svn commit: r337863 - in head: sys/sys usr.sbin/jail

Wed, 15 Aug 2018 11:36:14 -0700 

Author: netchild
Date: Wed Aug 15 18:35:42 2018
New Revision: 337863
URL: https://svnweb.freebsd.org/changeset/base/337863

Log:
  - Add exec hook "exec.created". This is called when the jail is
    created and before exec.start is called.                    [1]
  - Bump __FreeBSD_version.
  
  This allows to attach ZFS datasets and various other things to be
  done before any command/service/rc-script is started in the new
  jail.
  
  PR:                   228066                                  [1]
  Reviewed by:          jamie                                   [1]
  Submitted by:         Stefan Grönke <ste...@gronke.net>       [1]
  Differential Revision:        https://reviews.freebsd.org/D15330      [1]

Modified:
  head/sys/sys/param.h
  head/usr.sbin/jail/command.c
  head/usr.sbin/jail/config.c
  head/usr.sbin/jail/jail.8
  head/usr.sbin/jail/jail.c
  head/usr.sbin/jail/jailp.h

Modified: head/sys/sys/param.h
==============================================================================
--- head/sys/sys/param.h        Wed Aug 15 18:19:45 2018        (r337862)
+++ head/sys/sys/param.h        Wed Aug 15 18:35:42 2018        (r337863)
@@ -60,7 +60,7 @@
  *             in the range 5 to 9.
  */
 #undef __FreeBSD_version
-#define __FreeBSD_version 1200077      /* Master, propagated to newvers */
+#define __FreeBSD_version 1200078      /* Master, propagated to newvers */
 
 /*
  * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,

Modified: head/usr.sbin/jail/command.c
==============================================================================
--- head/usr.sbin/jail/command.c        Wed Aug 15 18:19:45 2018        
(r337862)
+++ head/usr.sbin/jail/command.c        Wed Aug 15 18:35:42 2018        
(r337863)
@@ -147,8 +147,8 @@ next_command(struct cfjail *j)
                }
                if (j->comstring == NULL || j->comstring->len == 0 ||
                    (create_failed && (comparam == IP_EXEC_PRESTART ||
-                   comparam == IP_EXEC_START || comparam == IP_COMMAND ||
-                   comparam == IP_EXEC_POSTSTART)))
+                   comparam == IP_EXEC_CREATED || comparam == IP_EXEC_START ||
+                   comparam == IP_COMMAND || comparam == IP_EXEC_POSTSTART)))
                        continue;
                switch (run_command(j)) {
                case -1:

Modified: head/usr.sbin/jail/config.c
==============================================================================
--- head/usr.sbin/jail/config.c Wed Aug 15 18:19:45 2018        (r337862)
+++ head/usr.sbin/jail/config.c Wed Aug 15 18:35:42 2018        (r337863)
@@ -73,6 +73,7 @@ static const struct ipspec intparams[] = {
     [IP_EXEC_POSTSTOP] =       {"exec.poststop",       PF_INTERNAL},
     [IP_EXEC_PRESTART] =       {"exec.prestart",       PF_INTERNAL},
     [IP_EXEC_PRESTOP] =                {"exec.prestop",        PF_INTERNAL},
+    [IP_EXEC_CREATED] =                {"exec.created",        PF_INTERNAL},
     [IP_EXEC_START] =          {"exec.start",          PF_INTERNAL},
     [IP_EXEC_STOP] =           {"exec.stop",           PF_INTERNAL},
     [IP_EXEC_SYSTEM_JAIL_USER]=        {"exec.system_jail_user",

Modified: head/usr.sbin/jail/jail.8
==============================================================================
--- head/usr.sbin/jail/jail.8   Wed Aug 15 18:19:45 2018        (r337862)
+++ head/usr.sbin/jail/jail.8   Wed Aug 15 18:35:42 2018        (r337863)
@@ -706,6 +706,9 @@ The pseudo-parameters are:
 .Bl -tag -width indent
 .It Va exec.prestart
 Command(s) to run in the system environment before a jail is created.
+.It Va exec.created
+Command(s) to run in the system environment right after a jail has been
+created, but before commands (or services) get executed in the jail.
 .It Va exec.start
 Command(s) to run in the jail environment when a jail is created.
 A typical command to run is

Modified: head/usr.sbin/jail/jail.c
==============================================================================
--- head/usr.sbin/jail/jail.c   Wed Aug 15 18:19:45 2018        (r337862)
+++ head/usr.sbin/jail/jail.c   Wed Aug 15 18:35:42 2018        (r337863)
@@ -98,6 +98,7 @@ static const enum intparam startcommands[] = {
     IP_MOUNT_PROCFS,
     IP_EXEC_PRESTART,
     IP__OP,
+    IP_EXEC_CREATED,
     IP_VNET_INTERFACE,
     IP_EXEC_START,
     IP_COMMAND,

Modified: head/usr.sbin/jail/jailp.h
==============================================================================
--- head/usr.sbin/jail/jailp.h  Wed Aug 15 18:19:45 2018        (r337862)
+++ head/usr.sbin/jail/jailp.h  Wed Aug 15 18:35:42 2018        (r337863)
@@ -88,6 +88,7 @@ enum intparam {
        IP_EXEC_POSTSTOP,       /* Commands run outside jail after removing */
        IP_EXEC_PRESTART,       /* Commands run outside jail before creating */
        IP_EXEC_PRESTOP,        /* Commands run outside jail before removing */
+       IP_EXEC_CREATED,        /* Commands run outside jail right after it was 
started */
        IP_EXEC_START,          /* Commands run inside jail on creation */
        IP_EXEC_STOP,           /* Commands run inside jail on removal */
        IP_EXEC_SYSTEM_JAIL_USER,/* Get jail_user from system passwd file */
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

Reply via email to