From 7533652025eb80bc769f019ba6cb82c4f500443d Mon Sep 17 00:00:00 2001
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
Date: Wed, 14 Mar 2007 13:09:59 +0000
Subject: [PATCH] Don't deny mounting for jailed processes immediately, allow
 prison_priv_check() to decide what to do.

This change is suppose not to change current (security) behaviour
in any way.

Reviewed by:	rwatson
---
 sys/kern/vfs_mount.c | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/sys/kern/vfs_mount.c b/sys/kern/vfs_mount.c
index 38bd924309b..5778c9ca601 100644
--- a/sys/kern/vfs_mount.c
+++ b/sys/kern/vfs_mount.c
@@ -815,9 +815,7 @@ vfs_domount(
 	if (strlen(fstype) >= MFSNAMELEN || strlen(fspath) >= MNAMELEN)
 		return (ENAMETOOLONG);
 
-	if (jailed(td->td_ucred))
-		return (EPERM);
-	if (usermount == 0) {
+	if (jailed(td->td_ucred) || usermount == 0) {
 		if ((error = priv_check(td, PRIV_VFS_MOUNT)) != 0)
 			return (error);
 	}