diff options
author | mm <mm@FreeBSD.org> | 2011-08-02 19:44:40 +0000 |
---|---|---|
committer | mm <mm@FreeBSD.org> | 2011-08-02 19:44:40 +0000 |
commit | 2c26b14138e83cc617676a473fbfdf15958d3b1e (patch) | |
tree | e5767c30250e3e129d33b81be0709f2e1eda9ade /sys/kern/kern_jail.c | |
parent | a1639c8fd44b7049b1a784f1d4c3e8d740972480 (diff) | |
download | FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.zip FreeBSD-src-2c26b14138e83cc617676a473fbfdf15958d3b1e.tar.gz |
Always disable mount and unmount for jails with enforce_statfs==2.
A working statfs(2) is required for umount(8) in jail.
Reviewed by: pjd, kib
Approved by: re (kib)
MFC after: 2 weeks
Diffstat (limited to 'sys/kern/kern_jail.c')
-rw-r--r-- | sys/kern/kern_jail.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sys/kern/kern_jail.c b/sys/kern/kern_jail.c index 584334a..050563b 100644 --- a/sys/kern/kern_jail.c +++ b/sys/kern/kern_jail.c @@ -3858,7 +3858,8 @@ prison_priv_check(struct ucred *cred, int priv) case PRIV_VFS_UNMOUNT: case PRIV_VFS_MOUNT_NONUSER: case PRIV_VFS_MOUNT_OWNER: - if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT) + if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT && + cred->cr_prison->pr_enforce_statfs < 2) return (0); else return (EPERM); |