Index: stable/12/lib/libbe/libbe.3 =================================================================== --- stable/12/lib/libbe/libbe.3 (revision 342737) +++ stable/12/lib/libbe/libbe.3 (revision 342738) @@ -1,476 +1,495 @@ .\" .\" SPDX-License-Identifier: BSD-2-Clause-FreeBSD .\" .\" Copyright (c) 2017 Kyle Kneitinger .\" All rights reserved. .\" Copyright (c) 2018 Kyle Evans .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" .\" $FreeBSD$ .\" -.Dd November 17, 2018 +.Dd November 21, 2018 .Dt LIBBE 3 .Os .Sh NAME .Nm libbe .Nd library for creating, destroying and modifying ZFS boot environments .Sh LIBRARY .Lb libbe .Sh SYNOPSIS .In be.h .Ft "libbe_handle_t *hdl" Ns .Fn libbe_init "const char *be_root" .Pp .Ft void .Fn libbe_close "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn be_active_name "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn be_active_path "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn be_nextboot_name "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn be_nextboot_path "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn be_root_path "libbe_handle_t *hdl" .Pp .Ft int .Fn be_create "libbe_handle_t *hdl" "const char *be_name" .Pp .Ft int .Fn be_create_from_existing "libbe_handle_t *hdl" "const char *be_name" "const char *be_origin" .Pp .Ft int .Fn be_create_from_existing_snap "libbe_handle_t *hdl" "const char *be_name" "const char *snap" .Pp .Ft int .Fn be_rename "libbe_handle_t *hdl" "const char *be_old" "const char *be_new" .Pp .Ft int .Fn be_activate "libbe_handle_t *hdl" "const char *be_name" "bool temporary" .Ft int .Fn be_destroy "libbe_handle_t *hdl" "const char *be_name" "int options" .Pp .Ft void .Fn be_nicenum "uint64_t num" "char *buf" "size_t bufsz" .Pp .\" TODO: Write up of mount options .\" typedef enum { .\" BE_MNT_FORCE = 1 << 0, .\" BE_MNT_DEEP = 1 << 1, .\" } be_mount_opt_t .Ft int .Fn be_mount "libbe_handle_t *hdl" "char *be_name" "char *mntpoint" "int flags" "char *result" .Pp .Ft int .Fn be_mounted_at "libbe_handle_t *hdl" "const char *path" "nvlist_t *details" .Pp .Ft int .Fn be_unmount "libbe_handle_t *hdl" "char *be_name" "int flags" .Pp .Ft int .Fn libbe_errno "libbe_handle_t *hdl" .Pp .Ft const char * Ns .Fn libbe_error_description "libbe_handle_t *hdl" .Pp .Ft void .Fn libbe_print_on_error "libbe_handle_t *hdl" "bool doprint" .Pp .Ft int .Fn be_root_concat "libbe_handle_t *hdl" "const char *be_name" "char *result" .Pp .Ft int .Fn be_validate_name "libbe_handle_t *hdl" "const char *be_name" .Pp .Ft int .Fn be_validate_snap "libbe_handle_t *hdl" "const char *snap" .Pp .Ft int .Fn be_exists "libbe_handle_t *hdl" "char *be_name" .Pp .Ft int .Fn be_export "libbe_handle_t *hdl" "const char *be_name" "int fd" .Pp .Ft int .Fn be_import "libbe_handle_t *hdl" "const char *be_name" "int fd" .Pp .Ft int .Fn be_prop_list_alloc "nvlist_t **prop_list" .Pp .Ft int .Fn be_get_bootenv_props "libbe_handle_t *hdl" "nvlist_t *be_list" .Pp .Ft int .Fn be_get_dataset_props "libbe_handle_t *hdl" "const char *ds_name" "nvlist_t *props" .Pp .Ft int .Fn be_get_dataset_snapshots "libbe_handle_t *hdl" "const char *ds_name" "nvlist_t *snap_list" .Pp .Ft void .Fn be_prop_list_free "nvlist_t *prop_list" .Sh DESCRIPTION .Nm interfaces with libzfs to provide a set of functions for various operations regarding ZFS boot environments including "deep" boot environments in which a boot environments has child datasets. .Pp A context structure is passed to each function, allowing for a small amount of state to be retained, such as errors from previous operations. .Nm may be configured to print the corresponding error message to .Dv stderr when an error is encountered with .Fn libbe_print_on_error . .Pp All functions returning an .Vt int return 0 on success, or a .Nm errno otherwise as described in .Sx DIAGNOSTICS . .Pp The .Fn libbe_init function takes an optional BE root and initializes .Nm , returning a .Vt "libbe_handle_t *" on success, or .Dv NULL on error. If a BE root is supplied, .Nm will only operate out of that pool and BE root. An error may occur if: .Bl -column .It /boot and / are not on the same filesystem and device, .It libzfs fails to initialize, .It The system has not been properly booted with a ZFS boot environment, .It Nm fails to open the zpool the active boot environment resides on, or .It Nm fails to locate the boot environment that is currently mounted. .El .Pp