The branch main has been updated by lwhsu:
URL:
https://cgit.FreeBSD.org/src/commit/?id=7e49aa86a2824e76e9d9becf61db12066bc0d79d
commit 7e49aa86a2824e76e9d9becf61db12066bc0d79d
Author: Yan Ka Chiu <n...@myuji.xyz>
AuthorDate: 2023-05-23 20:39:22 +0000
Commit: Li-Wen Hsu <lw...@freebsd.org>
CommitDate: 2023-05-23 20:39:22 +0000
ifconfig(8): Teach ifconfig to attach and run itself in a jail
Add -j <jail> flag to ifconfig to allow ifconfig to attach and run inside a
jail. This allow parent to configure network interfaces of its children
even if ifconfig is not available in child's tree (e.g. Linux Jails)
Reviewed by: emaste, khng, melifaro
Event: Kitchener-Waterloo Hackathon 202305
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D40213
---
sbin/ifconfig/ifconfig.8 | 24 +++++++++++++++++++++++-
sbin/ifconfig/ifconfig.c | 38 +++++++++++++++++++++++++++++++-------
sbin/ifconfig/ifconfig.h | 1 +
3 files changed, 55 insertions(+), 8 deletions(-)
diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8
index 4669e96e28e6..a7e1bb26d81a 100644
--- a/sbin/ifconfig/ifconfig.8
+++ b/sbin/ifconfig/ifconfig.8
@@ -28,7 +28,7 @@
.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94
.\" $FreeBSD$
.\"
-.Dd March 6, 2023
+.Dd May 22, 2023
.Dt IFCONFIG 8
.Os
.Sh NAME
@@ -36,6 +36,7 @@
.Nd configure network interface parameters
.Sh SYNOPSIS
.Nm
+.Op Fl j Ar jail
.Op Fl kLmn
.Op Fl f Ar type Ns Cm \&: Ns Ar format
.Ar interface
@@ -49,9 +50,11 @@
.Oc
.Op Ar parameters
.Nm
+.Op Fl j Ar jail
.Ar interface
.Cm destroy
.Nm
+.Op Fl j Ar jail
.Fl a
.Op Fl dkLmuv
.Op Fl f Ar type Ns Cm \&: Ns Ar format
@@ -61,13 +64,16 @@
.Nm
.Fl C
.Nm
+.Op Fl j Ar jail
.Fl g Ar groupname
.Nm
+.Op Fl j Ar jail
.Fl l
.Op Fl du
.Op Fl g Ar groupname
.Op Ar address_family
.Nm
+.Op Fl j Ar jail
.Op Fl dkLmuv
.Op Fl f Ar type Ns Cm \&: Ns Ar format
.Sh DESCRIPTION
@@ -233,6 +239,22 @@ Setting
to
.Cm all
selects all interfaces.
+.It Fl j Ar jail
+Perform the actions inside the
+.Ar jail .
+.Pp
+The
+.Cm ifconfig
+will first attach to the
+.Ar jail
+(by jail id or jail name) before performing the effects.
+.Pp
+This allow network interfaces of
+.Ar jail
+to be configured even if the
+.Cm ifconfig
+binary is not available in
+.Ar jail .
.It Fl k
Print keying information for the
.Ar interface ,
diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c
index c5e7b7befc72..e1467e661657 100644
--- a/sbin/ifconfig/ifconfig.c
+++ b/sbin/ifconfig/ifconfig.c
@@ -42,6 +42,9 @@ static const char rcsid[] =
#include <sys/param.h>
#include <sys/ioctl.h>
+#ifdef JAIL
+#include <sys/jail.h>
+#endif
#include <sys/module.h>
#include <sys/linker.h>
#include <sys/nv.h>
@@ -184,12 +187,12 @@ usage(void)
}
fprintf(stderr,
- "usage: ifconfig [-f type:format] %sinterface address_family\n"
+ "usage: ifconfig [-j jail] [-f type:format] %sinterface
address_family\n"
" [address [dest_address]] [parameters]\n"
- " ifconfig interface create\n"
- " ifconfig -a %s[-d] [-m] [-u] [-v] [address_family]\n"
- " ifconfig -l [-d] [-u] [address_family]\n"
- " ifconfig %s[-d] [-m] [-u] [-v]\n",
+ " ifconfig [-j jail] interface create\n"
+ " ifconfig [-j jail] -a %s[-d] [-m] [-u] [-v] [address_family]\n"
+ " ifconfig [-j jail] -l [-d] [-u] [address_family]\n"
+ " ifconfig [-j jail] %s[-d] [-m] [-u] [-v]\n",
options, options, options);
exit(1);
}
@@ -437,7 +440,7 @@ args_parse(struct ifconfig_args *args, int argc, char
*argv[])
int c;
/* Parse leading line options */
- strlcpy(options, "G:adf:klmnuv", sizeof(options));
+ strlcpy(options, "G:adf:j:klmnuv", sizeof(options));
for (p = opts; p != NULL; p = p->next)
strlcat(options, p->opt, sizeof(options));
while ((c = getopt(argc, argv, options)) != -1) {
@@ -458,6 +461,15 @@ args_parse(struct ifconfig_args *args, int argc, char
*argv[])
usage();
args->nogroup = optarg;
break;
+ case 'j':
+#ifdef JAIL
+ if (optarg == NULL)
+ usage();
+ args->jail_name = optarg;
+#else
+ Perror("not built with jail support");
+#endif
+ break;
case 'k':
args->printkeys = true;
break;
@@ -547,7 +559,9 @@ main(int ac, char *av[])
char *envformat;
size_t iflen;
int flags;
-
+#ifdef JAIL
+ int jid;
+#endif
f_inet = f_inet6 = f_ether = f_addr = NULL;
lifh = ifconfig_open();
@@ -566,6 +580,16 @@ main(int ac, char *av[])
args_parse(&args, ac, av);
+#ifdef JAIL
+ if (args.jail_name) {
+ jid = jail_getid(args.jail_name);
+ if (jid == -1)
+ Perror("jail not found");
+ if (jail_attach(jid) != 0)
+ Perror("cannot attach to jail");
+ }
+#endif
+
if (!args.all && !args.namesonly) {
/* not listing, need an argument */
args.ifname = args_pop(&args);
diff --git a/sbin/ifconfig/ifconfig.h b/sbin/ifconfig/ifconfig.h
index 7b2b88a4dfac..1df94f357c43 100644
--- a/sbin/ifconfig/ifconfig.h
+++ b/sbin/ifconfig/ifconfig.h
@@ -219,6 +219,7 @@ struct ifconfig_args {
const char *matchgroup; /* Group name to match */
const char *nogroup; /* Group name to exclude */
const struct afswtch *afp; /* AF we're operating on */
+ const char *jail_name; /* Jail name or jail id specified */
};
struct option {
