svn commit: r292759 - head/etc/rc.d

Jamie Gritton jamie at FreeBSD.org
Sat Dec 26 23:01:36 UTC 2015


Author: jamie
Date: Sat Dec 26 23:01:34 2015
New Revision: 292759
URL: https://svnweb.freebsd.org/changeset/base/292759

Log:
  Let old-style (shell-based) jail configuration handle jail names that
  contain characters not allowed in a shell variable (such as "-").
  These will be replaced by an underscore in jail config variables,
  e.g. for jail "foo-bar" you would set "jail_foo_bar_hostname".
  
  This is separate from the current code that changes the jail names
  if they contain "." or "/".  It also doesn't apply to jails defined
  in a jail.conf file.
  
  PR:		191181
  MFC after:	5 days

Modified:
  head/etc/rc.d/jail

Modified: head/etc/rc.d/jail
==============================================================================
--- head/etc/rc.d/jail	Sat Dec 26 22:27:48 2015	(r292758)
+++ head/etc/rc.d/jail	Sat Dec 26 23:01:34 2015	(r292759)
@@ -28,16 +28,16 @@ extra_commands="config console status"
 
 need_dad_wait=
 
-# extract_var jail name param num defval
-#	Extract value from ${jail_$jail_$name} or ${jail_$name} and
+# extract_var jv name param num defval
+#	Extract value from ${jail_$jv_$name} or ${jail_$name} and
 #	set it to $param.  If not defined, $defval is used.
-#	When $num is [0-9]*, ${jail_$jail_$name$num} are looked up and
+#	When $num is [0-9]*, ${jail_$jv_$name$num} are looked up and
 #	$param is set by using +=.
 #	When $num is YN or NY, the value is interpret as boolean.
 extract_var()
 {
-	local i _j _name _param _num _def _name1 _name2
-	_j=$1
+	local i _jv _name _param _num _def _name1 _name2
+	_jv=$1
 	_name=$2
 	_param=$3
 	_num=$4
@@ -45,7 +45,7 @@ extract_var()
 
 	case $_num in
 	YN)
-		_name1=jail_${_j}_${_name}
+		_name1=jail_${_jv}_${_name}
 		_name2=jail_${_name}
 		eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
 		if checkyesno $_name1; then
@@ -55,7 +55,7 @@ extract_var()
 		fi
 	;;
 	NY)
-		_name1=jail_${_j}_${_name}
+		_name1=jail_${_jv}_${_name}
 		_name2=jail_${_name}
 		eval $_name1=\"\${$_name1:-\${$_name2:-$_def}}\"
 		if checkyesno $_name1; then
@@ -67,7 +67,7 @@ extract_var()
 	[0-9]*)
 		i=$_num
 		while : ; do
-			_name1=jail_${_j}_${_name}${i}
+			_name1=jail_${_jv}_${_name}${i}
 			_name2=jail_${_name}${i}
 			eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
 			if [ -n "$_tmpargs" ]; then 
@@ -79,7 +79,7 @@ extract_var()
 		done
 	;;
 	*)
-		_name1=jail_${_j}_${_name}
+		_name1=jail_${_jv}_${_name}
 		_name2=jail_${_name}
 		eval _tmpargs=\"\${$_name1:-\${$_name2:-$_def}}\"
 		if [ -n "$_tmpargs" ]; then
@@ -89,22 +89,23 @@ extract_var()
 	esac
 }
 
-# parse_options _j
+# parse_options _j _jv
 #	Parse options and create a temporary configuration file if necessary.
 #
 parse_options()
 {
-	local _j _p
+	local _j _jv _p
 	_j=$1
+	_jv=$2
 
 	_confwarn=0
 	if [ -z "$_j" ]; then
 		warn "parse_options: you must specify a jail"
 		return
 	fi
-	eval _jconf=\"\${jail_${_j}_conf:-/etc/jail.${_j}.conf}\"
-	eval _rootdir=\"\$jail_${_j}_rootdir\"
-	eval _hostname=\"\$jail_${_j}_hostname\"
+	eval _jconf=\"\${jail_${_jv}_conf:-/etc/jail.${_j}.conf}\"
+	eval _rootdir=\"\$jail_${_jv}_rootdir\"
+	eval _hostname=\"\$jail_${_jv}_hostname\"
 	if [ -z "$_rootdir" -o \
 	     -z "$_hostname" ]; then
 		if [ -r "$_jconf" ]; then
@@ -120,7 +121,7 @@ parse_options()
 		fi
 		return 1
 	fi
-	eval _ip=\"\$jail_${_j}_ip\"
+	eval _ip=\"\$jail_${_jv}_ip\"
 	if [ -z "$_ip" ] && ! check_kern_features vimage; then
 		warn "no ipaddress specified and no vimage support.  " \
 		    "Jail $_j was ignored."
@@ -138,10 +139,10 @@ parse_options()
 	fi
 	/usr/bin/install -m 0644 -o root -g wheel /dev/null $_conf || return 1
 
