Instead of always running /bin/sh, allow the user to specify the command
to run. The jail is not removed when the command finishes. Meaning,
`bectl unjail` will still need to be run.
For example:
```
bectl jail newBE pkg upgrade
bectl ujail newBE
```
Submitted by: Shawn Webb
Obtained from: HardenedBSD (8b451014ab)
Adding batch mode to the jail `bectl(8)` subcommand enables jailing of
ZFS Boot Environments in a scriptable fashion.
Submitted by: Shawn Webb
Obtained from: HardenedBSD (9e72d1c59a and ef7b6d9e1c with minor edit)
Previous iteration of this assumed that these won't fail because we've
already setup the jail param to this point, but the allocations could still
fail in pretty bad conditions.
Admit that it's possible and return (ENOENT, EINVAL, ENOMEM, or 0) when
deleting arguments. EINVAL shouldn't happen since we're passing optarg;
which may satisfy *optarg == '\0' but never optarg == NULL.
CID: 1394885, 1394901
after opening the console, replacing init as PID 1.
From the user point of view, it makes it possible to run eg the
shell as PID 1, using 'set init_exec=/bin/sh' at the loader(8)
prompt.
Reviewed by: kib
MFC after: 2 weeks
Relnotes: yes
Sponsored by: DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D16625
These were previously necessary because the libnvpair and libzfs_core
includes were not installed into the SYSROOT, being a part of the copies
target in include/Makefile rather than being installed with the library.
This was fixed in r337696 and the headers are now installed properly, so we
may let go of the cruft.
Deleting the temp snapshot isn't immediately possible because it's the
origin of the newly imported boot environment. However, this is trivially
solved by opening the new boot environment and promoting it. The roles are
now reversed and the temp snapshot/dataset may be completely destroyed.
Remove the BUGS from libbe(3) and bectl(8).
bectl(8) is an administrative interface for working with ZFS boot
environments, intended to provide a superset of the functionality provided
by sysutils/beadm.
libbe(3) is the back-end library that the required functionality has been
pulled out into for later reuse.
These were originally written for GSoC 2017 under the mentorship of
allanjude@.
bectl(8) has proven pretty stable in my testing, with the known bug
documented in the man page.
Relnotes: yes
- Missing include path
- Fully specify libzfs's dependencies (except for deps pulled in by other
deps) in Makefile.inc1
- Drop WARNS back down to 2 for libbe(3). I do this with much hesitation,
but the libzfs headers are apparently a hot warning-filled mess as far as
GCC 4.2 is concerned.
Fix bug introduced in r98542: previously to this revision the byte-swapped
value was compared at this place. The current check is in a conditional
section where the non-byte-swapped value was already checked to be not
the value which is checked again. As byte-swapping is activated afterwards,
it only makes sense if the byte-swapped value is checked.
Submitted by: Keith White <kwhite@site.uottawa.ca>
PR: 200059
MFC after: 1 month
Sponsored by: Essen Hackathon
This helps with pkgbase to tag this config file as a config file.
Approved by: allanjude (mentor), will (mentor)
Differential Revision: https://reviews.freebsd.org/D16559
This helps pkgbase as this config file will now be tagged as a config file.
Approved by: allanjude (mentor)
Differential Revision: https://reviews.freebsd.org/D16675
Regardless if a verbose scan is required or not, we'd still want to display the
full SSID name by default so use the IEE80211_NWID_LEN constant to set the
value to use instead.
Tested on rene@'s laptop.
Reviewed by: kp
Sponsored by: Essen Hackathon
Differential Revision: https://reviews.freebsd.org/D16566
It's useful for how to mount an iso file via loopback.
Reviewed by: jilles
Approved by: bcr (mentor)
Differential Revision: https://reviews.freebsd.org/D16067
The mostly-undocumented 'add' functionality, from initial read-through, is
intended for construction of deep ("bdrewery style") boot environments.
However, it's mostly broken at this point. `#if SOON` it out on both sides
so that we're not exposing a broken API/feature.
Work will resume on it in due time.
returns error.
Now -q option only makes it quiet. And when -f flag is specified, the
command will ignore errors and continue executing with next batched
command.
MFC after: 2 weeks
nonexistent NAT instance or nonexistent rule.
This allows execute batched `delete` commands and do not fail when
found nonexistent rule.
Obtained from: Yandex LLC
MFC after: 2 weeks
Sponsored by: Yandex LLC
getfsstat(2) system call using the MNT_NOWAIT flag to indicate that
it wants to use the statfs information cached in the mount structure.
When the -v (verbose) flag is specified, we need to use the MNT_WAIT
flag to getfsstat(2) so that kernel will call VFS_STATFS to get the
current statfs statistics from each filesystem.
Sponsored by: Netflix
The _Noreturn is a function-specifier (like inline) which must preceed
the declarator.
Submitted by: Sebastian Huber <sebastian.huber@embedded-brains.de>
MFC after: 1 week
This is needed to be able to chroot in the fallback case where
Capsicum is not available.
Reported by: Daniel Braniss <danny@cs.huji.ac.il>
X-MFC with: r337382
Sponsored by: The FreeBSD Foundation
- File names don't necessarily need to be repeated
- Add SPDX tags
- Add a missing copyright for Kyle Kneitinger in bectl.8, originally written
by him in GSoC 2017; his standard copyright notice has been copied from
other files within the same directory to remain consistent with how he
clearly wished to portray it
This makes the be_exists behavior match the comments that assert that we've
already checked that the dataset derived from the BE name is set to mount at
/.
Other changes of note:
- bectl_list sees another change; changing mountpoint based on mount status
turns out to be a bad idea, so instead make the mounted property of the
returned nvlist the path that it's mounted at
- Always return the "mountpoint" property in "mountpoint" if it's ste
This is to accomodate a later change in libbe(3) that will always return the
mountpoint, whether it be the directory the dataset is actively mounted at
or the "mountpoint" property.
The main dhclient process is Capsicumized but also chroots to
restrict filesystem access. With r322369, pidfile(3) maintains a
directory descriptor for the pidfile, which can cause the chroot
to fail in certain cases. To minimize the problem, only chroot
if we fail to enter capability mode, and store dhclient pidfiles
in a subdirectory of /var/run, thus restricting access via
pidfile(3)'s directory descriptor.
PR: 223327
Reviewed by: cem, oshogbo
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D16584
While here:
- Remove deprecated ".Tn" macros.
- Improve formatting and fix typos in the description of
the -t option.
Reviewed by: bcr
Approved by: mat (mentor)
Differential Revision: https://reviews.freebsd.org/D16541
- Support passing arbitrary jail arguments via -o
- Split the related (and rewritten since the GSoC) jail bits out into a new
bectl_jail.c file, to reduce clutter in bectl.c
- Don't use RFC 1918 IP space [0]; we'll instead set no default IPv4 and let
the user pass in any address options they wish via -o
Reported by: rgrimes [0], Shawn Webb [0]
be_get_dataset_snapshots has been added to libbe(3), effectively returning
the same information as be_get_bootenv_props but for snapshots of the given
dataset. The assumption is that one will have the BE dataset name before
wanting to grab snapshots.
