Skip to content

0005 jail: make '-cm' run 'command=' in modify case as well #6

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ihoro wants to merge 1 commit into from
Closed

0005 jail: make '-cm' run 'command=' in modify case as well #6

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions usr.sbin/jail/config.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -470,6 +470,25 @@ add_param(struct cfjail *j, const struct cfparam *p, enum intparam ipnum,
}
}

/*
* Return if nopersist parameter is explicitly provided.
*/
int
transition_to_nopersist(struct cfjail *j)
{
struct jailparam *jp;

// check if outcome of params sequence is that it's still persist
if (bool_param(j->intparams[KP_PERSIST]))
return 0;

for (jp = j->jp; jp < j->jp + j->njp; jp++)
if (equalopts(jp->jp_name, "persist"))
return 1;

return 0;
}

/*
* Return if a boolean parameter exists and is true.
*/
Expand Down
38 changes: 35 additions & 3 deletions usr.sbin/jail/jail.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,13 @@ static const enum intparam startcommands[] = {
IP__NULL
};

static const enum intparam startsetcommands[] = {
IP__NULL,
IP_EXEC_START,
IP_COMMAND,
IP__NULL
};

static const enum intparam stopcommands[] = {
IP__NULL,
IP_EXEC_PRESTOP,
Expand Down Expand Up @@ -412,7 +419,7 @@ main(int argc, char **argv)
* depending on the jail's current status.
*/
case JF_START_SET:
j->flags = j->jid < 0 ? JF_START : JF_SET;
j->flags = j->jid < 0 ? JF_START : JF_START_SET;
break;
case JF_SET_RESTART:
if (j->jid < 0) {
Expand Down Expand Up @@ -477,6 +484,29 @@ main(int argc, char **argv)
dep_done(j, 0);
break;

case JF_START_SET:
if (dep_check(j))
continue;
if (transition_to_nopersist(j) &&
(j->intparams[IP_EXEC_START] ||
j->intparams[IP_COMMAND])) {
j->flags |= JF_PERSIST;
}
if (!(j->flags & JF_DEPEND) && j->comparam == NULL) {
if (rdtun_params(j, 1) < 0 ||
update_jail(j) < 0)
continue;
if (verbose >= 0 && (j->name || verbose > 0))
jail_note(j, "updated\n");
j->comparam = startsetcommands;
j->comstring = NULL;
}
if (next_command(j))
continue;
clear_persist(j);
dep_done(j, 0);
break;

case JF_STOP:
case JF_RESTART:
if (j->comparam == NULL) {
Expand Down Expand Up @@ -758,7 +788,8 @@ update_jail(struct cfjail *j)

ns = 0;
for (jp = j->jp; jp < j->jp + j->njp; jp++)
if (!JP_RDTUN(jp))
if (!JP_RDTUN(jp) && !((j->flags & JF_PERSIST) &&
equalopts(jp->jp_name, "persist")))
ns++;
if (ns == 0)
return 0;
Expand All @@ -770,7 +801,8 @@ update_jail(struct cfjail *j)
return -1;
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
if (!JP_RDTUN(jp))
if (!JP_RDTUN(jp) && !((j->flags & JF_PERSIST) &&
equalopts(jp->jp_name, "persist")))
*++sjp = *jp;

jid = jailparam_set_note(j, setparams, ns,
Expand Down
1 change: 1 addition & 0 deletions usr.sbin/jail/jailp.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -218,6 +218,7 @@ extern void include_config(void *scanner, const char *cfname);
extern struct cfjail *add_jail(void);
extern void add_param(struct cfjail *j, const struct cfparam *p,
enum intparam ipnum, const char *value);
extern int transition_to_nopersist(struct cfjail *j);
extern int bool_param(const struct cfparam *p);
extern int int_param(const struct cfparam *p, int *ip);
extern const char *string_param(const struct cfparam *p);
Expand Down