svn commit: r308478 - head/etc

Marcelo Araujo araujo at FreeBSD.org
Thu Nov 10 07:05:42 UTC 2016


Author: araujo
Date: Thu Nov 10 07:05:41 2016
New Revision: 308478
URL: https://svnweb.freebsd.org/changeset/base/308478

Log:
  We can't use protect(1) inside a jail(8)!
  To avoid have warning for services that are using oomprotect, oomprotect
  will only be applied on services that won't run inside jails.
  
  Reported by:	allanjude
  MFC after:	2 weeks.

Modified:
  head/etc/rc.subr

Modified: head/etc/rc.subr
==============================================================================
--- head/etc/rc.subr	Wed Nov  9 21:51:48 2016	(r308477)
+++ head/etc/rc.subr	Thu Nov 10 07:05:41 2016	(r308478)
@@ -1205,6 +1205,11 @@ $command $rc_flags $command_args"
 		# Apply protect(1) to the PID if ${name}_oomprotect is set.
 		case "$rc_arg" in
 		start)
+			# We cannot use protect(1) inside jails.
+			jailed="$(sysctl -n security.jail.jailed)"
+			if [ ${jailed} -eq 1 ]; then
+				return $_return
+			fi
 			if [ -n "$_oomprotect" ]; then
 				if [ -f "${PROTECT}" ]; then
 					pid=$(check_process $command)


More information about the svn-src-head mailing list