static void
ctl_show(int argc, char **argv)
{
int ipv4, ipv6, verbose = 0;
ipv4 = feature_present("inet");
ipv6 = feature_present("inet6");
if (argc > 0 && !strncmp(argv[0], "ipv4", 4)) {
ipv6 = 0;
argc--;
argv++;
}
if (argc > 0 && !strncmp(argv[0], "ipv6", 4)) {
ipv4 = 0;
argc--;
argv++;
}
if (argc > 0 && !strncmp(argv[0], "verbose", strlen(argv[0])))
verbose = 1;
if (argc > 0 && !strncmp(argv[0], "human", strlen(argv[0])))
human = 1;
#ifdef INET
if (ipv4) {
if (verbose)
do_show(4, &flow_cache_print_verbose);
else
do_show(4, &flow_cache_print);
}
#endif
#ifdef INET6
if (ipv6) {
if (verbose)
do_show(6, &flow_cache_print6_verbose);
else
do_show(6, &flow_cache_print6);
}
#endif
}
static __constructor void
inet_ctor(void)
{
#ifndef RESCUE
if (!feature_present("inet"))
return;
#endif
af_register(&af_inet);
}
static int
ifconfig(int argc, char *const *argv, int iscreate, const struct afswtch *uafp)
{
const struct afswtch *afp, *nafp;
const struct cmd *p;
struct callback *cb;
int s;
strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name);
afp = NULL;
if (uafp != NULL)
afp = uafp;
/*
* This is the historical "accident" allowing users to configure IPv4
* addresses without the "inet" keyword which while a nice feature has
* proven to complicate other things. We cannot remove this but only
* make sure we will never have a similar implicit default for IPv6 or
* any other address familiy. We need a fallback though for
* ifconfig IF up/down etc. to work without INET support as people
* never used ifconfig IF link up/down, etc. either.
*/
#ifndef RESCUE
#ifdef INET
if (afp == NULL && feature_present("inet"))
afp = af_getbyname("inet");
#endif
#endif
if (afp == NULL)
afp = af_getbyname("link");
if (afp == NULL) {
warnx("Please specify an address_family.");
usage();
}
top:
ifr.ifr_addr.sa_family =
afp->af_af == AF_LINK || afp->af_af == AF_UNSPEC ?
AF_LOCAL : afp->af_af;
if ((s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0)) < 0 &&
(uafp != NULL || errno != EPROTONOSUPPORT ||
(s = socket(AF_LOCAL, SOCK_DGRAM, 0)) < 0))
err(1, "socket(family %u,SOCK_DGRAM", ifr.ifr_addr.sa_family);
while (argc > 0) {
p = cmd_lookup(*argv, iscreate);
if (iscreate && p == NULL) {
/*
* Push the clone create callback so the new
* device is created and can be used for any
* remaining arguments.
*/
cb = callbacks;
if (cb == NULL)
errx(1, "internal error, no callback");
callbacks = cb->cb_next;
cb->cb_func(s, cb->cb_arg);
iscreate = 0;
/*
* Handle any address family spec that
* immediately follows and potentially
* recreate the socket.
*/
nafp = af_getbyname(*argv);
if (nafp != NULL) {
argc--, argv++;
if (nafp != afp) {
close(s);
afp = nafp;
goto top;
}
}
/*
* Look for a normal parameter.
*/
continue;
}
if (p == NULL) {
/*
* Not a recognized command, choose between setting
* the interface address and the dst address.
*/
p = (setaddr ? &setifdstaddr_cmd : &setifaddr_cmd);
}
if (p->c_u.c_func || p->c_u.c_func2) {
if (p->c_parameter == NEXTARG) {
if (argv[1] == NULL)
errx(1, "'%s' requires argument",
p->c_name);
p->c_u.c_func(argv[1], 0, s, afp);
argc--, argv++;
} else if (p->c_parameter == OPTARG) {
p->c_u.c_func(argv[1], 0, s, afp);
if (argv[1] != NULL)
argc--, argv++;
} else if (p->c_parameter == NEXTARG2) {
if (argc < 3)
errx(1, "'%s' requires 2 arguments",
p->c_name);
p->c_u.c_func2(argv[1], argv[2], s, afp);
argc -= 2, argv += 2;
} else
p->c_u.c_func(*argv, p->c_parameter, s, afp);
}
argc--, argv++;
}
/*
* Do any post argument processing required by the address family.
