xref: /freebsd/lib/libcasper/services/cap_sysctl/tests/sysctl_test.c (revision b64c5a0ace59af62eff52bfe110a521dc73c937b)
1 /*-
2  * SPDX-License-Identifier: BSD-2-Clause
3  *
4  * Copyright (c) 2013, 2018 The FreeBSD Foundation
5  *
6  * This software was developed by Pawel Jakub Dawidek under sponsorship from
7  * the FreeBSD Foundation.
8  *
9  * Portions of this software were developed by Mark Johnston
10  * under sponsorship from the FreeBSD Foundation.
11  *
12  * Redistribution and use in source and binary forms, with or without
13  * modification, are permitted provided that the following conditions
14  * are met:
15  * 1. Redistributions of source code must retain the above copyright
16  *    notice, this list of conditions and the following disclaimer.
17  * 2. Redistributions in binary form must reproduce the above copyright
18  *    notice, this list of conditions and the following disclaimer in the
19  *    documentation and/or other materials provided with the distribution.
20  *
21  * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
22  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
23  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
24  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
25  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
26  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
27  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
28  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
29  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
30  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
31  * SUCH DAMAGE.
32  */
33 
34 #include <sys/types.h>
35 #include <sys/capsicum.h>
36 #include <sys/sysctl.h>
37 #include <sys/nv.h>
38 
39 #include <assert.h>
40 #include <err.h>
41 #include <errno.h>
42 #include <netdb.h>
43 #include <stdio.h>
44 #include <stdlib.h>
45 #include <string.h>
46 #include <unistd.h>
47 
48 #include <libcasper.h>
49 #include <casper/cap_sysctl.h>
50 
51 #include <atf-c.h>
52 
53 /*
54  * We need some sysctls to perform the tests on.
55  * We remember their values and restore them afer the test is done.
56  */
57 #define	SYSCTL0_PARENT	"kern"
58 #define	SYSCTL0_NAME	"kern.sync_on_panic"
59 #define	SYSCTL0_FILE	"./sysctl0"
60 #define	SYSCTL1_PARENT	"debug"
61 #define	SYSCTL1_NAME	"debug.minidump"
62 #define	SYSCTL1_FILE	"./sysctl1"
63 
64 #define	SYSCTL0_READ0		0x0001
65 #define	SYSCTL0_READ1		0x0002
66 #define	SYSCTL0_READ2		0x0004
67 #define	SYSCTL0_WRITE		0x0008
68 #define	SYSCTL0_READ_WRITE	0x0010
69 #define	SYSCTL1_READ0		0x0020
70 #define	SYSCTL1_READ1		0x0040
71 #define	SYSCTL1_READ2		0x0080
72 #define	SYSCTL1_WRITE		0x0100
73 #define	SYSCTL1_READ_WRITE	0x0200
74 
75 static void
76 save_int_sysctl(const char *name, const char *file)
77 {
78 	ssize_t n;
79 	size_t sz;
80 	int error, fd, val;
81 
82 	sz = sizeof(val);
83 	error = sysctlbyname(name, &val, &sz, NULL, 0);
84 	ATF_REQUIRE_MSG(error == 0,
85 	    "sysctlbyname(%s): %s", name, strerror(errno));
86 
87 	fd = open(file, O_CREAT | O_WRONLY, 0600);
88 	ATF_REQUIRE_MSG(fd >= 0, "open(%s): %s", file, strerror(errno));
89 	n = write(fd, &val, sz);
90 	ATF_REQUIRE(n >= 0 && (size_t)n == sz);
91 	error = close(fd);
92 	ATF_REQUIRE(error == 0);
93 }
94 
95 static void
96 restore_int_sysctl(const char *name, const char *file)
97 {
98 	ssize_t n;
99 	size_t sz;
100 	int error, fd, val;
101 
102 	fd = open(file, O_RDONLY);
103 	ATF_REQUIRE(fd >= 0);
104 	sz = sizeof(val);
105 	n = read(fd, &val, sz);
106 	ATF_REQUIRE(n >= 0 && (size_t)n == sz);
107 	error = unlink(file);
108 	ATF_REQUIRE(error == 0);
109 	error = close(fd);
110 	ATF_REQUIRE(error == 0);
111 
112 	error = sysctlbyname(name, NULL, NULL, &val, sz);
113 	ATF_REQUIRE_MSG(error == 0,
114 	    "sysctlbyname(%s): %s", name, strerror(errno));
115 }
116 
117 static cap_channel_t *
118 initcap(void)
119 {
120 	cap_channel_t *capcas, *capsysctl;
121 
122 	save_int_sysctl(SYSCTL0_NAME, SYSCTL0_FILE);
123 	save_int_sysctl(SYSCTL1_NAME, SYSCTL1_FILE);
124 
125 	capcas = cap_init();
126 	ATF_REQUIRE(capcas != NULL);
127 
128 	capsysctl = cap_service_open(capcas, "system.sysctl");
129 	ATF_REQUIRE(capsysctl != NULL);
130 
131 	cap_close(capcas);
132 
133 	return (capsysctl);
134 }
135 
136 static void
137 cleanup(void)
138 {
139 
140 	restore_int_sysctl(SYSCTL0_NAME, SYSCTL0_FILE);
141 	restore_int_sysctl(SYSCTL1_NAME, SYSCTL1_FILE);
142 }
143 
144 static unsigned int
145 checkcaps(cap_channel_t *capsysctl)
146 {
147 	unsigned int result;
148 	size_t len0, len1, oldsize;
149 	int error, mib0[2], mib1[2], oldvalue, newvalue;
150 
151 	result = 0;
152 
153 	len0 = nitems(mib0);
154 	ATF_REQUIRE(sysctlnametomib(SYSCTL0_NAME, mib0, &len0) == 0);
155 	len1 = nitems(mib1);
156 	ATF_REQUIRE(sysctlnametomib(SYSCTL1_NAME, mib1, &len1) == 0);
157 
158 	oldsize = sizeof(oldvalue);
159 	if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize,
160 	    NULL, 0) == 0) {
161 		if (oldsize == sizeof(oldvalue))
162 			result |= SYSCTL0_READ0;
163 	}
164 	error = cap_sysctl(capsysctl, mib0, len0, &oldvalue, &oldsize, NULL, 0);
165 	if ((result & SYSCTL0_READ0) != 0)
166 		ATF_REQUIRE(error == 0);
167 	else
168 		ATF_REQUIRE_ERRNO(ENOTCAPABLE, error != 0);
169 
170 	newvalue = 123;
171 	if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, NULL, NULL, &newvalue,
172 	    sizeof(newvalue)) == 0) {
173 		result |= SYSCTL0_WRITE;
174 	}
175 
176 	if ((result & SYSCTL0_WRITE) != 0) {
177 		oldsize = sizeof(oldvalue);
178 		if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue,
179 		    &oldsize, NULL, 0) == 0) {
180 			if (oldsize == sizeof(oldvalue) && oldvalue == 123)
181 				result |= SYSCTL0_READ1;
182 		}
183 	}
184 	newvalue = 123;
185 	error = cap_sysctl(capsysctl, mib0, len0, NULL, NULL,
186 	    &newvalue, sizeof(newvalue));
187 	if ((result & SYSCTL0_WRITE) != 0)
188 		ATF_REQUIRE(error == 0);
189 	else
190 		ATF_REQUIRE_ERRNO(ENOTCAPABLE, error != 0);
191 
192 	oldsize = sizeof(oldvalue);
193 	newvalue = 4567;
194 	if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue, &oldsize,
195 	    &newvalue, sizeof(newvalue)) == 0) {
196 		if (oldsize == sizeof(oldvalue) && oldvalue == 123)
197 			result |= SYSCTL0_READ_WRITE;
198 	}
199 
200 	if ((result & SYSCTL0_READ_WRITE) != 0) {
201 		oldsize = sizeof(oldvalue);
202 		if (cap_sysctlbyname(capsysctl, SYSCTL0_NAME, &oldvalue,
203 		    &oldsize, NULL, 0) == 0) {
204 			if (oldsize == sizeof(oldvalue) && oldvalue == 4567)
205 				result |= SYSCTL0_READ2;
206 		}
207 	}
208 
209 	oldsize = sizeof(oldvalue);
210 	if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize,
211 	    NULL, 0) == 0) {
212 		if (oldsize == sizeof(oldvalue))
213 			result |= SYSCTL1_READ0;
214 	}
215 	error = cap_sysctl(capsysctl, mib1, len1, &oldvalue, &oldsize, NULL, 0);
216 	if ((result & SYSCTL1_READ0) != 0)
217 		ATF_REQUIRE(error == 0);
218 	else
219 		ATF_REQUIRE_ERRNO(ENOTCAPABLE, error != 0);
220 
221 	newvalue = 506;
222 	if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, NULL, NULL, &newvalue,
223 	    sizeof(newvalue)) == 0) {
224 		result |= SYSCTL1_WRITE;
225 	}
226 
227 	if ((result & SYSCTL1_WRITE) != 0) {
228 		newvalue = 506;
229 		ATF_REQUIRE(cap_sysctl(capsysctl, mib1, len1, NULL, NULL,
230 		    &newvalue, sizeof(newvalue)) == 0);
231 
232 		oldsize = sizeof(oldvalue);
233 		if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue,
234 		    &oldsize, NULL, 0) == 0) {
235 			if (oldsize == sizeof(oldvalue) && oldvalue == 506)
236 				result |= SYSCTL1_READ1;
237 		}
238 	}
239 	newvalue = 506;
240 	error = cap_sysctl(capsysctl, mib1, len1, NULL, NULL,
241 	    &newvalue, sizeof(newvalue));
242 	if ((result & SYSCTL1_WRITE) != 0)
243 		ATF_REQUIRE(error == 0);
244 	else
245 		ATF_REQUIRE_ERRNO(ENOTCAPABLE, error != 0);
246 
247 	oldsize = sizeof(oldvalue);
248 	newvalue = 7008;
249 	if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue, &oldsize,
250 	    &newvalue, sizeof(newvalue)) == 0) {
251 		if (oldsize == sizeof(oldvalue) && oldvalue == 506)
252 			result |= SYSCTL1_READ_WRITE;
253 	}
254 
255 	if ((result & SYSCTL1_READ_WRITE) != 0) {
256 		oldsize = sizeof(oldvalue);
257 		if (cap_sysctlbyname(capsysctl, SYSCTL1_NAME, &oldvalue,
