jail: consistently populate the KP_JID and KP_NAME parameters
ClosedPublic
Actions

Authored by kevans on Jul 24 2025, 6:38 PM.

Details

Reviewers

Group Reviewers

Jails
tests

Commits

rG02944d8c4969: jail: consistently populate the KP_JID and KP_NAME parameters

Summary

The gaps here, specifically, were:

When we have to discover a running jail's jid from name, we should populate the missing jid param
When we populate jid/name from the config, if the name is a jid we wouldn't populate the name; now we do both.
When we create a jail, we should populate jid and name with whatever details we have now that we didn't both.

As a consequence, we can cleanup a few things:

vnet.interface and zfs.dataset can just always the jid
Trying to populate JNAME should always work now, where it would be a little crashy before if you create a jail that didn't have a name or jid on the command line
We can simplify the just-prior JID population now that we'll keep a stringified jid in our intparams.

This primarily fixes the below, but the issues with vnet.interface and
zfs.dataset were pre-existing.

Fixes: d8f021add40c3 ("jail: add JID, JNAME and JPATH to env [...]")

Diff Detail

Repository

rG FreeBSD src repository

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

kevans created this revision.Jul 24 2025, 6:38 PM

Herald added a subscriber: imp. · View Herald TranscriptJul 24 2025, 6:38 PM

kevans requested review of this revision.Jul 24 2025, 6:38 PM

Harbormaster completed remote builds in B65668: Diff 159020.Jul 24 2025, 6:38 PM

kevans added a parent revision: D51501: jail: tests: cleanup the commands test a bit.Jul 24 2025, 6:38 PM

jamie added inline comments.Jul 25 2025, 5:18 PM

usr.sbin/jail/config.c
165–166	This breaks "they may explicitly be set later on." This little config file will yield 'cannot redefine parameter "name".' 47 { name=foo; persist; } This could be moved after the "collect parameters" section. Then you can test and silently ignore if the name was already set.

kevans added inline comments.Jul 25 2025, 7:48 PM

usr.sbin/jail/config.c
165–166	Oh, interesting; I guess I assumed from the comment that was already there that this one would simply be overwritten if it was specified later. I'll add some more tests and fix it.

Fix name-override bit

This uses my proposed jls -c from https://reviews.freebsd.org/D51541, but I'll
happily unwind that if we don't like the idea of -c.

Harbormaster completed remote builds in B65736: Diff 159149.Jul 25 2025, 9:29 PM

jamie added inline comments.Jul 25 2025, 10:54 PM

usr.sbin/jail/config.c
190	I think namep is redundant, since the only reason for intparams[KP_NAME] to be unset is the same condition that sets namep=KP_JID (that j->name was numeric).

kevans added inline comments.Jul 26 2025, 1:05 AM

usr.sbin/jail/config.c
190	Oh, good point.

Revert more of the config.c diff; amending the comment and checking for KP_NAME
later is sufficient.

Harbormaster completed remote builds in B65746: Diff 159165.Jul 26 2025, 1:13 AM

kevans marked 2 inline comments as done.Jul 26 2025, 1:15 AM

jamie accepted this revision.Jul 26 2025, 2:38 AM

This revision is now accepted and ready to land.Jul 26 2025, 2:38 AM

Closed by commit rG02944d8c4969: jail: consistently populate the KP_JID and KP_NAME parameters (authored by kevans). · Explain WhyJul 26 2025, 3:15 AM

This revision was automatically updated to reflect the committed changes.

kevans added a commit: rG02944d8c4969: jail: consistently populate the KP_JID and KP_NAME parameters.

I was writing tests and found

# jail -vc vnet vnet.interface=epair0a persist
jail_set(JAIL_CREATE) vnet=new persist
created
run command: /sbin/ifconfig epair0a vnet
ifconfig: 'vnet' requires argument
jail: /sbin/ifconfig epair0a vnet: failed
removed
jail -c vnet vnet.interface=epair0a persist

does not work on stable/14.

Nice fix !

In D51502#1295042, @zlei wrote:

I was writing tests and found

# jail -vc vnet vnet.interface=epair0a persist
jail_set(JAIL_CREATE) vnet=new persist
created
run command: /sbin/ifconfig epair0a vnet
ifconfig: 'vnet' requires argument
jail: /sbin/ifconfig epair0a vnet: failed
removed
jail -c vnet vnet.interface=epair0a persist

does not work on stable/14.

Nice fix !

I had considered MFC but decided not to only because it was a reaction to the Fixes commit. There's clear value outside of that, but I didn't think it'd be 'enough' since I hadn't seen any complaints about it.

That said, I don't really object and can merge it today if that would be useful. It just needs b81fd3fc8b20eaad64b5c41826432124fd92d6a7 to go along with it.