-	eval : \${jail_${_j}_flags:=${jail_flags}}
-	eval _exec=\"\$jail_${_j}_exec\"
-	eval _exec_start=\"\$jail_${_j}_exec_start\"
-	eval _exec_stop=\"\$jail_${_j}_exec_stop\"
+	eval : \${jail_${_jv}_flags:=${jail_flags}}
+	eval _exec=\"\$jail_${_jv}_exec\"
+	eval _exec_start=\"\$jail_${_jv}_exec_start\"
+	eval _exec_stop=\"\$jail_${_jv}_exec_stop\"
 	if [ -n "${_exec}" ]; then
 		#   simple/backward-compatible execution
 		_exec_start="${_exec}"
@@ -155,20 +156,20 @@ parse_options()
 			fi
 		fi
 	fi
-	eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\"
-	eval _parameters=\"\${jail_${_j}_parameters:-${jail_parameters}}\"
-	eval _fstab=\"\${jail_${_j}_fstab:-${jail_fstab:-/etc/fstab.$_j}}\"
+	eval _interface=\"\${jail_${_jv}_interface:-${jail_interface}}\"
+	eval _parameters=\"\${jail_${_jv}_parameters:-${jail_parameters}}\"
+	eval _fstab=\"\${jail_${_jv}_fstab:-${jail_fstab:-/etc/fstab.$_j}}\"
 	(
 		date +"# Generated by rc.d/jail at %Y-%m-%d %H:%M:%S"
 		echo "$_j {"
-		extract_var $_j hostname host.hostname - ""
-		extract_var $_j rootdir path - ""
+		extract_var $_jv hostname host.hostname - ""
+		extract_var $_jv rootdir path - ""
 		if [ -n "$_ip" ]; then
-			extract_var $_j interface interface - ""
+			extract_var $_jv interface interface - ""
 			jail_handle_ips_option $_ip $_interface
 			alias=0
 			while : ; do
-				eval _x=\"\$jail_${_j}_ip_multi${alias}\"
+				eval _x=\"\$jail_${_jv}_ip_multi${alias}\"
 				[ -z "$_x" ] && break
 
 				jail_handle_ips_option $_x $_interface
@@ -184,37 +185,37 @@ parse_options()
 			;;
 			esac
 			# These are applicable only to non-vimage jails. 
-			extract_var $_j fib exec.fib - ""
-			extract_var $_j socket_unixiproute_only \
+			extract_var $_jv fib exec.fib - ""
+			extract_var $_jv socket_unixiproute_only \
 			    allow.raw_sockets NY YES
 		else
 			echo "	vnet;"
-			extract_var $_j vnet_interface vnet.interface - ""
+			extract_var $_jv vnet_interface vnet.interface - ""
 		fi
 
 		echo "	exec.clean;"
 		echo "	exec.system_user = \"root\";"
 		echo "	exec.jail_user = \"root\";"
-		extract_var $_j exec_prestart exec.prestart 0 ""
-		extract_var $_j exec_poststart exec.poststart 0 ""
-		extract_var $_j exec_prestop exec.prestop 0 ""
-		extract_var $_j exec_poststop exec.poststop 0 ""
+		extract_var $_jv exec_prestart exec.prestart 0 ""
+		extract_var $_jv exec_poststart exec.poststart 0 ""
+		extract_var $_jv exec_prestop exec.prestop 0 ""
+		extract_var $_jv exec_poststop exec.poststop 0 ""
 
 		echo "	exec.start += \"$_exec_start\";"
-		extract_var $_j exec_afterstart exec.start 1 ""
+		extract_var $_jv exec_afterstart exec.start 1 ""
 		echo "	exec.stop = \"$_exec_stop\";"
 
-		extract_var $_j consolelog exec.consolelog - \
+		extract_var $_jv consolelog exec.consolelog - \
 		    /var/log/jail_${_j}_console.log
 
 		if [ -r $_fstab ]; then
 			echo "	mount.fstab = \"$_fstab\";"
 		fi
 
-		eval : \${jail_${_j}_devfs_enable:=${jail_devfs_enable:-NO}}
-		if checkyesno jail_${_j}_devfs_enable; then
+		eval : \${jail_${_jv}_devfs_enable:=${jail_devfs_enable:-NO}}
+		if checkyesno jail_${_jv}_devfs_enable; then
 			echo "	mount.devfs;"
-			eval _ruleset=\${jail_${_j}_devfs_ruleset:-${jail_devfs_ruleset}}
+			eval _ruleset=\${jail_${_jv}_devfs_ruleset:-${jail_devfs_ruleset}}
 			case $_ruleset in
 			"")	;;
 			[0-9]*) echo "	devfs_ruleset = \"$_ruleset\";" ;;
@@ -227,24 +228,24 @@ parse_options()
 			*)	warn "devfs_ruleset must be an integer." ;;
 			esac
 		fi
-		eval : \${jail_${_j}_fdescfs_enable:=${jail_fdescfs_enable:-NO}}
-		if checkyesno jail_${_j}_fdescfs_enable; then
+		eval : \${jail_${_jv}_fdescfs_enable:=${jail_fdescfs_enable:-NO}}
+		if checkyesno jail_${_jv}_fdescfs_enable; then
 			echo "	mount.fdescfs;"
 		fi
-		eval : \${jail_${_j}_procfs_enable:=${jail_procfs_enable:-NO}}
-		if checkyesno jail_${_j}_procfs_enable; then
+		eval : \${jail_${_jv}_procfs_enable:=${jail_procfs_enable:-NO}}
+		if checkyesno jail_${_jv}_procfs_enable; then
 			echo "	mount.procfs;"
 		fi
 