258 		    &oldsize, NULL, 0) == 0) {
259 			if (oldsize == sizeof(oldvalue) && oldvalue == 7008)
260 				result |= SYSCTL1_READ2;
261 		}
262 	}
263 
264 	return (result);
265 }
266 
267 ATF_TC_WITH_CLEANUP(cap_sysctl__operation);
268 ATF_TC_HEAD(cap_sysctl__operation, tc)
269 {
270 }
271 ATF_TC_BODY(cap_sysctl__operation, tc)
272 {
273 	cap_channel_t *capsysctl, *ocapsysctl;
274 	void *limit;
275 
276 	ocapsysctl = initcap();
277 
278 	/*
279 	 * Allow:
280 	 * SYSCTL0_PARENT/RDWR/RECURSIVE
281 	 * SYSCTL1_PARENT/RDWR/RECURSIVE
282 	 */
283 
284 	capsysctl = cap_clone(ocapsysctl);
285 	ATF_REQUIRE(capsysctl != NULL);
286 
287 	limit = cap_sysctl_limit_init(capsysctl);
288 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
289 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
290 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
291 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
292 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
293 
294 	limit = cap_sysctl_limit_init(capsysctl);
295 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
296 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
297 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
298 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
299 	(void)cap_sysctl_limit_name(limit, "foo.bar",
300 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
301 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
302 
303 	limit = cap_sysctl_limit_init(capsysctl);
304 	(void)cap_sysctl_limit_name(limit, "foo.bar",
305 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
306 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
307 
308 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
309 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
310 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
311 	    SYSCTL1_READ_WRITE));
312 
313 	limit = cap_sysctl_limit_init(capsysctl);
314 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
315 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
316 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
317 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
318 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
319 
320 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
321 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
322 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
323 	    SYSCTL1_READ_WRITE));
324 
325 	limit = cap_sysctl_limit_init(capsysctl);
326 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
327 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
328 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
329 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
330 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
331 
332 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
333 
334 	limit = cap_sysctl_limit_init(capsysctl);
335 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
336 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
337 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
338 
339 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
340 
341 	limit = cap_sysctl_limit_init(capsysctl);
342 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
343 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
344 
345 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL0_READ0);
346 
347 	cap_close(capsysctl);
348 
349 	/*
350 	 * Allow:
351 	 * SYSCTL0_NAME/RDWR/RECURSIVE
352 	 * SYSCTL1_NAME/RDWR/RECURSIVE
353 	 */
354 
355 	capsysctl = cap_clone(ocapsysctl);
356 	ATF_REQUIRE(capsysctl != NULL);
357 
358 	limit = cap_sysctl_limit_init(capsysctl);
359 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
360 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
361 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
362 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
363 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
364 
365 	limit = cap_sysctl_limit_init(capsysctl);
366 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
367 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
368 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
369 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
370 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
371 	limit = cap_sysctl_limit_init(capsysctl);
372 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
373 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
374 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
375 	limit = cap_sysctl_limit_init(capsysctl);
376 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
377 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
378 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
379 	limit = cap_sysctl_limit_init(capsysctl);
380 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
381 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
382 
383 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
384 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
385 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
386 	    SYSCTL1_READ_WRITE));
387 
388 	cap_close(capsysctl);
389 
390 	/*
391 	 * Allow:
392 	 * SYSCTL0_PARENT/RDWR
393 	 * SYSCTL1_PARENT/RDWR
394 	 */
395 
396 	capsysctl = cap_clone(ocapsysctl);
397 	ATF_REQUIRE(capsysctl != NULL);
398 
399 	limit = cap_sysctl_limit_init(capsysctl);
400 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
401 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
402 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
403 	limit = cap_sysctl_limit_init(capsysctl);
404 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
405 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
406 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
407 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
408 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
409 	limit = cap_sysctl_limit_init(capsysctl);
410 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
411 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
412 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
413 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
414 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
415 	limit = cap_sysctl_limit_init(capsysctl);
416 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
417 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
418 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
419 
420 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
421 
422 	cap_close(capsysctl);
423 
424 	/*
425 	 * Allow:
426 	 * SYSCTL0_NAME/RDWR
427 	 * SYSCTL1_NAME/RDWR
428 	 */
429 
430 	capsysctl = cap_clone(ocapsysctl);
431 	ATF_REQUIRE(capsysctl != NULL);
432 
433 	limit = cap_sysctl_limit_init(capsysctl);
434 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
435 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
436 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
437 	limit = cap_sysctl_limit_init(capsysctl);
438 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
439 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
440 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
441 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
442 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
443 	limit = cap_sysctl_limit_init(capsysctl);
444 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
445 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
446 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
447 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
448 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
449 	limit = cap_sysctl_limit_init(capsysctl);
450 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
451 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
452 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
453 
454 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
455 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
456 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
457 	    SYSCTL1_READ_WRITE));
458 
459 	cap_close(capsysctl);
460 
461 	/*
462 	 * Allow:
463 	 * SYSCTL0_PARENT/RDWR
464 	 * SYSCTL1_PARENT/RDWR/RECURSIVE
465 	 */
466 
467 	capsysctl = cap_clone(ocapsysctl);
468 	ATF_REQUIRE(capsysctl != NULL);
469 
470 	limit = cap_sysctl_limit_init(capsysctl);