The .Fn libbe_close function frees all resources previously acquired in .Fn libbe_init , invalidating the handle in the process. .Pp The .Fn be_active_name function returns the name of the currently booted boot environment. This boot environment may not belong to the same BE root as the root libbe is operating on! .Pp The .Fn be_active_path function returns the full path of the currently booted boot environment. This boot environment may not belong to the same BE root as the root libbe is operating on! .Pp The .Fn be_nextboot_name function returns the name of the boot environment that will be active on reboot. .Pp The .Fn be_nextboot_path function returns the full path of the boot environment that will be active on reboot. .Pp The .Fn be_root_path function returns the boot environment root path. .Pp The .Fn be_create function creates a boot environment with the given name. It will be created from a snapshot of the currently booted boot environment. .Pp The .Fn be_create_from_existing function creates a boot environment with the given name from the name of an existing boot environment. A snapshot will be made of the base boot environment, and the new boot environment will be created from that. .Pp The .Fn be_create_from_existing_snap function creates a boot environment with the given name from an existing snapshot. .Pp The .Fn be_rename function renames a boot environment without unmounting it, as if renamed with the .Fl u argument were passed to .Nm zfs .Cm rename .Pp The .Fn be_activate function makes a boot environment active on the next boot. If the .Fa temporary flag is set, then it will be active for the next boot only, as done by .Xr zfsbootcfg 8 . Next boot functionality is currently only available when booting in x86 BIOS mode. .Pp The .Fn be_destroy function will recursively destroy the given boot environment. It will not destroy a mounted boot environment unless the .Dv BE_DESTROY_FORCE option is set in .Fa options . .Pp The .Fn be_nicenum function will format .Fa name in a traditional ZFS humanized format, similar to .Xr humanize_number 3 . This function effectively proxies .Fn zfs_nicenum from libzfs. .Pp The .Fn be_mount function will mount the given boot environment. If .Fa mountpoint is .Dv NULL , a mount point will be generated in .Pa /tmp using .Xr mkdtemp 3 . If .Fa result is not .Dv NULL , it should be large enough to accommodate .Dv BE_MAXPATHLEN including the null terminator. the final mount point will be copied into it. Setting the .Dv BE_MNT_FORCE flag will pass .Dv MNT_FORCE to the underlying .Xr mount 2 call. .Pp The .Fn be_mounted_at function will check if there is a boot environment mounted at the given .Fa path . If .Fa details is not .Dv NULL , it will be populated with a list of the mounted dataset's properties. This list of properties matches the properties collected by .Fn be_get_bootenv_props . .Pp The .Fn be_unmount function will unmount the given boot environment. Setting the .Dv BE_MNT_FORCE flag will pass .Dv MNT_FORCE to the underlying .Xr mount 2 call. .Pp The .Fn libbe_errno function returns the .Nm errno. .Pp The .Fn libbe_error_description function returns a string description of the currently set .Nm errno. .Pp The .Fn libbe_print_on_error function will change whether or not .Nm prints the description of any encountered error to .Dv stderr , based on .Fa doprint . .Pp The .Fn be_root_concat function will concatenate the boot environment root and the given boot environment name into .Fa result . .Pp The .Fn be_validate_name function will validate the given boot environment name for both length restrictions as well as valid character restrictions. This function does not set the internal library error state. .Pp The .Fn be_validate_snap function will validate the given snapshot name. The snapshot must have a valid name, exist, and have a mountpoint of .Pa / . This function does not set the internal library error state. .Pp The .Fn be_exists function will check whether the given boot environment exists and has a mountpoint of .Pa / . This function does not set the internal library error state, but will return the appropriate error. .Pp The .Fn be_export function will export the given boot environment to the file specified by .Fa fd . A snapshot will be created of the boot environment prior to export. .Pp The .Fn be_import function will import the boot environment in the file specified