static void ctl_show(int argc, char **argv) { int ipv4, ipv6, verbose = 0; ipv4 = feature_present("inet"); ipv6 = feature_present("inet6"); if (argc > 0 && !strncmp(argv[0], "ipv4", 4)) { ipv6 = 0; argc--; argv++; } if (argc > 0 && !strncmp(argv[0], "ipv6", 4)) { ipv4 = 0; argc--; argv++; } if (argc > 0 && !strncmp(argv[0], "verbose", strlen(argv[0]))) verbose = 1; if (argc > 0 && !strncmp(argv[0], "human", strlen(argv[0]))) human = 1; #ifdef INET if (ipv4) { if (verbose) do_show(4, &flow_cache_print_verbose); else do_show(4, &flow_cache_print); } #endif #ifdef INET6 if (ipv6) { if (verbose) do_show(6, &flow_cache_print6_verbose); else do_show(6, &flow_cache_print6); } #endif }
static __constructor void inet_ctor(void) { #ifndef RESCUE if (!feature_present("inet")) return; #endif af_register(&af_inet); }
static int ifconfig(int argc, char *const *argv, int iscreate, const struct afswtch *uafp) { const struct afswtch *afp, *nafp; const struct cmd *p; struct callback *cb; int s; strncpy(ifr.ifr_name, name, sizeof ifr.ifr_name); afp = NULL; if (uafp != NULL) afp = uafp; /* * This is the historical "accident" allowing users to configure IPv4 * addresses without the "inet" keyword which while a nice feature has * proven to complicate other things. We cannot remove this but only * make sure we will never have a similar implicit default for IPv6 or * any other address familiy. We need a fallback though for * ifconfig IF up/down etc. to work without INET support as people * never used ifconfig IF link up/down, etc. either. */ #ifndef RESCUE #ifdef INET if (afp == NULL && feature_present("inet")) afp = af_getbyname("inet"); #endif #endif if (afp == NULL) afp = af_getbyname("link"); if (afp == NULL) { warnx("Please specify an address_family."); usage(); } top: ifr.ifr_addr.sa_family = afp->af_af == AF_LINK || afp->af_af == AF_UNSPEC ? AF_LOCAL : afp->af_af; if ((s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0)) < 0 && (uafp != NULL || errno != EPROTONOSUPPORT || (s = socket(AF_LOCAL, SOCK_DGRAM, 0)) < 0)) err(1, "socket(family %u,SOCK_DGRAM", ifr.ifr_addr.sa_family); while (argc > 0) { p = cmd_lookup(*argv, iscreate); if (iscreate && p == NULL) { /* * Push the clone create callback so the new * device is created and can be used for any * remaining arguments. */ cb = callbacks; if (cb == NULL) errx(1, "internal error, no callback"); callbacks = cb->cb_next; cb->cb_func(s, cb->cb_arg); iscreate = 0; /* * Handle any address family spec that * immediately follows and potentially * recreate the socket. */ nafp = af_getbyname(*argv); if (nafp != NULL) { argc--, argv++; if (nafp != afp) { close(s); afp = nafp; goto top; } } /* * Look for a normal parameter. */ continue; } if (p == NULL) { /* * Not a recognized command, choose between setting * the interface address and the dst address. */ p = (setaddr ? &setifdstaddr_cmd : &setifaddr_cmd); } if (p->c_u.c_func || p->c_u.c_func2) { if (p->c_parameter == NEXTARG) { if (argv[1] == NULL) errx(1, "'%s' requires argument", p->c_name); p->c_u.c_func(argv[1], 0, s, afp); argc--, argv++; } else if (p->c_parameter == OPTARG) { p->c_u.c_func(argv[1], 0, s, afp); if (argv[1] != NULL) argc--, argv++; } else if (p->c_parameter == NEXTARG2) { if (argc < 3) errx(1, "'%s' requires 2 