*/
if (afp->af_postproc != NULL)
afp->af_postproc(s, afp);
/*
* Do deferred callbacks registered while processing
* command-line arguments.
*/
for (cb = callbacks; cb != NULL; cb = cb->cb_next)
cb->cb_func(s, cb->cb_arg);
/*
* Do deferred operations.
*/
if (clearaddr) {
if (afp->af_ridreq == NULL || afp->af_difaddr == 0) {
warnx("interface %s cannot change %s addresses!",
name, afp->af_name);
clearaddr = 0;
}
}
if (clearaddr) {
int ret;
strncpy(afp->af_ridreq, name, sizeof ifr.ifr_name);
ret = ioctl(s, afp->af_difaddr, afp->af_ridreq);
if (ret < 0) {
if (errno == EADDRNOTAVAIL && (doalias >= 0)) {
/* means no previous address for interface */
} else
Perror("ioctl (SIOCDIFADDR)");
}
}
if (newaddr) {
if (afp->af_addreq == NULL || afp->af_aifaddr == 0) {
warnx("interface %s cannot change %s addresses!",
name, afp->af_name);
newaddr = 0;
}
}
if (newaddr && (setaddr || setmask)) {
strncpy(afp->af_addreq, name, sizeof ifr.ifr_name);
if (ioctl(s, afp->af_aifaddr, afp->af_addreq) < 0)
Perror("ioctl (SIOCAIFADDR)");
}
close(s);
return(0);
}
int
main(int argc, char **argv)
{
char *dot, *ep, *jname, *pname;
int c, i, jflags, jid, lastjid, pflags, spc;
argc = xo_parse_args(argc, argv);
if (argc < 0)
exit(1);
xo_set_version(JLS_XO_VERSION);
jname = NULL;
pflags = jflags = jid = 0;
while ((c = getopt(argc, argv, "adj:hNnqsv")) >= 0)
switch (c) {
case 'a':
case 'd':
jflags |= JAIL_DYING;
break;
case 'j':
jid = strtoul(optarg, &ep, 10);
if (!jid || *ep) {
jid = 0;
jname = optarg;
}
break;
case 'h':
pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) |
PRINT_HEADER;
break;
case 'N':
pflags |= PRINT_JAIL_NAME;
break;
case 'n':
pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL;
break;
case 'q':
pflags |= PRINT_QUOTED;
break;
case 's':
pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) |
PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP;
break;
case 'v':
pflags = (pflags &
~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) |
PRINT_VERBOSE;
break;
default:
xo_errx(1, "usage: jls [-dhNnqv] [-j jail] [param ...]");
}
#ifdef INET6
ip6_ok = feature_present("inet6");
#endif
#ifdef INET
ip4_ok = feature_present("inet");
#endif
/* Add the parameters to print. */
if (optind == argc) {
if (pflags & (PRINT_HEADER | PRINT_NAMEVAL))
add_param("all", NULL, (size_t)0, NULL, JP_USER);
else if (pflags & PRINT_VERBOSE) {
add_param("jid", NULL, (size_t)0, NULL, JP_USER);
add_param("host.hostname", NULL, (size_t)0, NULL,
JP_USER);
add_param("path", NULL, (size_t)0, NULL, JP_USER);
add_param("name", NULL, (size_t)0, NULL, JP_USER);
add_param("dying", NULL, (size_t)0, NULL, JP_USER);
add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
#ifdef INET6
if (ip6_ok)
add_param("ip6.addr", NULL, (size_t)0, NULL,
JP_USER | JP_OPT);
#endif
} else {
pflags |= PRINT_DEFAULT;
