git: 188c088fe351 - stable/13 - jail(3lua): add jail.attach()/jail.remove() methods

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Wed, 06 Oct 2021 07:13:39 UTC
The branch stable/13 has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=188c088fe3510eea080f69a8db447fb9d21b2b73

commit 188c088fe3510eea080f69a8db447fb9d21b2b73
Author:     Kyle Evans <kevans@FreeBSD.org>
AuthorDate: 2020-10-23 17:52:31 +0000
Commit:     Kyle Evans <kevans@FreeBSD.org>
CommitDate: 2021-10-06 07:13:27 +0000

    jail(3lua): add jail.attach()/jail.remove() methods
    
    These aren't a part of or use libjail(3), but rather are direct
    syscalls.  Still, they seem like good additions, allowing us to attach
    to already-running jails.
    
    (cherry picked from commit a6499c56ab6ca54f01dca44b7e34a0fc6a680e90)
---
 lib/flua/libjail/jail.3lua  | 22 ++++++++++++++
 lib/flua/libjail/lua_jail.c | 74 +++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 96 insertions(+)

diff --git a/lib/flua/libjail/jail.3lua b/lib/flua/libjail/jail.3lua
index aa1e0ec49616..a0cb7ae1381e 100644
--- a/lib/flua/libjail/jail.3lua
+++ b/lib/flua/libjail/jail.3lua
@@ -30,11 +30,13 @@
 .Dt JAIL 3lua
 .Os
 .Sh NAME
+.Nm attach ,
 .Nm getid ,
 .Nm getname ,
 .Nm list ,
 .Nm allparams ,
 .Nm getparams ,
+.Nm remove ,
 .Nm setparams ,
 .Nm CREATE ,
 .Nm UPDATE ,
@@ -48,11 +50,13 @@ local jail = require('jail')
 .Ed
 .Pp
 .Bl -tag -width XXXX -compact
+.It Dv ok, err = jail.attach(jid|name)
 .It Dv jid, err = jail.getid(name)
 .It Dv name, err = jail.getname(jid)
 .It Dv params, err = jail.allparams()
 .It Dv iter, jail_obj = jail.list([params])
 .It Dv jid, res = jail.getparams(jid|name, params [, flags ] )
+.It Dv ok, err = jail.remove(jid|name)
 .It Dv jid, err = jail.setparams(jid|name, params, flags )
 .It Dv jail.CREATE
 .It Dv jail.UPDATE
@@ -71,6 +75,11 @@ and
 .Xr jail_set 2
 system calls.
 .Bl -tag -width XXXX
+.It Dv ok, err = jail.attach(jid|name)
+Attach to the given jail, identified by an integer
+.Fa jid
+or the
+.Fa name .
 .It Dv jid, err = jail.getid(name)
 Get the jail identifier
 .Pq jid
@@ -114,6 +123,11 @@ See the list of flags below.
 Only the
 .Dv DYING
 flag is valid to set.
+.It Dv ok, err = jail.remove(jid|name)
+Remove the given jail, identified by an integer
+.Fa jid
+or the
+.Fa name .
 .It Dv jid, err = jail.setparams(jid|name, params [, flags ] )
 Set parameters for a given jail.
 This is used to create, update, attach to, or destroy a jail.
@@ -188,6 +202,14 @@ and an error message string if an error occurred.
 The
 .Fn list
 function returns an iterator over the list of running jails.
+.Pp
+The
+.Fn attach
+and
+.Fn remove
+functions return true on success, or
+.Dv nil
+and an error message string if an error occurred.
 .Sh EXAMPLES
 Set the hostname of jail
 .Dq foo
diff --git a/lib/flua/libjail/lua_jail.c b/lib/flua/libjail/lua_jail.c
index 7bb0e13cceea..025694bf1181 100644
--- a/lib/flua/libjail/lua_jail.c
+++ b/lib/flua/libjail/lua_jail.c
@@ -575,6 +575,68 @@ l_setparams(lua_State *L)
 	return (1);
 }
 
+static int
+l_attach(lua_State *L)
+{
+	int jid, type;
+
+	type = lua_type(L, 1);
+	luaL_argcheck(L, type == LUA_TSTRING || type == LUA_TNUMBER, 1,
+	    "expected a jail name (string) or id (integer)");
+
+	if (lua_isstring(L, 1)) {
+		/* Resolve it to a jid. */
+		jid = jail_getid(lua_tostring(L, 1));
+		if (jid == -1) {
+			lua_pushnil(L);
+			lua_pushstring(L, jail_errmsg);
+			return (2);
+		}
+	} else {
+		jid = lua_tointeger(L, 1);
+	}
+
+	if (jail_attach(jid) == -1) {
+		lua_pushnil(L);
+		lua_pushstring(L, strerror(errno));
+		return (2);
+	}
+
+	lua_pushboolean(L, 1);
+	return (1);
+}
+
+static int
+l_remove(lua_State *L)
+{
+	int jid, type;
+
+	type = lua_type(L, 1);
+	luaL_argcheck(L, type == LUA_TSTRING || type == LUA_TNUMBER, 1,
+	    "expected a jail name (string) or id (integer)");
+
+	if (lua_isstring(L, 1)) {
+		/* Resolve it to a jid. */
+		jid = jail_getid(lua_tostring(L, 1));
+		if (jid == -1) {
+			lua_pushnil(L);
+			lua_pushstring(L, jail_errmsg);
+			return (2);
+		}
+	} else {
+		jid = lua_tointeger(L, 1);
+	}
+
+	if (jail_remove(jid) == -1) {
+		lua_pushnil(L);
+		lua_pushstring(L, strerror(errno));
+		return (2);
+	}
+
+	lua_pushboolean(L, 1);
+	return (1);
+}
+
 static const struct luaL_Reg l_jail[] = {
 	/** Get id of a jail by name.
 	 * @param name	jail name (string)
@@ -616,6 +678,18 @@ static const struct luaL_Reg l_jail[] = {
 	 *		close methods
 	 */
 	{"list", l_list},
+	/** Attach to a running jail.
+	 * @param jail	jail name (string) or id (integer)
+	 * @return	true (boolean)
+	 *		or nil, error (string) on error
+	 */
+	{"attach", l_attach},
+	/** Remove a running jail.
+	 * @param jail	jail name (string) or id (integer)
+	 * @return	true (boolean)
+	 *		or nil, error (string) on error
+	 */
+	{"remove", l_remove},
 	{NULL, NULL}
 };