a MIB entry 145to the numeric version. 146The 147.Fa name 148argument should point to an array of integers large enough to hold the 149MIB, and 150.Fa namelenp 151should indicate the number of integer slots available. 152Following a successful translation, the size_t indicated by 153.Fa namelenp 154will be changed to show the number of slots consumed. 155.Pp 156The 157.Fn sysctlgetmibinfo 158function performs name translation similar to 159.Fn sysctlnametomib , 160but also canonicalizes the name (or returns the first erroneous token 161from the string being parsed) into the space indicated by 162.Fa cname 163and 164.Fa csz . 165.Fa csz 166should indicate the size of the buffer pointed to by 167.Fa cname 168and on return, will indicate the size of the returned string including 169the trailing 170.Sq nul 171character. 172.Pp 173The 174.Fa rnode 175and 176.Fa v 177arguments to 178.Fn sysctlgetmibinfo 179are used to provide a tree for it to parse into, and to get back 180either a pointer to, or a copy of, the terminal node. 181If 182.Fa rnode 183is 184.Dv NULL , 185.Fn sysctlgetmibinfo 186uses its own internal tree for parsing, and checks it against the 187kernel at each call, to make sure that the name-to-number mapping is 188kept up to date. 189The 190.Fa v 191argument is ignored in this case. 192If 193.Fa rnode 194is not 195.Dv NULL 196but the pointer it references is, on a successful return, 197.Fa rnode 198will be adjusted to point to a copy of the terminal node. 199The 200.Fa v 201argument indicates which version of the 202.Nm 203node structure the caller wants. 204The application must later 205.Fn free 206this copy. 207If neither 208.Fa rnode 209nor the pointer it references are 210.Dv NULL , 211the pointer is used as the address of a tree over which the parsing is 212done. 213In this last case, the tree is not checked against the kernel, no 214refreshing of the mappings is performed, and the value given by 215.Fa v 216must agree with the version indicated by the tree. 217It is recommended that applications always use 218.Dv SYSCTL_VERSION 219as the value for 220.Fa v , 221as defined in the include file 222.Pa sys/sysctl.h . 223.Pp 224The numeric and text names of sysctl variables are described in 225.Xr sysctl 7 . 226The numeric names are defined as preprocessor macros. 227The top level names are defined with a CTL_ prefix in 228.In sys/sysctl.h . 229The next and subsequent levels down have different prefixes for each 230subtree. 231.Pp 232For example, the following retrieves the maximum number of processes allowed 233in the system - the 234.Li kern.maxproc 235variable: 236.Bd -literal -offset indent -compact 237int mib[2], maxproc; 238size_t len; 239.sp 240mib[0] = CTL_KERN; 241mib[1] = KERN_MAXPROC; 242len = sizeof(maxproc); 243sysctl(mib, 2, \*[Am]maxproc, \*[Am]len, NULL, 0); 244.Ed 245.sp 246To retrieve the standard search path for the system utilities - 247.Li user.cs_path : 248.Bd -literal -offset indent -compact 249int mib[2]; 250size_t len; 251char *p; 252.sp 253mib[0] = CTL_USER; 254mib[1] = USER_CS_PATH; 255sysctl(mib, 2, NULL, \*[Am]len, NULL, 0); 256p = malloc(len); 257sysctl(mib, 2, p, \*[Am]len, NULL, 0); 258.Ed 259.Pp 260The 261.Fn asysctl 262and 263.Fn asysctlbyname 264functions are wrappers for 265.Fn sysctl 266and 267.Fn sysctlbyname . 