From nobody Thu Jan 15 05:34:36 2026
X-Original-To: dev-commits-src-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dsBWJ1Rdbz6NS14
	for <dev-commits-src-all@mlmmj.nyi.freebsd.org>; Thu, 15 Jan 2026 05:34:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R13" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dsBWJ0hbcz412y
	for <dev-commits-src-all@FreeBSD.org>; Thu, 15 Jan 2026 05:34:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1768455276;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yCwZJg/GtrzwroKYf7PZJxhzxkDTTHXP/p9OAi1+PF0=;
	b=pwN0KY/Tb7bBxZjkGOcEl2u+K4mbj7T+kybr/pHGvv0/kGqM4MzgCSee1QvTp3XYzi1+ps
	UM1/hkyY6FBqTDRWkwBLbgPWyYEBbU9oWzxFsBIUF5y4+krijBWcRVafst0OIpPjXwsdi4
	b8w8+1E20VgZxzdRsvzZWyvojzfY30w4vZiWbIz78a3XDhoVxssM3CafiZqZROIvTpbd/3
	jfQsy95aRe7b2TmXf+DvWDuTXONEHHNyaZaE+ymElDOYtE+cB8oQMgYP4UOb7Cig9/z+4/
	XvVKqQD3dPOILb4LQ90uk6Q+ELRQNvZ767/c5wUgly53xu9RLXZw8TIgQMYOlA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1768455276;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=yCwZJg/GtrzwroKYf7PZJxhzxkDTTHXP/p9OAi1+PF0=;
	b=qZ2LMtfy9qCUpYbyAPc2YDdUqQE6tKs+PeOgCsT1JCF2aO4iUi0eybTeyNGjl/fGFLE9YV
	y2Fl2cPvOrmVn5QloKkdNp+PB5/FEhk6BULXQbkrfby3Wp35H7Gte4Za0gIpKx5t4CQj5Y
	jyHFIRVZ+ZatTHDk0a7NBtE5agOZZkDOvDMXQwFrurWVKy0fc0sNM1MtQ7ykiC7Wgx4byc
	eVGFXh+enqaBZ2RVkAwBlCTDRGpc9MqkHega3A+MTtwFbT8/W7AFftWel4faDQnxXRMRK6
	jAhCxUAVAZKw/i+YofY1M+A21+HG7Qh5uTtCWUjT6cwTz33dkvk9Ovw35/I6KA==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1768455276; a=rsa-sha256; cv=none;
	b=BZSh1Dx0Z0EK3qY4pdK+XlpTn+TbnWo66DJSgiciKXsqKvJCYaesBnD50DO0CAx4ZOJuzi
	faZttKFyvTt3Q2WyfKKqmOpaihK/yezZXggf809N6TvGsL6Wi+IHrSB+/Cxyd6B/JeX2wQ
	38z+/uDCWP7JqwLb4AK0zzjsKBPc2OVpskWm34JQ0DLMdpAEsUgcNYpmWapZkz9ceaaJuf
	+yTqXICrOePQIQ3TbAkTNA6gSQgXeLichn7VuV21HrcZ4dtKBc13k3huhPHO74+4Vyc9M4
	pPhzmaQxJsPNdh4I1SRfq5xiNh/BSgpv66ktzDG8guKIwD+G5DMTUqR20KQ/jw==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTP id 4dsBWJ0Cp1zZK
	for <dev-commits-src-all@FreeBSD.org>; Thu, 15 Jan 2026 05:34:36 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from git (uid 1279)
	(envelope-from git@FreeBSD.org)
	id 33ba7
	by gitrepo.freebsd.org (DragonFly Mail Agent v0.13+ on gitrepo.freebsd.org);
	Thu, 15 Jan 2026 05:34:36 +0000
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org
From: =?utf-8?Q?Jes=C3=BAs?= Daniel Colmenares Oviedo <dtxdf@FreeBSD.org>
Subject: git: 5810786791d6 - main - jexec: Add -e parameter to customize the environment
List-Id: Commit messages for all branches of the src repository <dev-commits-src-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-all
List-Help: <mailto:dev-commits-src-all+help@freebsd.org>
List-Post: <mailto:dev-commits-src-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-src-all@freebsd.org
Sender: owner-dev-commits-src-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: dtxdf
X-Git-Repository: src
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: 5810786791d61aa085170afd5a7d449dbd1ec7c6
Auto-Submitted: auto-generated
Date: Thu, 15 Jan 2026 05:34:36 +0000
Message-Id: <69687c6c.33ba7.7b15f010@gitrepo.freebsd.org>

The branch main has been updated by dtxdf:

