sysrc revision 252987
1#!/bin/sh 2#- 3# Copyright (c) 2010-2013 Devin Teske 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# 27# $FreeBSD: head/usr.sbin/sysrc/sysrc 252987 2013-07-07 18:51:44Z dteske $ 28# 29############################################################ INCLUDES 30 31BSDCFG_SHARE="/usr/share/bsdconfig" 32[ "$_COMMON_SUBR" ] || . $BSDCFG_SHARE/common.subr || exit 1 33[ "$_SYSRC_SUBR" ] || f_include $BSDCFG_SHARE/sysrc.subr 34 35############################################################ GLOBALS 36 37# 38# Options 39# 40DELETE= 41DESCRIBE= 42IGNORE_UNKNOWNS= 43JAIL= 44QUIET= 45ROOTDIR= 46SHOW_ALL= 47SHOW_EQUALS= 48SHOW_FILE= 49SHOW_NAME=1 50SHOW_VALUE=1 51SYSRC_VERBOSE= 52 53############################################################ FUNCTIONS 54 55# die [ $fmt [ $opts ... ]] 56# 57# Optionally print a message to stderr before exiting with failure status. 58# 59die() 60{ 61 local fmt="$1" 62 [ $# -gt 0 ] && shift 1 63 [ "$fmt" ] && f_err "$fmt\n" "$@" 64 65 exit $FAILURE 66} 67 68# usage 69# 70# Prints a short syntax statement and exits. 71# 72usage() 73{ 74 f_err "Usage: %s [OPTIONS] name[=value] ...\n" "$pgm" 75 f_err "Try \`%s --help' for more information.\n" "$pgm" 76 die 77} 78 79# help 80# 81# Prints a full syntax statement and exits. 82# 83help() 84{ 85 local optfmt="\t%-11s%s\n" 86 local envfmt="\t%-17s%s\n" 87 88 f_err "Usage: %s [OPTIONS] name[=value] ...\n" "$pgm" 89 90 f_err "OPTIONS:\n" 91 f_err "$optfmt" "-a" \ 92 "Dump a list of all non-default configuration variables." 93 f_err "$optfmt" "-A" \ 94 "Dump a list of all configuration variables (incl. defaults)." 95 f_err "$optfmt" "-d" \ 96 "Print a description of the given variable." 97 f_err "$optfmt" "-D" \ 98 "Show default value(s) only (this is the same as setting" 99 f_err "$optfmt" "" \ 100 "RC_CONFS to NULL or passing \`-f' with a NULL file-argument)." 101 f_err "$optfmt" "-e" \ 102 "Print query results as \`var=value' (useful for producing" 103 f_err "$optfmt" "" \ 104 "output to be fed back in). Ignored if \`-n' is specified." 105 f_err "$optfmt" "-f file" \ 106 "Operate on the specified file(s) instead of rc_conf_files." 107 f_err "$optfmt" "" \ 108 "Can be specified multiple times for additional files." 109 f_err "$optfmt" "-F" \ 110 "Show only the last rc.conf(5) file each directive is in." 111 f_err "$optfmt" "-h" \ 112 "Print a short usage statement to stderr and exit." 113 f_err "$optfmt" "--help" \ 114 "Print this message to stderr and exit." 115 f_err "$optfmt" "-i" \ 116 "Ignore unknown variables." 117 f_err "$optfmt" "-j jail" \ 118 "The jid or name of the jail to operate within (overrides" 119 f_err "$optfmt" "" \ 120 "\`-R dir'; requires jexec(8))." 121 f_err "$optfmt" "-n" \ 122 "Show only variable values, not their names." 123 f_err "$optfmt" "-N" \ 124 "Show only variable names, not their values." 125 f_err "$optfmt" "-q" \ 126 "Quiet. Ignore previous \`-v' and/or SYSRC_VERBOSE." 127 f_err "$optfmt" "-R dir" \ 128 "Operate within the root directory \`dir' rather than \`/'." 