268They return memory allocated with 269.Xr malloc 3 270and resize the buffer in a loop until all data fits. 271.Sh DYNAMIC OPERATIONS 272Several meta-identifiers are provided to perform operations on the 273.Nm 274tree itself, or support alternate means of accessing the data 275instrumented by the 276.Nm 277tree. 278.Bl -column CTLXCREATESYMXXX 279.It Sy Name Description 280.It CTL\_QUERY Retrieve a mapping of names to numbers below a given node 281.It CTL\_CREATE Create a new node 282.It CTL\_CREATESYM Create a new node by its kernel symbol 283.It CTL\_DESTROY Destroy a node 284.It CTL\_DESCRIBE Retrieve node descriptions 285.El 286.Pp 287The core interface to all of these meta-functions is the structure 288that the kernel uses to describe the tree internally, as defined in 289.In sys/sysctl.h 290as: 291.Pp 292.Bd -literal 293struct sysctlnode { 294 uint32_t sysctl_flags; /* flags and type */ 295 int32_t sysctl_num; /* mib number */ 296 char sysctl_name[SYSCTL_NAMELEN]; /* node name */ 297 uint32_t sysctl_ver; /* node's version vs. rest of tree */ 298 uint32_t __rsvd; 299 union { 300 struct { 301 uint32_t suc_csize; /* size of child node array */ 302 uint32_t suc_clen; /* number of valid children */ 303 struct sysctlnode* suc_child; /* array of child nodes */ 304 } scu_child; 305 struct { 306 void *sud_data; /* pointer to external data */ 307 size_t sud_offset; /* offset to data */ 308 } scu_data; 309 int32_t scu_alias; /* node this node refers to */ 310 int32_t scu_idata; /* immediate "int" data */ 311 u_quad_t scu_qdata; /* immediate "u_quad_t" data */ 312 } sysctl_un; 313 size_t _sysctl_size; /* size of instrumented data */ 314 sysctlfn _sysctl_func; /* access helper function */ 315 struct sysctlnode *sysctl_parent; /* parent of this node */ 316 const char *sysctl_desc; /* description of node */ 317}; 318 319#define sysctl_csize sysctl_un.scu_child.suc_csize 320#define sysctl_clen sysctl_un.scu_child.suc_clen 321#define sysctl_child sysctl_un.scu_child.suc_child 322#define sysctl_data sysctl_un.scu_data.sud_data 323#define sysctl_offset sysctl_un.scu_data.sud_offset 324#define sysctl_alias sysctl_un.scu_alias 325#define sysctl_idata sysctl_un.scu_idata 326#define sysctl_qdata sysctl_un.scu_qdata 327.Ed 328.Pp 329Querying the tree to discover the name to number mapping permits 330dynamic discovery of all the data that the tree currently has 331instrumented. 332For example, to discover all the nodes below the 333CTL_VFS node: 334.Pp 335.Bd -literal -offset indent -compact 336struct sysctlnode query, vfs[128]; 337int mib[2]; 338size_t len; 339.sp 340mib[0] = CTL_VFS; 341mib[1] = CTL_QUERY; 342memset(\*[Am]query, 0, sizeof(query)); 343query.sysctl_flags = SYSCTL_VERSION; 344len = sizeof(vfs); 345sysctl(mib, 2, \*[Am]vfs[0], \*[Am]len, \*[Am]query, sizeof(query)); 346.Ed 347.Pp 348Note that a reference to an empty node with 349.Fa sysctl_flags 350set to 351.Dv SYSCTL_VERSION 352is passed to sysctl in order to indicate the version that the program 353is using. 354All dynamic operations passing nodes into sysctl require that the 355version be explicitly specified. 356.Pp 357Creation and destruction of nodes works by constructing part of a new 358node description (or a description of the existing node) and invoking 359CTL_CREATE (or CTL_CREATESYM) or CTL_DESTROY at the parent of the new 360node, with a pointer to the new node passed via the 361.Fa new 362and 363.Fa newlen 364arguments. 365If valid values for 366.Fa old 367and 368.Fa oldlenp 369are passed, a copy of the new node once in the tree will be returned. 370If the create operation fails because a node with the same name or MIB 371number exists, a copy of the conflicting node will be returned. 372.Pp 373The minimum requirements for creating a node are setting the 374.Fa sysctl_flags 375to indicate the new node's type, 376.Fa sysctl_num 377to either the new node's number (or CTL_CREATE or CTL_CREATESYM if a 378dynamically allocated MIB number is acceptable), 379.Fa sysctl_size 380to the size of the data to be instrumented (which must agree with the 381given type), and 382.Fa sysctl_name 383must be set to the new node's name. 384Nodes that are not of type 385.Dq node 386must also have some description of the data to be instrumented, which 387will vary depending on what is to be instrumented. 