summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--configure.ac12
-rw-r--r--srcx/jstart.c70
3 files changed, 79 insertions, 6 deletions
diff --git a/ChangeLog b/ChangeLog
index f4734c6..0dbaa53 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+1.3
+ - Support the multi-ip jail patch that's floating around.
+
1.2
- Fix bugs which prevented jkill from working properly in a jail
as advertized.
diff --git a/configure.ac b/configure.ac
index de431d4..3d97868 100644
--- a/configure.ac
+++ b/configure.ac
@@ -74,6 +74,13 @@ AC_CHECK_LIB([c], [jail], ,
[ echo "ERROR: Must have jail capabilities (FreeBSD 4.x or higher)"; exit 1])
AC_CHECK_LIB([c], [jail_attach],
[ JAIL_ATTACH=yes; ], )
+AC_CHECK_MEMBER([struct jail.ips],
+ [ JAIL_MULTIPATCH=yes; AC_DEFINE_UNQUOTED(JAIL_MULTIPATCH, 1, [Patched Multiple IP support])], [],
+[[
+#include <sys/types.h>
+#include <sys/param.h>
+#include <sys/jail.h>
+]])
# Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
@@ -103,3 +110,8 @@ if test "$JAIL_ATTACH" = "yes"; then
else
echo "Your version of FreeBSD (4.0 - 5.0) only supports the old utilities"
fi
+
+if test "$JAIL_MULTIPATCH" = "yes"; then
+ echo "Your version of FreeBSD supports multiple IPs per jail via the patch."
+fi
+
diff --git a/srcx/jstart.c b/srcx/jstart.c
index aa119f8..6360f06 100644
--- a/srcx/jstart.c
+++ b/srcx/jstart.c
@@ -53,6 +53,7 @@
#include <err.h>
#include <unistd.h>
#include <limits.h>
+#include <string.h>
#include "util.h"
@@ -65,12 +66,66 @@ static char* START_ARGS[] = { _PATH_BSHELL, START_SCRIPT, NULL };
static void usage();
+#ifdef JAIL_MULTIPATCH
+
+static void allocate_address(char* arg, struct jail* j)
+{
+ struct in_addr in;
+ char *ip;
+ int i = 0;
+
+ /* Count number of ips */
+ for(i = 1, ip = arg; *ip; ip++)
+ {
+ if(*ip == ',')
+ i++;
+ }
+
+ /* Allocate memory */
+ if((j->ips = (u_int32_t*)malloc(sizeof(u_int32_t) * i)) == NULL)
+ errx(1, "out of memory");
+
+ for(i = 0, ip = strtok(arg, ","); ip; i++, ip = strtok(NULL, ","))
+ {
+ if(inet_aton(ip, &in) == 0)
+ errx(1, "invalid ip address: %s", ip);
+ j->ips[i] = ntohl(in.s_addr);
+ }
+
+ j->nips = i;
+ j->version = 1;
+}
+
+static void free_address(struct jail* j)
+{
+ free(j->ips);
+}
+
+#else /* !JAIL_MULTIPATCH */
+
+static void allocate_address(char* arg, struct jail* j)
+{
+ struct in_addr in;
+
+ if(inet_aton(arg, &in) != 1)
+ errx(1, "invalid ip address: %s", arg);
+ j->ip_number = ntohl(in.s_addr);
+ j->version = 0;
+}
+
+static void free_address(struct jail* j)
+{
+ /* Nothing to do */
+}
+
+#endif /* !JAIL_MULTIPATCH */
+
+
int main(int argc, char* argv[])
{
int ch, jid;
struct jail j;
int printjid = 0;
- struct in_addr in;
while((ch = getopt(argc, argv, "i")) != -1)
{
@@ -98,20 +153,19 @@ int main(int argc, char* argv[])
if(chdir(argv[0]) != 0)
err(1, "couldn't change to jail directory: %s", argv[0]);
- if(inet_aton(argv[2], &in) != 1)
- errx(1, "invalid ip address: %s", argv[2]);
-
memset(&j, 0, sizeof(j));
- j.version = 0;
j.path = argv[0];
j.hostname = argv[1];
- j.ip_number = ntohl(in.s_addr);
+
+ allocate_address(argv[2], &j);
/* Here's where we actually go into the jail */
jid = jail(&j);
if(jid == -1)
err(1, "couldn't create jail");
+ free_address(&j);
+
if(printjid)
{
printf("%d\n", jid);
@@ -144,7 +198,11 @@ int main(int argc, char* argv[])
static void usage()
{
+#ifdef JAIL_MULTIPATCH
+ fprintf(stderr, "usage: jstart [-i] path hostname ip[,ip...] [command ...]\n");
+#else
fprintf(stderr, "usage: jstart [-i] path hostname ip-number [command ...]\n");
+#endif
exit(2);
}