by .Fa fd , and give it the name .Fa be_name . .Pp The .Fn be_prop_list_alloc function allocates a property list suitable for passing to .Fn be_get_bootenv_props , .Fn be_get_dataset_props , or .Fn be_get_dataset_snapshots . It should be freed later by .Fa be_prop_list_free . .Pp The .Fn be_get_bootenv_props function will populate .Fa be_list with .Vt nvpair_t of boot environment names paired with an .Vt nvlist_t of their properties. The following properties are currently collected as appropriate: .Bl -column "Returned name" .It Sy Returned name Ta Sy Description .It dataset Ta - .It name Ta Boot environment name .It mounted Ta Current mount point .It mountpoint Ta Do mountpoint Dc property .It origin Ta Do origin Dc property .It creation Ta Do creation Dc property .It active Ta Currently booted environment .It used Ta Literal Do used Dc property .It usedds Ta Literal Do usedds Dc property .It usedsnap Ta Literal Do usedrefreserv Dc property .It referenced Ta Literal Do referenced Dc property .It nextboot Ta Active on next boot .El .Pp Only the .Dq dataset , .Dq name , .Dq active , and .Dq nextboot returned values will always be present. All other properties may be omitted if not available. .Pp The .Fn be_get_dataset_props function will get properties of the specified dataset. .Fa props is populated directly with a list of the properties as returned by .Fn be_get_bootenv_props . .Pp The .Fn be_get_dataset_snapshots function will retrieve all snapshots of the given dataset. .Fa snap_list will be populated with a list of .Vt nvpair_t exactly as specified by .Fn be_get_bootenv_props . .Pp The .Fn be_prop_list_free function will free the property list. .Sh DIAGNOSTICS -Upon error, one of the following values will be returned. -.\" TODO: make each entry on its own line. -.Bd -ragged -offset indent -BE_ERR_SUCCESS, -BE_ERR_INVALIDNAME, -BE_ERR_EXISTS, -BE_ERR_NOENT, -BE_ERR_PERMS, -BE_ERR_DESTROYACT, -BE_ERR_DESTROYMNT, -BE_ERR_BADPATH, -BE_ERR_PATHBUSY, -BE_ERR_PATHLEN, -BE_ERR_BADMOUNT, -BE_ERR_NOORIGIN, -BE_ERR_MOUNTED, -BE_ERR_NOMOUNT, -BE_ERR_ZFSOPEN, -BE_ERR_ZFSCLONE, -BE_ERR_IO, -BE_ERR_NOPOOL, -BE_ERR_NOMEM, +Upon error, one of the following values will be returned: +.Bl -dash -offset indent -compact +.It +BE_ERR_SUCCESS +.It +BE_ERR_INVALIDNAME +.It +BE_ERR_EXISTS +.It +BE_ERR_NOENT +.It +BE_ERR_PERMS +.It +BE_ERR_DESTROYACT +.It +BE_ERR_DESTROYMNT +.It +BE_ERR_BADPATH +.It +BE_ERR_PATHBUSY +.It +BE_ERR_PATHLEN +.It +BE_ERR_BADMOUNT +.It +BE_ERR_NOORIGIN +.It +BE_ERR_MOUNTED +.It +BE_ERR_NOMOUNT +.It +BE_ERR_ZFSOPEN +.It +BE_ERR_ZFSCLONE +.It +BE_ERR_IO +.It +BE_ERR_NOPOOL +.It +BE_ERR_NOMEM +.It BE_ERR_UNKNOWN -.Ed +.El .Sh SEE ALSO -.Xr be 1 +.Xr bectl 8 .Sh HISTORY .Nm and its corresponding command, .Xr bectl 8 , were written as a 2017 Google Summer of Code project with Allan Jude serving as a mentor. Later work was done by .An Kyle Evans Aq Mt kevans@FreeBSD.org . Index: stable/12/sbin/bectl/bectl.8 =================================================================== --- stable/12/sbin/bectl/bectl.8 (revision 342737) +++ stable/12/sbin/bectl/bectl.8 (revision 342738) @@ -1,287 +1,283 @@ .\" .\" SPDX-License-Identifier: BSD-2-Clause-FreeBSD .\" .\" Copyright (c) 2017 Kyle J. Kneitinger .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" .\" @(#)be.1 .\" .\" $FreeBSD$ .\" -.Dd August 24, 2018 +.Dd December 25, 2018 .Dt BECTL 8 .Os .Sh NAME .Nm bectl .Nd Utility to manage Boot Environments on ZFS .Sh SYNOPSIS .Nm .Cm activate .Op Fl t .Ar beName .Nm .Cm create .Op Fl r .Op Fl e Brq Ar nonActiveBe | beName@snapshot .Ar beName .Nm .Cm create .Op Fl r .Ar beName@snapshot .Nm .Cm destroy .Op Fl F .Brq Ar beName | beName@snapshot .Nm .Cm export .Ar sourceBe .Nm .Cm import .Ar targetBe .Nm .Cm jail .Brq Fl b | Fl U .Oo Bro Fl o Ar key Ns = Ns Ar value | Fl u Ar key Brc Oc Ns ... -.Brq Ar jailID | jailName .Ar bootenv .Op Ar utility Op Ar argument ... .Nm .Cm list .Op Fl DHas .Nm .Cm mount .Ar beName .Op mountpoint .Nm .Cm rename .Ar origBeName .Ar newBeName .Nm .Brq Cm ujail | unjail .Brq Ar jailID | jailName .Ar bootenv .Nm .Brq Cm umount | unmount .Op Fl f .Ar beName .Sh DESCRIPTION The .Nm command is used to setup and interact with ZFS boot environments, which are bootable clones of datasets. .Pp .Em Boot Environments allows the system to be upgraded, while preserving the old system environment in a separate ZFS