mlock and jail

Bruno Lauzé brunolauze at msn.com
Wed Feb 1 23:53:42 UTC 2017


I would like to ask if there is a reason I would have to applythe  patch below to make an application work in a jail.
And who's bad? the app too intrusive or the bsd not flexible enough (allow.mlock?)


Index: sys/kern/kern_jail.c
===================================================================
--- sys/kern/kern_jail.c        (revision 313033)
+++ sys/kern/kern_jail.c        (working copy)
@@ -3340,6 +3340,11 @@
        case PRIV_PROC_SETLOGINCLASS:
                return (0);


+        case PRIV_VM_MADV_PROTECT:
+        case PRIV_VM_MLOCK:
+        case PRIV_VM_MUNLOCK:
+                return (0);
+
        default:




More information about the freebsd-current mailing list