-		eval : \${jail_${_j}_mount_enable:=${jail_mount_enable:-NO}}
-		if checkyesno jail_${_j}_mount_enable; then
+		eval : \${jail_${_jv}_mount_enable:=${jail_mount_enable:-NO}}
+		if checkyesno jail_${_jv}_mount_enable; then
 			echo "	allow.mount;"
 		fi
 
-		extract_var $_j set_hostname_allow allow.set_hostname YN NO
-		extract_var $_j sysvipc_allow allow.sysvipc YN NO
-		extract_var $_j osreldate osreldate
-		extract_var $_j osrelease osrelease
+		extract_var $_jv set_hostname_allow allow.set_hostname YN NO
+		extract_var $_jv sysvipc_allow allow.sysvipc YN NO
+		extract_var $_jv osreldate osreldate
+		extract_var $_jv osrelease osrelease
 		for _p in $_parameters; do
 			echo "	${_p%\;};"
 		done
@@ -382,14 +383,15 @@ jail_handle_ips_option()
 
 jail_config()
 {
-	local _j
+	local _j _jv
 
 	case $1 in
 	_ALL)	return ;;
 	esac
 	for _j in $@; do
 		_j=$(echo $_j | tr /. _)
-		if parse_options $_j; then 
+		_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
+		if parse_options $_j $_jv; then 
 			echo "$_j: parameters are in $_conf."
 		fi
 	done
@@ -397,7 +399,7 @@ jail_config()
 
 jail_console()
 {
-	local _j _cmd
+	local _j _jv _cmd
 
 	# One argument that is not _ALL.
 	case $#:$1 in
@@ -405,9 +407,10 @@ jail_console()
 	1:*)		;;
 	esac
 	_j=$(echo $1 | tr /. _)
+	_jv=$(echo -n $1 | tr -c '[:alnum:]' _)
 	shift
 	case $# in
-	0)	eval _cmd=\${jail_${_j}_consolecmd:-$jail_consolecmd} ;;
+	0)	eval _cmd=\${jail_${_jv}_consolecmd:-$jail_consolecmd} ;;
 	*)	_cmd=$@ ;;
 	esac
 	$jail_jexec $_j $_cmd
@@ -421,7 +424,7 @@ jail_status()
 
 jail_start()
 {
-	local _j _jid _jl _id _name
+	local _j _jv _jid _jl _id _name
 
 	if [ $# = 0 ]; then
 		return
@@ -454,11 +457,12 @@ jail_start()
 		_jl=
 		for _j in $@; do
 			_j=$(echo $_j | tr /. _)
-			parse_options $_j || continue
+			_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
+			parse_options $_j $_jv || continue
 
 			_jl="$_jl $_j"
-			eval rc_flags=\${jail_${_j}_flags:-$jail_flags}
-			eval command=\${jail_${_j}_program:-$jail_program}
+			eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
+			eval command=\${jail_${_jv}_program:-$jail_program}
 			command_args="-i -f $_conf -c $_j"
 			$command $rc_flags $command_args \
 			    >/dev/null 2>&1 </dev/null &
@@ -480,10 +484,11 @@ jail_start()
 		#
 		for _j in $@; do
 			_j=$(echo $_j | tr /. _)
-			parse_options $_j || continue
+			_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
+			parse_options $_j $_jv || continue
 
-			eval rc_flags=\${jail_${_j}_flags:-$jail_flags}
-			eval command=\${jail_${_j}_program:-$jail_program}
+			eval rc_flags=\${jail_${_jv}_flags:-$jail_flags}
+			eval command=\${jail_${_jv}_program:-$jail_program}
 			command_args="-i -f $_conf -c $_j"
 			_tmp=`mktemp -t jail` || exit 3
 			if $command $rc_flags $command_args \
@@ -505,7 +510,7 @@ jail_start()
 
 jail_stop()
 {
-	local _j
+	local _j _jv
 
 	if [ $# = 0 ]; then
 		return
@@ -533,11 +538,12 @@ jail_stop()
 	esac
 	for _j in $@; do
 		_j=$(echo $_j | tr /. _)
-		parse_options $_j || continue
+		_jv=$(echo -n $_j | tr -c '[:alnum:]' _)
+		parse_options $_j $_jv || continue
 		if ! $jail_jls -j $_j > /dev/null 2>&1; then
 			continue
 		fi
-		eval command=\${jail_${_j}_program:-$jail_program}
+		eval command=\${jail_${_jv}_program:-$jail_program}
 		echo -n " ${_hostname:-${_j}}"
 		_tmp=`mktemp -t jail` || exit 3
 		$command -q -f $_conf -r $_j >> $_tmp 2>&1


More information about the svn-src-head mailing list