From owner-svn-src-stable@FreeBSD.ORG  Thu Oct 17 06:48:44 2013
Return-Path: <owner-svn-src-stable@FreeBSD.ORG>
Delivered-To: svn-src-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 4F62C4D7;
 Thu, 17 Oct 2013 06:48:44 +0000 (UTC) (envelope-from hrs@FreeBSD.org)
Received: from svn.freebsd.org (svn.freebsd.org
 [IPv6:2001:1900:2254:2068::e6a:0])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3BCB426E5;
 Thu, 17 Oct 2013 06:48:44 +0000 (UTC)
Received: from svn.freebsd.org ([127.0.1.70])
 by svn.freebsd.org (8.14.7/8.14.7) with ESMTP id r9H6milX086772;
 Thu, 17 Oct 2013 06:48:44 GMT (envelope-from hrs@svn.freebsd.org)
Received: (from hrs@localhost)
 by svn.freebsd.org (8.14.7/8.14.5/Submit) id r9H6mipU086771;
 Thu, 17 Oct 2013 06:48:44 GMT (envelope-from hrs@svn.freebsd.org)
Message-Id: <201310170648.r9H6mipU086771@svn.freebsd.org>
From: Hiroki Sato <hrs@FreeBSD.org>
Date: Thu, 17 Oct 2013 06:48:44 +0000 (UTC)
To: src-committers@freebsd.org, svn-src-all@freebsd.org,
 svn-src-stable@freebsd.org, svn-src-stable-10@freebsd.org
Subject: svn commit: r256668 - stable/10/etc/rc.d
X-SVN-Group: stable-10
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-BeenThere: svn-src-stable@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: SVN commit messages for all the -stable branches of the src tree
 <svn-src-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-stable>
List-Post: <mailto:svn-src-stable@freebsd.org>
List-Help: <mailto:svn-src-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/svn-src-stable>,
 <mailto:svn-src-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Oct 2013 06:48:44 -0000

Author: hrs
Date: Thu Oct 17 06:48:43 2013
New Revision: 256668
URL: http://svnweb.freebsd.org/changeset/base/256668

Log:
  MFC 256440, 256498:
  
   - Normalize jailname.  "example.com" is converted to "example_com".
   - Fix a bug that some $jail_{jname}_foo variables did not work.
   - Fix a bug which prevented $jail_devfs_ruleset from working[1].
   - Move $jail_parameters to the last of the configuraiton lines[1].
   - Fix "ifname|addr" syntax support in jail_{jname}_ip.
   - Create /var/run/jail_{jname}.id because ezjail-admin depends on it.
  
  Reported by:	jase [1]
  Approved by:	re (gjb)

Modified:
  stable/10/etc/rc.d/jail
Directory Properties:
  stable/10/etc/rc.d/   (props changed)

Modified: stable/10/etc/rc.d/jail
==============================================================================
--- stable/10/etc/rc.d/jail	Thu Oct 17 06:14:32 2013	(r256667)
+++ stable/10/etc/rc.d/jail	Thu Oct 17 06:48:43 2013	(r256668)
@@ -22,7 +22,7 @@ status_cmd="jail_status"
 extra_commands="config console status"
 : ${jail_conf:=/etc/jail.conf}
 : ${jail_program:=/usr/sbin/jail}
-: ${jail_consolecmd:=/bin/sh}
+: ${jail_consolecmd:=/usr/bin/login -f root}
 : ${jail_jexec:=/usr/sbin/jexec}
 : ${jail_jls:=/usr/sbin/jls}
 
@@ -94,7 +94,7 @@ extract_var()
 #
 parse_options()
 {
-	local _j
+	local _j _p
 	_j=$1
 
