Page MenuHomeFreeBSD
Files F144452393

D50241.1774650929.diff
No OneTemporary
Actions

Size
3 KB
Referenced Files
None
Subscribers
None

D50241.1774650929.diff
View Options

diff --git a/usr.sbin/ngctl/Makefile b/usr.sbin/ngctl/Makefile
--- a/usr.sbin/ngctl/Makefile
+++ b/usr.sbin/ngctl/Makefile
@@ -13,4 +13,9 @@
CFLAGS+= -DEDITLINE
LIBADD+= edit pthread
+.if ${MK_JAIL} != "no"
+CFLAGS+= -DJAIL
+LIBADD+= jail
+.endif
+
.include <bsd.prog.mk>
diff --git a/usr.sbin/ngctl/main.c b/usr.sbin/ngctl/main.c
--- a/usr.sbin/ngctl/main.c
+++ b/usr.sbin/ngctl/main.c
@@ -55,6 +55,10 @@
#include <histedit.h>
#include <pthread.h>
#endif
+#ifdef JAIL
+#include <sys/jail.h>
+#include <jail.h>
+#endif
#include <netgraph.h>
@@ -137,16 +141,17 @@
int
main(int ac, char *av[])
{
- char name[NG_NODESIZ];
- int interactive = isatty(0) && isatty(1);
- FILE *fp = NULL;
- int ch, rtn = 0;
+ char name[NG_NODESIZ];
+ int interactive = isatty(0) && isatty(1);
+ FILE *fp = NULL;
+ const char *jail_name = NULL;
+ int ch, rtn = 0;
/* Set default node name */
snprintf(name, sizeof(name), "ngctl%d", getpid());
/* Parse command line */
- while ((ch = getopt(ac, av, "df:n:")) != -1) {
+ while ((ch = getopt(ac, av, "df:j:n:")) != -1) {
switch (ch) {
case 'd':
NgSetDebug(NgSetDebug(-1) + 1);
@@ -157,18 +162,37 @@
else if ((fp = fopen(optarg, "r")) == NULL)
err(EX_NOINPUT, "%s", optarg);
break;
+ case 'j':
+#ifdef JAIL
+ if ((jail_name = optarg) == NULL)
+ Usage(NULL);
+#else
+ errx(EX_UNAVAILABLE, "not built with jail support");
+#endif
+ break;
case 'n':
snprintf(name, sizeof(name), "%s", optarg);
break;
case '?':
default:
- Usage((char *)NULL);
+ Usage(NULL);
break;
}
}
ac -= optind;
av += optind;
+ if (jail_name != NULL) {
+ int jid = jail_getid(jail_name);
+
+ if (jid == -1)
+ errx((errno == EPERM) ? EX_NOPERM : EX_NOHOST,
+ "%s", jail_errmsg);
+ if (jail_attach(jid) != 0)
+ errx((errno == EPERM) ? EX_NOPERM : EX_OSERR,
+ "cannot attach to jail");
+ }
+
/* Create a new socket node */
if (NgMkSockNode(name, &csock, &dsock) < 0)
err(EX_OSERR, "can't create node");
@@ -657,6 +681,7 @@
if (msg)
warnx("%s", msg);
fprintf(stderr,
- "usage: ngctl [-d] [-f file] [-n name] [command ...]\n");
+ "usage: ngctl [-j jail] [-d] [-f filename] [-n nodename] "
+ "[command [argument ...]]\n");
exit(EX_USAGE);
}
diff --git a/usr.sbin/ngctl/ngctl.8 b/usr.sbin/ngctl/ngctl.8
--- a/usr.sbin/ngctl/ngctl.8
+++ b/usr.sbin/ngctl/ngctl.8
@@ -39,10 +39,11 @@
.Nd netgraph control utility
.Sh SYNOPSIS
.Nm
+.Op Fl j Ar jail
.Op Fl d
.Op Fl f Ar filename
.Op Fl n Ar nodename
-.Op Ar command ...
+.Op Ar command Op Ns Ar argument ...
.Sh DESCRIPTION
The
.Nm
@@ -73,12 +74,32 @@
.Pp
The options are as follows:
.Bl -tag -width indent
-.It Fl f Ar nodeinfo
+.It Fl f Ar filename
Read commands from the named file.
A single dash represents the standard input.
Blank lines and lines starting with a
.Dq #
are ignored.
+Note that when the
+.Fl j Ar jail
+option is specified, the file will be opened before attaching to the jail and
+then be processed inside the jail.
+.It Fl j Ar jail
+Perform the actions inside the
+.Ar jail .
+.Pp
+The
+.Cm ngctl
+will first attach to the
+.Ar jail
+(by jail id or jail name) before performing the effects.
+.Pp
+This allows netgraph nodes of
+.Ar jail
+to be created, modified, and destroyed even if the
+.Cm ngctl
+binary is not available in
+.Ar jail .
.It Fl n Ar nodename
Assign
.Em nodename

File Metadata

Mime Type
text/plain
Expires
Fri, Mar 27, 10:35 PM (1 h, 59 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
28216362
Default Alt Text
D50241.1774650929.diff (3 KB)

Event Timeline