if (pflags & PRINT_JAIL_NAME)
add_param("name", NULL, (size_t)0, NULL, JP_USER);
else
add_param("jid", NULL, (size_t)0, NULL, JP_USER);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
add_param("host.hostname", NULL, (size_t)0, NULL,
JP_USER);
add_param("path", NULL, (size_t)0, NULL, JP_USER);
}
} else {
pflags &= ~PRINT_VERBOSE;
while (optind < argc)
add_param(argv[optind++], NULL, (size_t)0, NULL,
JP_USER);
}
if (pflags & PRINT_SKIP) {
/* Check for parameters with jailsys parents. */
for (i = 0; i < nparams; i++) {
if ((params[i].jp_flags & JP_USER) &&
(dot = strchr(params[i].jp_name, '.'))) {
pname = alloca((dot - params[i].jp_name) + 1);
strlcpy(pname, params[i].jp_name,
(dot - params[i].jp_name) + 1);
param_parent[i] = add_param(pname,
NULL, (size_t)0, NULL, JP_OPT);
}
}
}
/* Add the index key parameters. */
if (jid != 0)
add_param("jid", &jid, sizeof(jid), NULL, 0);
else if (jname != NULL)
add_param("name", jname, strlen(jname), NULL, 0);
else
add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0);
/* Print a header line if requested. */
if (pflags & PRINT_VERBOSE) {
xo_emit("{T:/%3s}{T:JID}{P: }{T:Hostname}{Pd:/%22s}{T:Path}\n",
"", "");
xo_emit("{P:/%8s}{T:Name}{Pd:/%26s}{T:State}\n", "", "");
xo_emit("{P:/%8s}{T:CPUSetID}\n", "");
xo_emit("{P:/%8s}{T:IP Address(es)}\n", "");
}
else if (pflags & PRINT_DEFAULT)
if (pflags & PRINT_JAIL_NAME)
xo_emit("{P: }{T:JID/%-15s}{P: }{T:IP Address/%-15s}"
"{P: }{T:Hostname/%-29s}{P: }{T:Path}\n");
else
xo_emit("{T:JID/%6s}{P: }{T:IP Address}{P:/%6s}"
"{T:Hostname}{P:/%22s}{T:Path}\n", "", "");
else if (pflags & PRINT_HEADER) {
for (i = spc = 0; i < nparams; i++)
if (params[i].jp_flags & JP_USER) {
if (spc)
xo_emit("{P: }");
else
spc = 1;
xo_emit(params[i].jp_name);
}
xo_emit("{P:\n}");
}
xo_open_container("jail-information");
xo_open_list("jail");
/* Fetch the jail(s) and print the parameters. */
if (jid != 0 || jname != NULL) {
if (print_jail(pflags, jflags) < 0)
xo_errx(1, "%s", jail_errmsg);
} else {
for (lastjid = 0;
(lastjid = print_jail(pflags, jflags)) >= 0; )
;
if (errno != 0 && errno != ENOENT)
xo_errx(1, "%s", jail_errmsg);
}
xo_close_list("jail");
xo_close_container("jail-information");
xo_finish();
return (0);
}
int
main(int argc, char **argv)
{
char *dot, *ep, *jname;
int c, i, jflags, jid, lastjid, pflags, spc;
jname = NULL;
pflags = jflags = jid = 0;
while ((c = getopt(argc, argv, "adj:hnqsv")) >= 0)
switch (c) {
case 'a':
case 'd':
jflags |= JAIL_DYING;
break;
case 'j':
jid = strtoul(optarg, &ep, 10);
if (!jid || *ep) {
jid = 0;
jname = optarg;
}
break;
case 'h':
pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) |
PRINT_HEADER;
break;
case 'n':
pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL;
break;
case 'q':
pflags |= PRINT_QUOTED;
break;
case 's':
pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) |
PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP;
break;
case 'v':
pflags = (pflags &
~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) |
PRINT_VERBOSE;
break;
default:
errx(1, "usage: jls [-dhnqv] [-j jail] [param ...]");
}
#ifdef INET6
ip6_ok = feature_present("inet6");
#endif
#ifdef INET
ip4_ok = feature_present("inet");
#endif
/* Add the parameters to print. */
if (optind == argc) {
if (pflags & (PRINT_HEADER | PRINT_NAMEVAL))
add_param("all", NULL, (size_t)0, NULL, JP_USER);
else if (pflags & PRINT_VERBOSE) {
add_param("jid", NULL, (size_t)0, NULL, JP_USER);
add_param("host.hostname", NULL, (size_t)0, NULL,
JP_USER);
add_param("path", NULL, (size_t)0, NULL, JP_USER);
add_param("name", NULL, (size_t)0, NULL, JP_USER);
add_param("dying", NULL, (size_t)0, NULL, JP_USER);
add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
#ifdef INET6
if (ip6_ok)
add_param("ip6.addr", NULL, (size_t)0, NULL,
JP_USER | JP_OPT);
#endif
} else {
pflags |= PRINT_DEFAULT;
add_param("jid", NULL, (size_t)0, NULL, JP_USER);
#ifdef INET
if (ip4_ok)
add_param("ip4.addr", NULL, (size_t)0, NULL,
JP_USER);
#endif
add_param("host.hostname", NULL, (size_t)0, NULL,
JP_USER);
add_param("path", NULL, (size_t)0, NULL, JP_USER);
}
} else
while (optind < argc)
add_param(argv[optind++], NULL, (size_t)0, NULL,
JP_USER);
if (pflags & PRINT_SKIP) {
/* Check for parameters with jailsys parents. */
for (i = 0; i < nparams; i++) {
if ((params[i].jp_flags & JP_USER) &&
(dot = strchr(params[i].jp_name, '.'))) {
*dot = 0;
param_parent[i] = add_param(params[i].jp_name,
NULL, (size_t)0, NULL, JP_OPT);
*dot = '.';
}
}
}
/* Add the index key parameters. */
if (jid != 0)
add_param("jid", &jid, sizeof(jid), NULL, 0);
else if (jname != NULL)
add_param("name", jname, strlen(jname), NULL, 0);
else
add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0);
/* Print a header line if requested. */
if (pflags & PRINT_VERBOSE)
printf(" JID Hostname Path\n"
" Name State\n"
" CPUSetID\n"
" IP Address(es)\n");
else if (pflags & PRINT_DEFAULT)
printf(" JID IP Address "
"Hostname Path\n");
else if (pflags & PRINT_HEADER) {
for (i = spc = 0; i < nparams; i++)
if (params[i].jp_flags & JP_USER) {
if (spc)
putchar(' ');
else
spc = 1;
fputs(params[i].jp_name, stdout);
}
putchar('\n');
}
/* Fetch the jail(s) and print the paramters. */
if (jid != 0 || jname != NULL) {
if (print_jail(pflags, jflags) < 0)
errx(1, "%s", jail_errmsg);
} else {
for (lastjid = 0;
(lastjid = print_jail(pflags, jflags)) >= 0; )
;
if (errno != 0 && errno != ENOENT)
errx(1, "%s", jail_errmsg);
}
return (0);
}
int
main(int argc, char **argv)
{
int arg, addr, ch, fd;
int dao = 0, eject = 0, fixate = 0, list = 0, multi = 0, preemp = 0;
int nogap = 0, speed = 4 * 177, test_write = 0, force = 0;
