From owner-freebsd-questions@freebsd.org  Mon Jan  9 14:31:21 2017
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 486FACA7BEB
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Mon,  9 Jan 2017 14:31:21 +0000 (UTC)
 (envelope-from timp87@gmail.com)
Received: from mail-ua0-x233.google.com (mail-ua0-x233.google.com
 [IPv6:2607:f8b0:400c:c08::233])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 06727172E
 for <freebsd-questions@freebsd.org>; Mon,  9 Jan 2017 14:31:21 +0000 (UTC)
 (envelope-from timp87@gmail.com)
Received: by mail-ua0-x233.google.com with SMTP id i68so358697163uad.0
 for <freebsd-questions@freebsd.org>; Mon, 09 Jan 2017 06:31:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:from:date:message-id:subject:to;
 bh=R6FIYCMQV6kwyGzncaB14bmmfx0dOZ0pZ4uOOevfUlk=;
 b=dD4TCQ7/Qy8bgE45LWuIzAbNHOh8v8Nu67ZGOl3zvuIGnf+2h1kWt/udShF+auS3iD
 4dW8eC5dEuACBvv643VJTM5KM8Z7eNpPpfHIQGC1ERmiwGXxXxU9iX+zoFgYpCk+OKnY
 7Ai0TpfIQl9DhL++MR/S6BzyBDW0OQo9isxE7MfGvoTMKhpTHCzCziAKm6jHLk4s5OTy
 W/9RkSiMV9jAIY1iP1lbfGSyJnnL2Q6C+g36MSHz4uncpFsZmWsYmG1C/3LzQn5SK+VO
 /lPa48u/5AudFuejymXnfXyJeXw7ghGVI5GXXJp8nwHR/7bvOyVuoSHGSV4qksfyHw1W
 rFng==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
 bh=R6FIYCMQV6kwyGzncaB14bmmfx0dOZ0pZ4uOOevfUlk=;
 b=mb+KC+lIzI4w8BsQh0BMZId4iXb8zv+Ulrkd64rwnmvmGlnHTw+h436+05mDugIvbO
 UKy9oUmGiMyOptPDxe2TRFSoPB+Y2/pGQsrr7lnTU+IYSY5GBFz96itPlpYU6gw2T8+8
 sQFD9PZ/4CFPHPFpwGXYftyHwN6R6ycBXPMLhwMlhw6f9dMNXsPn5HCU9UecinyaklPO
 PFBmbkd1kek/46qjrVXvYTrzDLeRUEMvRTl0RfVPfDIZctN2K/gq2oSCrOOSvXguDp4p
 WMdWOTwSAfpGmP+cItDtyDa/ZFr7CcOE6edcelL0pG6Dvj15qAgUfGtGZjHvxCEv9LO6
 4VuQ==
X-Gm-Message-State: AIkVDXLjeKLArHOzxMx2QDUCV6VXGmjOkLg9VLC0y5bDwhDgiQi6gyaqKDuPlZk7vZKGnmPNEe84LlVKoalcVA==
X-Received: by 10.159.34.237 with SMTP id 100mr69245606uan.53.1483972279956;
 Mon, 09 Jan 2017 06:31:19 -0800 (PST)
MIME-Version: 1.0
Received: by 10.176.65.196 with HTTP; Mon, 9 Jan 2017 06:31:19 -0800 (PST)
From: Pavel Timofeev <timp87@gmail.com>
Date: Mon, 9 Jan 2017 17:31:19 +0300
Message-ID: <CAAoTqftm_mMDp27CVXns3FFJwJXAWUeiX0hqq-DQUgZC+=aGRQ@mail.gmail.com>
Subject: How to allow mlock(2) in jail?
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 09 Jan 2017 14:31:21 -0000

Hello!
I'm trying to deploy security/vault in freebsd jail.
Usually this tool locks some memory for security reason.

I can run vault on my bare system without any problems. But in jail it
complains mlock(2) is not available.
So my question is how to allow mlock(2) in jail?

P. S. I know, I can disable mlock(2) use in vault config as workaround.