471 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
472 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
473 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
474 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
475 	limit = cap_sysctl_limit_init(capsysctl);
476 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
477 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
478 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
479 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
480 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
481 	limit = cap_sysctl_limit_init(capsysctl);
482 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
483 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
484 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
485 	limit = cap_sysctl_limit_init(capsysctl);
486 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
487 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
488 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
489 	limit = cap_sysctl_limit_init(capsysctl);
490 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
491 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
492 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
493 
494 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 |
495 	    SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE));
496 
497 	cap_close(capsysctl);
498 
499 	/*
500 	 * Allow:
501 	 * SYSCTL0_NAME/RDWR
502 	 * SYSCTL1_NAME/RDWR/RECURSIVE
503 	 */
504 
505 	capsysctl = cap_clone(ocapsysctl);
506 	ATF_REQUIRE(capsysctl != NULL);
507 
508 	limit = cap_sysctl_limit_init(capsysctl);
509 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
510 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
511 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
512 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
513 	limit = cap_sysctl_limit_init(capsysctl);
514 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
515 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
516 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
517 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
518 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
519 	limit = cap_sysctl_limit_init(capsysctl);
520 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
521 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
522 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
523 	limit = cap_sysctl_limit_init(capsysctl);
524 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
525 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
526 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
527 
528 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
529 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
530 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
531 	    SYSCTL1_READ_WRITE));
532 
533 	cap_close(capsysctl);
534 
535 	/*
536 	 * Allow:
537 	 * SYSCTL0_PARENT/READ/RECURSIVE
538 	 * SYSCTL1_PARENT/READ/RECURSIVE
539 	 */
540 
541 	capsysctl = cap_clone(ocapsysctl);
542 	ATF_REQUIRE(capsysctl != NULL);
543 
544 	limit = cap_sysctl_limit_init(capsysctl);
545 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
546 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
547 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
548 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
549 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
550 	limit = cap_sysctl_limit_init(capsysctl);
551 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
552 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
553 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
554 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
555 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
556 	limit = cap_sysctl_limit_init(capsysctl);
557 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
558 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
559 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
560 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
561 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
562 	limit = cap_sysctl_limit_init(capsysctl);
563 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
564 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
565 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
566 	limit = cap_sysctl_limit_init(capsysctl);
567 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
568 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
569 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
570 	limit = cap_sysctl_limit_init(capsysctl);
571 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
572 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
573 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
574 	limit = cap_sysctl_limit_init(capsysctl);
575 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
576 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
577 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
578 	limit = cap_sysctl_limit_init(capsysctl);
579 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
580 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
581 	limit = cap_sysctl_limit_init(capsysctl);
582 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
583 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
584 
585 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0));
586 
587 	cap_close(capsysctl);
588 
589 	/*
590 	 * Allow:
591 	 * SYSCTL0_NAME/READ/RECURSIVE
592 	 * SYSCTL1_NAME/READ/RECURSIVE
593 	 */
594 
595 	capsysctl = cap_clone(ocapsysctl);
596 	ATF_REQUIRE(capsysctl != NULL);
597 
598 	limit = cap_sysctl_limit_init(capsysctl);
599 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
600 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
601 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
602 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
603 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
604 	limit = cap_sysctl_limit_init(capsysctl);
605 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
606 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
607 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
608 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
609 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
610 	limit = cap_sysctl_limit_init(capsysctl);
611 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
612 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
613 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
614 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
615 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
616 	limit = cap_sysctl_limit_init(capsysctl);
617 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
618 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
619 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
620 	limit = cap_sysctl_limit_init(capsysctl);
621 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
622 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
623 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
624 	limit = cap_sysctl_limit_init(capsysctl);
625 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
626 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
627 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
628 	limit = cap_sysctl_limit_init(capsysctl);
629 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
630 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
631 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
632 	limit = cap_sysctl_limit_init(capsysctl);
633 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
634 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
635 	limit = cap_sysctl_limit_init(capsysctl);
636 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
637 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
638 
639 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0));
640 
641 	cap_close(capsysctl);
642 
643 	/*
644 	 * Allow:
645 	 * SYSCTL0_PARENT/READ
646 	 * SYSCTL1_PARENT/READ
647 	 */
648 
649 	capsysctl = cap_clone(ocapsysctl);
650 	ATF_REQUIRE(capsysctl != NULL);
651 
652 	limit = cap_sysctl_limit_init(capsysctl);
653 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
