svn commit: r337947 - head/sbin/bectl
Kyle Evans
kevans at FreeBSD.org
Fri Aug 17 01:59:21 UTC 2018
Author: kevans
Date: Fri Aug 17 01:59:19 2018
New Revision: 337947
URL: https://svnweb.freebsd.org/changeset/base/337947
Log:
bectl(8): Add batch mode to jail subcommand
Adding batch mode to the jail `bectl(8)` subcommand enables jailing of
ZFS Boot Environments in a scriptable fashion.
Submitted by: Shawn Webb
Obtained from: HardenedBSD (9e72d1c59a and ef7b6d9e1c with minor edit)
Modified:
head/sbin/bectl/bectl.8
head/sbin/bectl/bectl.c
head/sbin/bectl/bectl_jail.c
Modified: head/sbin/bectl/bectl.8
==============================================================================
--- head/sbin/bectl/bectl.8 Fri Aug 17 01:52:15 2018 (r337946)
+++ head/sbin/bectl/bectl.8 Fri Aug 17 01:59:19 2018 (r337947)
@@ -18,7 +18,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd August 12, 2018
+.Dd August 16, 2018
.Dt BECTL 8
.Os
.Sh NAME
@@ -50,6 +50,7 @@ import
.Ao Ar targetBe Ac
.Nm
jail
+.Op Fl b
.Oo Fl o Ar key Ns = Ns Ar value | Fl u Ar key Oc Ns ...
.Ao Ar jailID | jailName Ac
.Ao Ar bootenv Ac
@@ -160,6 +161,11 @@ arguments may be specified.
will set a jail parameter, and
.Fl u
will unset a jail parameter.
+By default, jails are created in interactive mode, with a shell being
+executed within the jail.
+The
+.Fl b
+argument enables batch mode, thereby disabling interactive mode.
.Pp
The
.Va name ,
Modified: head/sbin/bectl/bectl.c
==============================================================================
--- head/sbin/bectl/bectl.c Fri Aug 17 01:52:15 2018 (r337946)
+++ head/sbin/bectl/bectl.c Fri Aug 17 01:59:19 2018 (r337947)
@@ -77,7 +77,7 @@ usage(bool explicit)
#if SOON
"\tbectl add (path)*\n"
#endif
- "\tbectl jail [ -o key=value | -u key ]... bootenv\n"
+ "\tbectl jail [-b] [ -o key=value | -u key ]... bootenv\n"
"\tbectl list [-a] [-D] [-H] [-s]\n"
"\tbectl mount beName [mountpoint]\n"
"\tbectl rename origBeName newBeName\n"
Modified: head/sbin/bectl/bectl_jail.c
==============================================================================
--- head/sbin/bectl/bectl_jail.c Fri Aug 17 01:52:15 2018 (r337946)
+++ head/sbin/bectl/bectl_jail.c Fri Aug 17 01:59:19 2018 (r337947)
@@ -179,10 +179,10 @@ int
bectl_cmd_jail(int argc, char *argv[])
{
char *bootenv, *mountpoint;
- int jid, opt, ret;
- bool default_hostname, default_name;
+ int jflags, jid, opt, ret;
+ bool default_hostname, default_name, interactive;
- default_hostname = default_name = true;
+ default_hostname = default_name = interactive = true;
jpcnt = INIT_PARAMCOUNT;
jp = malloc(jpcnt * sizeof(*jp));
if (jp == NULL)
@@ -193,8 +193,11 @@ bectl_cmd_jail(int argc, char *argv[])
jailparam_add("allow.mount.devfs", "true");
jailparam_add("enforce_statfs", "1");
- while ((opt = getopt(argc, argv, "o:u:")) != -1) {
+ while ((opt = getopt(argc, argv, "bo:u:")) != -1) {
switch (opt) {
+ case 'b':
+ interactive = false;
+ break;
case 'o':
if (jailparam_addarg(optarg)) {
/*
@@ -259,13 +262,17 @@ bectl_cmd_jail(int argc, char *argv[])
jailparam_add("name", bootenv);
if (default_hostname)
jailparam_add("host.hostname", bootenv);
+
+ jflags = JAIL_CREATE;
+ if (interactive)
+ jflags |= JAIL_ATTACH;
/*
* This is our indicator that path was not set by the user, so we'll use
* the path that libbe generated for us.
*/
if (mountpoint == NULL)
jailparam_add("path", mnt_loc);
- jid = jailparam_set(jp, jpused, JAIL_CREATE | JAIL_ATTACH);
+ jid = jailparam_set(jp, jpused, jflags);
if (jid == -1) {
fprintf(stderr, "unable to create jail. error: %d\n", errno);
return (1);
@@ -274,9 +281,13 @@ bectl_cmd_jail(int argc, char *argv[])
jailparam_free(jp, jpused);
free(jp);
- /* We're attached within the jail... good bye! */
- chdir("/");
- execl("/bin/sh", "/bin/sh", NULL);
+ if (interactive) {
+ /* We're attached within the jail... good bye! */
+ chdir("/");
+ execl("/bin/sh", "/bin/sh", NULL);
+ return (1);
+ }
+
return (0);
}
More information about the svn-src-all
mailing list