1 files changed, 6 insertions, 6 deletions

diff --git a/sys/kern/subr_acl_posix1e.c b/sys/kern/subr_acl_posix1e.c
index 01e5e3ba..7beca5c 100644
--- a/sys/kern/subr_acl_posix1e.c
+++ b/sys/kern/subr_acl_posix1e.c
@@ -92,7 +92,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid,
 	 * a DAC entry that matches but has failed to allow access.
 	 */
 #ifndef CAPABILITIES
-	if (suser_cred(cred, PRISON_ROOT) == 0)
+	if (suser_cred(cred, SUSER_ALLOWJAIL) == 0)
 		cap_granted = VALLPERM;
 	else
 		cap_granted = 0;
@@ -101,24 +101,24 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid,
 
 	if (type == VDIR) {
 		if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
-		     CAP_DAC_READ_SEARCH, PRISON_ROOT))
+		     CAP_DAC_READ_SEARCH, SUSER_ALLOWJAIL))
 			cap_granted |= VEXEC;
 	} else {
 		if ((acc_mode & VEXEC) && !cap_check(cred, NULL,
-		    CAP_DAC_EXECUTE, PRISON_ROOT))
+		    CAP_DAC_EXECUTE, SUSER_ALLOWJAIL))
 			cap_granted |= VEXEC;
 	}
 
 	if ((acc_mode & VREAD) && !cap_check(cred, NULL, CAP_DAC_READ_SEARCH,
-	    PRISON_ROOT))
+	    SUSER_ALLOWJAIL))
 		cap_granted |= VREAD;
 
 	if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) &&
-	    !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT))
+	    !cap_check(cred, NULL, CAP_DAC_WRITE, SUSER_ALLOWJAIL))
 		cap_granted |= (VWRITE | VAPPEND);
 
 	if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER,
-	    PRISON_ROOT))
+	    SUSER_ALLOWJAIL))
 		cap_granted |= VADMIN;
 #endif /* CAPABILITIES */