Hello.
Initiated mutex for prison isn't destroyed on error.
Kernel will on every error.
Here You got patch for this:
--- kern_jail.c.origFri Dec 20 15:11:10 2002
+++ kern_jail.c Fri Dec 20 15:14:03 2002
@@ -103,6 +103,7 @@
PROC_UNLOCK(p);
crfree(newcred);
bail:
+ mtx_destroy(pr-pr_mtx);
FREE(pr, M_PRISON);
return (error);
}
---
BTW. Maybe is time to implement jail with more features?
Multiple ips, protecting statfs-like calls or even multi level jail?
As multi level jail I understand jail created in jail, etc.
--
Pawel Jakub Dawidek
UNIX Systems Administrator
http://garage.freebsd.pl
Am I Evil? Yes, I Am.
msg49120/pgp0.pgp
Description: PGP signature