int block_size = 0, block_type = 0, cdopen = 0, dvdrw = 0;
const char *dev, *env_speed;
if (feature_present("ata_cam")) {
errx(1, "\nATA_CAM option is enabled in kernel.\n"
"Install the sysutils/cdrtools port and use cdrecord instead.\n\n"
"Please refer to:\n"
"http://www.freebsd.org/doc/handbook/creating-cds.html#CDRECORD");
}
if ((dev = getenv("CDROM")) == NULL)
dev = "/dev/acd0";
env_speed = getenv("BURNCD_SPEED");
while ((ch = getopt(argc, argv, "def:Flmnpqs:tv")) != -1) {
switch (ch) {
case 'd':
dao = 1;
break;
case 'e':
eject = 1;
break;
case 'f':
dev = optarg;
break;
case 'F':
force = 1;
break;
case 'l':
list = 1;
break;
case 'm':
multi = 1;
break;
case 'n':
nogap = 1;
break;
case 'p':
preemp = 1;
break;
case 'q':
quiet = 1;
break;
case 's':
env_speed = optarg;
break;
case 't':
test_write = 1;
break;
case 'v':
verbose = 1;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (env_speed == NULL)
;
else if (strcasecmp("max", env_speed) == 0)
speed = CDR_MAX_SPEED;
else
speed = atoi(env_speed) * 177;
if (speed <= 0)
errx(EX_USAGE, "Invalid speed: %s", env_speed);
if (argc == 0)
usage();
if ((fd = open(dev, O_RDWR, 0)) < 0)
err(EX_NOINPUT, "open(%s)", dev);
if (ioctl(fd, CDRIOCGETBLOCKSIZE, &saved_block_size) < 0)
err(EX_IOERR, "ioctl(CDRIOCGETBLOCKSIZE)");
if (ioctl(fd, CDRIOCWRITESPEED, &speed) < 0)
err(EX_IOERR, "ioctl(CDRIOCWRITESPEED)");
global_fd_for_cleanup = fd;
err_set_exit(cleanup);
signal(SIGHUP, cleanup_signal);
signal(SIGINT, cleanup_signal);
signal(SIGTERM, cleanup_signal);
for (arg = 0; arg < argc; arg++) {
if (!strcasecmp(argv[arg], "fixate")) {
fixate = 1;
continue;
}
if (!strcasecmp(argv[arg], "eject")) {
eject = 1;
break;
}
if (!strcasecmp(argv[arg], "msinfo")) {
struct ioc_read_toc_single_entry entry;
struct ioc_toc_header header;
if (ioctl(fd, CDIOREADTOCHEADER, &header) < 0)
err(EX_IOERR, "ioctl(CDIOREADTOCHEADER)");
bzero(&entry, sizeof(struct ioc_read_toc_single_entry));
entry.address_format = CD_LBA_FORMAT;
entry.track = header.ending_track;
if (ioctl(fd, CDIOREADTOCENTRY, &entry) < 0)
err(EX_IOERR, "ioctl(CDIOREADTOCENTRY)");
if (ioctl(fd, CDRIOCNEXTWRITEABLEADDR, &addr) < 0)
err(EX_IOERR, "ioctl(CDRIOCNEXTWRITEABLEADDR)");
fprintf(stdout, "%d,%d\n",
ntohl(entry.entry.addr.lba), addr);
break;
}
if ((!strcasecmp(argv[arg], "erase") ||
!strcasecmp(argv[arg], "blank")) && !test_write) {
int blank, pct, last = 0;
if (!strcasecmp(argv[arg], "erase"))
blank = CDR_B_ALL;
else
blank = CDR_B_MIN;
if (!quiet)
fprintf(stderr, "%sing CD, please wait..\r",
blank == CDR_B_ALL ? "eras" : "blank");
if (ioctl(fd, CDRIOCBLANK, &blank) < 0)
err(EX_IOERR, "ioctl(CDRIOCBLANK)");
while (1) {
sleep(1);
if (ioctl(fd, CDRIOCGETPROGRESS, &pct) == -1)
err(EX_IOERR,"ioctl(CDRIOGETPROGRESS)");
if (pct > 0 && !quiet)
fprintf(stderr,
"%sing CD - %d %% done \r",
blank == CDR_B_ALL ?
