Page MenuHomeFreeBSD
Files F142276156

D50241.diff
No OneTemporary
Actions

D50241.diff
View Options

diff --git a/usr.sbin/ngctl/Makefile b/usr.sbin/ngctl/Makefile
--- a/usr.sbin/ngctl/Makefile
+++ b/usr.sbin/ngctl/Makefile
@@ -13,4 +13,9 @@
CFLAGS+= -DEDITLINE
LIBADD+= edit pthread
+.if ${MK_JAIL} != "no"
+CFLAGS+= -DJAIL
+LIBADD+= jail
+.endif
+
.include <bsd.prog.mk>
diff --git a/usr.sbin/ngctl/main.c b/usr.sbin/ngctl/main.c
--- a/usr.sbin/ngctl/main.c
+++ b/usr.sbin/ngctl/main.c
@@ -55,6 +55,10 @@
#include <histedit.h>
#include <pthread.h>
#endif
+#ifdef JAIL
+#include <sys/jail.h>
+#include <jail.h>
+#endif
#include <netgraph.h>
@@ -137,16 +141,17 @@
int
main(int ac, char *av[])
{
- char name[NG_NODESIZ];
- int interactive = isatty(0) && isatty(1);
- FILE *fp = NULL;
- int ch, rtn = 0;
+ char name[NG_NODESIZ];
+ int interactive = isatty(0) && isatty(1);
+ FILE *fp = NULL;
+ const char *jail_name = NULL;
+ int ch, rtn = 0;
/* Set default node name */
snprintf(name, sizeof(name), "ngctl%d", getpid());
/* Parse command line */
- while ((ch = getopt(ac, av, "df:n:")) != -1) {
+ while ((ch = getopt(ac, av, "df:j:n:")) != -1) {
switch (ch) {
case 'd':
NgSetDebug(NgSetDebug(-1) + 1);
@@ -157,6 +162,13 @@
else if ((fp = fopen(optarg, "r")) == NULL)
err(EX_NOINPUT, "%s", optarg);
break;
+ case 'j':
+#ifdef JAIL
+ jail_name = optarg;
+#else
+ errx(EX_UNAVAILABLE, "not built with jail support");
+#endif
+ break;
case 'n':
snprintf(name, sizeof(name), "%s", optarg);
break;
@@ -169,6 +181,22 @@
ac -= optind;
av += optind;
+ if (jail_name != NULL) {
+ int jid;
+
+ if (jail_name[0] == '\0')
+ Usage("invalid jail name");
+
+ jid = jail_getid(jail_name);
+
+ if (jid == -1)
+ errx((errno == EPERM) ? EX_NOPERM : EX_NOHOST,
+ "%s", jail_errmsg);
+ if (jail_attach(jid) != 0)
+ errx((errno == EPERM) ? EX_NOPERM : EX_OSERR,
+ "cannot attach to jail");
+ }
+
/* Create a new socket node */
if (NgMkSockNode(name, &csock, &dsock) < 0)
err(EX_OSERR, "can't create node");
@@ -657,6 +685,7 @@
if (msg)
warnx("%s", msg);
fprintf(stderr,
- "usage: ngctl [-d] [-f file] [-n name] [command ...]\n");
+ "usage: ngctl [-j jail] [-d] [-f filename] [-n nodename] "
+ "[command [argument ...]]\n");
exit(EX_USAGE);
}
diff --git a/usr.sbin/ngctl/ngctl.8 b/usr.sbin/ngctl/ngctl.8
--- a/usr.sbin/ngctl/ngctl.8
+++ b/usr.sbin/ngctl/ngctl.8
@@ -31,7 +31,7 @@
.\" OF SUCH DAMAGE.
.\" $Whistle: ngctl.8,v 1.6 1999/01/20 03:19:44 archie Exp $
.\"
-.Dd January 19, 1999
+.Dd August 29, 2025
.Dt NGCTL 8
.Os
.Sh NAME
@@ -39,9 +39,11 @@
.Nd netgraph control utility
.Sh SYNOPSIS
.Nm
+.Op Fl j Ar jail
.Op Fl d
.Op Fl f Ar filename
.Op Fl n Ar nodename
+.Op Ar command Op Ns Ar argument ...
.Op Ar command ...
.Sh DESCRIPTION
The
@@ -73,12 +75,31 @@
.Pp
The options are as follows:
.Bl -tag -width indent
-.It Fl f Ar nodeinfo
+.It Fl f Ar filename
Read commands from the named file.
A single dash represents the standard input.
Blank lines and lines starting with a
.Dq #
are ignored.
+Note that when the
+.Fl j Ar jail
+option is specified, the file will be opened before attaching to the jail and
+then be processed inside the jail.
+.It Fl j Ar jail
+Perform the actions inside the
+.Ar jail .
+.Pp
+.Nm
+will first attach to the
+.Ar jail
+(by jail id or jail name) before performing the effects.
+.Pp
+This allows netgraph nodes of
+.Ar jail
+to be created, modified, and destroyed even if the
+.Nm
+binary is not available in
+.Ar jail .
.It Fl n Ar nodename
Assign
.Em nodename

File Metadata

Mime Type
text/plain
Expires
Mon, Jan 19, 2:09 AM (16 h, 17 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
27727157
Default Alt Text
D50241.diff (3 KB)

Event Timeline