 	_confwarn=0
@@ -166,7 +166,7 @@ parse_options()
 			jail_handle_ips_option $_ip $_interface
 			alias=0
 			while : ; do
-				eval _x=\"\$jail_${_jail}_ip_multi${alias}\"
+				eval _x=\"\$jail_${_j}_ip_multi${alias}\"
 				[ -z "$_x" ] && break
 
 				jail_handle_ips_option $_x $_interface
@@ -208,6 +208,7 @@ parse_options()
 		eval : \${jail_${_j}_devfs_enable:=${jail_devfs_enable:-NO}}
 		if checkyesno jail_${_j}_devfs_enable; then
 			echo "	mount.devfs;"
+			eval _ruleset=\${jail_${_j}_devfs_ruleset:-${jail_devfs_ruleset}}
 			case $_ruleset in
 			"")	;;
 			[0-9]*) echo "	devfs_ruleset = \"$_ruleset\";" ;;
@@ -217,7 +218,7 @@ parse_options()
 				# mount(8) only accepts an integer. 
 				# This should accept a ruleset name.
 			;;
-			*)	warn "devfs_ruleset must be integer." ;;
+			*)	warn "devfs_ruleset must be an integer." ;;
 			esac
 			if [ -r $_fstab ]; then
 				echo "	mount.fstab = \"$_fstab\";"
@@ -234,8 +235,6 @@ parse_options()
 			    "\"procfs ${_rootdir%/}/proc procfs rw 0 0\";"
 		fi
 
-		echo "	${_parameters};"
-
 		eval : \${jail_${_j}_mount_enable:=${jail_mount_enable:-NO}}
 		if checkyesno jail_${_j}_mount_enable; then
 			echo "	allow.mount;" >> $_conf
@@ -243,6 +242,9 @@ parse_options()
 
 		extract_var $_j set_hostname_allow allow.set_hostname YN NO
 		extract_var $_j sysvipc_allow allow.sysvipc YN NO
+		for _p in $_parameters; do
+			echo "	${_p%\;};"
+		done
 		echo "}"
 	) >> $_conf
 
@@ -327,9 +329,9 @@ jail_extract_address()
 #
 jail_handle_ips_option()
 {
-	local _x _type _i _iface
+	local _x _type _i _defif
 	_x=$1
-	_iface=$2
+	_defif=$2
 
 	if [ -z "${_x}" ]; then
 		# No IP given. This can happen for the primary address
@@ -353,7 +355,8 @@ jail_handle_ips_option()
 		_type=""
 		_addr=""
 		_mask=""
-		jail_extract_address $_i $_iface
+		_iface=""
+		jail_extract_address $_i $_defif
 
 		# make sure we got an address.
 		case $_addr in
@@ -364,10 +367,10 @@ jail_handle_ips_option()
 		# Append address to list of addresses for the jail command.
 		case $_type in
 		inet)
-			echo "	ip4.addr += \"${_addr}${_mask}\";"
+			echo "	ip4.addr += \"${_iface}|${_addr}${_mask}\";"
 		;;
 		inet6)
-			echo "	ip6.addr += \"${_addr}${_mask}\";"
+			echo "	ip6.addr += \"${_iface}|${_addr}${_mask}\";"
 			need_dad_wait=1
 		;;
 		esac
@@ -376,26 +379,35 @@ jail_handle_ips_option()
 
 jail_config()
 {
+	local _j
+
 	case $1 in
 	_ALL)	return ;;
 	esac
-	for _jail in $@; do
-		if parse_options $_jail; then 
-			echo "$_jail: parameters are in $_conf."
+	for _j in $@; do
+		_j=$(echo $_j | tr /. _)
+		if parse_options $_j; then 
+			echo "$_j: parameters are in $_conf."
 		fi
 	done
 }
 
 jail_console()
 {
+	local _j _cmd
+
 	# One argument that is not _ALL.
 	case $#:$1 in
-	1:_ALL)	err 3 "Specify a jail name." ;;
-	1:*)	;;
-	*)	err 3 "Specify a jail name." ;;
+	0:*|1:_ALL)	err 3 "Specify a jail name." ;;
+	1:*)		;;
+	esac
+	_j=$(echo $1 | tr /. _)
+	shift
+	case $# in
+	0)	eval _cmd=\${jail_${_j}_consolecmd:-$jail_consolecmd} ;;
+	*)	_cmd=$@ ;;
 	esac
-	eval _cmd=\${jail_$1_consolecmd:-$jail_consolecmd}
-	$jail_jexec $1 $_cmd
+	$jail_jexec $_j $_cmd
 }
 