388.Pp 389If existing kernel data is to be covered by this new node, its address 390should be given in 391.Fa sysctl_data 392or, if CTL_CREATESYM is used, 393.Fa sysctl_data 394should be set to a string containing its name from the kernel's symbol 395table. 396If new data is to be instrumented and an initial value is available, 397the new integer or quad type data should be placed into either 398.Fa sysctl_idata 399or 400.Fa sysctl_qdata , 401respectively, along with the SYSCTL_IMMEDIATE flag being set, or 402.Fa sysctl_data 403should be set to point to a copy of the new data, and the 404SYSCTL_OWNDATA flag must be set. 405This latter method is the only way that new string and struct type 406nodes can be initialized. 407Invalid kernel addresses are accepted, but any attempt to access those 408nodes will return an error. 409.Pp 410The 411.Fa sysctl_csize , 412.Fa sysctl_clen , 413.Fa sysctl_child , 414.Fa sysctl_parent , 415and 416.Fa sysctl_alias 417members are used by the kernel to link the tree together and must be 418.Dv NULL 419or 0. 420Nodes created in this manner cannot have helper functions, so 421.Fa sysctl_func 422must also be 423.Dv NULL . 424If the 425.Fa sysctl_ver 426member is non-zero, it must match either the version of the parent or 427the version at the root of the MIB or an error is returned. 428This can be used to ensure that nodes are only added or removed from a 429known state of the tree. 430Note: It may not be possible to determine the version at the root 431of the tree. 432.Pp 433This example creates a new subtree and adds a node to it that controls the 434.Fa audiodebug 435kernel variable, thereby making it tunable at at any time, without 436needing to use 437.Xr ddb 4 438or 439.Xr kvm 3 440to alter the kernel's memory directly. 441.Pp 442.Bd -literal -offset indent -compact 443struct sysctlnode node; 444int mib[2]; 445size_t len; 446.sp 447mib[0] = CTL_CREATE; /* create at top-level */ 448len = sizeof(node); 449memset(\*[Am]node, 0, len); 450node.sysctl_flags = SYSCTL_VERSION|CTLFLAG_READWRITE|CTLTYPE_NODE; 451snprintf(node.sysctl_name, sizeof(node.sysctl_name), "local"); 452node.sysctl_num = CTL_CREATE; /* request dynamic MIB number */ 453sysctl(\*[Am]mib[0], 1, \*[Am]node, \*[Am]len, \*[Am]node, len); 454.sp 455mib[0] = node.sysctl_num; /* use new MIB number */ 456mib[1] = CTL_CREATESYM; /* create at second level */ 457len = sizeof(node); 458memset(\*[Am]node, 0, len); 459node.sysctl_flags = SYSCTL_VERSION|CTLFLAG_READWRITE|CTLTYPE_INT; 460snprintf(node.sysctl_name, sizeof(node.sysctl_name), "audiodebug"); 461node.sysctl_num = CTL_CREATE; 462node.sysctl_data = "audiodebug"; /* kernel symbol to be used */ 463sysctl(\*[Am]mib[0], 2, NULL, NULL, \*[Am]node, len); 464.Ed 465.Pp 466The process for deleting nodes is similar, but less data needs to 467be supplied. 468Only the 469.Fa sysctl_num 470field 471needs to be filled in; almost all other fields must be left blank. 472The 473.Fa sysctl_name 474and/or 475.Fa sysctl_ver 476fields can be filled in with the name and version of the existing node 477as additional checks on what will be deleted. 478If all the given data fail to match any node, nothing will be deleted. 479If valid values for 480.Fa old 481and 482.Fa oldlenp 483are supplied and a node is deleted, a copy of what was in the MIB tree 484will be returned. 485.Pp 486This sample code shows the deletion of the two nodes created in the 487above example: 488.Pp 489.Bd -literal -offset indent -compact 490int mib[2]; 491.sp 492len = sizeof(node); 493memset(\*[Am]node, 0, len); 494node.sysctl_flags = SYSCTL_VERSION; 495.sp 496mib[0] = 3214; /* assumed number for "local" */ 497mib[1] = CTL_DESTROY; 498node.sysctl_num = 3215; /* assumed number for "audiodebug" */ 499sysctl(\*[Am]mib[0], 2, NULL, NULL, \*[Am]node, len); 500.sp 501mib[0] = CTL_DESTROY; 502node.sysctl_num = 3214; /* now deleting "local" */ 503sysctl(\*[Am]mib[0], 1, NULL, NULL, \*[Am]node, len); 504.Ed 505.Pp 506Descriptions of each of the nodes can also be retrieved, if they are 507available. 