URL: https://cgit.FreeBSD.org/src/commit/?id=5810786791d61aa085170afd5a7d449dbd1ec7c6

commit 5810786791d61aa085170afd5a7d449dbd1ec7c6
Author:     Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org>
AuthorDate: 2026-01-15 05:25:25 +0000
Commit:     Jesús Daniel Colmenares Oviedo <dtxdf@FreeBSD.org>
CommitDate: 2026-01-15 05:33:25 +0000

    jexec: Add -e parameter to customize the environment
    
    Currently, to define a new environment variable or modify an existing
    one, we need to use env(1), which may or may not be available inside
    the jail, especially in OCI containers created with the scratch
    layer (i.e., those containers that are only a single static binary,
    plus configuration files and related stuff). With this option, we
    can specify environment variables of arbitrary length for the
    specified process running inside the jail.
    
    Reviewed by:                jamie@
    Approved by:                jamie@
    Differential Revision:      https://reviews.freebsd.org/D54660
---
 usr.sbin/jexec/jexec.8 | 13 ++++++++++++-
 usr.sbin/jexec/jexec.c | 27 ++++++++++++++++++++++++---
 2 files changed, 36 insertions(+), 4 deletions(-)

diff --git a/usr.sbin/jexec/jexec.8 b/usr.sbin/jexec/jexec.8
index afcc1839ef75..595d5c2f835d 100644
--- a/usr.sbin/jexec/jexec.8
+++ b/usr.sbin/jexec/jexec.8
@@ -23,7 +23,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd March 5, 2025
+.Dd January 11, 2026
 .Dt JEXEC 8
 .Os
 .Sh NAME
@@ -33,6 +33,7 @@
 .Nm
 .Op Fl l
 .Op Fl d Ar working-directory
+.Op Oo Fl e Ar name Ns = Ns Ar value Oc ...
 .Op Fl u Ar username | Fl U Ar username
 .Ar jail Op Ar command ...
 .Sh DESCRIPTION
@@ -66,6 +67,16 @@ or
 and absent the
 .Fl d
 option, commands are run from that (possibly jailed) user's directory.
+.It Fl e Ar name Ns = Ns Ar value
+Set environment variables.
+.Pp
+This parameter allows arbitrary environment variables that are available to the process
+to be executed inside of the jail, overwriting any previously defined environment variables,
+such as those specified by the
+.Fl l
+parameter.
+.Pp
+This option can be set multiple times.
 .It Fl u Ar username
 The user name from host environment as whom the
 .Ar command
diff --git a/usr.sbin/jexec/jexec.c b/usr.sbin/jexec/jexec.c
index a1e443c5ba04..03be63cf8799 100644
--- a/usr.sbin/jexec/jexec.c
+++ b/usr.sbin/jexec/jexec.c
@@ -59,21 +59,29 @@ main(int argc, char *argv[])
 	int jid;
 	login_cap_t *lcap = NULL;
 	int ch, clean, dflag, uflag, Uflag;
+	int env_argc = argc;
+	char **env_argv = argv;
 	char *cleanenv;
 	const struct passwd *pwd = NULL;
 	const char *username, *shell, *term;
 	const char *workdir;
+	const char *jexec_args = "d:e:lnu:U:";
 
 	ch = clean = dflag = uflag = Uflag = 0;
 	username = NULL;
 	workdir = "/";
 
-	while ((ch = getopt(argc, argv, "d:lnu:U:")) != -1) {
+	while ((ch = getopt(argc, argv, jexec_args)) != -1) {
 		switch (ch) {
 		case 'd':
 			workdir = optarg;
 			dflag = 1;
 			break;
+		case 'e':
+			/* Used later. */
+			if (strchr(optarg, '=') == NULL)
+				errx(1, "%s: Invalid environment variable.", optarg);
+			break;
 		case 'l':
 			clean = 1;
 			break;
@@ -140,6 +148,19 @@ main(int argc, char *argv[])
 		endpwent();
 	}
 
+	optreset = 1;
+	optind = 1;
+
+	/* Custom environment */
+	while ((ch = getopt(env_argc, env_argv, jexec_args)) != -1) {
+		switch (ch) {
+		case 'e':
+			if (putenv(optarg) == -1)
+				err(1, "putenv");
+			break;
+		}
+	}
+
 	/* Run the specified command, or the shell */
 	if (argc > 1) {
 		if (execvp(argv[1], argv + 1) < 0)
@@ -192,7 +213,7 @@ usage(void)
 {
 
 	fprintf(stderr, "%s\n",
-	    "usage: jexec [-l] [-d working-directory] [-u username | -U username] jail\n"
-	    "       [command ...]");
+	    "usage: jexec [-l] [-d working-directory] [[-e name=value] ...]\n"
+	    "       [-u username | -U username] jail [command ...]");
 	exit(1);
 }