aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOlivier Certner <olce@FreeBSD.org>2024-07-03 13:49:51 +0000
committerOlivier Certner <olce@FreeBSD.org>2024-12-16 14:42:35 +0000
commitb3f93680e39b90c02ddabdaf98f9c9a669d24c00 (patch)
tree949b5562ad23b5e416373d813d0998eaa5766114
parent53d2e0d4854997005271ee60791ab114bd6e0099 (diff)
MAC/do: Enable changing 'security.mac.do.rules' from a jail
Now that sysctl_rules() has been fixed to behave. Reviewed by: bapt Approved by: markj (mentor) Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D47602
Diffstat
-rw-r--r--sys/security/mac_do/mac_do.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index 98bace7052f6..787790cb2b34 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -331,7 +331,7 @@ out:
}
SYSCTL_PROC(_security_mac_do, OID_AUTO, rules,
- CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_MPSAFE,
+ CTLTYPE_STRING|CTLFLAG_RW|CTLFLAG_PRISON|CTLFLAG_MPSAFE,
0, 0, sysctl_rules, "A",
"Rules");
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-08 01:30:13 +0000