dataset. .Sh COMMANDS The following commands are supported by .Nm : .Bl -tag -width activate .It Xo .Cm activate .Op Fl t .Ar beName .Xc Activate the given .Ar beName as the default boot filesystem. If the .Op Fl t flag is given, this takes effect only for the next boot. .It Xo .Cm create .Op Fl r .Op Fl e Brq Ar nonActiveBe | beName@snapshot .Ar beName .Xc Creates a new boot environment named .Ar beName . If the .Fl e argument is specified, the new environment will be cloned from the given .Brq Ar nonActiveBe | Ar beName@snapshot . If the .Fl r flag is given, a recursive boot environment will be made. .It Xo .Cm create .Op Fl r .Ar beName@snapshot .Xc Creates a snapshot of the existing boot environment named .Ar beName . If the .Fl r flag is given, a recursive boot environment will be made. .It Xo .Cm destroy .Op Fl F .Brq Ar beName | beName@snapshot .Xc Destroys the given .Ar beName boot environment or .Ar beName@snapshot snapshot without confirmation, unlike in .Nm beadm . Specifying .Fl F will automatically unmount without confirmation. .It Cm export Ar sourceBe Export .Ar sourceBe to .Dv stdout . .Dv stdout must be piped or redirected to a file. .It Cm import Ar targetBe Import .Ar targetBe from .Dv stdin . .It Xo .Cm jail .Brq Fl b | Fl U .Oo Bro Fl o Ar key Ns = Ns Ar value | Fl u Ar key Brc Oc Ns ... -.Brq Ar jailID | jailName .Ao Ar bootenv Ac .Op Ar utility Op Ar argument ... .Xc Creates a jail of the given boot environment. Multiple .Fl o and .Fl u arguments may be specified. .Fl o will set a jail parameter, and .Fl u will unset a jail parameter. .Pp By default, jails are created in interactive mode and .Pa /bin/sh is executed within the jail. If .Ar utility is specified, it will be executed instead of .Pa /bin/sh . The jail will be destroyed and the boot environment unmounted when the command finishes executing, unless the .Fl U argument is specified. .Pp The .Fl b argument enables batch mode, thereby disabling interactive mode. The .Fl U argument will be ignored in batch mode. .Pp The .Va name , .Va host.hostname , and .Va path -may not actually be unset. -Attempts to unset any of these will revert them to the default values specified -below, if they have been overwritten by -.Fl o . +must be set, the default values are specified below. .Pp All .Ar key Ns = Ns Ar value pairs are interpreted as jail parameters as described in .Xr jail 8 . The following default parameters are provided: .Bl -column "allow.mount.devfs" "" .It Va allow.mount Ta Cm true .It Va allow.mount.devfs Ta Cm true .It Va enforce_statfs Ta Cm 1 -.It Va name Ta Va bootenv +.It Va name Ta jail id .It Va host.hostname Ta Va bootenv .It Va path Ta Set to a path in /tmp generated by .Xr libbe 3 . .El .Pp All default parameters may be overwritten. .It Cm list Op Fl DHas Displays all boot environments. The Active field indicates whether the boot environment is active now (N); active on reboot (R); or both (NR). .Pp If .Fl a is used, display all datasets. If .Fl D is used, display the full space usage for each boot environment, assuming all other boot environments were destroyed. The .Fl H option is used for scripting. It does not print headers and separate fields by a single tab instead of arbitrary white space. If .Fl s is used, display all snapshots as well. .It Cm mount Ar beName Op Ar mountpoint Temporarily mount the boot environment. Mount at the specified .Ar mountpoint if provided. .It Cm rename Ar origBeName newBeName Renames the given .Ar origBeName to the given .Ar newBeName . The boot environment will not be unmounted in order for this rename to occur. .It Cm unjail Brq Ar jailID | jailName | beName Destroys the jail created from the given boot environment. .It Xo .Cm unmount .Op Fl f .Ar beName .Xc Unmount the given boot environment, if it is mounted. Specifying .Fl f will force the unmount if busy. .El .Sh EXAMPLES .Bl -bullet .It To fill in with jail upgrade example when behavior is firm. .El .Sh SEE ALSO +.Xr libbe 3 , .Xr jail 8 , .Xr zfs 8 , .Xr zpool 8 .Sh HISTORY .Nm is based on .Nm beadm and was implemented as a project for the 2017 Summer of Code, along with .Xr libbe 3 . .Sh AUTHORS .Nm was written by .An Kyle Kneitinger (kneitinger) Aq Mt kyle@kneit.in . .Pp .Nm beadm was written and is maintained by .An Slawomir Wojciech Wojtczak (vermaden) Aq Mt vermaden@interia.pl . .Pp .An Bryan Drewery (bdrewery) Aq Mt bryan@shatow.net