654 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
655 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
656 	limit = cap_sysctl_limit_init(capsysctl);
657 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
658 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
659 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
660 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
661 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
662 	limit = cap_sysctl_limit_init(capsysctl);
663 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
664 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
665 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
666 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
667 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
668 	limit = cap_sysctl_limit_init(capsysctl);
669 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
670 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
671 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
672 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
673 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
674 	limit = cap_sysctl_limit_init(capsysctl);
675 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
676 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
677 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
678 	limit = cap_sysctl_limit_init(capsysctl);
679 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
680 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
681 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
682 	limit = cap_sysctl_limit_init(capsysctl);
683 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
684 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
685 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
686 	limit = cap_sysctl_limit_init(capsysctl);
687 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
688 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
689 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
690 	limit = cap_sysctl_limit_init(capsysctl);
691 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
692 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
693 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
694 	limit = cap_sysctl_limit_init(capsysctl);
695 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
696 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
697 	limit = cap_sysctl_limit_init(capsysctl);
698 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
699 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
700 
701 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
702 
703 	cap_close(capsysctl);
704 
705 	/*
706 	 * Allow:
707 	 * SYSCTL0_NAME/READ
708 	 * SYSCTL1_NAME/READ
709 	 */
710 
711 	capsysctl = cap_clone(ocapsysctl);
712 	ATF_REQUIRE(capsysctl != NULL);
713 
714 	limit = cap_sysctl_limit_init(capsysctl);
715 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
716 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
717 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
718 	limit = cap_sysctl_limit_init(capsysctl);
719 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
720 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
721 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
722 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
723 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
724 	limit = cap_sysctl_limit_init(capsysctl);
725 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
726 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
727 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
728 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
729 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
730 	limit = cap_sysctl_limit_init(capsysctl);
731 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
732 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
733 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
734 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
735 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
736 	limit = cap_sysctl_limit_init(capsysctl);
737 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
738 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
739 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
740 	limit = cap_sysctl_limit_init(capsysctl);
741 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
742 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
743 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
744 	limit = cap_sysctl_limit_init(capsysctl);
745 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
746 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
747 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
748 	limit = cap_sysctl_limit_init(capsysctl);
749 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
750 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
751 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
752 	limit = cap_sysctl_limit_init(capsysctl);
753 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
754 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
755 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
756 	limit = cap_sysctl_limit_init(capsysctl);
757 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
758 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
759 	limit = cap_sysctl_limit_init(capsysctl);
760 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
761 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
762 
763 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0));
764 
765 	cap_close(capsysctl);
766 
767 	/*
768 	 * Allow:
769 	 * SYSCTL0_PARENT/READ
770 	 * SYSCTL1_PARENT/READ/RECURSIVE
771 	 */
772 
773 	capsysctl = cap_clone(ocapsysctl);
774 	ATF_REQUIRE(capsysctl != NULL);
775 
776 	limit = cap_sysctl_limit_init(capsysctl);
777 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
778 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
779 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
780 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
781 	limit = cap_sysctl_limit_init(capsysctl);
782 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
783 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
784 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
785 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
786 
787 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_READ0);
788 
789 	cap_close(capsysctl);
790 
791 	/*
792 	 * Allow:
793 	 * SYSCTL0_NAME/READ
794 	 * SYSCTL1_NAME/READ/RECURSIVE
795 	 */
796 
797 	capsysctl = cap_clone(ocapsysctl);
798 	ATF_REQUIRE(capsysctl != NULL);
799 
800 	limit = cap_sysctl_limit_init(capsysctl);
801 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
802 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
803 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
804 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
805 	limit = cap_sysctl_limit_init(capsysctl);
806 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
807 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
808 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
809 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
810 
811 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_READ0));
812 
813 	cap_close(capsysctl);
814 
815 	/*
816 	 * Allow:
817 	 * SYSCTL0_PARENT/WRITE/RECURSIVE
818 	 * SYSCTL1_PARENT/WRITE/RECURSIVE
819 	 */
820 
821 	capsysctl = cap_clone(ocapsysctl);
822 	ATF_REQUIRE(capsysctl != NULL);
823 
824 	limit = cap_sysctl_limit_init(capsysctl);
825 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
826 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
827 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
828 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
829 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
830 	limit = cap_sysctl_limit_init(capsysctl);
831 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
832 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
833 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
834 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
835 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
836 	limit = cap_sysctl_limit_init(capsysctl);
837 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
