mlock and jail

Bruno Lauzé brunolauze at
Wed Feb 1 23:53:42 UTC 2017

I would like to ask if there is a reason I would have to applythe  patch below to make an application work in a jail.
And who's bad? the app too intrusive or the bsd not flexible enough (allow.mlock?)

Index: sys/kern/kern_jail.c
--- sys/kern/kern_jail.c        (revision 313033)
+++ sys/kern/kern_jail.c        (working copy)
@@ -3340,6 +3340,11 @@
                return (0);

+        case PRIV_VM_MADV_PROTECT:
+        case PRIV_VM_MLOCK:
+        case PRIV_VM_MUNLOCK:
+                return (0);

More information about the freebsd-current mailing list