Move the actual create/remove (IP__OP) handling into run_command,

and the cost of an ugly single-use global variable.

usr.sbin/jail/command.c

@@ -94,7 +94,7 @@ next_command(struct cfjail *j)
 
 	rval = 0;
 	create_failed = (j->flags & (JF_STOP | JF_FAILED)) == JF_FAILED;
-	for (; (comparam = *j->comparam) && comparam != IP__OP;
+	for (; (comparam = *j->comparam);
 	     j->comparam += create_failed ? -1 : 1) {
 		if (j->comstring == NULL) {
 			switch (comparam) {
@@ -102,6 +102,7 @@ next_command(struct cfjail *j)
 				if (!bool_param(j->intparams[IP_MOUNT_DEVFS]))
 					continue;
 				/* FALLTHROUGH */
+			case IP__OP:
 			case IP_STOP_TIMEOUT:
 				j->comstring = &dummystring;
 				break;
@@ -256,19 +257,43 @@ run_command(struct cfjail *j)
 
 	static char *cleanenv;
 
+	/* Perform some operations that aren't actually commands */
+	comparam = *j->comparam;
+	down = j->flags & (JF_STOP | JF_FAILED);
+	switch (comparam) {
+	case IP_STOP_TIMEOUT:
+		return term_procs(j);
+
+	case IP__OP:
+		if (down) {
+			if (jail_remove(j->jid) == 0 && verbose >= 0 &&
+			    (verbose > 0 || (j->flags & JF_STOP
+			    ? note_remove : j->name != NULL)))
+			    jail_note(j, "removed\n");
+			j->jid = -1;
+			if (j->flags & JF_STOP)
+				dep_done(j, DF_LIGHT);
+			else
+				j->flags &= ~JF_PERSIST;
+		} else {
+			if (create_jail(j) < 0) {
+				failed(j);
+				return -1;
+			}
+			if (verbose >= 0 && (j->name || verbose > 0))
+				jail_note(j, "created\n");
+			dep_done(j, DF_LIGHT);
+		}
+		requeue(j, &ready);
+		return 1;
+	}
 	/*
 	 * Collect exec arguments.  Internal commands for network and
 	 * mounting build their own argument lists.
 	 */
-	comparam = *j->comparam;
 	comstring = j->comstring;
 	bg = 0;
-	down = j->flags & (JF_STOP | JF_FAILED);
 	switch (comparam) {
-	case IP_STOP_TIMEOUT:
-		/* This isn't really a command */
-		return term_procs(j);
-
 	case IP__IP4_IFADDR:
 		argv = alloca(8 * sizeof(char *));
 		*(const char **)&argv[0] = _PATH_IFCONFIG;

usr.sbin/jail/jail.c

@@ -55,9 +55,9 @@ struct permspec {
 };
 
 const char *cfname;
+int note_remove;
 int verbose;
 
-static int create_jail(struct cfjail *j);
 static void clear_persist(struct cfjail *j);
 static int update_jail(struct cfjail *j);
 static int rdtun_params(struct cfjail *j, int dofail);
@@ -271,6 +271,7 @@ main(int argc, char **argv)
 		if ((docf = !Rflag &&
 		     (!strcmp(cfname, "-") || stat(cfname, &st) == 0)))
 			load_config();
+		note_remove = docf || argc > 1 || wild_jail_name(argv[0]);
 	} else if (argc > 1 || (argc == 1 && strchr(argv[0], '='))) {
 		/* Single jail specified on the command line */
 		if (Rflag)
@@ -388,25 +389,7 @@ main(int argc, char **argv)
 					continue;
 				if (j->jid > 0)
 					goto jail_create_done;
-				j->comparam == startcommands + 1;
-			} else if (*j->comparam == IP__OP) {
-				if (j->flags & JF_FAILED) {
-					if (jail_remove(j->jid) == 0 &&
-					    verbose >= 0 &&
-					    (j->name || verbose > 0))
-						jail_note(j, "removed\n");
-					j->jid = -1;
-					j->flags &= ~JF_PERSIST;
-					j->comparam--;
-				} else if (create_jail(j) < 0) {
-					j->comparam--;
-				} else {
-					if (verbose >= 0 &&
-					    (j->name || verbose > 0))
-						jail_note(j, "created\n");
-					dep_done(j, DF_LIGHT);
-					j->comparam++;
-				}
+				j->comparam = startcommands + 1;
 			}
 			if (next_command(j))
 				continue;
@@ -449,19 +432,9 @@ main(int argc, char **argv)
 						    j->name);
 					goto jail_remove_done;
 				}
-				j->comparam == stopcommands + 1;
-			} else if ((j->flags & JF_FAILED) && j->jid > 0) {
+				j->comparam = stopcommands + 1;
+			} else if ((j->flags & JF_FAILED) && j->jid > 0)
 				goto jail_remove_done;
-			} else if (*j->comparam == IP__OP) {
-				if (jail_remove(j->jid) == 0 &&
-				    verbose >= 0 &&
-				    (docf || argc > 1 ||
-				     wild_jail_name(argv[0]) || verbose > 0))
-					jail_note(j, "removed\n");
-				j->jid = -1;
-				dep_done(j, DF_LIGHT);
-				j->comparam++;
-			}
 			if (next_command(j))
 				continue;
 		jail_remove_done:
@@ -578,7 +551,7 @@ jail_warnx(const struct cfjail *j, const char *fmt, ...)
 /*
  * Create a new jail.
  */
-static int
+int
 create_jail(struct cfjail *j)
 {
 	struct iovec jiov[4];
@@ -595,17 +568,14 @@ create_jail(struct cfjail *j)
 		if (path[0] != '/') {
 			jail_warnx(j, "path %s: not an absolute pathname",
 			    path);
-			failed(j);
 			return -1;
 		}
 		if (stat(path, &st) < 0) {
 			jail_warnx(j, "path %s: %s", path, strerror(errno));
-			failed(j);
 			return -1;
 		}
 		if (!S_ISDIR(st.st_mode)) {
 			jail_warnx(j, "path %s: %s", path, strerror(ENOTDIR));
-			failed(j);
 			return -1;
 		}
 	}
@@ -621,7 +591,6 @@ create_jail(struct cfjail *j)
 	    alloca((j->njp + dopersist) * sizeof(struct jailparam));
 	if (dopersist && jailparam_init(sjp++, "persist") < 0) {
 		jail_warnx(j, "%s", jail_errmsg);
-		failed(j);
 		return -1;
 	}
 	for (jp = j->jp; jp < j->jp + j->njp; jp++)

usr.sbin/jail/jailp.h

@@ -182,6 +182,7 @@ struct cfdepend {
 extern void *emalloc(size_t);
 extern void *erealloc(void *, size_t);
 extern char *estrdup(const char *);
+extern int create_jail(struct cfjail *j);
 extern void failed(struct cfjail *j);
 extern void jail_note(const struct cfjail *j, const char *fmt, ...);
 extern void jail_warnx(const struct cfjail *j, const char *fmt, ...);
@@ -219,5 +220,6 @@ extern struct cfjails cfjails;
 extern struct cfjails ready;
 extern struct cfjails depend;
 extern const char *cfname;
+extern int note_remove;
 extern int paralimit;
 extern int verbose;