wrote the original .Nm beadm manual page that this one is derived from. Index: stable/12/sbin/bectl/bectl_jail.c =================================================================== --- stable/12/sbin/bectl/bectl_jail.c (revision 342737) +++ stable/12/sbin/bectl/bectl_jail.c (revision 342738) @@ -1,416 +1,421 @@ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD * * Copyright (c) 2018 Kyle Evans * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. * IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, * BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED * AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include __FBSDID("$FreeBSD$"); #include #include #include #include #include #include #include #include #include #include #include #include "bectl.h" static void jailparam_grow(void); static void jailparam_add(const char *name, const char *val); static int jailparam_del(const char *name); static bool jailparam_addarg(char *arg); static int jailparam_delarg(char *arg); static int bectl_search_jail_paths(const char *mnt); static int bectl_locate_jail(const char *ident); /* We'll start with 8 parameters initially and grow as needed. */ #define INIT_PARAMCOUNT 8 static struct jailparam *jp; static int jpcnt; static int jpused; static char mnt_loc[BE_MAXPATHLEN]; static void jailparam_grow(void) { jpcnt *= 2; jp = realloc(jp, jpcnt * sizeof(*jp)); if (jp == NULL) err(2, "realloc"); } static void jailparam_add(const char *name, const char *val) { int i; for (i = 0; i < jpused; ++i) { if (strcmp(name, jp[i].jp_name) == 0) break; } if (i < jpused) jailparam_free(&jp[i], 1); else if (jpused == jpcnt) /* The next slot isn't allocated yet */ jailparam_grow(); if (jailparam_init(&jp[i], name) != 0) return; if (jailparam_import(&jp[i], val) != 0) return; ++jpused; } static int jailparam_del(const char *name) { int i; char *val; for (i = 0; i < jpused; ++i) { if (strcmp(name, jp[i].jp_name) == 0) break; } if (i == jpused) return (ENOENT); for (; i < jpused - 1; ++i) { val = jailparam_export(&jp[i + 1]); jailparam_free(&jp[i], 1); /* * Given the context, the following will really only fail if * they can't allocate the copy of the name or value. */ if (jailparam_init(&jp[i], jp[i + 1].jp_name) != 0) { free(val); return (ENOMEM); } if (jailparam_import(&jp[i], val) != 0) { jailparam_free(&jp[i], 1); free(val); return (ENOMEM); } free(val); } jailparam_free(&jp[i], 1); --jpused; return (0); } static bool jailparam_addarg(char *arg) { char *name, *val; if (arg == NULL) return (false); name = arg; if ((val = strchr(arg, '=')) == NULL) { fprintf(stderr, "bectl jail: malformed jail option '%s'\n", arg); return (false); } *val++ = '\0'; if (strcmp(name, "path") == 0) { if (strlen(val) >= BE_MAXPATHLEN) { fprintf(stderr, "bectl jail: skipping too long path assignment '%s' (max length = %d)\n", val, BE_MAXPATHLEN); return (false); } strlcpy(mnt_loc, val, sizeof(mnt_loc)); } jailparam_add(name, val); return (true); } static int jailparam_delarg(char *arg) { char *name, *val; if (arg == NULL) return (EINVAL); name = arg; if ((val = strchr(name, '=')) != NULL) *val++ = '\0'; if (strcmp(name, "path") == 0) *mnt_loc = '\0'; return (jailparam_del(name)); } int bectl_cmd_jail(int argc, char *argv[]) { char *bootenv, *mountpoint; int jid, opt, ret; - bool default_hostname, default_name, interactive, unjail; + bool default_hostname, interactive, unjail; pid_t pid; - default_hostname = default_name = interactive = unjail = true; + default_hostname = interactive = unjail = true; jpcnt = INIT_PARAMCOUNT; jp = malloc(jpcnt * sizeof(*jp)); if (jp == NULL) err(2, "malloc"); jailparam_add("persist", "true"); jailparam_add("allow.mount", "true"); jailparam_add("allow.mount.devfs", "true"); jailparam_add("enforce_statfs", "1"); while ((opt = getopt(argc, argv, "bo:Uu:")) != -1) { switch (opt) { case 'b': interactive = false; break; case 'o': if (jailparam_addarg(optarg)) { /* * optarg has been modified to null terminate * at the assignment operator. */ - if (strcmp(optarg, "name") == 0) - default_name = false; if (strcmp(optarg, "host.hostname") == 0) default_hostname = false; } break; case 'U': unjail = false; break; case 'u': if ((ret = jailparam_delarg(optarg)) == 0) { - if (strcmp(optarg, "name") == 0) - default_name = true; if (strcmp(optarg, "host.hostname") == 0) default_hostname = true; } else if (ret != ENOENT) { fprintf(stderr, "bectl jail: