Gentoo's sandbox triggers at random points a deadlock in FreeBSD 6.1-RELEASE and 6-STABLE in devfs code resulting in the system being unable to touch the filesystem. There is a patch as a result of my bug report to upstream fixing this deadlock which will be applied to both -CURRENT and 6-STABLE. If we want people to enable sandbox under FreeBSD we should be patching freebsd-sources with this patch until 6.2 gets released. Note that the author of the patch, Konstantin Belousov, says "this trades the deadlock for a race at unmount time", which is however much better than the current state of things. Dirty details: http://www.freebsd.org/cgi/query-pr.cgi?pr=102335 http://marc.theaimsgroup.com/?l=freebsd-hackers&m=115592944408531&w=2 http://unleashed.amule.org/soc/2006/07/15/deadlock-driving-me-mad/ http://unleashed.amule.org/soc/2006/09/04/deadlock-dies/ Patch against 6.1-RELEASE to follow as attachment. In the FreeBSD link you can find a patch against -CURRENT.
Created attachment 95973 [details, diff] Patch against 6.1-RELEASE fixing the deadlock (but racing at unmount time)
Added in 6.1-r4.
