Date: Wed, 16 Aug 2023 12:32:13 GMT From: Doug Rabson <dfr@FreeBSD.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-branches@FreeBSD.org Subject: git: 3af770071046 - stable/13 - ifconfig(8): Teach ifconfig to attach and run itself in a jail Message-ID: <202308161232.37GCWDrb023356@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help
The branch stable/13 has been updated by dfr: URL: https://cgit.FreeBSD.org/src/commit/?id=3af7700710466b330e54307ff5bc5ea6bb91fec4 commit 3af7700710466b330e54307ff5bc5ea6bb91fec4 Author: Yan Ka Chiu <nyan@myuji.xyz> AuthorDate: 2023-05-23 20:39:22 +0000 Commit: Doug Rabson <dfr@FreeBSD.org> CommitDate: 2023-08-16 12:25:57 +0000 ifconfig(8): Teach ifconfig to attach and run itself in a jail Add -j <jail> flag to ifconfig to allow ifconfig to attach and run inside a jail. This allow parent to configure network interfaces of its children even if ifconfig is not available in child's tree (e.g. Linux Jails) Reviewed by: emaste, khng, melifaro Event: Kitchener-Waterloo Hackathon 202305 MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D40213 (cherry picked from commit 7e49aa86a2824e76e9d9becf61db12066bc0d79d) --- sbin/ifconfig/ifconfig.8 | 22 ++++++++++++++++++++++ sbin/ifconfig/ifconfig.c | 40 ++++++++++++++++++++++++++++++++++------ 2 files changed, 56 insertions(+), 6 deletions(-) diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8 index e7d41da45bec..651d64fb31df 100644 --- a/sbin/ifconfig/ifconfig.8 +++ b/sbin/ifconfig/ifconfig.8 @@ -36,6 +36,7 @@ .Nd configure network interface parameters .Sh SYNOPSIS .Nm +.Op Fl j Ar jail .Op Fl kLmn .Op Fl f Ar type Ns Cm \&: Ns Ar format .Ar interface @@ -49,9 +50,11 @@ .Oc .Op Ar parameters .Nm +.Op Fl j Ar jail .Ar interface .Cm destroy .Nm +.Op Fl j Ar jail .Fl a .Op Fl dkLmuv .Op Fl f Ar type Ns Cm \&: Ns Ar format @@ -61,13 +64,16 @@ .Nm .Fl C .Nm +.Op Fl j Ar jail .Fl g Ar groupname .Nm +.Op Fl j Ar jail .Fl l .Op Fl du .Op Fl g Ar groupname .Op Ar address_family .Nm +.Op Fl j Ar jail .Op Fl dkLmuv .Op Fl f Ar type Ns Cm \&: Ns Ar format .Sh DESCRIPTION @@ -233,6 +239,22 @@ Setting to .Cm all selects all interfaces. +.It Fl j Ar jail +Perform the actions inside the +.Ar jail . +.Pp +The +.Cm ifconfig +will first attach to the +.Ar jail +(by jail id or jail name) before performing the effects. +.Pp +This allow network interfaces of +.Ar jail +to be configured even if the +.Cm ifconfig +binary is not available in +.Ar jail . .It Fl k Print keying information for the .Ar interface , diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c index 6deeebba9f01..f93a97572a78 100644 --- a/sbin/ifconfig/ifconfig.c +++ b/sbin/ifconfig/ifconfig.c @@ -42,6 +42,9 @@ static const char rcsid[] = #include <sys/param.h> #include <sys/ioctl.h> +#ifdef JAIL +#include <sys/jail.h> +#endif #include <sys/module.h> #include <sys/linker.h> #include <sys/queue.h> @@ -189,12 +192,12 @@ usage(void) } fprintf(stderr, - "usage: ifconfig [-f type:format] %sinterface address_family\n" + "usage: ifconfig [-j jail] [-f type:format] %sinterface address_family\n" " [address [dest_address]] [parameters]\n" - " ifconfig interface create\n" - " ifconfig -a %s[-d] [-m] [-u] [-v] [address_family]\n" - " ifconfig -l [-d] [-u] [address_family]\n" - " ifconfig %s[-d] [-m] [-u] [-v]\n", + " ifconfig [-j jail] interface create\n" + " ifconfig [-j jail] -a %s[-d] [-m] [-u] [-v] [address_family]\n" + " ifconfig [-j jail] -l [-d] [-u] [address_family]\n" + " ifconfig [-j jail] %s[-d] [-m] [-u] [-v]\n", options, options, options); exit(1); } @@ -412,12 +415,18 @@ main(int argc, char *argv[]) struct ifreq paifr; const struct sockaddr_dl *sdl; char options[1024], *cp, *envformat, *namecp = NULL; +#ifdef JAIL + char *jail_name = NULL; +#endif struct ifa_queue q = TAILQ_HEAD_INITIALIZER(q); struct ifa_order_elt *cur, *tmp; const char *ifname, *matchgroup, *nogroup; struct option *p; size_t iflen; int flags; +#ifdef JAIL + int jid; +#endif all = downonly = uponly = namesonly = noload = verbose = 0; f_inet = f_inet6 = f_ether = f_addr = NULL; @@ -438,7 +447,7 @@ main(int argc, char *argv[]) atexit(printifnamemaybe); /* Parse leading line options */ - strlcpy(options, "G:adf:klmnuv", sizeof(options)); + strlcpy(options, "G:adf:j:klmnuv", sizeof(options)); for (p = opts; p != NULL; p = p->next) strlcat(options, p->opt, sizeof(options)); while ((c = getopt(argc, argv, options)) != -1) { @@ -459,6 +468,15 @@ main(int argc, char *argv[]) usage(); nogroup = optarg; break; + case 'j': +#ifdef JAIL + if (optarg == NULL) + usage(); + jail_name = optarg; +#else + Perror("not built with jail support"); +#endif + break; case 'k': printkeys++; break; @@ -511,6 +529,16 @@ main(int argc, char *argv[]) if (!namesonly && argc < 1) all = 1; +#ifdef JAIL + if (jail_name) { + jid = jail_getid(jail_name); + if (jid == -1) + Perror("jail not found"); + if (jail_attach(jid) != 0) + Perror("cannot attach to jail"); + } +#endif + /* -a and -l allow an address family arg to limit the output */ if (all || namesonly) { if (argc > 1)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202308161232.37GCWDrb023356>