129 f_err "$optfmt" "-v" \ 130 "Verbose. Print the pathname of the specific rc.conf(5)" 131 f_err "$optfmt" "" \ 132 "file where the directive was found." 133 f_err "$optfmt" "-x" \ 134 "Remove variable(s) from specified file(s)." 135 f_err "\n" 136 137 f_err "ENVIRONMENT:\n" 138 f_err "$envfmt" "RC_CONFS" \ 139 "Override default rc_conf_files (even if set to NULL)." 140 f_err "$envfmt" "RC_DEFAULTS" \ 141 "Location of \`/etc/defaults/rc.conf' file." 142 f_err "$envfmt" "SYSRC_VERBOSE" \ 143 "Default verbosity. Set to non-NULL to enable." 144 145 die 146} 147 148# jail_depend 149# 150# Dump dependencies such as language-file variables and include files to stdout 151# to be piped-into sh(1) running via jexec(8)/chroot(8). As a security measure, 152# this prevents existing language files and library files from being loaded in 153# the jail. This also relaxes the requirement to have these files in every jail 154# before sysrc can be used on said jail. 155# 156jail_depend() 157{ 158 # 159 # Indicate that we are jailed 160 # 161 echo export _SYSRC_JAILED=1 162 163 # 164 # Print i18n language variables (their current values are sanitized 165 # and re-printed for interpretation so that the i18n language files 166 # do not need to exist within the jail). 167 # 168 local var val 169 for var in \ 170 msg_cannot_create_permission_denied \ 171 msg_permission_denied \ 172 msg_previous_syntax_errors \ 173 ; do 174 val=$( eval echo \"\$$var\" | 175 awk '{ gsub(/'\''/, "'\''\\'\'\''"); print }' ) 176 echo $var="'$val'" 177 done 178 179 # 180 # Print include dependencies 181 # 182 cat $BSDCFG_SHARE/common.subr 183 cat $BSDCFG_SHARE/sysrc.subr 184} 185 186############################################################ MAIN SOURCE 187 188# 189# Perform sanity checks 190# 191[ $# -gt 0 ] || usage 192 193# 194# Check for `--help' command-line option 195# 196( # Operate in sub-shell to protect $@ in parent 197 while [ $# -gt 0 ]; do 198 case "$1" in 199 --help) exit 1;; 200 -[fRj]) # These flags take an argument 201 shift 1;; 202 esac 203 shift 1 204 done 205 exit 0 206) || help 207 208# 209# Process command-line flags 210# 211while getopts aAdDef:Fhij:nNqR:vxX flag; do 212 case "$flag" in 213 a) SHOW_ALL=${SHOW_ALL:-1};; 214 A) SHOW_ALL=2;; 215 d) DESCRIBE=1;; 216 D) RC_CONFS=;; 217 e) SHOW_EQUALS=1;; 218 f) RC_CONFS="$RC_CONFS${RC_CONFS:+ }$OPTARG";; 219 F) SHOW_FILE=1;; 220 h) usage;; 221 i) IGNORE_UNKNOWNS=1;; 222 j) [ "$OPTARG" ] || die \ 223 "%s: Missing or null argument to \`-j' flag" "$pgm" 224 JAIL="$OPTARG";; 225 n) SHOW_NAME=;; 226 N) SHOW_VALUE=;; 227 q) QUIET=1 SYSRC_VERBOSE=;; 228 R) [ "$OPTARG" ] || die \ 229 "%s: Missing or null argument to \`-R' flag" "$pgm" 230 ROOTDIR="$OPTARG";; 231 v) SYSRC_VERBOSE=1 QUIET=;; 232 x) DELETE=${DELETE:-1};; 233 X) DELETE=2;; 234 \?) usage;; 235 esac 236done 237shift $(( $OPTIND - 1 )) 238 239# 240# [More] Sanity checks (e.g., "sysrc --") 241# 242[ $# -eq 0 -a ! "$SHOW_ALL" ] && usage 