Allow a jail to be started with a specific route fib.

Reviewed by:	secteam (simon)
Reviewed by:	brooks, bz
This commit is contained in:
thompsa 2008-09-16 20:18:25 +00:00
parent 82e6f72dc3
commit 09662c68f9
3 changed files with 15 additions and 2 deletions

View File

@ -621,6 +621,7 @@ jail_sysvipc_allow="NO" # Allow SystemV IPC use from within a jail
#jail_example_hostname="default.domain.com" # Jail's hostname
#jail_example_ip="192.168.0.10" # Jail's IP number
#jail_example_interface="" # Interface to create the IP alias on
#jail_example_fib="0" # routing table for setfib(1)
#jail_example_exec_start="/bin/sh /etc/rc" # command to execute in jail for starting
#jail_example_exec_afterstart0="/bin/sh command" # command to execute after the one for
# starting the jail. More than one can be

View File

@ -83,6 +83,7 @@ init_variables()
[ -z "${_flags}" ] && _flags="-l -U root"
eval _consolelog=\"\${jail_${_j}_consolelog:-${jail_consolelog}}\"
[ -z "${_consolelog}" ] && _consolelog="/var/log/jail_${_j}_console.log"
eval _fib=\"\${jail_${_j}_fib:-${jail_fib}}\"
# Debugging aid
#
@ -93,6 +94,7 @@ init_variables()
debug "$_j hostname: $_hostname"
debug "$_j ip: $_ip"
debug "$_j interface: $_interface"
debug "$_j fib: $_fib"
debug "$_j root: $_rootdir"
debug "$_j devdir: $_devdir"
debug "$_j fdescdir: $_fdescdir"
@ -297,6 +299,11 @@ jail_start()
if [ -n "${_interface}" ]; then
ifconfig ${_interface} alias ${_ip} netmask 255.255.255.255
fi
if [ -n "${_fib}" ]; then
_setfib="setfib -F '${_fib}'"
else
_setfib=""
fi
if checkyesno _mount; then
info "Mounting fstab for jail ${_jail} (${_fstab})"
if [ ! -f "${_fstab}" ]; then
@ -350,7 +357,7 @@ jail_start()
fi
fi
_tmp_jail=${_tmp_dir}/jail.$$
eval jail ${_flags} -i ${_rootdir} ${_hostname} \
eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \
${_ip} ${_exec_start} > ${_tmp_jail} 2>&1
if [ "$?" -eq 0 ] ; then

View File

@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
.Dd June 21, 2008
.Dd September 16, 2008
.Dt RC.CONF 5
.Os
.Sh NAME
@ -3450,6 +3450,11 @@ These are flags to pass to
Unset by default.
When set, sets the interface to use when setting IP address alias.
Note that the alias is created at jail startup and removed at jail shutdown.
.It Va jail_ Ns Ao Ar jname Ac Ns Va _fib
.Pq Vt str
Unset by default.
When set, the jail is started with the specified routing table via
.Xr setfib 1 .
.It Va jail_ Ns Ao Ar jname Ac Ns Va _fstab
.Pq Vt str
Set to