Re: git: 6452fb1e87ed - main - protect.1: Document that protect(1) does not work in jails

In reply to: Eugene Grosbein : "Re: git: 6452fb1e87ed - main - protect.1: Document that protect(1) does not work in jails"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Mateusz Piotrowski <0mp_at_FreeBSD.org>
Date: Tue, 12 Jul 2022 15:22:46 UTC

On 12/07/2022 15:51, Eugene Grosbein wrote:
> 12.07.2022 5:49, Mateusz Piotrowski wrote:
>
>>      protect.1: Document that protect(1) does not work in jails
>>      
>>      The reason is that in order to protect a process procctl(2) needs
>>      the PRIV_VM_MADV_PROTECT privilege, which is currently denied in jails
>>      (see kern_jail.c).
>>
>>
> Does it mean that syslogd_oomprotect="YES" in /etc/defaults/rc.conf is inappropriate for full-blown jail
> and results in failure of syslogd startup in such jail with defaults?
>
>
*_oomprotect is currently silently ignored inside jails. See rc.subr for the implementation and 
recent changes to rc.conf(5) for additional details.

Best,

Mateusz