243 244# 245# Taint-check all rc.conf(5) files 246# 247errmsg="$pgm: Exiting due to previous syntax errors" 248if [ "${RC_CONFS+set}" ]; then 249 ( for i in $RC_CONFS; do 250 [ -e "$i" ] || continue 251 /bin/sh -n "$i" || exit $FAILURE 252 done 253 exit $SUCCESS 254 ) || die "$errmsg" 255else 256 /bin/sh -n "$RC_DEFAULTS" || die "$errmsg" 257 ( . "$RC_DEFAULTS" 258 for i in $rc_conf_files; do 259 [ -e "$i" ] || continue 260 /bin/sh -n "$i" || exit $FAILURE 261 done 262 exit $SUCCESS 263 ) || die "$errmsg" 264fi 265 266# 267# Process `-x' (and secret `-X') command-line options 268# 269errmsg="$pgm: \`-x' option incompatible with \`-a'/\`-A' options" 270errmsg="$errmsg (use \`-X' to override)" 271if [ "$DELETE" -a "$SHOW_ALL" ]; then 272 [ "$DELETE" = "2" ] || die "$errmsg" 273fi 274 275# 276# Process `-e', `-n', and `-N' command-line options 277# 278SEP=': ' 279[ "$SHOW_EQUALS" ] && SEP='="' 280[ "$SHOW_NAME" ] || SHOW_EQUALS= 281[ "$SYSRC_VERBOSE" = "0" ] && SYSRC_VERBOSE= 282if [ ! "$SHOW_VALUE" ]; then 283 SHOW_NAME=1 284 SHOW_EQUALS= 285fi 286 287# 288# Process `-j jail' and `-R dir' command-line options 289# 290if [ "$JAIL" -o "$ROOTDIR" ]; then 291 # 292 # Reconstruct the arguments that we want to carry-over 293 # 294 args=" 295 ${SYSRC_VERBOSE:+-v} 296 ${QUIET:+-q} 297 $( [ "$DELETE" = "1" ] && echo \ -x ) 298 $( [ "$DELETE" = "2" ] && echo \ -X ) 299 $( [ "$SHOW_ALL" = "1" ] && echo \ -a ) 300 $( [ "$SHOW_ALL" = "2" ] && echo \ -A ) 301 ${DESCRIBE:+-d} 302 ${SHOW_EQUALS:+-e} 303 ${IGNORE_UNKNOWNS:+-i} 304 $( [ "$SHOW_NAME" ] || echo \ -n ) 305 $( [ "$SHOW_VALUE" ] || echo \ -N ) 306 $( [ "$SHOW_FILE" ] && echo \ -F ) 307 " 308 if [ "${RC_CONFS+set}" ]; then 309 args="$args -f '$RC_CONFS'" 310 fi 311 for arg in "$@"; do 312 args="$args '$arg'" 313 done 314 315 # 316 # If both are supplied, `-j jail' supercedes `-R dir' 317 # 318 if [ "$JAIL" ]; then 319 # 320 # Re-execute ourselves with sh(1) via jexec(8) 321 # 322 ( echo set -- $args 323 jail_depend 324 cat $0 325 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 326 /usr/sbin/jexec "$JAIL" /bin/sh 327 exit $? 328 elif [ "$ROOTDIR" ]; then 329 # 330 # Make sure that the root directory specified is not to any 331 # running jails. 332 # 333 # NOTE: To maintain backward compatibility with older jails on 334 # older systems, we will not perform this check if either the 335 # jls(1) or jexec(8) utilities are missing. 336 # 337 if f_have jexec && f_have jls; then 338 jid="`jls jid path | \ 339 ( 340 while read JID JROOT; do 341 [ "$JROOT" = "$ROOTDIR" ] || continue 342 echo $JID 343 done 344 )`" 345 346 # 347 # If multiple running jails match the specified root 348 # directory, exit with error. 349 # 350 if [ "$jid" -a "${jid%[$IFS]*}" != "$jid" ]; then 351 die "%s: %s: %s" "$pgm" "$ROOTDIR" \ 352 "$( echo "Multiple jails claim this" \ 353 "directory as their root." \ 354 "(use \`-j jail' instead)" )" 355 fi 356 357 # 358 # If only a single running jail matches the specified 359 # root directory, implicitly use `-j jail'. 