 jail_status()
@@ -406,6 +418,8 @@ jail_status()
 
 jail_start()
 {
+	local _j _jid _jn
+
 	if [ $# = 0 ]; then
 		return
 	fi
@@ -416,27 +430,39 @@ jail_start()
 		command=$jail_program
 		rc_flags=$jail_flags
 		command_args="-f $jail_conf -c"
-		$command $rc_flags $command_args "*"
+		$jail_jls -nq | while read IN; do
+			_jn=$(echo $IN | tr " " "\n" | grep name=)
+			_jid=$(echo $IN | tr " " "\n" | grep jid=)
+			if $command $rc_flags $command_args ${_jn#name=}; then
+				echo -n " ${_jn#name=}"
+				echo "${_jid#jid=}" \
+				    > /var/run/jail_${_jn#name=}.id
+			fi
+		done
 		echo '.'
 		return
 	;;
 	esac
 	_tmp=`mktemp -t jail` || exit 3
-	for _jail in $@; do
-		parse_options $_jail || continue
+	for _j in $@; do
+		_j=$(echo $_j | tr /. _)
+		parse_options $_j || continue
 
 		eval rc_flags=\${jail_${_j}_flags:-$jail_flags}
 		eval command=\${jail_${_j}_program:-$jail_program}
 		if checkyesno jail_parallel_start; then
-			command_args="-i -f $_conf -c $_jail &"
+			command_args="-i -f $_conf -c $_j &"
 		else
-			command_args="-i -f $_conf -c $_jail"
+			command_args="-i -f $_conf -c $_j"
 		fi
 		if $command $rc_flags $command_args \
 		    >> $_tmp 2>&1 </dev/null; then
-			echo -n " ${_hostname:-${_jail}}"
+			echo -n " ${_hostname:-${_j}}"
+			_jid=$($jail_jls -n -j $_j | tr " " "\n" | grep jid=)
+			echo "${_jid#jid=}" > /var/run/jail_${_j}.id
 		else
-			echo " cannot start jail \"${_hostname:-${jail}}\": "
+			rm -f /var/run/jail_${_j}.id
+			echo " cannot start jail \"${_hostname:-${_j}}\": "
 			cat $_tmp
 		fi
 		rm -f $_tmp
@@ -446,6 +472,8 @@ jail_start()
 
 jail_stop()
 {
+	local _j _jn
+
 	if [ $# = 0 ]; then
 		return
 	fi
@@ -456,16 +484,29 @@ jail_stop()
 		command=$jail_program
 		rc_flags=$jail_flags
 		command_args="-f $jail_conf -r"
-		$command $rc_flags $command_args "*"
+		$jail_jls -nq | while read IN; do
+			_jn=$(echo $IN | tr " " "\n" | grep name=)
+			echo -n " ${_jn#name=}"
+			$command $rc_flags $command_args ${_jn#name=}
+			if ! $jail_jls -j ${_jn#name=} > /dev/null 2>&1; then
+				rm -f /var/run/jail_${_jn#name=}.id
+			fi
+		done
 		echo '.'
 		return
 	;;
 	esac
-	for _jail in $@; do
-		parse_options $_jail || continue
+	for _j in $@; do
+		_j=$(echo $_j | tr /. _)
+		parse_options $_j || continue
+		if ! $jail_jls -j $_j > /dev/null 2>&1; then
+			continue
+		fi
 		eval command=\${jail_${_j}_program:-$jail_program}
-		if $command -q -f $_conf -r $_jail; then
-			echo -n " ${_hostname:-${_jail}}"
+		echo -n " ${_hostname:-${_j}}"
+		$command -q -f $_conf -r $_j
+		if ! $jail_jls -j $_j > /dev/null 2>&1; then
+			rm -f /var/run/jail_${_j}.id
 		fi
 	done
 	echo '.'