Add zfs.dataset to jail(8) to add a list of ZFS datasets.
Bump FreeBSD version for jail managers to switch to native
dataset support.
Datasets are attached to the jail after the jail creation and
before the execution of any start command. Unlike current
implementations in jail managers which attach datasets after
the start command, this allows the zfs rc.d script to mount
the datasets on start.
Discussed with: jamie
Currently, a prison in "dying" state (removed but still holding
resources) can be brought back to alive state via "jail -d", or
the JAIL_DYING flag to jail_set(2). This seemed like a good idea
at the time.
Its main use was to improve support for specifying the jid when
creating a jail, which also seemed like a good idea at the time.
But resurrecting a jail that was partway through thr process of
shutting down is trouble waiting to happen.
This patch deprecates that flag, leaving it as a no-op for creating
jails (but still useful for looking at dying jails). It sill allows
creating a new jail with the same jid as a dying one, but will renumber
the old one in that case. That's imperfect, but allows for current
behavior.
Reviewed by: bz
Differential Revision: https://reviews.freebsd.org/D28150
Apply the following automated changes to try to eliminate
no-longer-needed sys/cdefs.h includes as well as now-empty
blank lines in a row.
Remove /^#if.*\n#endif.*\n#include\s+<sys/cdefs.h>.*\n/
Remove /\n+#include\s+<sys/cdefs.h>.*\n+#if.*\n#endif.*\n+/
Remove /\n+#if.*\n#endif.*\n+/
Remove /^#if.*\n#endif.*\n/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/types.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/param.h>/
Remove /\n+#include\s+<sys/cdefs.h>\n#include\s+<sys/capsicum.h>/
Sponsored by: Netflix
Escape a period that caused a line not to be includesd. Also mention
that glob(3) patterns may be included, and a consequence of that.
PR: 273561
Reported by: crest@rlwinm.de
Reviewed by: emaste
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D41723
Prior to this commit privileged accounts in a jail could not access to the
filesystem extended attributes in the system namespace. To control access to
the system namespace in a per-jail basis add a new configuration parameter
allow.extattr which is off by default.
Reported by: zirias
Tested by: zirias
Obtained from: HardenedBSD
Reviewed by: kevans, jamie
Differential revision: https://reviews.freebsd.org/D41643
MFC after: 1 week
Relnotes: yes
The synopsis section of jail(8) is fine at showing everything that could
be on the command line, but doesn't make much sense. Add some sub-
ections for the different uses of the command.
Also fix up the paragraph about command-line parameter specification,
including removing some clearly erroneous information.
Reviewed by: dvl
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D41606
In most cases, usage does not return, so mark them as __dead2. For the
cases where they do return, they have not been marked __dead2.
Reviewed by: imp
Pull Request: https://github.com/freebsd/freebsd-src/pull/735
This is in the generated parser when using %pure-parser.
y.tab.c:382:14: error: variable 'yynerrs' set but not used [-Werror,-Wunused-but-set-variable]
int yynerrs;
^
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D40671
Make the jail.conf specification recursive, with jail definitions
allowed within a jail's parameter list, just as they are allowed
at the top level. Such inner jails are part of the outer jail's
hierarchy, as if they were specified with hierarchical names.
The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.
Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix
This patch updates the information for "allow.nfsd"
and adds configuration information.
This is a content change.
Reviewed by: karels, markj, pauamma (manpages)
MFC after: 3 months
Differential Revision: https://reviews.freebsd.org/D39033
Commit bba7a2e896 added "allow.nfsd" to optionally allow
mountd/nfsd to be run inside a vnet prison when the kernel
is built with "options VNET_NFSD".
This patch updates the man page for this change.
This is a content change.
Reviewed by: jamie, bcr (manpages)
MFC after: 4 months
Differential Revision: https://reviews.freebsd.org/D37665
named(8) hasn't been in base for some time. Remove all references to it in
manual pages.
Approved by: manpages (Pau Amma)
Differential Revision: https://reviews.freebsd.org/D35586
Avoid a null dereference when a value-less jailsys parameter is passed
to "jail -m". There was already code to handle boolean parameters,
but in reality any parameter could be passed without a value.
Some people expect jail.conf(5) to have a list of jail parameters.
jail(8) contains a comprehensive list of all parameters to be used during jail
invocation or in jail.conf.
Highlighting where to look for jail parameters seems a reasonable solution.
PR: 244569
Reported by: joneum@
Approved by: 0mp (manpages, mentor)
Reviewed by: debdrup
Differential Revision: https://reviews.freebsd.org/D28701
Recent changes have made it such that attaching to a jail will augment
the attaching process' cpu mask with the jail's cpuset. While this is
convenient for allowing the administrator to cpuset arbitrary programs
that will attach to a jail, this is decidedly not convenient for
executing long-running daemons during jail creation.
This change inserts a reset of the process cpuset to the root cpuset
between the fork and attach to execute a command. This allows commands
executed to have the widest mask possible, and the administrator can
cpuset(1) it back down inside the jail as needed.
With this applied, one should be able to change a jail's cpuset at
exec.poststart in addition to exec.created. The former was made
difficult if jail(8) itself was running with a constrained set, as then
some processes may have been spawned inside the jail with a non-root
set. The latter is the preferred option so that processes starting in
the jail are constrained appropriately up front.
Note that all system commands are still run with the process' initial
cpuset applied.
PR: 253724
MFC after: 3 days
Reviewed by: jamie
Differential Revision: https://reviews.freebsd.org/D29008
These tests create jails with the same name, so they cannot be run in
parallel.
Reviewed By: lwhsu
Differential Revision: https://reviews.freebsd.org/D28482
The suser_enable sysctl allows to remove a privileged rights from uid 0.
This change introduce per jail setting which allow to make root a
normal user.
Reviewed by: jamie
Previous version reviewed by: kevans, emaste, markj, me_igalic.co
Discussed with: pjd
Differential Revision: https://reviews.freebsd.org/D27128
clash, or redefining name/jid). The current behvaior, of merely warning
and moving on, can lead to unexpected behavior when a jail is created
without the offending parameter defined at all.
This change introduces new jail command hooks that run before and after any
other actions.
The exec.prepare hook can be used for example to invoke a script that checks
if the jail's root exists, creating it if it does not. Since arbitrary
variables in jail.conf can be passed to the command, it can be pretty useful
for templating jails.
An example use case for exec.release would be to remove the filesystem of an
ephemeral jail.
The names "prepare" and "release" are borrowed from the names of similar hooks
in libvirt.
Reviewed by: jamie, manpages, mmacy
Approved by: mmacy (mentor)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24829
description for "jail -e" mode to show that it does not take
additional jail name argument.
Reported by: David Marec <david.marec@davenulle.org>
MFC after: 3 days
jail(8) would try to use strcpy to remove the interface from the start of
an IP address. This is undefined, and on arm64 will result in unexpected
IPv6 addresses.
Fix this by using memmove top move the string.
PR: 245102
Reported by: sbruno
MFC after: 2 weeks
Sponsored by: Innovate UK
This reapplies the RISC-V GNU ld workaround from r354896, r354899, and
354900, along with a fix for the build failure during cleandir.
LINKER_TYPE was not being set during cleandir, resulting in
Malformed conditional (${LINKER_TYPE} == "bfd" && ${MACHINE} == "riscv")
from Cirrus-CI.
PR: 242109
Sponsored by: The FreeBSD Foundation