Page MenuHomeFreeBSD
Files F154276532

D49976.id154154.diff
No OneTemporary
Actions

D49976.id154154.diff
View Options

diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr
--- a/libexec/rc/rc.subr
+++ b/libexec/rc/rc.subr
@@ -1211,7 +1211,18 @@
fi
fi
- _svcj_ip="inherit"
+ if check_kern_features inet; then
+ _svcj_ip4="ip4=inherit"
+ else
+ _svcj_ip4=""
+ fi
+
+ if check_kern_features inet6; then
+ _svcj_ip6="ip6=inherit"
+ else
+ _svcj_ip6=""
+ fi
+
_svcj_ip4_addrs=""
_svcj_ip6_addrs=""
@@ -1224,14 +1235,28 @@
_svcj_cmd_options=""
+ # When we set one IP version to new, also set the other (if it's
+ # enabled), otherwise when net_basic is enabled it will inherit all
+ # addresses.
+
if [ -n "$_svcj_ip4_addrs" ]; then
- _svcj_cmd_options="ip4.addr=${_svcj_ip4_addrs%*,} ${_svcj_cmd_options}"
- _svcj_ip="new"
+ if [ -n "$_svcj_ip4" ]; then
+ _svcj_cmd_options="ip4.addr=${_svcj_ip4_addrs%*,} ${_svcj_cmd_options}"
+ _svcj_ip4="ip4=new"
+ [ -n "$_svcj_ip6" ] && _svcj_ip6="ip6=new"
+ else
+ warn "$rc_service: ${name}_svcj_ipaddrs contains at least one IPv4 address, but IPv4 is not enabled in the kernel; IPv4 addresses will be ignored."
+ fi
fi
if [ -n "$_svcj_ip6_addrs" ]; then
- _svcj_cmd_options="ip6.addr=${_svcj_ip6_addrs%*,} ${_svcj_cmd_options}"
- _svcj_ip="new"
+ if [ -n "$_svcj_ip6" ]; then
+ _svcj_cmd_options="ip6.addr=${_svcj_ip6_addrs%*,} ${_svcj_cmd_options}"
+ _svcj_ip6="ip6=new"
+ [ -n "$_svcj_ip4" ] && _svcj_ip4="ip4=new"
+ else
+ warn "$rc_service: ${name}_svcj_ipaddrs contains at least one IPv6 address, but IPv6 is not enabled in the kernel; IPv6 addresses will be ignored."
+ fi
fi
if [ -n "$_svcj_options" ]; then # translate service jail options
@@ -1242,19 +1267,19 @@
_svcj_cmd_options="allow.mlock ${_svcj_cmd_options}"
;;
netv4)
- _svcj_cmd_options="ip4=${_svcj_ip} allow.reserved_ports ${_svcj_cmd_options}"
+ _svcj_cmd_options="${_svcj_ip4} allow.reserved_ports ${_svcj_cmd_options}"
;;
netv6)
- _svcj_cmd_options="ip6=${_svcj_ip} allow.reserved_ports ${_svcj_cmd_options}"
+ _svcj_cmd_options="${_svcj_ip6} allow.reserved_ports ${_svcj_cmd_options}"
;;
net_basic)
- _svcj_cmd_options="ip4=${_svcj_ip} ip6=${_svcj_ip} allow.reserved_ports ${_svcj_cmd_options}"
+ _svcj_cmd_options="${_svcj_ip4} ${_svcj_ip6} allow.reserved_ports ${_svcj_cmd_options}"
;;
net_raw)
_svcj_cmd_options="allow.raw_sockets ${_svcj_cmd_options}"
;;
net_all)
- _svcj_cmd_options="allow.socket_af allow.raw_sockets allow.reserved_ports ip4=${_svcj_ip} ip6=${_svcj_ip} ${_svcj_cmd_options}"
+ _svcj_cmd_options="allow.socket_af allow.raw_sockets allow.reserved_ports ${_svcj_ip4} ${_svcj_ip6} ${_svcj_cmd_options}"
;;
nfsd)
_svcj_cmd_options="allow.nfsd enforce_statfs=1 ${_svcj_cmd_options}"

File Metadata

Mime Type
text/plain
Expires
Tue, Apr 28, 1:27 PM (11 h, 45 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
32281405
Default Alt Text
D49976.id154154.diff (2 KB)

Event Timeline