Home abi bus cachefiles coda crypto csky debug dev fs kernel net s390 s390dbf sunrpc user vm xen xpc

unprivileged_bpf_disabled

file: /proc/sys/kernel/unprivileged_bpf_disabled
variable: kernel.unprivileged_bpf_disabled
Official reference

Writing 1 to this entry will disable unprivileged calls to bpf(); once disabled, calling bpf() without CAP_SYS_ADMIN or CAP_BPF will return -EPERM. Once set to 1, this can’t be cleared from the running kernel anymore.

Writing 2 to this entry will also disable unprivileged calls to bpf(), however, an admin can still change this setting later on, if needed, by writing 0 or 1 to this entry.

If BPF_UNPRIV_DEFAULT_OFF is enabled in the kernel config, then this entry will default to 2 instead of 0.

= =============================================================
0 Unprivileged calls to ``bpf()`` are enabled
1 Unprivileged calls to ``bpf()`` are disabled without recovery
2 Unprivileged calls to ``bpf()`` are disabled
= =============================================================
man/info ubuntu man lkml redhat kb github google source

Last update: 2026-03-30 12:00:00 UTC
Parsed kernel version 6.18 from git

Sysctl Explorer is available under the GPL-2.0.
Kernel documentation © the Linux kernel authors.
Linux® is a registered trademark of Linus Torvalds.

Updated by Ilya Vasilyev aka Nadz Goldman from Arviol ( vStack dep. ), ITG