arguments", p->c_name); p->c_u.c_func2(argv[1], argv[2], s, afp); argc -= 2, argv += 2; } else p->c_u.c_func(*argv, p->c_parameter, s, afp); } argc--, argv++; } /* * Do any post argument processing required by the address family. */ if (afp->af_postproc != NULL) afp->af_postproc(s, afp); /* * Do deferred callbacks registered while processing * command-line arguments. */ for (cb = callbacks; cb != NULL; cb = cb->cb_next) cb->cb_func(s, cb->cb_arg); /* * Do deferred operations. */ if (clearaddr) { if (afp->af_ridreq == NULL || afp->af_difaddr == 0) { warnx("interface %s cannot change %s addresses!", name, afp->af_name); clearaddr = 0; } } if (clearaddr) { int ret; strncpy(afp->af_ridreq, name, sizeof ifr.ifr_name); ret = ioctl(s, afp->af_difaddr, afp->af_ridreq); if (ret < 0) { if (errno == EADDRNOTAVAIL && (doalias >= 0)) { /* means no previous address for interface */ } else Perror("ioctl (SIOCDIFADDR)"); } } if (newaddr) { if (afp->af_addreq == NULL || afp->af_aifaddr == 0) { warnx("interface %s cannot change %s addresses!", name, afp->af_name); newaddr = 0; } } if (newaddr && (setaddr || setmask)) { strncpy(afp->af_addreq, name, sizeof ifr.ifr_name); if (ioctl(s, afp->af_aifaddr, afp->af_addreq) < 0) Perror("ioctl (SIOCAIFADDR)"); } close(s); return(0); }
int main(int argc, char **argv) { char *dot, *ep, *jname, *pname; int c, i, jflags, jid, lastjid, pflags, spc; argc = xo_parse_args(argc, argv); if (argc < 0) exit(1); xo_set_version(JLS_XO_VERSION); jname = NULL; pflags = jflags = jid = 0; while ((c = getopt(argc, argv, "adj:hNnqsv")) >= 0) switch (c) { case 'a': case 'd': jflags |= JAIL_DYING; break; case 'j': jid = strtoul(optarg, &ep, 10); if (!jid || *ep) { jid = 0; jname = optarg; } break; case 'h': pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) | PRINT_HEADER; break; case 'N': pflags |= PRINT_JAIL_NAME; break; case 'n': pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL; break; case 'q': pflags |= PRINT_QUOTED; break; case 's': pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) | PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP; break; case 'v': pflags = (pflags & ~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) | PRINT_VERBOSE; break; default: xo_errx(1, "usage: jls [-dhNnqv] [-j jail] [param ...]"); } #ifdef INET6 ip6_ok = feature_present("inet6"); #endif #ifdef INET ip4_ok = feature_present("inet"); #endif /* Add the parameters to print. */ if (optind == argc) { if (pflags & (PRINT_HEADER | PRINT_NAMEVAL)) add_param("all", NULL, (size_t)0, NULL, JP_USER); else if (pflags & PRINT_VERBOSE) { add_param("jid", NULL, (size_t)0, NULL, JP_USER); add_param("host.hostname", NULL, (size_t)0, NULL, JP_USER); add_param("path", NULL, (size_t)0, NULL, JP_USER); add_param("name", NULL, (size_t)0, NULL, JP_USER); add_param("dying", NULL, (size_t)0, NULL, JP_USER); add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER); #ifdef INET if (ip4_ok) add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER); #endif #ifdef INET6 if (ip6_ok) add_param("ip6.addr", NULL, (size_t)0, NULL, JP_USER | JP_OPT); #endif } else { pflags |= PRINT_DEFAULT; if (pflags & PRINT_JAIL_NAME) add_param("name", NULL, (size_t)0, NULL, JP_USER); else add_param("jid", NULL, (size_t)0, NULL, JP_USER); #ifdef INET if (ip4_ok) add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER); #endif