"eras" : "blank", pct);
if (pct == 100 || (pct == 0 && last > 90))
break;
last = pct;
}
if (!quiet)
printf("\n");
continue;
}
if (!strcasecmp(argv[arg], "format") && !test_write) {
if (arg + 1 < argc &&
(!strcasecmp(argv[arg + 1], "dvd+rw") ||
!strcasecmp(argv[arg + 1], "dvd-rw")))
do_format(fd, force, argv[arg + 1]);
else
errx(EX_NOINPUT, "format media type invalid");
arg++;
continue;
}
if (!strcasecmp(argv[arg], "audio") || !strcasecmp(argv[arg], "raw")) {
block_type = CDR_DB_RAW;
block_size = 2352;
continue;
}
if (!strcasecmp(argv[arg], "data") || !strcasecmp(argv[arg], "mode1")) {
block_type = CDR_DB_ROM_MODE1;
block_size = 2048;
continue;
}
if (!strcasecmp(argv[arg], "mode2")) {
block_type = CDR_DB_ROM_MODE2;
block_size = 2336;
continue;
}
if (!strcasecmp(argv[arg], "xamode1")) {
block_type = CDR_DB_XA_MODE1;
block_size = 2048;
continue;
}
if (!strcasecmp(argv[arg], "xamode2")) {
block_type = CDR_DB_XA_MODE2_F2;
block_size = 2324;
continue;
}
if (!strcasecmp(argv[arg], "vcd")) {
block_type = CDR_DB_XA_MODE2_F2;
block_size = 2352;
dao = 1;
nogap = 1;
continue;
}
if (!strcasecmp(argv[arg], "dvdrw")) {
block_type = CDR_DB_ROM_MODE1;
block_size = 2048;
dvdrw = 1;
continue;
}
if (!block_size)
errx(EX_NOINPUT, "no data format selected");
if (list) {
char file_buf[MAXPATHLEN + 1], *eol;
FILE *fp;
if ((fp = fopen(argv[arg], "r")) == NULL)
err(EX_NOINPUT, "fopen(%s)", argv[arg]);
while (fgets(file_buf, sizeof(file_buf), fp) != NULL) {
if (*file_buf == '#' || *file_buf == '\n')
continue;
if ((eol = strchr(file_buf, '\n')))
*eol = '\0';
add_track(file_buf, block_size, block_type, nogap);
}
if (feof(fp))
fclose(fp);
else
err(EX_IOERR, "fgets(%s)", file_buf);
}
else
add_track(argv[arg], block_size, block_type, nogap);
}
if (notracks) {
if (dvdrw && notracks > 1)
errx(EX_USAGE, "DVD's only have 1 track");
if (ioctl(fd, CDIOCSTART, 0) < 0)
err(EX_IOERR, "ioctl(CDIOCSTART)");
if (!cdopen) {
if (ioctl(fd, CDRIOCINITWRITER, &test_write) < 0)
err(EX_IOERR, "ioctl(CDRIOCINITWRITER)");
cdopen = 1;
}
if (dao)
do_DAO(fd, test_write, multi);
else
do_TAO(fd, test_write, preemp, dvdrw);
}
if (!test_write && fixate && !dao && !dvdrw) {
if (!quiet)
fprintf(stderr, "fixating CD, please wait..\n");
if (ioctl(fd, CDRIOCFIXATE, &multi) < 0)
err(EX_IOERR, "ioctl(CDRIOCFIXATE)");
}
if (ioctl(fd, CDRIOCSETBLOCKSIZE, &saved_block_size) < 0) {
err_set_exit(NULL);
err(EX_IOERR, "ioctl(CDRIOCSETBLOCKSIZE)");
}
if (eject)
if (ioctl(fd, CDIOCEJECT) < 0)
err(EX_IOERR, "ioctl(CDIOCEJECT)");
signal(SIGHUP, SIG_DFL);
signal(SIGINT, SIG_DFL);
signal(SIGTERM, SIG_DFL);
close(fd);
exit(EX_OK);
}
int
main(int argc, char **argv)
{
login_cap_t *lcap = NULL;
struct passwd *pwd = NULL;
gid_t *groups;
