Page MenuHomeFreeBSD
Files F151533371

D9649.id25329.diff
No OneTemporary
Actions

D9649.id25329.diff
View Options

Index: sbin/ifconfig/ifconfig.8
===================================================================
--- sbin/ifconfig/ifconfig.8
+++ sbin/ifconfig/ifconfig.8
@@ -28,7 +28,7 @@
.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94
.\" $FreeBSD$
.\"
-.Dd January 18, 2017
+.Dd February 17, 2017
.Dt IFCONFIG 8
.Os
.Sh NAME
@@ -38,6 +38,7 @@
.Nm
.Op Fl f Ar type:format Ns Op Ar ,type:format
.Op Fl L
+.Op Fl j Ar jail
.Op Fl k
.Op Fl m
.Op Fl n
@@ -50,12 +51,14 @@
.Oc
.Op Ar parameters
.Nm
+.Op Fl j Ar jail
.Ar interface
.Cm destroy
.Nm
.Fl a
.Op Fl L
.Op Fl d
+.Op Fl j Ar jail
.Op Fl m
.Op Fl u
.Op Fl v
@@ -63,11 +66,13 @@
.Nm
.Fl l
.Op Fl d
+.Op Fl j Ar jail
.Op Fl u
.Op Ar address_family
.Nm
.Op Fl L
.Op Fl d
+.Op Fl j Ar jail
.Op Fl k
.Op Fl m
.Op Fl u
@@ -75,6 +80,7 @@
.Op Fl C
.Nm
.Op Fl g Ar groupname
+.Op Fl j Ar jail
.Sh DESCRIPTION
The
.Nm
@@ -2895,6 +2901,15 @@
.Fl n
flag disables this behavior.
.Pp
+The
+.Fl j Ar jail
+flag may be used to perform actions inside the specified
+.Ar jail .
+Target jail is name or jid.
+Modules are not loaded automatically when this option is used.
+This functionality is supported only with vnet enabled jails (virtual network
+stack).
+.Pp
Only the super-user may modify the configuration of a network interface.
.Sh EXAMPLES
Assign the IPv4 address
Index: sbin/ifconfig/ifconfig.c
===================================================================
--- sbin/ifconfig/ifconfig.c
+++ sbin/ifconfig/ifconfig.c
@@ -43,6 +43,9 @@
#include <sys/param.h>
#include <sys/ioctl.h>
+#ifdef JAIL
+#include <sys/jail.h>
+#endif
#include <sys/module.h>
#include <sys/linker.h>
#include <sys/queue.h>
@@ -68,6 +71,7 @@
#include <fcntl.h>
#ifdef JAIL
#include <jail.h>
+#include <nl_types.h>
#endif
#include <stdio.h>
#include <stdlib.h>
@@ -137,6 +141,11 @@
{
char options[1024];
struct option *p;
+#ifdef JAIL
+ const char *jail = "[-j jail] ";
+#else
+ const char *jail = "";
+#endif
/* XXX not right but close enough for now */
options[0] = '\0';
@@ -146,13 +155,13 @@
}
fprintf(stderr,
- "usage: ifconfig [-f type:format] %sinterface address_family\n"
+ "usage: ifconfig [-f type:format] %s%sinterface address_family\n"
" [address [dest_address]] [parameters]\n"
- " ifconfig interface create\n"
- " ifconfig -a %s[-d] [-m] [-u] [-v] [address_family]\n"
- " ifconfig -l [-d] [-u] [address_family]\n"
- " ifconfig %s[-d] [-m] [-u] [-v]\n",
- options, options, options);
+ " ifconfig %sinterface create\n"
+ " ifconfig -a %s[-d] %s[-m] [-u] [-v] [address_family]\n"
+ " ifconfig -l [-d] %s[-u] [address_family]\n"
+ " ifconfig %s[-d] %s[-m] [-u] [-v]\n",
+ jail, options, jail, options, jail, jail, options, jail);
exit(1);
}
@@ -366,6 +375,11 @@
const char *ifname;
struct option *p;
size_t iflen;
+#ifdef JAIL
+ int jid;
+
+ jid = 0;
+#endif
all = downonly = uponly = namesonly = noload = verbose = 0;
f_inet = f_inet6 = f_ether = f_addr = NULL;
@@ -381,7 +395,11 @@
atexit(printifnamemaybe);
/* Parse leading line options */
+#ifdef JAIL
+ strlcpy(options, "f:adj:klmnuv", sizeof(options));
+#else
strlcpy(options, "f:adklmnuv", sizeof(options));
+#endif
for (p = opts; p != NULL; p = p->next)
strlcat(options, p->opt, sizeof(options));
while ((c = getopt(argc, argv, options)) != -1) {
@@ -397,6 +415,12 @@
usage();
setformat(optarg);
break;
+#ifdef JAIL
+ case 'j':
+ jid = jail_getid(optarg);
+ noload++;
+ break;
+#endif
case 'k':
printkeys++;
break;
@@ -437,6 +461,19 @@
if (uponly && downonly)
