git: a94018e2003b - main - nfsuserd: Improve failure message when running in a jail

From: Rick Macklem <rmacklem_at_FreeBSD.org>
Date: Mon, 29 May 2023 20:39:25 UTC
The branch main has been updated by rmacklem:

URL: https://cgit.FreeBSD.org/src/commit/?id=a94018e2003b83c10e8fb814f7a8d47e2513da95

commit a94018e2003b83c10e8fb814f7a8d47e2513da95
Author:     Rick Macklem <rmacklem@FreeBSD.org>
AuthorDate: 2023-05-29 20:38:07 +0000
Commit:     Rick Macklem <rmacklem@FreeBSD.org>
CommitDate: 2023-05-29 20:38:07 +0000

    nfsuserd: Improve failure message when running in a jail
    
    If a jail is not correctly configured to run nfsd(8)
    in the jail, nfsuserd(8) cannot run.
    This patch improves the failure message for this case.
    
    MFC after:      2 weeks
---
 usr.sbin/nfsuserd/nfsuserd.c | 21 ++++++++++++++++-----
 1 file changed, 16 insertions(+), 5 deletions(-)

diff --git a/usr.sbin/nfsuserd/nfsuserd.c b/usr.sbin/nfsuserd/nfsuserd.c
index 3095948dce75..0f632a6efccc 100644
--- a/usr.sbin/nfsuserd/nfsuserd.c
+++ b/usr.sbin/nfsuserd/nfsuserd.c
@@ -35,6 +35,7 @@ __FBSDID("$FreeBSD$");
 #include <sys/mount.h>
 #include <sys/socket.h>
 #include <sys/socketvar.h>
+#include <sys/sysctl.h>
 #include <sys/time.h>
 #include <sys/ucred.h>
 #include <sys/vnode.h>
@@ -127,7 +128,8 @@ main(int argc, char *argv[])
 #ifdef INET6
 	struct sockaddr_in6 *sin6;
 #endif
-	int s;
+	int jailed, s;
+	size_t jailed_size;
 
 	if (modfind("nfscommon") < 0) {
 		/* Not present in kernel, try loading it */
@@ -326,10 +328,19 @@ main(int argc, char *argv[])
 #else
 	if (nfssvc(NFSSVC_NFSUSERDPORT | NFSSVC_NEWSTRUCT, &nargs) < 0) {
 		if (errno == EPERM) {
-			fprintf(stderr,
-			    "Can't start nfsuserd when already running");
-			fprintf(stderr,
-			    " If not running, use the -force option.\n");
+			jailed = 0;
+			jailed_size = sizeof(jailed);
+			sysctlbyname("security.jail.jailed", &jailed,
+			    &jailed_size, NULL, 0);
+			if (jailed != 0) {
+				fprintf(stderr, "Cannot start nfsuserd. "
+				    "allow.nfsd might not be configured\n");
+			} else {
+				fprintf(stderr, "Cannot start nfsuserd "
+				    "when already running.");
+				fprintf(stderr, " If not running, "
+				    "use the -force option.\n");
+			}
 		} else {
 			fprintf(stderr, "Can't do nfssvc() to add port\n");
 		}