diff options
| -rw-r--r-- | jails_man.html | 38 | ||||
| -rw-r--r-- | src/jstart.c | 134 |
2 files changed, 134 insertions, 38 deletions
diff --git a/jails_man.html b/jails_man.html deleted file mode 100644 index 6fc953b..0000000 --- a/jails_man.html +++ /dev/null @@ -1,38 +0,0 @@ -<HTML> -<HEAD> -<TITLE>jails(8)</TITLE> -<link rev="made" href="mailto:wosch@FreeBSD.ORG"> -<META name="robots" content="nofollow"> -<meta content="text/html; charset=iso-8859-1" http-equiv="Content-Type"> -<link rel="stylesheet" type="text/css" href="/nielsen/style.css"> -</HEAD> -<BODY BGCOLOR="#FFFFFF" TEXT="#000000"> - -<H1>Man Page: jails(8)</H1><PRE> -jails(8) BSD System Manager's Manual jails(8) - -<B>NAME</B> - <B>jails</B> - lists hostnames of all running jails on the system - -<B>SYNOPSIS</B> - <B>jails</B> - -<B>DESCRIPTION</B> - The <B>jails</B> command will print a list of all the various jails running on - your system. The hostnames of those jails are printed. The list is not - ordered. - -<B>NOTES</B> - This command is intended only for compatibility with earlier versions of - the <I>jailutils</I> package. The <U>jls(8)</U> command is a better source of jail - information. - -<B>SEE ALSO</B> - <U>jls(8)</U>, <U>jail(8)</U>, <U>jps(8)</U> - -<B>AUTHOR</B> - Nate Nielsen <<A HREF="mailto:nielsen@memberwebs.com">nielsen@memberwebs.com</A>> - -jails May 18, 2004 jails -<H6>Copyright, N. Nielsen [ <a href='./'>back</a> | <a href='../../'>home</a> ]</h6></BODY> -</HTML> diff --git a/src/jstart.c b/src/jstart.c new file mode 100644 index 0000000..b244aa4 --- /dev/null +++ b/src/jstart.c @@ -0,0 +1,134 @@ + +/* A lot of code from jail.c in */ +/* TODO: Attribute properly */ + +#include <sys/types.h> +#include <sys/param.h> +#include <sys/jail.h> + +#include <netinet/in.h> +#include <arpa/inet.h> + +#include <paths.h> +#include <stdio.h> +#include <err.h> +#include <unistd.h> +#include <limits.h> + +#ifdef HAVE_CONFIG_H +#include "../config.h" +#endif + +#define START_SCRIPT "/etc/rc" +static char* START_ARGS[] = { _PATH_BSHELL, START_SCRIPT }; + +static void usage(); +static void check_command(const char* cmd); +static void run_command(const char* cmd, char* args[]); + +int main(int argc, char* argv[]) +{ + int ch; + struct jail j; + struct in_addr in; + + argc--; + argv++; + + if(argc < 3) + usage(); + + if(getuid() != 0) + errx(1, "must be run as root"); + + if(chdir(argv[0]) != 0) + err(1, "couldn't change to jail directory: %s", argv[0]); + + if(inet_aton(argv[2], &in) != 1) + errx(1, "invalid ip address: %s", argv[2]); + + memset(&j, 0, sizeof(j)); + j.version = 0; + j.path = argv[0]; + j.hostname = argv[1]; + j.ip_number = ntohl(in.s_addr); + + /* Here's where we actually go into the jail */ + if(jail(&j) != 0) + err(1, "couldn't create jail"); + + argc -= 3; + argv += 3; + + if(argc == 0) + { + check_command(START_SCRIPT); + run_command(START_ARGS[0], START_ARGS); + } + + else + { + check_command(argv[0]); + run_command(argv[0], argv); + } + + return 0; +} + +static void usage() +{ + fprintf(stderr, "usage: jstart path hostname ip-number [command ...]\n"); + exit(2); +} + +static void check_command(const char* cmd) +{ + struct stat sb; + + if(stat(cmd, &sb) == -1) + { + if(errno == EACCES || errno == ELOOP || errno == ENAMETOOLONG || + errno == ENOENT || errno == ENOTDIR) + { + err(1, "can't execute in jail: %s", cmd); + } + + err(1, "couldn't stat file: %s", cmd); + } + + if(!(sb.st_mode & S_IFREG)) + errx(1, "not a regular file: %s", cmd); + + if(sb.st_uid != 0) + errx(1, "not owned by root: %s", cmd); +} + +static void run_command(const char* cmd, char* args[]) +{ + char* env[5]; + char* t; + int j; + + memset(env, 0, sizeof(env)); + +#define MAKE_ENV_VAR(n) \ + t = getenv(n); \ + if(t != NULL) \ + { \ + env[j] = alloca(strlen(n) + 2 + strlen(t)); \ + sprintf(env[j], "%s=%s", (char*)(n), t); \ + j++; \ + } + + /* Prepare an environment for the cmd */ + env[0] = "PATH=" _PATH_STDPATH; + j = 1; + + MAKE_ENV_VAR("TERM"); + MAKE_ENV_VAR("COLUMNS"); + MAKE_ENV_VAR("LINES"); + + if(execve(cmd, args, env) != 0) + err("couldn't execute command: %s", cmd); +} + |