The branch main has been updated by oshogbo: URL: https://cgit.FreeBSD.org/src/commit/?id=394f8ff461e69e30c36570618bb24fd474856f6a
commit 394f8ff461e69e30c36570618bb24fd474856f6a Author: Mariusz Zaborski <[email protected]> AuthorDate: 2026-05-15 12:31:31 +0000 Commit: Mariusz Zaborski <[email protected]> CommitDate: 2026-05-15 17:38:44 +0000 jail: replace PR_ALLOW_ALL_STATIC hex constant with symbolic OR No functional change intended. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D57014 --- sys/sys/jail.h | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/sys/sys/jail.h b/sys/sys/jail.h index 5ac4c5f9008d..c0ad53eec3cf 100644 --- a/sys/sys/jail.h +++ b/sys/sys/jail.h @@ -280,7 +280,15 @@ struct prison_racct { * build time. PR_ALLOW_ALL_STATIC should contain any bit above that we expect * to be used on the system, while PR_ALLOW_PRISON0 will be some subset of that. */ -#define PR_ALLOW_ALL_STATIC 0x00ff87ff +#define PR_ALLOW_ALL_STATIC \ + (PR_ALLOW_SET_HOSTNAME | PR_ALLOW_SYSVIPC | PR_ALLOW_RAW_SOCKETS | \ + PR_ALLOW_CHFLAGS | PR_ALLOW_MOUNT | PR_ALLOW_QUOTAS | \ + PR_ALLOW_SOCKET_AF | PR_ALLOW_MLOCK | PR_ALLOW_READ_MSGBUF | \ + PR_ALLOW_UNPRIV_DEBUG | PR_ALLOW_SUSER | PR_ALLOW_RESERVED_PORTS | \ + PR_ALLOW_KMEM_ACCESS | PR_ALLOW_NFSD | PR_ALLOW_EXTATTR | \ + PR_ALLOW_ADJTIME | PR_ALLOW_SETTIME | PR_ALLOW_ROUTING | \ + PR_ALLOW_UNPRIV_PARENT_TAMPER | PR_ALLOW_SETAUDIT) + #define PR_ALLOW_PRISON0 \ (PR_ALLOW_ALL_STATIC & ~(PR_ALLOW_UNPRIV_PARENT_TAMPER))
