mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-15 21:05:08 +00:00
route(8): teach route to attach to jails
Add -j <jail> flag to route(8) to allow route to perform actions in a Jail. Differential Revision: https://reviews.freebsd.org/D40377 MFC after: 2 weeks
This commit is contained in:
parent
0eb0d23335
commit
ab4d1b73cb
|
@ -25,6 +25,11 @@ SRCS+= route_netlink.c
|
|||
CFLAGS+=-DWITHOUT_NETLINK
|
||||
.endif
|
||||
|
||||
.if ${MK_JAIL} != "no" && !defined(RESCUE)
|
||||
CFLAGS+= -DJAIL
|
||||
LIBADD+= jail
|
||||
.endif
|
||||
|
||||
HAS_TESTS=
|
||||
SUBDIR.${MK_TESTS}+= tests
|
||||
|
||||
|
|
|
@ -28,7 +28,7 @@
|
|||
.\" @(#)route.8 8.3 (Berkeley) 3/19/94
|
||||
.\" $FreeBSD$
|
||||
.\"
|
||||
.Dd March 14, 2023
|
||||
.Dd June 13, 2023
|
||||
.Dt ROUTE 8
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -36,6 +36,7 @@
|
|||
.Nd manually manipulate the routing tables
|
||||
.Sh SYNOPSIS
|
||||
.Nm
|
||||
.Op Fl j Ar jail
|
||||
.Op Fl dnqtv
|
||||
.Ar command
|
||||
.Oo
|
||||
|
@ -91,6 +92,8 @@ Suppress all output from the
|
|||
and
|
||||
.Cm flush
|
||||
commands.
|
||||
.It Fl j Ar jail
|
||||
Run inside a jail.
|
||||
.El
|
||||
.Pp
|
||||
The
|
||||
|
|
|
@ -48,6 +48,9 @@ __FBSDID("$FreeBSD$");
|
|||
#include <sys/file.h>
|
||||
#include <sys/socket.h>
|
||||
#include <sys/ioctl.h>
|
||||
#ifdef JAIL
|
||||
#include <sys/jail.h>
|
||||
#endif
|
||||
#include <sys/sysctl.h>
|
||||
#include <sys/types.h>
|
||||
#include <sys/queue.h>
|
||||
|
@ -63,6 +66,9 @@ __FBSDID("$FreeBSD$");
|
|||
#include <ctype.h>
|
||||
#include <err.h>
|
||||
#include <errno.h>
|
||||
#ifdef JAIL
|
||||
#include <jail.h>
|
||||
#endif
|
||||
#include <paths.h>
|
||||
#include <signal.h>
|
||||
#include <stdbool.h>
|
||||
|
@ -91,6 +97,9 @@ static struct keytab {
|
|||
};
|
||||
|
||||
int verbose, debugonly;
|
||||
#ifdef JAIL
|
||||
char * jail_name;
|
||||
#endif
|
||||
static struct sockaddr_storage so[RTAX_MAX];
|
||||
static int pid, rtm_addrs;
|
||||
static int nflag, af, aflen, qflag, tflag;
|
||||
|
@ -172,7 +181,7 @@ usage(const char *cp)
|
|||
{
|
||||
if (cp != NULL)
|
||||
warnx("bad keyword: %s", cp);
|
||||
errx(EX_USAGE, "usage: route [-46dnqtv] command [[modifiers] args]");
|
||||
errx(EX_USAGE, "usage: route [-j jail] [-46dnqtv] command [[modifiers] args]");
|
||||
/* NOTREACHED */
|
||||
}
|
||||
|
||||
|
@ -180,12 +189,15 @@ int
|
|||
main(int argc, char **argv)
|
||||
{
|
||||
int ch;
|
||||
#ifdef JAIL
|
||||
int jid;
|
||||
#endif
|
||||
size_t len;
|
||||
|
||||
if (argc < 2)
|
||||
usage(NULL);
|
||||
|
||||
while ((ch = getopt(argc, argv, "46nqdtv")) != -1)
|
||||
while ((ch = getopt(argc, argv, "46nqdtvj:")) != -1)
|
||||
switch(ch) {
|
||||
case '4':
|
||||
#ifdef INET
|
||||
|
@ -218,6 +230,15 @@ main(int argc, char **argv)
|
|||
case 'd':
|
||||
debugonly = 1;
|
||||
break;
|
||||
case 'j':
|
||||
#ifdef JAIL
|
||||
if (optarg == NULL)
|
||||
usage(NULL);
|
||||
jail_name = optarg;
|
||||
#else
|
||||
errx(1, "Jail support is not compiled in");
|
||||
#endif
|
||||
break;
|
||||
case '?':
|
||||
default:
|
||||
usage(NULL);
|
||||
|
@ -227,6 +248,17 @@ main(int argc, char **argv)
|
|||
|
||||
pid = getpid();
|
||||
uid = geteuid();
|
||||
|
||||
#ifdef JAIL
|
||||
if (jail_name != NULL) {
|
||||
jid = jail_getid(jail_name);
|
||||
if (jid == -1)
|
||||
errx(1, "Jail not found");
|
||||
if (jail_attach(jid) != 0)
|
||||
errx(1, "Cannot attach to jail");
|
||||
}
|
||||
#endif
|
||||
|
||||
#ifdef WITHOUT_NETLINK
|
||||
if (tflag)
|
||||
s = open(_PATH_DEVNULL, O_WRONLY, 0);
|
||||
|
|
Loading…
Reference in a new issue