Always disable mount and unmount for jails with enforce_statfs==2.

A working statfs(2) is required for umount(8) in jail. Reviewed by: pjd, kib Approved by: re (kib) MFC after: 2 weeks
svn path=/head/; revision=224615
2011-08-02 19:44:40 +00:00 · 2011-08-02 19:44:40 +00:00 · 435d46675d · 2020-12-20 02:59:44 +00:00
commit 435d46675d
parent f6c1d63e47
2 changed files with 9 additions and 3 deletions
--- a/sys/kern/kern_jail.c
+++ b/sys/kern/kern_jail.c
@ -3858,7 +3858,8 @@ prison_priv_check(struct ucred *cred, int priv)
 	case PRIV_VFS_UNMOUNT:
 	case PRIV_VFS_MOUNT_NONUSER:
 	case PRIV_VFS_MOUNT_OWNER:
-		if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT)
+		if (cred->cr_prison->pr_allow & PR_ALLOW_MOUNT &&
+		    cred->cr_prison->pr_enforce_statfs < 2)
 			return (0);
 		else
 			return (EPERM);
--- a/usr.sbin/jail/jail.8
+++ b/usr.sbin/jail/jail.8
@ -393,6 +393,9 @@ The
 .Xr lsvfs 1
 command can be used to find file system types available for mount from
 within a jail.
+This permission is effective only if
+.Va enforce_statfs
+is set to a value lower than 2.
 .It Va allow.quotas
 The prison root may administer quotas on the jail's filesystem(s).
 This includes filesystems that the jail may share with other jails or
@ -746,9 +749,11 @@ It is not possible to
 or
 .Xr umount 8
 any file system inside a jail unless the file system is marked
-jail-friendly and the jail's
+jail-friendly, the jail's
 .Va allow.mount
-parameter is set.
+parameter is set and the jail's
+.Va enforce_statfs
+parameter is lower than 2.
 .Pp
 Multiple jails sharing the same file system can influence each other.
 For example a user in one jail can fill the file system also