508Descriptions can be retrieved in bulk at each level or on a per-node 509basis. 510The layout of the buffer into which the descriptions are returned is a 511series of variable length structures, each of which describes its own 512size. 513The length indicated includes the terminating 514.Sq nul 515character. 516Nodes that have no description or where the description is not 517available are indicated by an empty string. 518The 519.Fa descr_ver 520will match the 521.Fa sysctl_ver 522value for a given node, so that descriptions for nodes whose number 523have been recycled can be detected and ignored or discarded. 524.Pp 525.Bd -literal 526struct sysctldesc { 527 int32_t descr_num; /* mib number of node */ 528 uint32_t descr_ver; /* version of node */ 529 uint32_t descr_len; /* length of description string */ 530 char descr_str[1]; /* not really 1...see above */ 531}; 532.Ed 533.Pp 534The 535.Fn NEXT_DESCR 536macro can be used to skip to the next description in the retrieved 537list. 538.Pp 539.Bd -literal -offset indent -compact 540struct sysctlnode desc; 541struct sysctldesc *d; 542char buf[1024]; 543int mib[2]; 544size_t len; 545.sp 546/* retrieve kern-level descriptions */ 547mib[0] = CTL_KERN; 548mib[1] = CTL_DESCRIBE; 549d = (struct sysctldesc *)\*[Am]buf[0]; 550len = sizeof(buf); 551sysctl(mib, 2, d, \*[Am]len, NULL, 0); 552while ((caddr_t)d \*[Lt] (caddr_t)\*[Am]buf[len]) { 553 printf("node %d: %.*s\\n", d-\*[Gt]descr_num, d-\*[Gt]descr_len, 554 d-\*[Gt]descr_str); 555 d = NEXT_DESCR(d); 556} 557.sp 558/* retrieve description for kern.securelevel */ 559memset(\*[Am]desc, 0, sizeof(desc)); 560desc.sysctl_flags = SYSCTL_VERSION; 561desc.sysctl_num = KERN_SECURELEVEL; 562d = (struct sysctldesc *)\*[Am]buf[0]; 563len = sizeof(buf); 564sysctl(mib, 2, d, \*[Am]len, \*[Am]desc, sizeof(desc)); 565printf("kern.securelevel: %.*s\\n", d-\*[Gt]descr_len, d-\*[Gt]descr_str); 566.Ed 567.Pp 568Descriptions can also be set as follows, subject to the following rules: 569.Pp 570.Bl -bullet -compact 571.It 572The kernel securelevel is at zero or lower 573.It 574The caller has super-user privileges 575.It 576The node does not currently have a description 577.It 578The node is not marked as 579.Dq permanent 580.El 581.Pp 582.Bd -literal -offset indent -compact 583struct sysctlnode desc; 584int mib[2]; 585.sp 586/* presuming the given top-level node was just added... */ 587mib[0] = 3214; /* mib numbers taken from previous examples */ 588mib[1] = CTL_DESCRIBE; 589memset(\*[Am]desc, 0, sizeof(desc)); 590desc.sysctl_flags = SYSCTL_VERSION; 591desc.sysctl_num = 3215; 592desc.sysctl_desc = "audio debug control knob"; 593sysctl(mib, 2, NULL, NULL, \*[Am]desc, sizeof(desc)); 594.Ed 595.Pp 596Upon successfully setting a description, the new description will be 597returned in the space indicated by the 598.Fa oldp 599and 600.Fa oldlenp 601arguments. 602.Pp 603The 604.Fa sysctl_flags 605field in the struct sysctlnode contains the sysctl version, node type 606information, and a number of flags. 607The macros 608.Fn SYSCTL_VERS , 609.Fn SYSCTL_TYPE , 610and 611.Fn SYSCTL_FLAGS 612can be used to access the different fields. 