git: 07cbc2f943ff - stable/13 - route(8): teach route to attach to jails
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Wed, 16 Aug 2023 12:32:14 UTC
The branch stable/13 has been updated by dfr:
URL: https://cgit.FreeBSD.org/src/commit/?id=07cbc2f943ff32bee33c4405903795d5545d57ea
commit 07cbc2f943ff32bee33c4405903795d5545d57ea
Author: Yan Ka, Chiu <nyan@myuji.xyz>
AuthorDate: 2023-06-13 06:05:17 +0000
Commit: Doug Rabson <dfr@FreeBSD.org>
CommitDate: 2023-08-16 12:25:57 +0000
route(8): teach route to attach to jails
Add -j <jail> flag to route(8) to allow route to perform actions in
a Jail.
Differential Revision: https://reviews.freebsd.org/D40377
MFC after: 2 weeks
(cherry picked from commit ab4d1b73cbf8980dbe05cde7d822010042db8344)
---
sbin/route/Makefile | 5 +++++
sbin/route/route.8 | 5 ++++-
sbin/route/route.c | 36 ++++++++++++++++++++++++++++++++++--
3 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/sbin/route/Makefile b/sbin/route/Makefile
index e65030f805bb..2cecadd24a72 100644
--- a/sbin/route/Makefile
+++ b/sbin/route/Makefile
@@ -19,6 +19,11 @@ CFLAGS+= -DINET6
.endif
CFLAGS+= -I.
+.if ${MK_JAIL} != "no" && !defined(RESCUE)
+CFLAGS+= -DJAIL
+LIBADD+= jail
+.endif
+
HAS_TESTS=
SUBDIR.${MK_TESTS}+= tests
diff --git a/sbin/route/route.8 b/sbin/route/route.8
index afcf55ab44c7..72c22bee23ed 100644
--- a/sbin/route/route.8
+++ b/sbin/route/route.8
@@ -28,7 +28,7 @@
.\" @(#)route.8 8.3 (Berkeley) 3/19/94
.\" $FreeBSD$
.\"
-.Dd March 14, 2023
+.Dd June 13, 2023
.Dt ROUTE 8
.Os
.Sh NAME
@@ -36,6 +36,7 @@
.Nd manually manipulate the routing tables
.Sh SYNOPSIS
.Nm
+.Op Fl j Ar jail
.Op Fl dnqtv
.Ar command
.Oo
@@ -91,6 +92,8 @@ Suppress all output from the
and
.Cm flush
commands.
+.It Fl j Ar jail
+Run inside a jail.
.El
.Pp
The
diff --git a/sbin/route/route.c b/sbin/route/route.c
index 5f33cecb1b20..e10d0b18ee40 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -48,6 +48,9 @@ __FBSDID("$FreeBSD$");
#include <sys/file.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#ifdef JAIL
+#include <sys/jail.h>
+#endif
#include <sys/sysctl.h>
#include <sys/types.h>
#include <sys/queue.h>
@@ -63,6 +66,9 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <err.h>
#include <errno.h>
+#ifdef JAIL
+#include <jail.h>
+#endif
#include <paths.h>
#include <signal.h>
#include <stdbool.h>
@@ -90,6 +96,9 @@ static struct keytab {
{0, 0}
};
+#ifdef JAIL
+char * jail_name;
+#endif
static struct sockaddr_storage so[RTAX_MAX];
static int pid, rtm_addrs;
static int s;
@@ -161,7 +170,7 @@ usage(const char *cp)
{
if (cp != NULL)
warnx("bad keyword: %s", cp);
- errx(EX_USAGE, "usage: route [-46dnqtv] command [[modifiers] args]");
+ errx(EX_USAGE, "usage: route [-j jail] [-46dnqtv] command [[modifiers] args]");
/* NOTREACHED */
}
@@ -169,12 +178,15 @@ int
main(int argc, char **argv)
{
int ch;
+#ifdef JAIL
+ int jid;
+#endif
size_t len;
if (argc < 2)
usage(NULL);
- while ((ch = getopt(argc, argv, "46nqdtv")) != -1)
+ while ((ch = getopt(argc, argv, "46nqdtvj:")) != -1)
switch(ch) {
case '4':
#ifdef INET
@@ -207,6 +219,15 @@ main(int argc, char **argv)
case 'd':
debugonly = 1;
break;
+ case 'j':
+#ifdef JAIL
+ if (optarg == NULL)
+ usage(NULL);
+ jail_name = optarg;
+#else
+ errx(1, "Jail support is not compiled in");
+#endif
+ break;
case '?':
default:
usage(NULL);
@@ -216,6 +237,17 @@ main(int argc, char **argv)
pid = getpid();
uid = geteuid();
+
+#ifdef JAIL
+ if (jail_name != NULL) {
+ jid = jail_getid(jail_name);
+ if (jid == -1)
+ errx(1, "Jail not found");
+ if (jail_attach(jid) != 0)
+ errx(1, "Cannot attach to jail");
+ }
+#endif
+
if (tflag)
s = open(_PATH_DEVNULL, O_WRONLY, 0);
else