Date: Sun, 8 Aug 2010 23:22:55 +0000 (UTC) From: Jamie Gritton <jamie@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r211085 - head/sys/kern Message-ID: <201008082322.o78NMtIG008080@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jamie Date: Sun Aug 8 23:22:55 2010 New Revision: 211085 URL: http://svn.freebsd.org/changeset/base/211085 Log: Back out r210974. Any convenience of not typing "persist" is outweighed by the possibility of unintended partially-formed jails. Modified: head/sys/kern/kern_jail.c Modified: head/sys/kern/kern_jail.c ============================================================================== --- head/sys/kern/kern_jail.c Sun Aug 8 21:04:27 2010 (r211084) +++ head/sys/kern/kern_jail.c Sun Aug 8 23:22:55 2010 (r211085) @@ -599,8 +599,6 @@ kern_jail_set(struct thread *td, struct vfs_flagopt(opts, pr_flag_names[fi], &pr_flags, 1 << fi); vfs_flagopt(opts, pr_flag_nonames[fi], &ch_flags, 1 << fi); } - if ((flags & (JAIL_CREATE | JAIL_UPDATE | JAIL_ATTACH)) == JAIL_CREATE) - pr_flags |= PR_PERSIST; ch_flags |= pr_flags; for (fi = 0; fi < sizeof(pr_flag_jailsys) / sizeof(pr_flag_jailsys[0]); fi++) { @@ -630,6 +628,12 @@ kern_jail_set(struct thread *td, struct ch_flags |= pr_flag_jailsys[fi].new | pr_flag_jailsys[fi].disable; } + if ((flags & (JAIL_CREATE | JAIL_UPDATE | JAIL_ATTACH)) == JAIL_CREATE + && !(pr_flags & PR_PERSIST)) { + error = EINVAL; + vfs_opterror(opts, "new jail must persist or attach"); + goto done_errmsg; + } #ifdef VIMAGE if ((flags & JAIL_UPDATE) && (ch_flags & PR_VNET)) { error = EINVAL;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201008082322.o78NMtIG008080>