360 # 361 if [ "$jid" ]; then 362 # 363 # Re-execute outselves with sh(1) via jexec(8) 364 # 365 ( echo set -- $args 366 jail_depend 367 cat $0 368 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 369 /usr/sbin/jexec "$jid" /bin/sh 370 exit $? 371 fi 372 373 # Otherwise, fall through and allow chroot(8) 374 fi 375 376 # 377 # Re-execute ourselves with sh(1) via chroot(8) 378 # 379 ( echo set -- $args 380 jail_depend 381 cat $0 382 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 383 /usr/sbin/chroot "$ROOTDIR" /bin/sh 384 exit $? 385 fi 386fi 387 388# 389# Process `-a' or `-A' command-line options 390# 391if [ "$SHOW_ALL" ]; then 392 # 393 # Get a list of variables that are currently set in the rc.conf(5) 394 # files (included `/etc/defaults/rc.conf') by performing a call to 395 # source_rc_confs() in a clean environment. 396 # 397 ( # Operate in a sub-shell to protect the parent environment 398 # 399 # Set which variables we want to preserve in the environment. 400 # Append the pipe-character (|) to the list of internal field 401 # separation (IFS) characters, allowing us to use the below 402 # list both as an extended grep (-E) pattern and argument list 403 # (required to first get f_clean_env() to preserve these in the 404 # environment and then later to prune them from the list of 405 # variables produced by set(1)). 406 # 407 IFS="$IFS|" 408 EXCEPT="IFS|EXCEPT|PATH|RC_DEFAULTS|OPTIND|DESCRIBE|SEP" 409 EXCEPT="$EXCEPT|DELETE|SHOW_ALL|SHOW_EQUALS|SHOW_NAME" 410 EXCEPT="$EXCEPT|SHOW_VALUE|SHOW_FILE|SYSRC_VERBOSE|RC_CONFS" 411 EXCEPT="$EXCEPT|pgm|SUCCESS|FAILURE" 412 EXCEPT="$EXCEPT|f_sysrc_desc_awk|f_sysrc_delete_awk" 413 414 # 415 # Clean the environment (except for our required variables) 416 # and then source the required files. 417 # 418 f_clean_env --except $EXCEPT 419 if [ -f "$RC_DEFAULTS" -a -r "$RC_DEFAULTS" ]; then 420 . "$RC_DEFAULTS" 421 422 # 423 # If passed `-a' (rather than `-A'), re-purge the 424 # environment, removing the rc.conf(5) defaults. 425 # 426 [ "$SHOW_ALL" = "1" ] \ 427 && f_clean_env --except rc_conf_files $EXCEPT 428 429 # 430 # If `-f file' was passed, set $rc_conf_files to an 431 # explicit value, modifying the default behavior of 432 # source_rc_confs(). 433 # 434 [ "${RC_CONFS+set}" ] && rc_conf_files="$RC_CONFS" 435 436 source_rc_confs 437 438 # 439 # If passed `-a' (rather than `-A'), remove 440 # `rc_conf_files' unless it was defined somewhere 441 # other than rc.conf(5) defaults. 442 # 443 [ "$SHOW_ALL" = "1" -a \ 444 "$( f_sysrc_find rc_conf_files )" = "$RC_DEFAULTS" \ 445 ] \ 446 && unset rc_conf_files 447 fi 448 449 for NAME in $( set | 450 awk -F= '/^[[:alpha:]_][[:alnum:]_]*=/ {print $1}' | 451 grep -Ev "^($EXCEPT)$" 452 ); do 453 # 454 # If enabled, describe rather than expand value 455 # 456 if [ "$DESCRIBE" ]; then 457 echo "$NAME: $( f_sysrc_desc "$NAME" )" 458 continue 459 fi 460 461 # 462 # If `-F' is passed, find it and move on 463 # 464 if [ "$SHOW_FILE" ]; then 465 [ "$SHOW_NAME" ] && echo -n "$NAME: " 466 f_sysrc_find "$NAME" 467 continue 468 fi 469 470 # 471 # If `-X' is passed, delete the variables 472 # 473 if [ "$DELETE" = "2" ]; then 474 f_sysrc_delete "$NAME" 475 continue 476 fi 477 478 [ "$SYSRC_VERBOSE" ] && \ 479 echo -n "$( f_sysrc_find "$NAME" ): " 480 481 # 482 # If `-N' is passed, simplify the output 483 # 484 if [ ! "$SHOW_VALUE" ]; then 485 echo "$NAME" 486 continue 487 fi 488 489 echo "${SHOW_NAME:+$NAME$SEP}$( 490 f_sysrc_get "$NAME" )${SHOW_EQUALS:+\"}" 491 492 done 493 ) 494 495 # 496 # Ignore the remainder of positional arguments. 497 # 498 exit $SUCCESS 499fi 500 501# 502# Process command-line arguments 503# 504while [ $# -gt 0 ]; do 505 NAME="${1%%=*}" 506 507 [ "$DESCRIBE" ] && \ 508 echo "$NAME: $( f_sysrc_desc "$NAME" )" 509 510 case "$1" in 511 *=*) 512 # 513 # Like sysctl(8), if both `-d' AND "name=value" is passed, 514 # first describe, then attempt to set 515 # 516 517 if [ "$SYSRC_VERBOSE" ]; then 518 file=$( f_sysrc_find "$NAME" ) 519 [ "$file" = "$RC_DEFAULTS" -o ! "$file" ] && \ 520 file=$( f_sysrc_get 'rc_conf_files%%[$IFS]*' ) 521 echo -n "$file: " 522 fi 523 524 # 525 # If `-x' or `-X' is passed, delete the variable and ignore the 526 # desire to set some value 527 # 528 if [ "$DELETE" ]; then 529 f_sysrc_delete "$NAME" 530 shift 1 531 continue 532 fi 533 534 # 535 # If `-N' is passed, simplify the output 536 # 537 if [ ! "$SHOW_VALUE" ]; then 538 echo "$NAME" 539 f_sysrc_set "$NAME" "${1#*}" 540 else 541 if [ "$SHOW_FILE" ]; then 542 before=$( f_sysrc_find "$NAME" ) 543 else 544 before=$( f_sysrc_get "$NAME" ) 545 fi 546 if f_sysrc_set "$NAME" "${1#*=}"; then 547 if [ "$SHOW_FILE" ]; then 548 after=$( f_sysrc_find "$NAME" ) 549 echo -n "${SHOW_NAME:+$NAME$SEP}" 550 echo -n "$before${SHOW_EQUALS:+\"}" 551 echo " -> $after" 552 else 553 after=$( f_sysrc_get "$NAME" ) 554 echo -n "${SHOW_NAME:+$NAME$SEP}" 555 echo "$before -> $after" 556 fi 557 fi 558 fi 559 ;; 560 *) 561 if ! IGNORED="$( f_sysrc_get "$NAME?" )"; then 562 [ "$IGNORE_UNKNOWNS" ] \ 563 || echo "$pgm: unknown variable '$NAME'" 564 shift 1 565 continue 566 fi 567 568 # 569 # Like sysctl(8), when `-d' is passed, 570 # desribe it rather than expanding it 571 # 572 573 if [ "$DESCRIBE" ]; then 574 shift 1 575 continue 576 fi 577 578 # 579 # If `-x' or `-X' is passed, delete the variable 580 # 581 if [ "$DELETE" ]; then 582 f_sysrc_delete "$NAME" 583 shift 1 584 continue 585 fi 586 587 # 588 # If `-F' is passed, find it and move on 589 # 590 if [ "$SHOW_FILE" ]; then 591 [ "$SHOW_NAME" ] && echo -n "$NAME: " 592 f_sysrc_find "$NAME" 593 shift 1 594 continue 595 fi 596 597 [ "$SYSRC_VERBOSE" ] && \ 598 echo -n "$( f_sysrc_find "$NAME" ): " 599 600 # 601 # If `-N' is passed, simplify the output 602 # 603 if [ ! "$SHOW_VALUE" ]; then 604 echo "$NAME" 605 else 606 echo "${SHOW_NAME:+$NAME$SEP}$( 607 f_sysrc_get "$NAME" )${SHOW_EQUALS:+\"}" 608 fi 609 esac 610 shift 1 611done 612