Subject: bin/21261: identd(8) broken after sysctl(3) changes
To: None <>
From: Matthias Scheler <>
List: netbsd-bugs
Date: 04/22/2003 19:12:39
>Number:         21261
>Category:       bin
>Synopsis:       identd(8) broken after sysctl(3) changes
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Tue Apr 22 17:13:01 UTC 2003
>Release:        NetBSD 1.6R (2003-04-22 sources)
Matthias Scheler                        
System: NetBSD 1.6R NetBSD 1.6R (LYSSA) #0: Tue Apr 22 09:49:32 CEST 2003 i386
Architecture: i386
Machine: i386
Recently I noticed an error like the one below in my console window for each
outgoing e-mail:

Apr 22 18:13:44 lyssa identd[292]: k_getuid: sysctl 1 (-1)

After fixing the error output in identd(8) it looked like this:

Apr 22 18:56:32 lyssa identd[3696]: k_getuid: sysctl 1: Operation not permitted

This is caused by a recent (apparently untested) modification which changes
identd(8) to use sysctl(3) from retrieving the uid of a TCP connection.
Unfortunately sysctl(3) requires "root" privileges to retrieve this

Connect to a service that tries a RFC 1413 lookup.

Possible solutions:
- Revert changes to identd(8).
- Weaken the permission checks in "kern_sysctl.c" to line 180 to allow
  non "root" users to retreive this information which probably causes
  other problems.
- Run identd(8) as "root".