manuals: Correct some sysctl markup - src

diff options


context:
space:
mode:

author	Alexander Ziaee <ziaee@FreeBSD.org>	2026-01-06 16:02:24 +0000
committer	Alexander Ziaee <ziaee@FreeBSD.org>	2026-01-06 16:08:21 +0000
commit	75866d71e8d93fe1a1ff469b8a9c6c6c9908a6c8 (patch)
tree	71d0d165d18c50a7cf329f7017e1bb24180f1285 /lib/libsys
parent	03e1605cdf17c48d5e0d6d42a9f15b78b3b7adb0 (diff)

Diffstat (limited to 'lib/libsys')

-rw-r--r--

lib/libsys/chroot.2

-rw-r--r--

lib/libsys/ptrace.2

2 files changed, 8 insertions, 8 deletions

diff --git a/lib/libsys/chroot.2 b/lib/libsys/chroot.2
index 3347df5cceee..809dbaad2f65 100644
--- a/lib/libsys/chroot.2
+++ b/lib/libsys/chroot.2

@@ -62,7 +62,7 @@ It should be noted that

has no effect on the process's current directory.

.Pp

This call is restricted to the super-user, unless the

-.Ql security.bsd.unprivileged_chroot

+.Ql Va security.bsd.unprivileged_chroot

sysctl variable is set to 1

and the process has enabled the

.Dv PROC_NO_NEW_PRIVS_CTL

@@ -118,7 +118,7 @@ will fail and the root directory will be unchanged if:

.Bl -tag -width Er

.It Bq Er EPERM

The effective user ID is not the super-user and the

-.Ql security.bsd.unprivileged_chroot

+.Ql Va security.bsd.unprivileged_chroot

sysctl is 0.

.It Bq Er EPERM

The effective user ID is not the super-user and the

@@ -127,7 +127,7 @@ process has not enabled the

.Xr procctl 2 .

.It Bq Er EPERM

One or more filedescriptors are open directories and the

-.Ql kern.chroot_allow_open_directories

+.Ql Va kern.chroot_allow_open_directories

sysctl is not set to permit this.

.It Bq Er EIO

An I/O error occurred while reading from or writing to the file system.

diff --git a/lib/libsys/ptrace.2 b/lib/libsys/ptrace.2
index 7aa24a3f820b..a6798bb22b27 100644
--- a/lib/libsys/ptrace.2
+++ b/lib/libsys/ptrace.2

@@ -148,31 +148,31 @@ Sometimes it may be desirable to disallow it either completely, or limit

its scope.

The following controls are provided for this:

.Bl -tag -width security.bsd.unprivileged_proc_debug

-.It Dv security.bsd.allow_ptrace

+.It Va security.bsd.allow_ptrace

Setting this sysctl to zero makes

.Nm

return

.Er ENOSYS

always as if the syscall is not implemented by the kernel.

-.It Dv security.bsd.unprivileged_proc_debug

+.It Va security.bsd.unprivileged_proc_debug

Setting this sysctl to zero disallows the use of

.Fn ptrace

by unprivileged processes.

-.It Dv security.bsd.see_other_uids

+.It Va security.bsd.see_other_uids

Setting this sysctl to zero prevents

.Fn ptrace

requests from targeting processes with a real user identifier different

from the caller's.

These requests will fail with error

.Er ESRCH .

-.It Dv security.bsd.see_other_gids

+.It Va security.bsd.see_other_gids

Setting this sysctl to zero disallows

.Fn ptrace

requests from processes that have no groups in common with the target process,

considering their sets of real and supplementary groups.

These requests will fail with error

.Er ESRCH .

-.It Dv security.bsd.see_jail_proc

+.It Va security.bsd.see_jail_proc

Setting this sysctl to zero disallows

.Fn ptrace

requests from processes belonging to a different jail than that of the target