838 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
839 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
840 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
841 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
842 	limit = cap_sysctl_limit_init(capsysctl);
843 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
844 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
845 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
846 	limit = cap_sysctl_limit_init(capsysctl);
847 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
848 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
849 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
850 	limit = cap_sysctl_limit_init(capsysctl);
851 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
852 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
853 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
854 	limit = cap_sysctl_limit_init(capsysctl);
855 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
856 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
857 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
858 	limit = cap_sysctl_limit_init(capsysctl);
859 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
860 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
861 	limit = cap_sysctl_limit_init(capsysctl);
862 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
863 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
864 
865 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE));
866 
867 	cap_close(capsysctl);
868 
869 	/*
870 	 * Allow:
871 	 * SYSCTL0_NAME/WRITE/RECURSIVE
872 	 * SYSCTL1_NAME/WRITE/RECURSIVE
873 	 */
874 
875 	capsysctl = cap_clone(ocapsysctl);
876 	ATF_REQUIRE(capsysctl != NULL);
877 
878 	limit = cap_sysctl_limit_init(capsysctl);
879 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
880 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
881 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
882 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
883 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
884 	limit = cap_sysctl_limit_init(capsysctl);
885 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
886 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
887 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
888 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
889 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
890 	limit = cap_sysctl_limit_init(capsysctl);
891 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
892 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
893 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
894 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
895 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
896 	limit = cap_sysctl_limit_init(capsysctl);
897 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
898 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
899 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
900 	limit = cap_sysctl_limit_init(capsysctl);
901 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
902 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
903 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
904 	limit = cap_sysctl_limit_init(capsysctl);
905 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
906 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
907 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
908 	limit = cap_sysctl_limit_init(capsysctl);
909 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
910 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
911 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
912 	limit = cap_sysctl_limit_init(capsysctl);
913 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
914 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
915 	limit = cap_sysctl_limit_init(capsysctl);
916 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
917 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
918 
919 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE));
920 
921 	cap_close(capsysctl);
922 
923 	/*
924 	 * Allow:
925 	 * SYSCTL0_PARENT/WRITE
926 	 * SYSCTL1_PARENT/WRITE
927 	 */
928 
929 	capsysctl = cap_clone(ocapsysctl);
930 	ATF_REQUIRE(capsysctl != NULL);
931 
932 	limit = cap_sysctl_limit_init(capsysctl);
933 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
934 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
935 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
936 	limit = cap_sysctl_limit_init(capsysctl);
937 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
938 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
939 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
940 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
941 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
942 	limit = cap_sysctl_limit_init(capsysctl);
943 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
944 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
945 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
946 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
947 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
948 	limit = cap_sysctl_limit_init(capsysctl);
949 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
950 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
951 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
952 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
953 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
954 	limit = cap_sysctl_limit_init(capsysctl);
955 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
956 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
957 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
958 	limit = cap_sysctl_limit_init(capsysctl);
959 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
960 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
961 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
962 	limit = cap_sysctl_limit_init(capsysctl);
963 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
964 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
965 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
966 	limit = cap_sysctl_limit_init(capsysctl);
967 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
968 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
969 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
970 	limit = cap_sysctl_limit_init(capsysctl);
971 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
972 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
973 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
974 	limit = cap_sysctl_limit_init(capsysctl);
975 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
976 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
977 	limit = cap_sysctl_limit_init(capsysctl);
978 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
979 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
980 
981 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
982 
983 	cap_close(capsysctl);
984 
985 	/*
986 	 * Allow:
987 	 * SYSCTL0_NAME/WRITE
988 	 * SYSCTL1_NAME/WRITE
989 	 */
990 
991 	capsysctl = cap_clone(ocapsysctl);
992 	ATF_REQUIRE(capsysctl != NULL);
993 
994 	limit = cap_sysctl_limit_init(capsysctl);
995 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
996 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
997 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
998 	limit = cap_sysctl_limit_init(capsysctl);
999 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1000 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1001 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1002 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1003 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1004 	limit = cap_sysctl_limit_init(capsysctl);
1005 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1006 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1007 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1008 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1009 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1010 	limit = cap_sysctl_limit_init(capsysctl);