add_param("host.hostname", NULL, (size_t)0, NULL, JP_USER); add_param("path", NULL, (size_t)0, NULL, JP_USER); } } else { pflags &= ~PRINT_VERBOSE; while (optind < argc) add_param(argv[optind++], NULL, (size_t)0, NULL, JP_USER); } if (pflags & PRINT_SKIP) { /* Check for parameters with jailsys parents. */ for (i = 0; i < nparams; i++) { if ((params[i].jp_flags & JP_USER) && (dot = strchr(params[i].jp_name, '.'))) { pname = alloca((dot - params[i].jp_name) + 1); strlcpy(pname, params[i].jp_name, (dot - params[i].jp_name) + 1); param_parent[i] = add_param(pname, NULL, (size_t)0, NULL, JP_OPT); } } } /* Add the index key parameters. */ if (jid != 0) add_param("jid", &jid, sizeof(jid), NULL, 0); else if (jname != NULL) add_param("name", jname, strlen(jname), NULL, 0); else add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0); /* Print a header line if requested. */ if (pflags & PRINT_VERBOSE) { xo_emit("{T:/%3s}{T:JID}{P: }{T:Hostname}{Pd:/%22s}{T:Path}\n", "", ""); xo_emit("{P:/%8s}{T:Name}{Pd:/%26s}{T:State}\n", "", ""); xo_emit("{P:/%8s}{T:CPUSetID}\n", ""); xo_emit("{P:/%8s}{T:IP Address(es)}\n", ""); } else if (pflags & PRINT_DEFAULT) if (pflags & PRINT_JAIL_NAME) xo_emit("{P: }{T:JID/%-15s}{P: }{T:IP Address/%-15s}" "{P: }{T:Hostname/%-29s}{P: }{T:Path}\n"); else xo_emit("{T:JID/%6s}{P: }{T:IP Address}{P:/%6s}" "{T:Hostname}{P:/%22s}{T:Path}\n", "", ""); else if (pflags & PRINT_HEADER) { for (i = spc = 0; i < nparams; i++) if (params[i].jp_flags & JP_USER) { if (spc) xo_emit("{P: }"); else spc = 1; xo_emit(params[i].jp_name); } xo_emit("{P:\n}"); } xo_open_container("jail-information"); xo_open_list("jail"); /* Fetch the jail(s) and print the parameters. */ if (jid != 0 || jname != NULL) { if (print_jail(pflags, jflags) < 0) xo_errx(1, "%s", jail_errmsg); } else { for (lastjid = 0; (lastjid = print_jail(pflags, jflags)) >= 0; ) ; if (errno != 0 && errno != ENOENT) xo_errx(1, "%s", jail_errmsg); } xo_close_list("jail"); xo_close_container("jail-information"); xo_finish(); return (0); }
int main(int argc, char **argv) { char *dot, *ep, *jname; int c, i, jflags, jid, lastjid, pflags, spc; jname = NULL; pflags = jflags = jid = 0; while ((c = getopt(argc, argv, "adj:hnqsv")) >= 0) switch (c) { case 'a': case 'd': jflags |= JAIL_DYING; break; case 'j': jid = strtoul(optarg, &ep, 10); if (!jid || *ep) { jid = 0; jname = optarg; } break; case 'h': pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) | PRINT_HEADER; break; case 'n': pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL; break; case 'q': pflags |= PRINT_QUOTED; break; case 's': pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) | PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP; break; case 'v': pflags = (pflags & ~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) | PRINT_VERBOSE; break; default: errx(1, "usage: jls [-dhnqv] [-j jail] [param ...]"); } #ifdef INET6 ip6_ok = feature_present("inet6"); #endif #ifdef INET ip4_ok = feature_present("inet"); #endif /* Add the parameters to print. */ if (optind == argc) { if (pflags & (PRINT_HEADER | PRINT_NAMEVAL)) add_param("all", NULL, (size_t)0, NULL, JP_USER); else if (pflags & PRINT_VERBOSE) { add_param("jid", NULL, (size_t)0, NULL, JP_USER); add_param("host.hostname", NULL, (size_t)0, NULL, JP_USER); add_param("path", NULL, (size_t)0, NULL, JP_USER); add_param("name", NULL, (size_t)0, NULL, JP_USER); add_param("dying", NULL, (size_t)0, NULL, JP_USER); add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER); #ifdef INET if (ip4_ok) add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER); #endif #ifdef INET6 if (ip6_ok) add_param("ip6.addr", NULL, (size_t)0, NULL, JP_USER | JP_OPT); #endif } else { pflags |= PRINT_DEFAULT; add_param("jid", NULL, (size_t)0, NULL, JP_USER); #ifdef INET if (ip4_ok) add_param("ip4.addr", NULL, (size_t)0, NULL, JP_USER); #endif add_param("host.hostname", NULL, (size_t)0, NULL, JP_USER); add_param("path", NULL, (size_t)0, NULL, JP_USER); } } else while (optind < argc) add_param(argv[optind++], NULL, (size_t)0, NULL, JP_USER); if (pflags & PRINT_SKIP) { /* Check for parameters with jailsys parents. */ for (i = 0; i < nparams; i++) { if ((params[i].jp_flags & JP_USER) && (dot = strchr(params[i].jp_name, '.'))) { *dot = 0; param_parent[i] = add_param(params[i].jp_name, NULL, (size_t)0, NULL, JP_OPT); *dot = '.'; } } } /* Add the index key parameters. */ if (jid != 0) add_param("jid", &jid, sizeof(jid), NULL, 0); else if (jname != NULL) add_param("name", jname, strlen(jname), NULL, 0); else add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0); /* Print a header line if requested. */ if (pflags & PRINT_VERBOSE) printf(" JID Hostname Path\n" " Name State\n" " CPUSetID\n" " IP Address(es)\n"); else if (pflags & PRINT_DEFAULT) printf(" JID IP Address " "Hostname Path\n"); else if (pflags & PRINT_HEADER) { for (i = spc = 0; i < nparams; i++) if (params[i].jp_flags & JP_USER) { if (spc) putchar(' '); else spc = 1; fputs(params[i].jp_name, stdout); } putchar('\n'); } /* Fetch the jail(s) and print the paramters. */ if (jid != 0 || jname != NULL) { if (print_jail(pflags, jflags) < 0) errx(1, "%s", jail_errmsg); } else { for (lastjid = 0; (lastjid = print_jail(pflags, jflags)) >= 0; ) ; if (errno != 0 && errno != ENOENT) errx(1, "%s", jail_errmsg); } return (0); }
int main(int argc, char **argv) { int arg, addr, ch, fd; int dao = 0, eject = 0, fixate = 0, list = 0, multi = 0, preemp = 0; int nogap = 0, speed = 4 * 177, test_write = 0, force = 0; int block_size = 0, block_type = 0, cdopen = 0, dvdrw = 0; const char *dev, *env_speed; if (feature_present("ata_cam")) { errx(1, "\nATA_CAM option is enabled in kernel.\n" "Install the sysutils/cdrtools port and use cdrecord instead.\n\n" "Please refer to:\n" "http://www.freebsd.org/doc/handbook/creating-cds.html#CDRECORD"); } if ((dev = getenv("CDROM")) == NULL) dev = "/dev/acd0"; env_speed = getenv("BURNCD_SPEED"); while ((ch = getopt(argc, argv, "def:Flmnpqs:tv")) != -1) { switch (ch) { case 'd': dao = 1; break; case 'e': eject = 1; break; case 'f': dev = optarg; break; case 'F': force = 1; break; case 'l': list = 1; break; case 'm': multi = 1; break; case 'n': nogap = 1; break; case 'p': preemp = 1; break; case 'q': quiet = 1; break; case 's': env_speed = optarg; break; case 't': test_write = 1; break; case 'v': verbose = 1; break; default: usage(); } } argc -= optind; argv += optind; if (env_speed == NULL) ; else if (strcasecmp("max", env_speed) == 0) speed = CDR_MAX_SPEED; else speed = atoi(env_speed) * 177; if (speed <= 0) errx(EX_USAGE, "Invalid