diff options
| -rw-r--r-- | ChangeLog | 3 | ||||
| -rw-r--r-- | configure.ac | 12 | ||||
| -rw-r--r-- | srcx/jstart.c | 70 |
3 files changed, 79 insertions, 6 deletions
@@ -1,3 +1,6 @@ +1.3 + - Support the multi-ip jail patch that's floating around. + 1.2 - Fix bugs which prevented jkill from working properly in a jail as advertized. diff --git a/configure.ac b/configure.ac index de431d4..3d97868 100644 --- a/configure.ac +++ b/configure.ac @@ -74,6 +74,13 @@ AC_CHECK_LIB([c], [jail], , [ echo "ERROR: Must have jail capabilities (FreeBSD 4.x or higher)"; exit 1]) AC_CHECK_LIB([c], [jail_attach], [ JAIL_ATTACH=yes; ], ) +AC_CHECK_MEMBER([struct jail.ips], + [ JAIL_MULTIPATCH=yes; AC_DEFINE_UNQUOTED(JAIL_MULTIPATCH, 1, [Patched Multiple IP support])], [], +[[ +#include <sys/types.h> +#include <sys/param.h> +#include <sys/jail.h> +]]) # Checks for typedefs, structures, and compiler characteristics. AC_C_CONST @@ -103,3 +110,8 @@ if test "$JAIL_ATTACH" = "yes"; then else echo "Your version of FreeBSD (4.0 - 5.0) only supports the old utilities" fi + +if test "$JAIL_MULTIPATCH" = "yes"; then + echo "Your version of FreeBSD supports multiple IPs per jail via the patch." +fi + diff --git a/srcx/jstart.c b/srcx/jstart.c index aa119f8..6360f06 100644 --- a/srcx/jstart.c +++ b/srcx/jstart.c @@ -53,6 +53,7 @@ #include <err.h> #include <unistd.h> #include <limits.h> +#include <string.h> #include "util.h" @@ -65,12 +66,66 @@ static char* START_ARGS[] = { _PATH_BSHELL, START_SCRIPT, NULL }; static void usage(); +#ifdef JAIL_MULTIPATCH + +static void allocate_address(char* arg, struct jail* j) +{ + struct in_addr in; + char *ip; + int i = 0; + + /* Count number of ips */ + for(i = 1, ip = arg; *ip; ip++) + { + if(*ip == ',') + i++; + } + + /* Allocate memory */ + if((j->ips = (u_int32_t*)malloc(sizeof(u_int32_t) * i)) == NULL) + errx(1, "out of memory"); + + for(i = 0, ip = strtok(arg, ","); ip; i++, ip = strtok(NULL, ",")) + { + if(inet_aton(ip, &in) == 0) + errx(1, "invalid ip address: %s", ip); + j->ips[i] = ntohl(in.s_addr); + } + + j->nips = i; + j->version = 1; +} + +static void free_address(struct jail* j) +{ + free(j->ips); +} + +#else /* !JAIL_MULTIPATCH */ + +static void allocate_address(char* arg, struct jail* j) +{ + struct in_addr in; + + if(inet_aton(arg, &in) != 1) + errx(1, "invalid ip address: %s", arg); + j->ip_number = ntohl(in.s_addr); + j->version = 0; +} + +static void free_address(struct jail* j) +{ + /* Nothing to do */ +} + +#endif /* !JAIL_MULTIPATCH */ + + int main(int argc, char* argv[]) { int ch, jid; struct jail j; int printjid = 0; - struct in_addr in; while((ch = getopt(argc, argv, "i")) != -1) { @@ -98,20 +153,19 @@ int main(int argc, char* argv[]) if(chdir(argv[0]) != 0) err(1, "couldn't change to jail directory: %s", argv[0]); - if(inet_aton(argv[2], &in) != 1) - errx(1, "invalid ip address: %s", argv[2]); - memset(&j, 0, sizeof(j)); - j.version = 0; j.path = argv[0]; j.hostname = argv[1]; - j.ip_number = ntohl(in.s_addr); + + allocate_address(argv[2], &j); /* Here's where we actually go into the jail */ jid = jail(&j); if(jid == -1) err(1, "couldn't create jail"); + free_address(&j); + if(printjid) { printf("%d\n", jid); @@ -144,7 +198,11 @@ int main(int argc, char* argv[]) static void usage() { +#ifdef JAIL_MULTIPATCH + fprintf(stderr, "usage: jstart [-i] path hostname ip[,ip...] [command ...]\n"); +#else fprintf(stderr, "usage: jstart [-i] path hostname ip-number [command ...]\n"); +#endif exit(2); } |