From owner-p4-projects@FreeBSD.ORG  Thu May 31 14:33:34 2007
Return-Path: <owner-p4-projects@FreeBSD.ORG>
X-Original-To: p4-projects@freebsd.org
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 9123616A468; Thu, 31 May 2007 14:33:34 +0000 (UTC)
X-Original-To: perforce@freebsd.org
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 4DEE016A41F
	for <perforce@freebsd.org>; Thu, 31 May 2007 14:33:34 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [69.147.83.41])
	by mx1.freebsd.org (Postfix) with ESMTP id 3FE7E13C447
	for <perforce@freebsd.org>; Thu, 31 May 2007 14:33:34 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.8/8.13.8) with ESMTP id l4VEXYOH027769
	for <perforce@freebsd.org>; Thu, 31 May 2007 14:33:34 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.13.8/8.13.8/Submit) id l4VEXYPH027763
	for perforce@freebsd.org; Thu, 31 May 2007 14:33:34 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Thu, 31 May 2007 14:33:34 GMT
Message-Id: <200705311433.l4VEXYPH027763@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Cc: 
Subject: PERFORCE change 120666 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 31 May 2007 14:33:34 -0000

http://perforce.freebsd.org/chv.cgi?CH=120666

Change 120666 by rwatson@rwatson_zoo on 2007/05/31 14:33:06

	No more SUSER_ALLOWJAIL.

Affected files ...

.. //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#6 edit

Differences ...

==== //depot/projects/trustedbsd/priv/sys/kern/kern_priv.c#6 (text+ko) ====

@@ -77,18 +77,8 @@
 	/*
 	 * Jail policy will restrict certain privileges that may otherwise be
 	 * be granted.
-	 *
-	 * While debugging the transition from SUSER_ALLOWJAIL to Jail being
-	 * aware of specific privileges, perform run-time checking that the
-	 * two versions of the policy align.  This assertion will go away
-	 * once the SUSER_ALLOWJAIL flag has gone away.
 	 */
 	error = prison_priv_check(cred, priv);
-#ifdef NOTYET
-	KASSERT(!jailed(cred) || error == ((flags & SUSER_ALLOWJAIL) ? 0 :
-	    EPERM), ("priv_check_cred: prison_priv_check %d but flags %s",
-	    error, flags & SUSER_ALLOWJAIL ? "allowjail" : "!allowjail"));
-#endif
 	if (error)
 		return (error);