From owner-svn-src-head@freebsd.org  Mon Jan 15 22:24:13 2018
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 50858E7B2FC;
 Mon, 15 Jan 2018 22:24:13 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org
 [IPv6:2610:1c1:1:606c::19:3])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client CN "mxrelay.nyi.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 121B872B2D;
 Mon, 15 Jan 2018 22:24:13 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org (repo.freebsd.org
 [IPv6:2610:1c1:1:6068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 37323174C7;
 Mon, 15 Jan 2018 22:24:12 +0000 (UTC)
 (envelope-from kevans@FreeBSD.org)
Received: from repo.freebsd.org ([127.0.1.37])
 by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w0FMOBtN097498;
 Mon, 15 Jan 2018 22:24:11 GMT (envelope-from kevans@FreeBSD.org)
Received: (from kevans@localhost)
 by repo.freebsd.org (8.15.2/8.15.2/Submit) id w0FMOBFn097496;
 Mon, 15 Jan 2018 22:24:11 GMT (envelope-from kevans@FreeBSD.org)
Message-Id: <201801152224.w0FMOBFn097496@repo.freebsd.org>
X-Authentication-Warning: repo.freebsd.org: kevans set sender to
 kevans@FreeBSD.org using -f
From: Kyle Evans <kevans@FreeBSD.org>
Date: Mon, 15 Jan 2018 22:24:11 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-head@freebsd.org
Subject: svn commit: r328032 - head/usr.sbin/service
X-SVN-Group: head
X-SVN-Commit-Author: kevans
X-SVN-Commit-Paths: head/usr.sbin/service
X-SVN-Commit-Revision: 328032
X-SVN-Commit-Repository: base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.25
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Jan 2018 22:24:13 -0000

Author: kevans
Date: Mon Jan 15 22:24:11 2018
New Revision: 328032
URL: https://svnweb.freebsd.org/changeset/base/328032

Log:
  service(8): Add support for interfacing with services in jails
  
  Provide a -j option that can take a jail name or id. If -j is specified,
  check that the jail exists and proxy the service request through to
  service(8) in the jail.
  
  This allows for cleaner workflows when updating services in a jail, turning
  the following:
  
  pkg -j dns upgrade
  jexec dns service named restart
  
  into:
  
  pkg -j dns upgrade
  service -j dns named restart
  
  PR:		223325
  Submitted by:	David O'Rourke (with slight changes)
  MFC after:	2 weeks

Modified:
  head/usr.sbin/service/service.8
  head/usr.sbin/service/service.sh

Modified: head/usr.sbin/service/service.8
==============================================================================
--- head/usr.sbin/service/service.8	Mon Jan 15 22:17:39 2018	(r328031)
+++ head/usr.sbin/service/service.8	Mon Jan 15 22:24:11 2018	(r328032)
@@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd December 11, 2012
+.Dd January 15, 2018
 .Dt SERVICE 8
 .Os
 .Sh NAME
@@ -32,13 +32,17 @@
 .Nd "control (start/stop/etc.) or list system services"
 .Sh SYNOPSIS
 .Nm
+.Op Fl j Ao jail name or id Ac
 .Fl e
 .Nm
+.Op Fl j Ao jail name or id Ac
 .Fl R
 .Nm
+.Op Fl j Ao jail name or id Ac
 .Op Fl v
 .Fl l | r
 .Nm
+.Op Fl j Ao jail name or id Ac
 .Op Fl v
 .Ar <rc.d script> start|stop|etc.
 .Sh DESCRIPTION
@@ -54,6 +58,8 @@ the scripts using various criteria.
 .Pp
 The options are as follows:
 .Bl -tag -width F1
+.It Fl j Ao jail name or id Ac
+Perform the given actions under the named jail.
 .It Fl e
 List services that are enabled.
 The list of scripts to check is compiled using
@@ -107,6 +113,7 @@ The following are examples of typical usage of the
 command:
 .Pp
 .Dl "service named status"
+.Dl "service -j dns named status"
 .Dl "service -rv"
 .Pp
 The following programmable completion entry can be use in

Modified: head/usr.sbin/service/service.sh
==============================================================================
--- head/usr.sbin/service/service.sh	Mon Jan 15 22:17:39 2018	(r328031)
+++ head/usr.sbin/service/service.sh	Mon Jan 15 22:24:11 2018	(r328032)
@@ -34,12 +34,13 @@ load_rc_config 'XXX'
 usage () {
 	echo ''
 	echo 'Usage:'
-	echo "${0##*/} -e"
-	echo "${0##*/} -R"
-	echo "${0##*/} [-v] -l | -r"
-	echo "${0##*/} [-v] <rc.d script> start|stop|etc."
+	echo "${0##*/} [-j <jail name or id>] -e"
+	echo "${0##*/} [-j <jail name or id>] -R"
+	echo "${0##*/} [-j <jail name or id>] [-v] -l | -r"
+	echo "${0##*/} [-j <jail name or id>] [-v] <rc.d script> start|stop|etc."
 	echo "${0##*/} -h"
 	echo ''
+	echo "-j	Perform actions within the named jail"
 	echo '-e	Show services that are enabled'
 	echo "-R	Stop and start enabled $local_startup services"
 	echo "-l	List all scripts in /etc/rc.d and $local_startup"
@@ -48,7 +49,37 @@ usage () {
 	echo ''
 }
 
-while getopts 'ehlrRv' COMMAND_LINE_ARGUMENT ; do
+accepted_argstr='jehlrRv'
+
+# Only deal with the -j option here. If found, JAIL is set and the opt and
+# arg are shifted out. OPTIND is left untouched. We strip the -j option out
+# here because we'll be proxying this invocation through to the jail via
+# jls(8) instead of handling it ourselves.
+while getopts ${accepted_argstr} COMMAND_LINE_ARGUMENT ; do
+	case "${COMMAND_LINE_ARGUMENT}" in
+	j)	JAIL="$2" ; shift ; shift ;;
+	esac
+done
+
+# If -j was provided, then we pass everthing along to the jexec command
+# and execute `service` within the named JAIL. Provided that the jail
+# actually exists, as checked by `jls`.
+# We do this so that if the jail does exist, we can then return the exit
+# code of `jexec` and it should be the exit code of whatever ran in the jail.
+# There is a race condition here in that the jail might exist at `jls` time
+# and be gone by `jexec` time, but it shouldn't be a big deal.
+if [ -n "$JAIL" ]; then
+	/usr/sbin/jls -j "$JAIL" 2>/dev/null >/dev/null
+	if [ $? -ne 0 ]; then
+		echo "Jail '$JAIL' does not exist."
+		exit 1
+	fi
+
+	/usr/sbin/jexec -l "$JAIL" /usr/sbin/service $*
+	exit $?
+fi
+
+while getopts ${accepted_argstr} COMMAND_LINE_ARGUMENT ; do
 	case "${COMMAND_LINE_ARGUMENT}" in
 	e)	ENABLED=eopt ;;
 	h)	usage ; exit 0 ;;