acpiconf -s 4 in a jail sends the host to sleep -- this should not be possible from a jail.
Can you show the contents of /dev/ inside the jail?
It's the same as the base host, except /var/log/. So I guess it's time to add devfs_ruleset=4 to the jail start ?
ups, /dev/log, not /var/log
(In reply to Kurt Jaeger from comment #3) Yeah, I don't think this is a bug, merely a mis-configuration.
(In reply to Steve Wills from comment #4) Hm, seems like a bug to me. Why should jail root ever be allowed to suspend the host?
In fact, /dev/acpi (sys/dev/acpica/acpic.c acpiopen(), acpiioctl()) does not priv_check() at all! Only validates that the user was able to open the device writable (i.e., Unix permissions, which are not sufficient for jailing root).
(In reply to Conrad Meyer from comment #6) Jails are not about user(s) (and never was). It's about devices in /dev/. Once you give a jail full /dev/ then users in jail can do whatever they like. Similar to host.
(In reply to Miroslav Lachman from comment #7) That is not true. See priv_check_cred() / prison_priv_check(). Root in jails is constrained beyond root on host, even with /dev access.
(In reply to Conrad Meyer from comment #8) Then I guess once this bug is fixed, we need to remove the devfs rules for jails, since they won't be needed.
(In reply to Steve Wills from comment #9) Please don't be snarky :( -- we're all trying to make FreeBSD better. No, priv_check does not obsolete devfs rulesets. devfs rulesets are still necessary for configuring access at runtime, or per-jail configurations -- so not everything can be covered by {prison_,}priv_check. That said, I don't see any legitimate need (or use) for a jail to be able to ACPI sleep the host. Do you? I think this is one that can be safely disabled for all jails via the {prison_,}priv_check mechanism.
(In reply to Conrad Meyer from comment #10) Sorry, I guess I misunderstood your comment.