summaryrefslogtreecommitdiffstats
path: root/usr.sbin
diff options
context:
space:
mode:
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/jail/command.c39
-rw-r--r--usr.sbin/jail/jail.c43
-rw-r--r--usr.sbin/jail/jailp.h2
3 files changed, 40 insertions, 44 deletions
diff --git a/usr.sbin/jail/command.c b/usr.sbin/jail/command.c
index d79f4f9..fa6a026 100644
--- a/usr.sbin/jail/command.c
+++ b/usr.sbin/jail/command.c
@@ -94,7 +94,7 @@ next_command(struct cfjail *j)
rval = 0;
create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
- for (; (comparam = *j->comparam) && comparam != IP__OP;
+ for (; (comparam = *j->comparam);
j->comparam += create_failed ? -1 : 1) {
if (j->comstring == NULL) {
switch (comparam) {
@@ -102,6 +102,7 @@ next_command(struct cfjail *j)
if (!bool_param(j->intparams[IP_MOUNT_DEVFS]))
continue;
/* FALLTHROUGH */
+ case IP__OP:
case IP_STOP_TIMEOUT:
j->comstring = &dummystring;
break;
@@ -256,19 +257,43 @@ run_command(struct cfjail *j)
static char *cleanenv;
+ /* Perform some operations that aren't actually commands */
+ comparam = *j->comparam;
+ down = j->flags & (JF_STOP | JF_FAILED);
+ switch (comparam) {
+ case IP_STOP_TIMEOUT:
+ return term_procs(j);
+
+ case IP__OP:
+ if (down) {
+ if (jail_remove(j->jid) == 0 && verbose >= 0 &&
+ (verbose > 0 || (j->flags & JF_STOP
+ ? note_remove : j->name != NULL)))
+ jail_note(j, "removed\n");
+ j->jid = -1;
+ if (j->flags & JF_STOP)
+ dep_done(j, DF_LIGHT);
+ else
+ j->flags &= ~JF_PERSIST;
+ } else {
+ if (create_jail(j) < 0) {
+ failed(j);
+ return -1;
+ }
+ if (verbose >= 0 && (j->name || verbose > 0))
+ jail_note(j, "created\n");
+ dep_done(j, DF_LIGHT);
+ }
+ requeue(j, &ready);
+ return 1;
+ }
/*
* Collect exec arguments. Internal commands for network and
* mounting build their own argument lists.
*/
- comparam = *j->comparam;
comstring = j->comstring;
bg = 0;
- down = j->flags & (JF_STOP | JF_FAILED);
switch (comparam) {
- case IP_STOP_TIMEOUT:
- /* This isn't really a command */
- return term_procs(j);
-
case IP__IP4_IFADDR:
argv = alloca(8 * sizeof(char *));
*(const char **)&argv[0] = _PATH_IFCONFIG;
diff --git a/usr.sbin/jail/jail.c b/usr.sbin/jail/jail.c
index ff1349e..9706b8d 100644
--- a/usr.sbin/jail/jail.c
+++ b/usr.sbin/jail/jail.c
@@ -55,9 +55,9 @@ struct permspec {
};
const char *cfname;
+int note_remove;
int verbose;
-static int create_jail(struct cfjail *j);
static void clear_persist(struct cfjail *j);
static int update_jail(struct cfjail *j);
static int rdtun_params(struct cfjail *j, int dofail);
@@ -271,6 +271,7 @@ main(int argc, char **argv)
if ((docf = !Rflag &&
(!strcmp(cfname, "-") || stat(cfname, &st) == 0)))
load_config();
+ note_remove = docf || argc > 1 || wild_jail_name(argv[0]);
} else if (argc > 1 || (argc == 1 && strchr(argv[0], '='))) {
/* Single jail specified on the command line */
if (Rflag)
@@ -388,25 +389,7 @@ main(int argc, char **argv)
continue;
if (j->jid > 0)
goto jail_create_done;
- j->comparam == startcommands + 1;
- } else if (*j->comparam == IP__OP) {
- if (j->flags & JF_FAILED) {
- if (jail_remove(j->jid) == 0 &&
- verbose >= 0 &&
- (j->name || verbose > 0))
- jail_note(j, "removed\n");
- j->jid = -1;
- j->flags &= ~JF_PERSIST;
- j->comparam--;
- } else if (create_jail(j) < 0) {
- j->comparam--;
- } else {
- if (verbose >= 0 &&
- (j->name || verbose > 0))
- jail_note(j, "created\n");
- dep_done(j, DF_LIGHT);
- j->comparam++;
- }
+ j->comparam = startcommands + 1;
}
if (next_command(j))
continue;
@@ -449,19 +432,9 @@ main(int argc, char **argv)
j->name);
goto jail_remove_done;
}
- j->comparam == stopcommands + 1;
- } else if ((j->flags & JF_FAILED) && j->jid > 0) {
+ j->comparam = stopcommands + 1;
+ } else if ((j->flags & JF_FAILED) && j->jid > 0)
goto jail_remove_done;
- } else if (*j->comparam == IP__OP) {
- if (jail_remove(j->jid) == 0 &&
- verbose >= 0 &&
- (docf || argc > 1 ||
- wild_jail_name(argv[0]) || verbose > 0))
- jail_note(j, "removed\n");
- j->jid = -1;
- dep_done(j, DF_LIGHT);
- j->comparam++;
- }
if (next_command(j))
continue;
jail_remove_done:
@@ -578,7 +551,7 @@ jail_warnx(const struct cfjail *j, const char *fmt, ...)
/*
* Create a new jail.
*/
-static int
+int
create_jail(struct cfjail *j)
{
struct iovec jiov[4];
@@ -595,17 +568,14 @@ create_jail(struct cfjail *j)
if (path[0] != '/') {
jail_warnx(j, "path %s: not an absolute pathname",
path);
- failed(j);
return -1;
}
if (stat(path, &st) < 0) {
jail_warnx(j, "path %s: %s", path, strerror(errno));
- failed(j);
return -1;
}
if (!S_ISDIR(st.st_mode)) {
jail_warnx(j, "path %s: %s", path, strerror(ENOTDIR));
- failed(j);
return -1;
}
}
@@ -621,7 +591,6 @@ create_jail(struct cfjail *j)
alloca((j->njp + dopersist) * sizeof(struct jailparam));
if (dopersist && jailparam_init(sjp++, "persist") < 0) {
jail_warnx(j, "%s", jail_errmsg);
- failed(j);
return -1;
}
for (jp = j->jp; jp < j->jp + j->njp; jp++)
diff --git a/usr.sbin/jail/jailp.h b/usr.sbin/jail/jailp.h
index 204cebe..0f96655 100644
--- a/usr.sbin/jail/jailp.h
+++ b/usr.sbin/jail/jailp.h
@@ -182,6 +182,7 @@ struct cfdepend {
extern void *emalloc(size_t);
extern void *erealloc(void *, size_t);
extern char *estrdup(const char *);
+extern int create_jail(struct cfjail *j);
extern void failed(struct cfjail *j);
extern void jail_note(const struct cfjail *j, const char *fmt, ...);
extern void jail_warnx(const struct cfjail *j, const char *fmt, ...);
@@ -219,5 +220,6 @@ extern struct cfjails cfjails;
extern struct cfjails ready;
extern struct cfjails depend;
extern const char *cfname;
+extern int note_remove;
extern int paralimit;
extern int verbose;
OpenPOWER on IntegriCloud