1011 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1012 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1013 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1014 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1015 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1016 	limit = cap_sysctl_limit_init(capsysctl);
1017 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
1018 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
1019 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1020 	limit = cap_sysctl_limit_init(capsysctl);
1021 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1022 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
1023 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1024 	limit = cap_sysctl_limit_init(capsysctl);
1025 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1026 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1027 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1028 	limit = cap_sysctl_limit_init(capsysctl);
1029 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1030 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1031 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1032 	limit = cap_sysctl_limit_init(capsysctl);
1033 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1034 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1035 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1036 	limit = cap_sysctl_limit_init(capsysctl);
1037 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
1038 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1039 	limit = cap_sysctl_limit_init(capsysctl);
1040 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1041 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1042 
1043 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE));
1044 
1045 	cap_close(capsysctl);
1046 
1047 	/*
1048 	 * Allow:
1049 	 * SYSCTL0_PARENT/WRITE
1050 	 * SYSCTL1_PARENT/WRITE/RECURSIVE
1051 	 */
1052 
1053 	capsysctl = cap_clone(ocapsysctl);
1054 	ATF_REQUIRE(capsysctl != NULL);
1055 
1056 	limit = cap_sysctl_limit_init(capsysctl);
1057 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
1058 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1059 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1060 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1061 	limit = cap_sysctl_limit_init(capsysctl);
1062 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1063 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1064 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1065 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1066 
1067 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_WRITE);
1068 
1069 	cap_close(capsysctl);
1070 
1071 	/*
1072 	 * Allow:
1073 	 * SYSCTL0_NAME/WRITE
1074 	 * SYSCTL1_NAME/WRITE/RECURSIVE
1075 	 */
1076 
1077 	capsysctl = cap_clone(ocapsysctl);
1078 	ATF_REQUIRE(capsysctl != NULL);
1079 
1080 	limit = cap_sysctl_limit_init(capsysctl);
1081 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
1082 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1083 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1084 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1085 	limit = cap_sysctl_limit_init(capsysctl);
1086 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1087 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1088 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
1089 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1090 
1091 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_WRITE | SYSCTL1_WRITE));
1092 
1093 	cap_close(capsysctl);
1094 
1095 	/*
1096 	 * Allow:
1097 	 * SYSCTL0_PARENT/READ/RECURSIVE
1098 	 * SYSCTL1_PARENT/WRITE/RECURSIVE
1099 	 */
1100 
1101 	capsysctl = cap_clone(ocapsysctl);
1102 	ATF_REQUIRE(capsysctl != NULL);
1103 
1104 	limit = cap_sysctl_limit_init(capsysctl);
1105 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1106 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1107 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1108 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1109 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1110 
1111 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
1112 
1113 	cap_close(capsysctl);
1114 
1115 	/*
1116 	 * Allow:
1117 	 * SYSCTL0_NAME/READ/RECURSIVE
1118 	 * SYSCTL1_NAME/WRITE/RECURSIVE
1119 	 */
1120 
1121 	capsysctl = cap_clone(ocapsysctl);
1122 	ATF_REQUIRE(capsysctl != NULL);
1123 
1124 	limit = cap_sysctl_limit_init(capsysctl);
1125 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1126 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1127 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1128 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1129 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1130 
1131 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
1132 
1133 	cap_close(capsysctl);
1134 
1135 	/*
1136 	 * Allow:
1137 	 * SYSCTL0_PARENT/READ
1138 	 * SYSCTL1_PARENT/WRITE
1139 	 */
1140 
1141 	capsysctl = cap_clone(ocapsysctl);
1142 	ATF_REQUIRE(capsysctl != NULL);
1143 
1144 	limit = cap_sysctl_limit_init(capsysctl);
1145 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1146 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1147 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1148 
1149 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
1150 
1151 	cap_close(capsysctl);
1152 
1153 	/*
1154 	 * Allow:
1155 	 * SYSCTL0_NAME/READ
1156 	 * SYSCTL1_NAME/WRITE
1157 	 */
1158 
1159 	capsysctl = cap_clone(ocapsysctl);
1160 	ATF_REQUIRE(capsysctl != NULL);
1161 
1162 	limit = cap_sysctl_limit_init(capsysctl);
1163 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1164 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
1165 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1166 
1167 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
1168 
1169 	cap_close(capsysctl);
1170 
1171 	/*
1172 	 * Allow:
1173 	 * SYSCTL0_PARENT/READ
1174 	 * SYSCTL1_PARENT/WRITE/RECURSIVE
1175 	 */
1176 
1177 	capsysctl = cap_clone(ocapsysctl);
1178 	ATF_REQUIRE(capsysctl != NULL);
1179 
1180 	limit = cap_sysctl_limit_init(capsysctl);
1181 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1182 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1183 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1184 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1185 
1186 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_WRITE);
1187 
1188 	cap_close(capsysctl);
1189 
1190 	/*
1191 	 * Allow:
1192 	 * SYSCTL0_NAME/READ
1193 	 * SYSCTL1_NAME/WRITE/RECURSIVE
1194 	 */
1195 
1196 	capsysctl = cap_clone(ocapsysctl);
1197 	ATF_REQUIRE(capsysctl != NULL);
1198 
1199 	limit = cap_sysctl_limit_init(capsysctl);
1200 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1201 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1202 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1203 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1204 
1205 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL1_WRITE));
1206 
1207 	cap_close(capsysctl);
1208 }
1209 ATF_TC_CLEANUP(cap_sysctl__operation, tc)
1210 {
1211 	cleanup();
1212 }
1213 
1214 ATF_TC_WITH_CLEANUP(cap_sysctl__names);
1215 ATF_TC_HEAD(cap_sysctl__names, tc)
1216 {
1217 }
1218 ATF_TC_BODY(cap_sysctl__names, tc)
1219 {
1220 	cap_channel_t *capsysctl, *ocapsysctl;
1221 	void *limit;
1222 
1223 	ocapsysctl = initcap();
1224 
1225 	/*
1226 	 * Allow:
1227 	 * SYSCTL0_PARENT/READ/RECURSIVE
1228 	 */
1229 
1230 	capsysctl = cap_clone(ocapsysctl);
1231 	ATF_REQUIRE(capsysctl != NULL);
1232 
1233 	limit = cap_sysctl_limit_init(capsysctl);
1234 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1235 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1236 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1237 	limit = cap_sysctl_limit_init(capsysctl);
1238 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1239 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1240 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1241 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1242 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1243 	limit = cap_sysctl_limit_init(capsysctl);
1244 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1245 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1246 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1247 	limit = cap_sysctl_limit_init(capsysctl);