size_t sysvallen;
int ch, cmdarg, i, jail_set_flags, jid, ngroups, sysval;
int hflag, iflag, Jflag, lflag, rflag, uflag, Uflag;
long ngroups_max;
unsigned pi;
char *jailname, *securelevel, *username, *JidFile;
char enforce_statfs[4];
static char *cleanenv;
const char *shell, *p = NULL;
FILE *fp;
hflag = iflag = Jflag = lflag = rflag = uflag = Uflag =
jail_set_flags = 0;
cmdarg = jid = -1;
jailname = securelevel = username = JidFile = cleanenv = NULL;
fp = NULL;
ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1;
if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL)
err(1, "malloc");
while ((ch = getopt(argc, argv, "cdhilmn:r:s:u:U:J:")) != -1) {
switch (ch) {
case 'd':
jail_set_flags |= JAIL_DYING;
break;
case 'h':
hflag = 1;
break;
case 'i':
iflag = 1;
break;
case 'J':
JidFile = optarg;
Jflag = 1;
break;
case 'n':
jailname = optarg;
break;
case 's':
securelevel = optarg;
break;
case 'u':
username = optarg;
uflag = 1;
break;
case 'U':
username = optarg;
Uflag = 1;
break;
case 'l':
lflag = 1;
break;
case 'c':
jail_set_flags |= JAIL_CREATE;
break;
case 'm':
jail_set_flags |= JAIL_UPDATE;
break;
case 'r':
jid = jail_getid(optarg);
if (jid < 0)
errx(1, "%s", jail_errmsg);
rflag = 1;
break;
default:
usage();
}
}
argc -= optind;
argv += optind;
if (rflag) {
if (argc > 0 || iflag || Jflag || lflag || uflag || Uflag)
usage();
if (jail_remove(jid) < 0)
err(1, "jail_remove");
exit (0);
}
if (argc == 0)
usage();
if (uflag && Uflag)
usage();
if (lflag && username == NULL)
usage();
if (uflag)
GET_USER_INFO;
#ifdef INET6
ip6_ok = feature_present("inet6");
#endif
#ifdef INET
ip4_ok = feature_present("inet");
#endif
if (jailname)
set_param("name", jailname);
if (securelevel)
set_param("securelevel", securelevel);
if (jail_set_flags) {
for (i = 0; i < argc; i++) {
if (!strncmp(argv[i], "command=", 8)) {
cmdarg = i;
argv[cmdarg] += 8;
jail_set_flags |= JAIL_ATTACH;
break;
}
if (hflag) {
#ifdef INET
if (!strncmp(argv[i], "ip4.addr=", 9)) {
add_ip_addr(&ip4_addr, argv[i] + 9);
break;
}
#endif
#ifdef INET6
if (!strncmp(argv[i], "ip6.addr=", 9)) {
add_ip_addr(&ip6_addr, argv[i] + 9);
break;
}
#endif
if (!strncmp(argv[i], "host.hostname=", 14))
add_ip_addrinfo(0, argv[i] + 14);
}
set_param(NULL, argv[i]);
}
} else {
if (argc < 4 || argv[0][0] != '/')
errx(1, "%s\n%s",
"no -c or -m, so this must be an old-style command.",
"But it doesn't look like one.");
set_param("path", argv[0]);
set_param("host.hostname", argv[1]);
if (hflag)
add_ip_addrinfo(0, argv[1]);
#if defined(INET6) || defined(INET)
if (argv[2][0] != '\0')
#ifdef INET6
add_ip_addr46(argv[2]);
#else
add_ip_addr(&ip4_addr, argv[2]);
#endif
#endif
cmdarg = 3;
/* Emulate the defaults from security.jail.* sysctls */