speed: %s", env_speed); if (argc == 0) usage(); if ((fd = open(dev, O_RDWR, 0)) < 0) err(EX_NOINPUT, "open(%s)", dev); if (ioctl(fd, CDRIOCGETBLOCKSIZE, &saved_block_size) < 0) err(EX_IOERR, "ioctl(CDRIOCGETBLOCKSIZE)"); if (ioctl(fd, CDRIOCWRITESPEED, &speed) < 0) err(EX_IOERR, "ioctl(CDRIOCWRITESPEED)"); global_fd_for_cleanup = fd; err_set_exit(cleanup); signal(SIGHUP, cleanup_signal); signal(SIGINT, cleanup_signal); signal(SIGTERM, cleanup_signal); for (arg = 0; arg < argc; arg++) { if (!strcasecmp(argv[arg], "fixate")) { fixate = 1; continue; } if (!strcasecmp(argv[arg], "eject")) { eject = 1; break; } if (!strcasecmp(argv[arg], "msinfo")) { struct ioc_read_toc_single_entry entry; struct ioc_toc_header header; if (ioctl(fd, CDIOREADTOCHEADER, &header) < 0) err(EX_IOERR, "ioctl(CDIOREADTOCHEADER)"); bzero(&entry, sizeof(struct ioc_read_toc_single_entry)); entry.address_format = CD_LBA_FORMAT; entry.track = header.ending_track; if (ioctl(fd, CDIOREADTOCENTRY, &entry) < 0) err(EX_IOERR, "ioctl(CDIOREADTOCENTRY)"); if (ioctl(fd, CDRIOCNEXTWRITEABLEADDR, &addr) < 0) err(EX_IOERR, "ioctl(CDRIOCNEXTWRITEABLEADDR)"); fprintf(stdout, "%d,%d\n", ntohl(entry.entry.addr.lba), addr); break; } if ((!strcasecmp(argv[arg], "erase") || !strcasecmp(argv[arg], "blank")) && !test_write) { int blank, pct, last = 0; if (!strcasecmp(argv[arg], "erase")) blank = CDR_B_ALL; else blank = CDR_B_MIN; if (!quiet) fprintf(stderr, "%sing CD, please wait..\r", blank == CDR_B_ALL ? "eras" : "blank"); if (ioctl(fd, CDRIOCBLANK, &blank) < 0) err(EX_IOERR, "ioctl(CDRIOCBLANK)"); while (1) { sleep(1); if (ioctl(fd, CDRIOCGETPROGRESS, &pct) == -1) err(EX_IOERR,"ioctl(CDRIOGETPROGRESS)"); if (pct > 0 && !quiet) fprintf(stderr, "%sing CD - %d %% done \r", blank == CDR_B_ALL ? "eras" : "blank", pct); if (pct == 100 || (pct == 0 && last > 90)) break; last = pct; } if (!quiet) printf("\n"); continue; } if (!strcasecmp(argv[arg], "format") && !test_write) { if (arg + 1 < argc && (!strcasecmp(argv[arg + 1], "dvd+rw") || !strcasecmp(argv[arg + 1], "dvd-rw"))) do_format(fd, force, argv[arg + 1]); else errx(EX_NOINPUT, "format media type invalid"); arg++; continue; } if (!strcasecmp(argv[arg], "audio") || !strcasecmp(argv[arg], "raw")) { block_type = CDR_DB_RAW; block_size = 2352; continue; } if (!strcasecmp(argv[arg], "data") || !strcasecmp(argv[arg], "mode1")) { block_type = CDR_DB_ROM_MODE1; block_size = 2048; continue; } if (!strcasecmp(argv[arg], "mode2")) { block_type = CDR_DB_ROM_MODE2; block_size = 2336; continue; } if (!strcasecmp(argv[arg], "xamode1")) { block_type = CDR_DB_XA_MODE1; block_size = 2048; continue; } if (!strcasecmp(argv[arg], "xamode2")) { block_type = CDR_DB_XA_MODE2_F2; block_size = 2324; continue; } if (!strcasecmp(argv[arg], "vcd")) { block_type = CDR_DB_XA_MODE2_F2; block_size = 2352; dao = 1; nogap = 1; continue; } if (!strcasecmp(argv[arg], "dvdrw")) { block_type = CDR_DB_ROM_MODE1; block_size = 2048; dvdrw = 1; continue; } if (!block_size) errx(EX_NOINPUT, "no data format selected"); if (list) { char file_buf[MAXPATHLEN + 1], *eol; FILE *fp; if ((fp = fopen(argv[arg], "r")) == NULL) err(EX_NOINPUT, "fopen(%s)", argv[arg]); while (fgets(file_buf, sizeof(file_buf), fp) != NULL) { if (*file_buf == '#' || *file_buf == '\n') continue; if ((eol = strchr(file_buf, '\n'))) *eol = '\0'; add_track(file_buf, block_size, block_type, nogap); } if (feof(fp)) fclose(fp); else err(EX_IOERR, "fgets(%s)", file_buf); } else add_track(argv[arg], block_size, block_type, nogap); } if (notracks) { if (dvdrw && notracks > 1) errx(EX_USAGE, "DVD's only have 1 track"); if (ioctl(fd, CDIOCSTART, 0) < 0) err(EX_IOERR, "ioctl(CDIOCSTART)"); if (!cdopen) { if (ioctl(fd, CDRIOCINITWRITER, &test_write) < 0) err(EX_IOERR, "ioctl(CDRIOCINITWRITER)"); cdopen = 1; } if (dao) do_DAO(fd, test_write, multi); else do_TAO(fd, test_write, preemp, dvdrw); } if (!test_write && fixate && !dao && !dvdrw) { if (!quiet) fprintf(stderr, "fixating CD, please wait..\n"); if (ioctl(fd, CDRIOCFIXATE, &multi) < 0) err(EX_IOERR, "ioctl(CDRIOCFIXATE)"); } if (ioctl(fd, CDRIOCSETBLOCKSIZE, &saved_block_size) < 0) { err_set_exit(NULL); err(EX_IOERR, "ioctl(CDRIOCSETBLOCKSIZE)"); } if (eject) if (ioctl(fd, CDIOCEJECT) < 0) err(EX_IOERR, "ioctl(CDIOCEJECT)"); signal(SIGHUP, SIG_DFL); signal(SIGINT, SIG_DFL); signal(SIGTERM, SIG_DFL); close(fd); exit(EX_OK); }
int main(int argc, char **argv) { login_cap_t *lcap = NULL; struct passwd *pwd = NULL; gid_t *groups; size_t sysvallen; int ch, cmdarg, i, jail_set_flags, jid, ngroups, sysval; int hflag, iflag, Jflag, lflag, rflag, uflag, Uflag; long ngroups_max; unsigned pi; char *jailname, *securelevel, *username, *JidFile; char enforce_statfs[4]; static char *cleanenv; const char *shell, *p = NULL; FILE *fp; hflag = iflag = Jflag = lflag = rflag = uflag = Uflag = jail_set_flags = 0; cmdarg = jid = -1; jailname = securelevel = username = JidFile = cleanenv = NULL; fp = NULL; ngroups_max = sysconf(_SC_NGROUPS_MAX) + 1; if ((groups = malloc(sizeof(gid_t) * ngroups_max)) == NULL) err(1, "malloc"); while ((ch = getopt(argc, argv, "cdhilmn:r:s:u:U:J:")) != -1) { switch (ch) { case 'd': jail_set_flags |= JAIL_DYING; break; case 'h': hflag = 1; break; case 'i': iflag = 1; break; case 'J': JidFile = optarg; Jflag = 1; break; case 'n': jailname = optarg; break; case 's': securelevel = optarg; break; case 'u': username = optarg; uflag = 1; break; case 'U': username = optarg; Uflag = 1; break; case 'l': lflag = 1; break; case 'c': jail_set_flags |= JAIL_CREATE; break; case 'm': jail_set_flags |= JAIL_UPDATE; break; case 'r': jid = jail_getid(optarg); if (jid < 0) errx(1, "%s", jail_errmsg); rflag = 1; break; default: usage(); } } argc -= optind; argv += optind; if (rflag) { if (argc > 0 || iflag || Jflag || lflag || uflag || Uflag) usage(); if (jail_remove(jid) < 0) err(1, "jail_remove"); exit (0); } if (argc == 0) usage(); if (uflag && Uflag) usage(); if (lflag && username == NULL) usage(); if (uflag) GET_USER_INFO; #ifdef INET6 ip6_ok = feature_present("inet6"); #endif #ifdef INET ip4_ok = feature_present("inet"); #endif if (jailname) set_param("name", jailname); if (securelevel) set_param("securelevel", securelevel); if (jail_set_flags) { for (i = 0; i < argc; i++) { if (!strncmp(argv[i], "command=", 8)) { cmdarg = i; argv[cmdarg] += 8; jail_set_flags |= JAIL_ATTACH; break; } if (hflag) { #ifdef INET if (!strncmp(argv[i], "ip4.addr=", 9)) { add_ip_addr(&ip4_addr, argv[i] + 9); break; } #endif #ifdef INET6 if (!strncmp(argv[i], "ip6.addr=", 9)) { add_ip_addr(&ip6_addr, argv[i] + 9); break; } #endif if (!strncmp(argv[i], "host.hostname=", 14)) add_ip_addrinfo(0, argv[i] + 14); } set_param(NULL, argv[i]); } } else { if (argc < 4 || argv[0][0] != '/') errx(1, "%s\n%s", "no -c or -m, so this must be an old-style command.", "But it doesn't look like one."); set_param("path", argv[0]); set_param("host.hostname", argv[1]); if (hflag) add_ip_addrinfo(0, argv[1]); #if defined(INET6) || defined(INET) if (argv[2][0] != '\0') #ifdef INET6 add_ip_addr46(argv[2]); #else add_ip_addr(&ip4_addr, argv[2]); #endif #endif cmdarg = 3; /* Emulate the defaults from security.jail.* sysctls */ sysvallen = sizeof(sysval); if (sysctlbyname("security.jail.jailed", &sysval, &sysvallen, NULL, 0) == 0 && sysval == 0) { for (pi = 0; pi < sizeof(perm_sysctl) / sizeof(perm_sysctl[0]); pi++) { sysvallen = sizeof(sysval); if (sysctlbyname(perm_sysctl[pi][0], &sysval, &sysvallen, NULL, 0) == 0) set_param(perm_sysctl[pi] [sysval ? 2 : 1], NULL); } sysvallen = sizeof(sysval); if (sysctlbyname("security.jail.enforce_statfs", &sysval, &sysvallen, NULL, 0) == 0) { snprintf(enforce_statfs, sizeof(enforce_statfs), "%d", sysval); set_param("enforce_statfs", enforce_statfs); } } } #ifdef INET if (ip4_addr != NULL) set_param("ip4.addr", ip4_addr); #endif #ifdef INET6 if (ip6_addr != NULL) set_param("ip6.addr", ip6_addr); #endif if (Jflag) { fp = fopen(JidFile, "w"); if (fp == NULL) errx(1, "Could not create JidFile: %s", JidFile); } jid = jailparam_set(params, nparams, jail_set_flags ? jail_set_flags : JAIL_CREATE | JAIL_ATTACH); if (jid < 0) errx(1, "%s", jail_errmsg); if (iflag) { printf("%d\n", jid); fflush(stdout); } if (Jflag) { if (jail_set_flags) { fprintf(fp, "jid=%d", jid); for (i = 0; i < nparams; i++) if (strcmp(params[i].jp_name, "jid")) { fprintf(fp, " %s", (char *)params[i].jp_name); if (param_values[i]) { putc('=', fp); quoted_print(fp, param_values[i]); } } fprintf(fp, "\n"); } else { for (i = 0; i < nparams; i++) if (!strcmp(params[i].jp_name, "path")) break; #if defined(INET6) && defined(INET) fprintf(fp, "%d\t%s\t%s\t%s%s%s\t%s\n", jid, i < nparams ? (char *)params[i].jp_value : argv[0], argv[1], ip4_addr ? ip4_addr : "", ip4_addr && ip4_addr[0] && ip6_addr && ip6_addr[0] ? "," : "", ip6_addr ? ip6_addr : "", argv[3]); #elif defined(INET6) fprintf(fp, "%d\t%s\t%s\t%s\t%s\n", jid, i < nparams ? (char *)params[i].jp_value : argv[0], argv[1], ip6_addr ? ip6_addr : "", argv[3]); #elif defined(INET) fprintf(fp, "%d\t%s\t%s\t%s\t%s\n", jid, i < nparams ? (char *)params[i].jp_value : argv[0], argv[1], ip4_addr ? ip4_addr : "", argv[3]); #endif } (void)fclose(fp); } if (cmdarg < 0) exit(0); if (username != NULL) { if (Uflag) GET_USER_INFO; if (lflag) { p = getenv("TERM"); environ = &cleanenv; } if (setgroups(ngroups, groups) != 0) err(1, "setgroups"); if (setgid(pwd->pw_gid) != 0) err(1, "setgid"); if (setusercontext(lcap, pwd, pwd->pw_uid, LOGIN_SETALL & ~LOGIN_SETGROUP & ~LOGIN_SETLOGIN) != 0) err(1, "setusercontext"); login_close(lcap); } if (lflag) { if (*pwd->pw_shell) shell = pwd->pw_shell; else shell = _PATH_BSHELL; if (chdir(pwd->pw_dir) < 0) errx(1, "no home directory"); setenv("HOME", pwd->pw_dir, 1); setenv("SHELL", shell, 1); setenv("USER", pwd->pw_name, 1); if (p) setenv("TERM", p, 1); } execvp(argv[cmdarg], argv + cmdarg); err(1, "execvp: %s", argv[cmdarg]); }