diff options
| author | thompsa <thompsa@FreeBSD.org> | 2008-09-16 20:18:25 +0000 |
|---|---|---|
| committer | thompsa <thompsa@FreeBSD.org> | 2008-09-16 20:18:25 +0000 |
| commit | 09662c68f913cf5e0b99bf7151dfc0ace40515e8 (patch) | |
| tree | bf9651a3b288a4be076c02ca8bdc6de09909150b /etc | |
| parent | 82e6f72dc34224fe13a479de669c39b0da9c26e2 (diff) | |
| download | FreeBSD-src-09662c68f913cf5e0b99bf7151dfc0ace40515e8.zip FreeBSD-src-09662c68f913cf5e0b99bf7151dfc0ace40515e8.tar.gz | |
Allow a jail to be started with a specific route fib.
Reviewed by: secteam (simon)
Reviewed by: brooks, bz
Diffstat (limited to 'etc')
| -rw-r--r-- | etc/defaults/rc.conf | 1 | ||||
| -rwxr-xr-x | etc/rc.d/jail | 9 |
2 files changed, 9 insertions, 1 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index ec5ec07..97be001 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -621,6 +621,7 @@ jail_sysvipc_allow="NO" # Allow SystemV IPC use from within a jail #jail_example_hostname="default.domain.com" # Jail's hostname #jail_example_ip="192.168.0.10" # Jail's IP number #jail_example_interface="" # Interface to create the IP alias on +#jail_example_fib="0" # routing table for setfib(1) #jail_example_exec_start="/bin/sh /etc/rc" # command to execute in jail for starting #jail_example_exec_afterstart0="/bin/sh command" # command to execute after the one for # starting the jail. More than one can be diff --git a/etc/rc.d/jail b/etc/rc.d/jail index d35f3f7..87eab69 100755 --- a/etc/rc.d/jail +++ b/etc/rc.d/jail @@ -83,6 +83,7 @@ init_variables() [ -z "${_flags}" ] && _flags="-l -U root" eval _consolelog=\"\${jail_${_j}_consolelog:-${jail_consolelog}}\" [ -z "${_consolelog}" ] && _consolelog="/var/log/jail_${_j}_console.log" + eval _fib=\"\${jail_${_j}_fib:-${jail_fib}}\" # Debugging aid # @@ -93,6 +94,7 @@ init_variables() debug "$_j hostname: $_hostname" debug "$_j ip: $_ip" debug "$_j interface: $_interface" + debug "$_j fib: $_fib" debug "$_j root: $_rootdir" debug "$_j devdir: $_devdir" debug "$_j fdescdir: $_fdescdir" @@ -297,6 +299,11 @@ jail_start() if [ -n "${_interface}" ]; then ifconfig ${_interface} alias ${_ip} netmask 255.255.255.255 fi + if [ -n "${_fib}" ]; then + _setfib="setfib -F '${_fib}'" + else + _setfib="" + fi if checkyesno _mount; then info "Mounting fstab for jail ${_jail} (${_fstab})" if [ ! -f "${_fstab}" ]; then @@ -350,7 +357,7 @@ jail_start() fi fi _tmp_jail=${_tmp_dir}/jail.$$ - eval jail ${_flags} -i ${_rootdir} ${_hostname} \ + eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \ ${_ip} ${_exec_start} > ${_tmp_jail} 2>&1 if [ "$?" -eq 0 ] ; then |
