Date: Thu, 10 Nov 2016 07:05:41 +0000 (UTC) From: Marcelo Araujo <araujo@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r308478 - head/etc Message-ID: <201611100705.uAA75ffM011252@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: araujo Date: Thu Nov 10 07:05:41 2016 New Revision: 308478 URL: https://svnweb.freebsd.org/changeset/base/308478 Log: We can't use protect(1) inside a jail(8)! To avoid have warning for services that are using oomprotect, oomprotect will only be applied on services that won't run inside jails. Reported by: allanjude MFC after: 2 weeks. Modified: head/etc/rc.subr Modified: head/etc/rc.subr ============================================================================== --- head/etc/rc.subr Wed Nov 9 21:51:48 2016 (r308477) +++ head/etc/rc.subr Thu Nov 10 07:05:41 2016 (r308478) @@ -1205,6 +1205,11 @@ $command $rc_flags $command_args" # Apply protect(1) to the PID if ${name}_oomprotect is set. case "$rc_arg" in start) + # We cannot use protect(1) inside jails. + jailed="$(sysctl -n security.jail.jailed)" + if [ ${jailed} -eq 1 ]; then + return $_return + fi if [ -n "$_oomprotect" ]; then if [ -f "${PROTECT}" ]; then pid=$(check_process $command)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201611100705.uAA75ffM011252>