git: ab4d1b73cbf8 - main - route(8): teach route to attach to jails
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Tue, 13 Jun 2023 06:07:45 UTC
The branch main has been updated by melifaro:
URL: https://cgit.FreeBSD.org/src/commit/?id=ab4d1b73cbf8980dbe05cde7d822010042db8344
commit ab4d1b73cbf8980dbe05cde7d822010042db8344
Author: Yan Ka, Chiu <nyan@myuji.xyz>
AuthorDate: 2023-06-13 06:05:17 +0000
Commit: Alexander V. Chernikov <melifaro@FreeBSD.org>
CommitDate: 2023-06-13 06:06:27 +0000
route(8): teach route to attach to jails
Add -j <jail> flag to route(8) to allow route to perform actions in
a Jail.
Differential Revision: https://reviews.freebsd.org/D40377
MFC after: 2 weeks
---
sbin/route/Makefile | 5 +++++
sbin/route/route.8 | 5 ++++-
sbin/route/route.c | 36 ++++++++++++++++++++++++++++++++++--
3 files changed, 43 insertions(+), 3 deletions(-)
diff --git a/sbin/route/Makefile b/sbin/route/Makefile
index ddebd2a1d166..d170d0823c91 100644
--- a/sbin/route/Makefile
+++ b/sbin/route/Makefile
@@ -25,6 +25,11 @@ SRCS+= route_netlink.c
CFLAGS+=-DWITHOUT_NETLINK
.endif
+.if ${MK_JAIL} != "no" && !defined(RESCUE)
+CFLAGS+= -DJAIL
+LIBADD+= jail
+.endif
+
HAS_TESTS=
SUBDIR.${MK_TESTS}+= tests
diff --git a/sbin/route/route.8 b/sbin/route/route.8
index afcf55ab44c7..72c22bee23ed 100644
--- a/sbin/route/route.8
+++ b/sbin/route/route.8
@@ -28,7 +28,7 @@
.\" @(#)route.8 8.3 (Berkeley) 3/19/94
.\" $FreeBSD$
.\"
-.Dd March 14, 2023
+.Dd June 13, 2023
.Dt ROUTE 8
.Os
.Sh NAME
@@ -36,6 +36,7 @@
.Nd manually manipulate the routing tables
.Sh SYNOPSIS
.Nm
+.Op Fl j Ar jail
.Op Fl dnqtv
.Ar command
.Oo
@@ -91,6 +92,8 @@ Suppress all output from the
and
.Cm flush
commands.
+.It Fl j Ar jail
+Run inside a jail.
.El
.Pp
The
diff --git a/sbin/route/route.c b/sbin/route/route.c
index 4002cbe5867b..223b1d6f69dc 100644
--- a/sbin/route/route.c
+++ b/sbin/route/route.c
@@ -48,6 +48,9 @@ __FBSDID("$FreeBSD$");
#include <sys/file.h>
#include <sys/socket.h>
#include <sys/ioctl.h>
+#ifdef JAIL
+#include <sys/jail.h>
+#endif
#include <sys/sysctl.h>
#include <sys/types.h>
#include <sys/queue.h>
@@ -63,6 +66,9 @@ __FBSDID("$FreeBSD$");
#include <ctype.h>
#include <err.h>
#include <errno.h>
+#ifdef JAIL
+#include <jail.h>
+#endif
#include <paths.h>
#include <signal.h>
#include <stdbool.h>
@@ -91,6 +97,9 @@ static struct keytab {
};
int verbose, debugonly;
+#ifdef JAIL
+char * jail_name;
+#endif
static struct sockaddr_storage so[RTAX_MAX];
static int pid, rtm_addrs;
static int nflag, af, aflen, qflag, tflag;
@@ -172,7 +181,7 @@ usage(const char *cp)
{
if (cp != NULL)
warnx("bad keyword: %s", cp);
- errx(EX_USAGE, "usage: route [-46dnqtv] command [[modifiers] args]");
+ errx(EX_USAGE, "usage: route [-j jail] [-46dnqtv] command [[modifiers] args]");
/* NOTREACHED */
}
@@ -180,12 +189,15 @@ int
main(int argc, char **argv)
{
int ch;
+#ifdef JAIL
+ int jid;
+#endif
size_t len;
if (argc < 2)
usage(NULL);
- while ((ch = getopt(argc, argv, "46nqdtv")) != -1)
+ while ((ch = getopt(argc, argv, "46nqdtvj:")) != -1)
switch(ch) {
case '4':
#ifdef INET
@@ -218,6 +230,15 @@ main(int argc, char **argv)
case 'd':
debugonly = 1;
break;
+ case 'j':
+#ifdef JAIL
+ if (optarg == NULL)
+ usage(NULL);
+ jail_name = optarg;
+#else
+ errx(1, "Jail support is not compiled in");
+#endif
+ break;
case '?':
default:
usage(NULL);
@@ -227,6 +248,17 @@ main(int argc, char **argv)
pid = getpid();
uid = geteuid();
+
+#ifdef JAIL
+ if (jail_name != NULL) {
+ jid = jail_getid(jail_name);
+ if (jid == -1)
+ errx(1, "Jail not found");
+ if (jail_attach(jid) != 0)
+ errx(1, "Cannot attach to jail");
+ }
+#endif
+
#ifdef WITHOUT_NETLINK
if (tflag)
s = open(_PATH_DEVNULL, O_WRONLY, 0);