613Valid flags are: 614.Bl -column CTLFLAGXPERMANENTXXX 615.It Sy Name Description 616.It CTLFLAG\_READONLY Node is read-only 617.It CTLFLAG\_READWRITE Node is writable by the superuser 618.It CTLFLAG\_ANYWRITE Node is writable by anyone 619.It CTLFLAG\_PRIVATE Node is readable only by the superuser 620.It CTLFLAG\_PERMANENT Node cannot be removed (cannot be set by 621processes) 622.It CTLFLAG\_OWNDATA Node owns data and does not instrument 623existing data 624.It CTLFLAG\_IMMEDIATE Node contains instrumented data and does not 625instrument existing data 626.It CTLFLAG\_HEX Node's contents should be displayed in a hexadecimal 627form 628.It CTLFLAG\_ROOT Node is the root of a tree (cannot be set at 629any time) 630.It CTLFLAG\_ANYNUMBER Node matches any MIB number (cannot be set by 631processes) 632.It CTLFLAG\_HIDDEN Node not displayed by default 633.It CTLFLAG\_ALIAS Node refers to a sibling node (cannot be set 634by processes) 635.It CTLFLAG\_OWNDESC Node owns its own description string space 636.El 637.Sh RETURN VALUES 638If the call to 639.Nm 640is successful, 0 is returned. 641Otherwise \-1 is returned and 642.Va errno 643is set appropriately. 644.Sh FILES 645.Bl -tag -width \*[Lt]netinet6/udp6Xvar.h\*[Gt] -compact 646.It Aq Pa sys/sysctl.h 647definitions for top level identifiers, second level kernel and hardware 648identifiers, and user level identifiers 649.It Aq Pa sys/socket.h 650definitions for second level network identifiers 651.It Aq Pa sys/gmon.h 652definitions for third level profiling identifiers 653.It Aq Pa uvm/uvm_param.h 654definitions for second level virtual memory identifiers 655.It Aq Pa netinet/in.h 656definitions for third level IPv4/v6 identifiers and 657fourth level IPv4/v6 identifiers 658.It Aq Pa netinet/icmp_var.h 659definitions for fourth level ICMP identifiers 660.It Aq Pa netinet/icmp6.h 661definitions for fourth level ICMPv6 identifiers 662.It Aq Pa netinet/tcp_var.h 663definitions for fourth level TCP identifiers 664.It Aq Pa netinet/udp_var.h 665definitions for fourth level UDP identifiers 666.It Aq Pa netinet6/udp6_var.h 667definitions for fourth level IPv6 UDP identifiers 668.It Aq Pa netinet6/ipsec.h 669definitions for fourth level IPsec identifiers 670.It Aq Pa netkey/key_var.h 671definitions for third level PF_KEY identifiers 672.It Aq Pa machine/cpu.h 673definitions for second level machdep identifiers 674.El 675.Sh ERRORS 676The following errors may be reported: 677.Bl -tag -width Er 678.It Bq Er EFAULT 679The buffer 680.Fa name , 681.Fa oldp , 682.Fa newp , 683or length pointer 684.Fa oldlenp 685contains an invalid address, or the requested value is temporarily 686unavailable. 687.It Bq Er EINVAL 688The 689.Fa name 690array is zero or greater than 691.Dv CTL_MAXNAME ; 692or a non-null 693.Fa newp 694is given and its specified length in 695.Fa newlen 696is too large or too small, or the given value is not acceptable for 697the given node. 698.It Bq Er EISDIR 699The 700.Fa name 701array specifies an intermediate rather than terminal name. 702.It Bq Er ENOENT 703The 704.Fa name 705array specifies a node that does not exist in the tree; 706or an attempt was made to destroy a node that does not exist, or to 707create or destroy a node below a node that does not exist. 708.It Bq Er ENOMEM 709The length pointed to by 710.Fa oldlenp 711is too short to hold the requested value. 712.It Bq Er ENOTDIR 713The 714.Fa name 715array specifies a node below a node that addresses data. 716.It Bq Er ENOTEMPTY 717An attempt was made to destroy a node that still has children. 718.It Bq Er EOPNOTSUPP 719The 720.Fa name 721array specifies a value that is unknown or a meta-operation was 722attempted that the requested node does not support. 723.It Bq Er EPERM 724An attempt is made to set a read-only value; or 725a process without appropriate privilege attempts to set a value or to 726create or destroy a node; or 727an attempt to change a value protected by the current kernel security 728level is made. 729.El 730.Sh SEE ALSO 731.Xr sysctl 7 , 732.Xr sysctl 8 , 733.Xr secmodel_securelevel 9 734.\" .Xr sysctl 9 735.Sh HISTORY 736The 737.Nm 738function first appeared in 739.Bx 4.4 . 740