sysvallen = sizeof(sysval);
if (sysctlbyname("security.jail.jailed", &sysval, &sysvallen,
NULL, 0) == 0 && sysval == 0) {
for (pi = 0; pi < sizeof(perm_sysctl) /
sizeof(perm_sysctl[0]); pi++) {
sysvallen = sizeof(sysval);
if (sysctlbyname(perm_sysctl[pi][0],
&sysval, &sysvallen, NULL, 0) == 0)
set_param(perm_sysctl[pi]
[sysval ? 2 : 1], NULL);
}
sysvallen = sizeof(sysval);
if (sysctlbyname("security.jail.enforce_statfs",
&sysval, &sysvallen, NULL, 0) == 0) {
snprintf(enforce_statfs,
sizeof(enforce_statfs), "%d", sysval);
set_param("enforce_statfs", enforce_statfs);
}
}
}
#ifdef INET
if (ip4_addr != NULL)
set_param("ip4.addr", ip4_addr);
#endif
#ifdef INET6
if (ip6_addr != NULL)
set_param("ip6.addr", ip6_addr);
#endif
if (Jflag) {
fp = fopen(JidFile, "w");
if (fp == NULL)
errx(1, "Could not create JidFile: %s", JidFile);
}
jid = jailparam_set(params, nparams,
jail_set_flags ? jail_set_flags : JAIL_CREATE | JAIL_ATTACH);
if (jid < 0)
errx(1, "%s", jail_errmsg);
if (iflag) {
printf("%d\n", jid);
fflush(stdout);
}
if (Jflag) {
if (jail_set_flags) {
fprintf(fp, "jid=%d", jid);
for (i = 0; i < nparams; i++)
if (strcmp(params[i].jp_name, "jid")) {
fprintf(fp, " %s",
(char *)params[i].jp_name);
if (param_values[i]) {
putc('=', fp);
quoted_print(fp,
param_values[i]);
}
}
fprintf(fp, "\n");
} else {
for (i = 0; i < nparams; i++)
if (!strcmp(params[i].jp_name, "path"))
break;
#if defined(INET6) && defined(INET)
fprintf(fp, "%d\t%s\t%s\t%s%s%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
argv[1], ip4_addr ? ip4_addr : "",
ip4_addr && ip4_addr[0] && ip6_addr && ip6_addr[0]
? "," : "", ip6_addr ? ip6_addr : "", argv[3]);
#elif defined(INET6)
fprintf(fp, "%d\t%s\t%s\t%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
argv[1], ip6_addr ? ip6_addr : "", argv[3]);
#elif defined(INET)
fprintf(fp, "%d\t%s\t%s\t%s\t%s\n",
jid, i < nparams
? (char *)params[i].jp_value : argv[0],
argv[1], ip4_addr ? ip4_addr : "", argv[3]);
#endif
}
(void)fclose(fp);
}
if (cmdarg < 0)
exit(0);
if (username != NULL) {
if (Uflag)
GET_USER_INFO;
if (lflag) {
p = getenv("TERM");
environ = &cleanenv;
}
if (setgroups(ngroups, groups) != 0)
err(1, "setgroups");
if (setgid(pwd->pw_gid) != 0)
err(1, "setgid");
if (setusercontext(lcap, pwd, pwd->pw_uid,
LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0)
err(1, "setusercontext");
login_close(lcap);
}
if (lflag) {
if (*pwd->pw_shell)
shell = pwd->pw_shell;
else
shell = _PATH_BSHELL;
if (chdir(pwd->pw_dir) < 0)
errx(1, "no home directory");
setenv("HOME", pwd->pw_dir, 1);
setenv("SHELL", shell, 1);
setenv("USER", pwd->pw_name, 1);
if (p)
setenv("TERM", p, 1);
}
execvp(argv[cmdarg], argv + cmdarg);
err(1, "execvp: %s", argv[cmdarg]);
}
