bectl(8): Add batch mode to jail subcommand

Adding batch mode to the jail `bectl(8)` subcommand enables jailing of ZFS Boot Environments in a scriptable fashion. Submitted by: Shawn Webb Obtained from: HardenedBSD (9e72d1c59a and ef7b6d9e1c with minor edit)
2018-08-17 01:59:19 +00:00 · 2018-08-17 01:59:19 +00:00 · 7404e36f69
commit 7404e36f69
parent 5340396c5a
3 changed files with 27 additions and 10 deletions
--- a/sbin/bectl/bectl.8
+++ b/sbin/bectl/bectl.8
@ -18,7 +18,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd August 12, 2018
+.Dd August 16, 2018
 .Dt BECTL 8
 .Os
 .Sh NAME
@ -50,6 +50,7 @@ import
 .Ao Ar targetBe Ac
 .Nm
 jail
+.Op Fl b
 .Oo Fl o Ar key Ns = Ns Ar value | Fl u Ar key Oc Ns ...
 .Ao Ar jailID | jailName Ac
 .Ao Ar bootenv Ac
@ -160,6 +161,11 @@ arguments may be specified.
 will set a jail parameter, and
 .Fl u
 will unset a jail parameter.
+By default, jails are created in interactive mode, with a shell being
+executed within the jail.
+The
+.Fl b
+argument enables batch mode, thereby disabling interactive mode.
 .Pp
 The
 .Va name ,
--- a/sbin/bectl/bectl.c
+++ b/sbin/bectl/bectl.c
@ -77,7 +77,7 @@ usage(bool explicit)
 #if SOON
 	    "\tbectl add (path)*\n"
 #endif
-	    "\tbectl jail [ -o key=value | -u key ]... bootenv\n"
+	    "\tbectl jail [-b] [ -o key=value | -u key ]... bootenv\n"
 	    "\tbectl list [-a] [-D] [-H] [-s]\n"
 	    "\tbectl mount beName [mountpoint]\n"
 	    "\tbectl rename origBeName newBeName\n"
--- a/sbin/bectl/bectl_jail.c
+++ b/sbin/bectl/bectl_jail.c
@ -179,10 +179,10 @@ int
 bectl_cmd_jail(int argc, char *argv[])
 {
 	char *bootenv, *mountpoint;
-	int jid, opt, ret;
-	bool default_hostname, default_name;
+	int jflags, jid, opt, ret;
+	bool default_hostname, default_name, interactive;

-	default_hostname = default_name = true;
+	default_hostname = default_name = interactive = true;
 	jpcnt = INIT_PARAMCOUNT;
 	jp = malloc(jpcnt * sizeof(*jp));
 	if (jp == NULL)
@ -193,8 +193,11 @@ bectl_cmd_jail(int argc, char *argv[])
 	jailparam_add("allow.mount.devfs", "true");
 	jailparam_add("enforce_statfs", "1");

-	while ((opt = getopt(argc, argv, "o:u:")) != -1) {
+	while ((opt = getopt(argc, argv, "bo:u:")) != -1) {
 		switch (opt) {
+		case 'b':
+			interactive = false;
+			break;
 		case 'o':
 			if (jailparam_addarg(optarg)) {
 				/*
@ -259,13 +262,17 @@ bectl_cmd_jail(int argc, char *argv[])
 		jailparam_add("name", bootenv);
 	if (default_hostname)
 		jailparam_add("host.hostname", bootenv);
+
+	jflags = JAIL_CREATE;
+	if (interactive)
+		jflags |= JAIL_ATTACH;
 	/*
 	 * This is our indicator that path was not set by the user, so we'll use
 	 * the path that libbe generated for us.
 	 */
 	if (mountpoint == NULL)
 		jailparam_add("path", mnt_loc);
-	jid = jailparam_set(jp, jpused, JAIL_CREATE | JAIL_ATTACH);
+	jid = jailparam_set(jp, jpused, jflags);
 	if (jid == -1) {
 		fprintf(stderr, "unable to create jail.  error: %d\n", errno);
 		return (1);
@ -274,9 +281,13 @@ bectl_cmd_jail(int argc, char *argv[])
 	jailparam_free(jp, jpused);
 	free(jp);

-	/* We're attached within the jail... good bye! */
-	chdir("/");
-	execl("/bin/sh", "/bin/sh", NULL);
+	if (interactive) {
+		/* We're attached within the jail... good bye! */
+		chdir("/");
+		execl("/bin/sh", "/bin/sh", NULL);
+		return (1);
+	}
+
 	return (0);
 }