Always disable mount and unmount for jails with enforce_statfs==2.

A working statfs(2) is required for umount(8) in jail. Reviewed by: pjd, kib Approved by: re (kib) MFC after: 2 weeks
author: mm <mm@FreeBSD.org> 2011-08-02 19:44:40 +0000
committer: mm <mm@FreeBSD.org> 2011-08-02 19:44:40 +0000
commit: 2c26b14138e83cc617676a473fbfdf15958d3b1e (patch)
tree: e5767c30250e3e129d33b81be0709f2e1eda9ade /sys/kern/kern_jail.c
parent: a1639c8fd44b7049b1a784f1d4c3e8d740972480 (diff)
download: FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.zip
FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c
index 584334a..050563b 100644
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@@ -3858,7 +3858,8 @@ prison_priv_check(struct ucred *cred, int priv)
 	case PRIV_VFS_UNMOUNT:
 	case PRIV_VFS_MOUNT_NONUSER:
 	case PRIV_VFS_MOUNT_OWNER:
-		if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT)
+		if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT &&
+		    cred->cr_prison->pr_enforce_statfs < 2)
 			return (0);
 		else
 			return (EPERM);
author	mm <mm@FreeBSD.org>	2011-08-02 19:44:40 +0000
committer	mm <mm@FreeBSD.org>	2011-08-02 19:44:40 +0000
commit	2c26b14138e83cc617676a473fbfdf15958d3b1e (patch)
tree	e5767c30250e3e129d33b81be0709f2e1eda9ade /sys/kern/kern_jail.c
parent	a1639c8fd44b7049b1a784f1d4c3e8d740972480 (diff)
download	FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.zip FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.tar.gz