usage();
+#ifdef JAIL
+ if (jid > 0) {
+ (void)catopen("libc", NL_CAT_LOCALE);
+ if (jail_attach(jid) == -1) {
+ if (errno == EINVAL)
+ errx(1, "jail does not exist");
+ err(1, "jail_attach()");
+ }
+ } else if (jid == -1) {
+ errx(1, "jail does not exist");
+ }
+#endif
+
/* no arguments is equivalent to '-a' */
if (!namesonly && argc < 1)
all = 1;
Index: sbin/route/Makefile
===================================================================
--- sbin/route/Makefile
+++ sbin/route/Makefile
@@ -17,6 +17,10 @@
.if ${MK_INET6_SUPPORT} != "no"
CFLAGS+= -DINET6
.endif
+.if ${MK_JAIL} != "no" && !defined(RELEASE_CRUNCH) && !defined(RESCUE)
+CFLAGS+= -DJAIL
+LIBADD+= jail
+.endif
CFLAGS+= -I.
keywords.h: keywords
Index: sbin/route/route.8
===================================================================
--- sbin/route/route.8
+++ sbin/route/route.8
@@ -28,7 +28,7 @@
.\" @(#)route.8 8.3 (Berkeley) 3/19/94
.\" $FreeBSD$
.\"
-.Dd November 11, 2014
+.Dd February 17, 2017
.Dt ROUTE 8
.Os
.Sh NAME
@@ -37,6 +37,7 @@
.Sh SYNOPSIS
.Nm
.Op Fl dnqtv
+.Op Fl j Ar jail
.Ar command
.Oo
.Op Ar modifiers
@@ -72,6 +73,11 @@
address family as family hint for subcommands.
.It Fl d
Run in debug-only mode, i.e., do not actually modify the routing table.
+.It Fl j Ar jail
+Perform action inside the specified
+.Ar jail .
+Target jail is name or jid. This functionality is supported only with
+vnet enabled jails (virtual network stack).
.It Fl n
Bypass attempts to print host and network names symbolically
when reporting actions.
@@ -483,6 +489,7 @@
.Xr netintro 4 ,
.Xr route 4 ,
.Xr arp 8 ,
+.Xr jail 8 ,
.Xr routed 8
.\".Xr XNSrouted 8
.Sh HISTORY
Index: sbin/route/route.c
===================================================================
--- sbin/route/route.c
+++ sbin/route/route.c
@@ -44,6 +44,9 @@
#include <sys/param.h>
#include <sys/file.h>
+#ifdef JAIL
+#include <sys/jail.h>
+#endif
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/sysctl.h>
@@ -61,6 +64,10 @@
#include <ctype.h>
#include <err.h>
#include <errno.h>
+#ifdef JAIL
+#include <jail.h>
+#include <nl_types.h>
+#endif
#include <paths.h>
#include <signal.h>
#include <stdbool.h>
@@ -158,9 +165,15 @@
static void
usage(const char *cp)
{
+#ifdef JAIL
+ const char *jail = "[-j jail] ";
+#else
+ const char *jail = "";
+#endif
+
if (cp != NULL)
warnx("bad keyword: %s", cp);
- errx(EX_USAGE, "usage: route [-46dnqtv] command [[modifiers] args]");
+ errx(EX_USAGE, "usage: route [-46dnqtv] %scommand [[modifiers] args]", jail);
/* NOTREACHED */
}
@@ -169,11 +182,19 @@
{
int ch;
size_t len;
+#ifdef JAIL
+ int jid;
+ const char *options = "46nqdj:tv";
+
+ jid = 0;
+#else
+ const char *options = "46nqdtv";
+#endif
if (argc < 2)
usage(NULL);
- while ((ch = getopt(argc, argv, "46nqdtv")) != -1)
+ while ((ch = getopt(argc, argv, options)) != -1)
switch(ch) {
case '4':
#ifdef INET
@@ -206,6 +227,11 @@
case 'd':
debugonly = 1;
break;
+#ifdef JAIL
+ case 'j':
+ jid = jail_getid(optarg);
+ break;
+#endif
case '?':
default:
usage(NULL);
@@ -213,6 +239,19 @@
argc -= optind;
argv += optind;
+#ifdef JAIL
+ if (jid > 0) {
+ (void)catopen("libc", NL_CAT_LOCALE);
+ if (jail_attach(jid) == -1) {
+ if (errno == EINVAL)
+ errx(1, "jail does not exist");
+ err(1, "jail_attach()");
+ }
+ } else if (jid == -1) {
+ errx(1, "jail does not exist");
+ }
+#endif
+
pid = getpid();
uid = geteuid();
if (tflag)

File Metadata

Mime Type
text/plain
Expires
Fri, Apr 10, 1:43 AM (17 h, 15 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
31187177
Default Alt Text
D9649.id25329.diff (7 KB)

Event Timeline