error unsetting \"%s\"\n", optarg); return (ret); } break; default: fprintf(stderr, "bectl jail: unknown option '-%c'\n", optopt); return (usage(false)); } } argc -= optind; argv += optind; /* struct jail be_jail = { 0 }; */ if (argc < 1) { fprintf(stderr, "bectl jail: missing boot environment name\n"); return (usage(false)); } bootenv = argv[0]; /* * XXX TODO: if its already mounted, perhaps there should be a flag to * indicate its okay to proceed?? */ if (*mnt_loc == '\0') mountpoint = NULL; else mountpoint = mnt_loc; if (be_mount(be, bootenv, mountpoint, 0, mnt_loc) != BE_ERR_SUCCESS) { fprintf(stderr, "could not mount bootenv\n"); return (1); } - if (default_name) - jailparam_add("name", bootenv); if (default_hostname) jailparam_add("host.hostname", bootenv); /* * This is our indicator that path was not set by the user, so we'll use * the path that libbe generated for us. */ if (mountpoint == NULL) jailparam_add("path", mnt_loc); /* Create the jail for now, attach later as-needed */ jid = jailparam_set(jp, jpused, JAIL_CREATE); if (jid == -1) { fprintf(stderr, "unable to create jail. error: %d\n", errno); return (1); } jailparam_free(jp, jpused); free(jp); /* We're not interactive, nothing more to do here. */ if (!interactive) return (0); pid = fork(); switch(pid) { case -1: perror("fork"); return (1); case 0: jail_attach(jid); /* We're attached within the jail... good bye! */ chdir("/"); if (argc > 1) execve(argv[1], &argv[1], NULL); else execl("/bin/sh", "/bin/sh", NULL); fprintf(stderr, "bectl jail: failed to execute %s\n", (argc > 1 ? argv[1] : "/bin/sh")); _exit(1); default: /* Wait for the child to get back, see if we need to unjail */ waitpid(pid, NULL, 0); } if (unjail) { jail_remove(jid); unmount(mnt_loc, 0); } return (0); } static int bectl_search_jail_paths(const char *mnt) { - char jailpath[MAXPATHLEN]; int jid; + char lastjid[16]; + char jailpath[MAXPATHLEN]; + /* jail_getv expects name/value strings */ + snprintf(lastjid, sizeof(lastjid), "%d", 0); + jid = 0; - (void)mnt; - while ((jid = jail_getv(0, "lastjid", &jid, "path", &jailpath, + while ((jid = jail_getv(0, "lastjid", lastjid, "path", &jailpath, NULL)) != -1) { + + /* the jail we've been looking for */ if (strcmp(jailpath, mnt) == 0) return (jid); + + /* update lastjid and keep on looking */ + snprintf(lastjid, sizeof(lastjid), "%d", jid); } return (-1); } /* * Locate a jail based on an arbitrary identifier. This may be either a name, * a jid, or a BE name. Returns the jid or -1 on failure. */ static int bectl_locate_jail(const char *ident) { nvlist_t *belist, *props; char *mnt; int jid; /* Try the easy-match first */ jid = jail_getid(ident); if (jid != -1) return (jid); /* Attempt to try it as a BE name, first */ if (be_prop_list_alloc(&belist) != 0) return (-1); if (be_get_bootenv_props(be, belist) != 0) return (-1); if (nvlist_lookup_nvlist(belist, ident, &props) == 0) { - /* We'll attempt to resolve the jid by way of mountpoint */ - if (nvlist_lookup_string(props, "mountpoint", &mnt) == 0) { + + /* path where a boot environment is mounted */ + if (nvlist_lookup_string(props, "mounted", &mnt) == 0) { + + /* looking for a jail that matches our bootenv path */ jid = bectl_search_jail_paths(mnt); be_prop_list_free(belist); return (jid); } be_prop_list_free(belist); } return (-1); } int bectl_cmd_unjail(int argc, char *argv[]) { char path[MAXPATHLEN]; char *cmd, *name, *target; int jid; /* Store alias used */ cmd = argv[0]; if (argc != 2) { fprintf(stderr, "bectl %s: wrong number of arguments\n", cmd); return (usage(false)); } target = argv[1]; /* Locate the jail */ if ((jid = bectl_locate_jail(target)) == -1) { fprintf(stderr, "bectl %s: failed to locate BE by '%s'\n", cmd, target); return (1); } bzero(&path, MAXPATHLEN); name = jail_getname(jid); if (jail_getv(0, "name", name, "path", path, NULL) != jid) { free(name); fprintf(stderr, "bectl %s: failed to get path for jail requested by '%s'\n", cmd, target); return (1); } free(name); if (be_mounted_at(be, path, NULL) != 0) { fprintf(stderr, "bectl %s: jail requested by '%s' not a BE\n", cmd, target); return (1); } jail_remove(jid); unmount(path, 0); return (0); } Index: stable/12/sbin/bectl/tests/bectl_test.sh =================================================================== --- stable/12/sbin/bectl/tests/bectl_test.sh (revision 342737) +++ stable/12/sbin/bectl/tests/bectl_test.sh (revision 342738) @@ -1,299 +1,328 @@ # # SPDX-License-Identifier: BSD-2-Clause-FreeBSD # # Copyright (c) 2018 Kyle Evans # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions # are met: # 1. Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # 2. Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # $FreeBSD$ # Establishes a bectl_create zpool that can be used for some light testing; contains # a 'default' BE and not much else. bectl_create_setup() { zpool=$1 disk=$2 mnt=$3 kldload -n -q zfs || atf_skip "ZFS module not loaded on the current system" atf_check mkdir -p ${mnt} atf_check truncate -s 1G ${disk} atf_check zpool create -o altroot=${mnt} ${zpool} ${disk} atf_check zfs create -o mountpoint=none ${zpool}/ROOT atf_check zfs create -o mountpoint=/ -o canmount=noauto \ ${zpool}/ROOT/default } bectl_cleanup() { zpool=$1 if zpool get health ${zpool} >/dev/null 2>&1; then zpool destroy ${zpool} fi } atf_test_case bectl_create cleanup bectl_create_head() { atf_set "descr" "Check the various forms of bectl create" atf_set "require.user" root } bectl_create_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt bectl_create_setup ${zpool} ${disk} ${mount} # Test standard creation, creation of a snapshot, and creation from a # snapshot. atf_check bectl -r ${zpool}/ROOT create -e default default2 atf_check bectl -r ${zpool}/ROOT create default2@test_snap atf_check bectl -r ${zpool}/ROOT create -e default2@test_snap default3 } bectl_create_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_destroy cleanup bectl_destroy_head() { atf_set "descr" "Check bectl destroy" atf_set "require.user" root } bectl_destroy_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt bectl_create_setup ${zpool} ${disk} ${mount} atf_check bectl -r ${zpool}/ROOT create -e default default2 atf_check -o not-empty zfs get mountpoint ${zpool}/ROOT/default2 atf_check bectl -r ${zpool}/ROOT destroy default2 atf_check -e not-empty -s not-exit:0 zfs get mountpoint ${zpool}/ROOT/default2 } bectl_destroy_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_export_import cleanup bectl_export_import_head() { atf_set "descr" "Check bectl export and import" atf_set "require.user" root } bectl_export_import_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt bectl_create_setup ${zpool} ${disk} ${mount} atf_check -o save:exported bectl -r ${zpool}/ROOT export default atf_check -x "bectl -r ${zpool}/ROOT import default2 < exported" atf_check -o not-empty zfs get mountpoint ${zpool}/ROOT/default2 atf_check bectl -r ${zpool}/ROOT destroy default2 atf_check -e not-empty -s not-exit:0 zfs get mountpoint \ ${zpool}/ROOT/default2 } bectl_export_import_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_list cleanup bectl_list_head() { atf_set "descr" "Check bectl list" atf_set "require.user" root } bectl_list_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt bectl_create_setup ${zpool} ${disk} ${mount} # Test the list functionality, including that BEs come and go away # as they're created and destroyed. Creation and destruction tests # use the 'zfs' utility to verify that they're actually created, so # these are just light tests that 'list' is picking them up. atf_check -o save:list.out bectl -r ${zpool}/ROOT list atf_check -o not-empty grep 'default' list.out atf_check bectl -r ${zpool}/ROOT create -e default default2 atf_check -o save:list.out bectl -r ${zpool}/ROOT list atf_check -o not-empty grep 'default2' list.out atf_check bectl -r ${zpool}/ROOT destroy default2 atf_check -o save:list.out bectl -r ${zpool}/ROOT list atf_check -s not-exit:0 grep 'default2' list.out # XXX TODO: Formatting checks } bectl_list_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_mount cleanup bectl_mount_head() { atf_set "descr" "Check bectl mount/unmount" atf_set "require.user" root } bectl_mount_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt root=${mount}/root bectl_create_setup ${zpool} ${disk} ${mount} atf_check mkdir -p ${root} # Test unmount first... atf_check -o not-empty bectl -r ${zpool}/ROOT mount default ${root} atf_check -o not-empty -x "mount | grep '^${zpool}/ROOT/default'" atf_check bectl -r ${zpool}/ROOT unmount default atf_check -s not-exit:0 -x "mount | grep '^${zpool}/ROOT/default'" # Then umount! atf_check -o not-empty bectl -r ${zpool}/ROOT mount default ${root} atf_check -o not-empty -x "mount | grep '^${zpool}/ROOT/default'" atf_check bectl -r ${zpool}/ROOT umount default atf_check -s not-exit:0 -x "mount | grep '^${zpool}/ROOT/default'" } bectl_mount_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_rename cleanup bectl_rename_head() { atf_set "descr" "Check bectl rename" atf_set "require.user" root } bectl_rename_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt bectl_create_setup ${zpool} ${disk} ${mount} atf_check bectl -r ${zpool}/ROOT rename default default2 atf_check -o not-empty zfs get mountpoint ${zpool}/ROOT/default2 atf_check -e not-empty -s not-exit:0 zfs get mountpoint \ ${zpool}/ROOT/default } bectl_rename_cleanup() { bectl_cleanup bectl_test } atf_test_case bectl_jail cleanup bectl_jail_head() { atf_set "descr" "Check bectl rename" atf_set "require.user" root } bectl_jail_body() { cwd=$(realpath .) zpool=bectl_test disk=${cwd}/disk.img mount=${cwd}/mnt root=${mount}/root if [ ! -f /rescue/rescue ]; then atf_skip "This test requires a rescue binary" fi bectl_create_setup ${zpool} ${disk} ${mount} # Prepare our minimal BE... plop a rescue binary into it atf_check mkdir -p ${root} atf_check -o ignore bectl -r ${zpool}/ROOT mount default ${root} atf_check mkdir -p ${root}/rescue atf_check cp /rescue/rescue ${root}/rescue/rescue atf_check bectl -r ${zpool}/ROOT umount default + # Prepare a second boot environment + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT create -e default target + + # When a jail name is not explicit, it should match the jail id. + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT jail -b -o jid=233637 default + atf_check -o inline:"233637\n" -s exit:0 -x "jls -j 233637 name" + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT unjail default + # Basic command-mode tests, with and without jail cleanup atf_check -o inline:"rescue\n" bectl -r ${zpool}/ROOT \ jail default /rescue/rescue ls -1 atf_check -o inline:"rescue\n" bectl -r ${zpool}/ROOT \ jail -Uo path=${root} default /rescue/rescue ls -1 atf_check [ -f ${root}/rescue/rescue ] atf_check bectl -r ${zpool}/ROOT ujail default # Batch mode tests atf_check bectl -r ${zpool}/ROOT jail -bo path=${root} default atf_check -o not-empty -x "jls | grep -F \"${root}\"" atf_check bectl -r ${zpool}/ROOT ujail default atf_check -s not-exit:0 -x "jls | grep -F \"${root}\"" # 'unjail' naming atf_check bectl -r ${zpool}/ROOT jail -b default atf_check bectl -r ${zpool}/ROOT unjail default atf_check -s not-exit:0 -x "jls | grep -F \"${root}\"" + # 'unjail' by BE name. Force bectl to lookup jail id by the BE name. + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT jail -b default + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT jail -b -o name=bectl_test target + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT unjail target + atf_check -o empty -s exit:0 bectl -r ${zpool}/ROOT unjail default # cannot unjail an unjailed BE (by either command name) atf_check -e ignore -s not-exit:0 bectl -r ${zpool}/ROOT ujail default atf_check -e ignore -s not-exit:0 bectl -r ${zpool}/ROOT unjail default # set+unset atf_check bectl -r ${zpool}/ROOT jail -b -o path=${root} -u path default # Ensure that it didn't mount at ${root} atf_check -s not-exit:0 -x "mount | grep -F '${root}'" atf_check bectl -r ${zpool}/ROOT ujail default } + +# If a test has failed, it's possible that the boot environment hasn't +# been 'unjail'ed. We want to remove the jail before 'bectl_cleanup' +# attempts to destroy the zpool. bectl_jail_cleanup() { + for bootenv in "default" "target"; do + # mountpoint of the boot environment + mountpoint="$(bectl -r bectl_test/ROOT list -H | grep ${bootenv} | awk '{print $3}')" + + # see if any jail paths match the boot environment mountpoint + jailid="$(jls | grep ${mountpoint} | awk '{print $1}')" + + if [ -z "$jailid" ]; then + continue; + fi + jail -r ${jailid} + done; bectl_cleanup bectl_test } atf_init_test_cases() { atf_add_test_case bectl_create atf_add_test_case bectl_destroy atf_add_test_case bectl_export_import atf_add_test_case bectl_list atf_add_test_case bectl_mount atf_add_test_case bectl_rename atf_add_test_case bectl_jail } Index: stable/12 =================================================================== --- stable/12 (revision 342737) +++ stable/12 (revision 342738) Property changes on: stable/12 ___________________________________________________________________ Modified: svn:mergeinfo ## -0,0 +0,1 ## Merged /head:r340722-340723,342466