1248 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1249 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1250 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1251 	limit = cap_sysctl_limit_init(capsysctl);
1252 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1253 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1254 
1255 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL0_READ0);
1256 
1257 	cap_close(capsysctl);
1258 
1259 	/*
1260 	 * Allow:
1261 	 * SYSCTL1_NAME/READ/RECURSIVE
1262 	 */
1263 
1264 	capsysctl = cap_clone(ocapsysctl);
1265 	ATF_REQUIRE(capsysctl != NULL);
1266 
1267 	limit = cap_sysctl_limit_init(capsysctl);
1268 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1269 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1270 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1271 	limit = cap_sysctl_limit_init(capsysctl);
1272 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1273 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1274 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1275 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1276 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1277 	limit = cap_sysctl_limit_init(capsysctl);
1278 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1279 	    CAP_SYSCTL_READ | CAP_SYSCTL_RECURSIVE);
1280 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1281 	limit = cap_sysctl_limit_init(capsysctl);
1282 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1283 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
1284 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1285 	limit = cap_sysctl_limit_init(capsysctl);
1286 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1287 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1288 
1289 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_READ0);
1290 
1291 	cap_close(capsysctl);
1292 
1293 	/*
1294 	 * Allow:
1295 	 * SYSCTL0_PARENT/WRITE/RECURSIVE
1296 	 */
1297 
1298 	capsysctl = cap_clone(ocapsysctl);
1299 	ATF_REQUIRE(capsysctl != NULL);
1300 
1301 	limit = cap_sysctl_limit_init(capsysctl);
1302 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1303 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1304 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1305 	limit = cap_sysctl_limit_init(capsysctl);
1306 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1307 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1308 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1309 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1310 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1311 	limit = cap_sysctl_limit_init(capsysctl);
1312 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1313 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1314 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1315 	limit = cap_sysctl_limit_init(capsysctl);
1316 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
1317 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1318 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1319 	limit = cap_sysctl_limit_init(capsysctl);
1320 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1321 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1322 
1323 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL0_WRITE);
1324 
1325 	cap_close(capsysctl);
1326 
1327 	/*
1328 	 * Allow:
1329 	 * SYSCTL1_NAME/WRITE/RECURSIVE
1330 	 */
1331 
1332 	capsysctl = cap_clone(ocapsysctl);
1333 	ATF_REQUIRE(capsysctl != NULL);
1334 
1335 	limit = cap_sysctl_limit_init(capsysctl);
1336 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1337 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1338 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1339 	limit = cap_sysctl_limit_init(capsysctl);
1340 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1341 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1342 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1343 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1344 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1345 	limit = cap_sysctl_limit_init(capsysctl);
1346 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1347 	    CAP_SYSCTL_WRITE | CAP_SYSCTL_RECURSIVE);
1348 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1349 	limit = cap_sysctl_limit_init(capsysctl);
1350 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
1351 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
1352 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1353 	limit = cap_sysctl_limit_init(capsysctl);
1354 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
1355 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1356 
1357 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_WRITE);
1358 
1359 	cap_close(capsysctl);
1360 
1361 	/*
1362 	 * Allow:
1363 	 * SYSCTL0_PARENT/RDWR/RECURSIVE
1364 	 */
1365 
1366 	capsysctl = cap_clone(ocapsysctl);
1367 	ATF_REQUIRE(capsysctl != NULL);
1368 
1369 	limit = cap_sysctl_limit_init(capsysctl);
1370 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1371 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1372 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1373 	limit = cap_sysctl_limit_init(capsysctl);
1374 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT,
1375 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1376 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1377 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1378 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1379 	limit = cap_sysctl_limit_init(capsysctl);
1380 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT,
1381 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1382 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1383 	limit = cap_sysctl_limit_init(capsysctl);
1384 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1385 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1386 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1387 	limit = cap_sysctl_limit_init(capsysctl);
1388 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1389 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1390 
1391 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL0_READ0 | SYSCTL0_READ1 |
1392 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE));
1393 
1394 	cap_close(capsysctl);
1395 
1396 	/*
1397 	 * Allow:
1398 	 * SYSCTL1_NAME/RDWR/RECURSIVE
1399 	 */
1400 
1401 	capsysctl = cap_clone(ocapsysctl);
1402 	ATF_REQUIRE(capsysctl != NULL);
1403 
1404 	limit = cap_sysctl_limit_init(capsysctl);
1405 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1406 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1407 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1408 	limit = cap_sysctl_limit_init(capsysctl);
1409 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1410 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1411 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME,
1412 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1413 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1414 	limit = cap_sysctl_limit_init(capsysctl);
1415 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME,
1416 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1417 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1418 	limit = cap_sysctl_limit_init(capsysctl);
1419 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1420 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
1421 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1422 	limit = cap_sysctl_limit_init(capsysctl);
1423 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1424 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1425 
1426 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 |
1427 	    SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE));
1428 
1429 	cap_close(capsysctl);
1430 
1431 	/*
1432 	 * Allow:
1433 	 * SYSCTL0_PARENT/READ
1434 	 */
1435 
1436 	capsysctl = cap_clone(ocapsysctl);
1437 	ATF_REQUIRE(capsysctl != NULL);
1438 
1439 	limit = cap_sysctl_limit_init(capsysctl);
1440 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1441 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1442 	limit = cap_sysctl_limit_init(capsysctl);
