348304 |
27-May-2019 |
kevans |
MFC r348215, r348219: fix bectl(8) jail w/ numeric BE names
r348215: jail_getid(3): validate jid string input
Currently, if jail_getid(3) is passed in a numeric string, it assumes that this is a jid string and passes it back converted to an int without checking that it's a valid/existing jid. This breaks consumers that might use jail_getid(3) to see if it can trivially grab a jid from a name if that name happens to be numeric but not actually the name/jid of the jail. Instead of returning -1 for the jail not existing, it'll return the int version of the input and the consumer will not fallback to trying other methods.
Pass the numeric input to jail_get(2) as the jid for validation, rather than the name. This works well- the kernel enforces that jid=name if name is numeric, so doing the safe thing and checking numeric input as a jid will still DTRT based on the description of jail_getid.
r348219: bectl(8): Add a test for jail/unjail of numeric BE names
Fixed by r348215, bectl ujail first attempts the trivial fetch of a jid by passing the first argument to 'ujail' to jail_getid(3) in case a jid/name have been passed in instead of a BE name. For numerically named BEs, this was doing the wrong thing: instead of failing to locate the jid specified and falling back to mountpath search, jail_getid(3) would return the input as-is.
While here, I've fixed bectl_jail_cleanup which still used a hard-coded pool name that was overlooked w.r.t. other work that was in-flight around the same time.
Approved by: re (marius) |
298107 |
16-Apr-2016 |
gjb |
Merge the projects/release-pkg branch to head.
This allows packaging the base system with pkg(8), including but not limited to providing the ability to provide upstream binary update possibilities for non-tier-1 architectures.
This merge is a requirement of the 11.0-RELEASE, and as such, thank you to everyone that has tested the project branch.
Documentation in build(7) etc. is still somewhat sparse, but updates to those parts will follow.
Sponsored by: The FreeBSD Foundation
|
275073 |
25-Nov-2014 |
jamie |
In preparation for using clang's -Wcast-qual:
Use __DECONST (instead of my own attempted re-invention) for the iov parameters to jail_get/set(2). Similarly remove the decost-ish hack from execvp's argv, except the __DECONST is only added at very end.
While I'm at it, remove an unused variable and fix a comment typo.
|
241197 |
04-Oct-2012 |
jamie |
Fix some memory allocation errors:
* jail_setv will leak a parameter name if jailparam_import fails. * jailparam_all loses the jailparam pointer on realloc error (a clear freshman mistake). * If jailparam_init fails, the caller doesn't need to jailparam_free the buffer. That's not really clear, so set things to NULL allowing jailparam_free to work without error (though it's still not required).
|
210133 |
15-Jul-2010 |
jamie |
Don't import parameter values in jail_getv, except for the search key. Remove the internal jailparam_vlist, in favor of using variants of its logic separately in jail_setv and jail_getv. Free the temporary parameter list and exported values in jail_setv and jail_getv.
Noted by: Stanislav Uzunchev MFC after: 3 days
|
195870 |
25-Jul-2009 |
jamie |
Some jail parameters (in particular, "ip4" and "ip6" for IP address restrictions) were found to be inadequately described by a boolean. Define a new parameter type with three values (disable, new, inherit) to handle these and future cases.
Approved by: re (kib), bz (mentor) Discussed with: rwatson
|