1443 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_READ);
1444 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1445 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1446 	limit = cap_sysctl_limit_init(capsysctl);
1447 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_READ);
1448 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1449 
1450 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
1451 
1452 	cap_close(capsysctl);
1453 
1454 	/*
1455 	 * Allow:
1456 	 * SYSCTL1_NAME/READ
1457 	 */
1458 
1459 	capsysctl = cap_clone(ocapsysctl);
1460 	ATF_REQUIRE(capsysctl != NULL);
1461 
1462 	limit = cap_sysctl_limit_init(capsysctl);
1463 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
1464 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1465 	limit = cap_sysctl_limit_init(capsysctl);
1466 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1467 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_READ);
1468 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1469 	limit = cap_sysctl_limit_init(capsysctl);
1470 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_READ);
1471 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1472 
1473 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_READ0);
1474 
1475 	cap_close(capsysctl);
1476 
1477 	/*
1478 	 * Allow:
1479 	 * SYSCTL0_PARENT/WRITE
1480 	 */
1481 
1482 	capsysctl = cap_clone(ocapsysctl);
1483 	ATF_REQUIRE(capsysctl != NULL);
1484 
1485 	limit = cap_sysctl_limit_init(capsysctl);
1486 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
1487 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1488 	limit = cap_sysctl_limit_init(capsysctl);
1489 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_WRITE);
1490 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1491 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1492 	limit = cap_sysctl_limit_init(capsysctl);
1493 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_WRITE);
1494 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1495 
1496 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
1497 
1498 	cap_close(capsysctl);
1499 
1500 	/*
1501 	 * Allow:
1502 	 * SYSCTL1_NAME/WRITE
1503 	 */
1504 
1505 	capsysctl = cap_clone(ocapsysctl);
1506 	ATF_REQUIRE(capsysctl != NULL);
1507 
1508 	limit = cap_sysctl_limit_init(capsysctl);
1509 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
1510 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1511 	limit = cap_sysctl_limit_init(capsysctl);
1512 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
1513 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_WRITE);
1514 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1515 	limit = cap_sysctl_limit_init(capsysctl);
1516 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_WRITE);
1517 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1518 
1519 	ATF_REQUIRE(checkcaps(capsysctl) == SYSCTL1_WRITE);
1520 
1521 	cap_close(capsysctl);
1522 
1523 	/*
1524 	 * Allow:
1525 	 * SYSCTL0_PARENT/RDWR
1526 	 */
1527 
1528 	capsysctl = cap_clone(ocapsysctl);
1529 	ATF_REQUIRE(capsysctl != NULL);
1530 
1531 	limit = cap_sysctl_limit_init(capsysctl);
1532 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
1533 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1534 	limit = cap_sysctl_limit_init(capsysctl);
1535 	(void)cap_sysctl_limit_name(limit, SYSCTL0_PARENT, CAP_SYSCTL_RDWR);
1536 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
1537 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1538 	limit = cap_sysctl_limit_init(capsysctl);
1539 	(void)cap_sysctl_limit_name(limit, SYSCTL1_PARENT, CAP_SYSCTL_RDWR);
1540 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1541 
1542 	ATF_REQUIRE(checkcaps(capsysctl) == 0);
1543 
1544 	cap_close(capsysctl);
1545 
1546 	/*
1547 	 * Allow:
1548 	 * SYSCTL1_NAME/RDWR
1549 	 */
1550 
1551 	capsysctl = cap_clone(ocapsysctl);
1552 	ATF_REQUIRE(capsysctl != NULL);
1553 
1554 	limit = cap_sysctl_limit_init(capsysctl);
1555 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
1556 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1557 	limit = cap_sysctl_limit_init(capsysctl);
1558 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
1559 	(void)cap_sysctl_limit_name(limit, SYSCTL1_NAME, CAP_SYSCTL_RDWR);
1560 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1561 	limit = cap_sysctl_limit_init(capsysctl);
1562 	(void)cap_sysctl_limit_name(limit, SYSCTL0_NAME, CAP_SYSCTL_RDWR);
1563 	ATF_REQUIRE(cap_sysctl_limit(limit) == -1 && errno == ENOTCAPABLE);
1564 
1565 	ATF_REQUIRE(checkcaps(capsysctl) == (SYSCTL1_READ0 | SYSCTL1_READ1 |
1566 	    SYSCTL1_READ2 | SYSCTL1_WRITE | SYSCTL1_READ_WRITE));
1567 
1568 	cap_close(capsysctl);
1569 }
1570 ATF_TC_CLEANUP(cap_sysctl__names, tc)
1571 {
1572 	cleanup();
1573 }
1574 
1575 ATF_TC_WITH_CLEANUP(cap_sysctl__no_limits);
1576 ATF_TC_HEAD(cap_sysctl__no_limits, tc)
1577 {
1578 }
1579 ATF_TC_BODY(cap_sysctl__no_limits, tc)
1580 {
1581 	cap_channel_t *capsysctl;
1582 
1583 	capsysctl = initcap();
1584 
1585 	ATF_REQUIRE_EQ(checkcaps(capsysctl), (SYSCTL0_READ0 | SYSCTL0_READ1 |
1586 	    SYSCTL0_READ2 | SYSCTL0_WRITE | SYSCTL0_READ_WRITE |
1587 	    SYSCTL1_READ0 | SYSCTL1_READ1 | SYSCTL1_READ2 | SYSCTL1_WRITE |
1588 	    SYSCTL1_READ_WRITE));
1589 }
1590 ATF_TC_CLEANUP(cap_sysctl__no_limits, tc)
1591 {
1592 	cleanup();
1593 }
1594 
1595 ATF_TC_WITH_CLEANUP(cap_sysctl__recursive_limits);
1596 ATF_TC_HEAD(cap_sysctl__recursive_limits, tc)
1597 {
1598 }
1599 ATF_TC_BODY(cap_sysctl__recursive_limits, tc)
1600 {
1601 	cap_channel_t *capsysctl, *ocapsysctl;
1602 	void *limit;
1603 	size_t len;
1604 	int mib[2], val = 420;
1605 
1606 	len = nitems(mib);
1607 	ATF_REQUIRE(sysctlnametomib(SYSCTL0_NAME, mib, &len) == 0);
1608 
1609 	ocapsysctl = initcap();
1610 
1611 	/*
1612 	 * Make sure that we match entire components.
1613 	 */
1614 	capsysctl = cap_clone(ocapsysctl);
1615 	ATF_REQUIRE(capsysctl != NULL);
1616 
1617 	limit = cap_sysctl_limit_init(capsysctl);
1618 	(void)cap_sysctl_limit_name(limit, "ker",
1619 	    CAP_SYSCTL_RDWR | CAP_SYSCTL_RECURSIVE);
1620 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1621 
1622 	ATF_REQUIRE_ERRNO(ENOTCAPABLE, cap_sysctlbyname(capsysctl, SYSCTL0_NAME,
1623 	    NULL, NULL, &val, sizeof(val)));
1624 	ATF_REQUIRE_ERRNO(ENOTCAPABLE, cap_sysctl(capsysctl, mib, len,
1625 	    NULL, NULL, &val, sizeof(val)));
1626 
1627 	cap_close(capsysctl);
1628 
1629 	/*
1630 	 * Verify that we check for CAP_SYSCTL_RECURSIVE.
1631 	 */
1632 	capsysctl = cap_clone(ocapsysctl);
1633 	ATF_REQUIRE(capsysctl != NULL);
1634 
1635 	limit = cap_sysctl_limit_init(capsysctl);
1636 	(void)cap_sysctl_limit_name(limit, "kern", CAP_SYSCTL_RDWR);
1637 	ATF_REQUIRE(cap_sysctl_limit(limit) == 0);
1638 
1639 	ATF_REQUIRE_ERRNO(ENOTCAPABLE, cap_sysctlbyname(capsysctl, SYSCTL0_NAME,
1640 	    NULL, NULL, &val, sizeof(val)));
1641 	ATF_REQUIRE_ERRNO(ENOTCAPABLE, cap_sysctl(capsysctl, mib, len,
1642 	    NULL, NULL, &val, sizeof(val)));
1643 
1644 	cap_close(capsysctl);
1645 }
1646 ATF_TC_CLEANUP(cap_sysctl__recursive_limits, tc)
1647 {
1648 	cleanup();
1649 }
1650 
1651 ATF_TC_WITH_CLEANUP(cap_sysctl__just_size);
1652 ATF_TC_HEAD(cap_sysctl__just_size, tc)
1653 {
1654 }
1655 ATF_TC_BODY(cap_sysctl__just_size, tc)
1656 {
1657 	cap_channel_t *capsysctl;
1658 	size_t len;
1659 	int mib0[2];
1660 
1661 	capsysctl = initcap();
1662 
1663 	len = nitems(mib0);
1664 	ATF_REQUIRE(sysctlnametomib(SYSCTL0_NAME, mib0, &len) == 0);
1665 
1666 	ATF_REQUIRE(cap_sysctlbyname(capsysctl, SYSCTL0_NAME,
1667 	    NULL, &len, NULL, 0) == 0);
1668 	ATF_REQUIRE(len == sizeof(int));
1669 	ATF_REQUIRE(cap_sysctl(capsysctl, mib0, nitems(mib0),
1670 	    NULL, &len, NULL, 0) == 0);
1671 	ATF_REQUIRE(len == sizeof(int));
1672 
1673 	cap_close(capsysctl);
1674 }
1675 ATF_TC_CLEANUP(cap_sysctl__just_size, tc)
1676 {
1677 	cleanup();
1678 }
1679 
1680 ATF_TP_ADD_TCS(tp)
1681 {
1682 	ATF_TP_ADD_TC(tp, cap_sysctl__operation);
1683 	ATF_TP_ADD_TC(tp, cap_sysctl__names);
1684 	ATF_TP_ADD_TC(tp, cap_sysctl__no_limits);
1685 	ATF_TP_ADD_TC(tp, cap_sysctl__recursive_limits);
1686 	ATF_TP_ADD_TC(tp, cap_sysctl__just_size);
1687 
1688 	return (atf_no_error());
1689 }
1690