jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the ja

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the jail, especially in OCI containers created with the scratch
layer (i.e., those containers that are only a single static binary,
plus configuration files and related stuff). With this option, we
can specify environment variables of arbitrary length for the
specified process running inside the jail.

Reviewed by: jamie@
Approved by: jamie@
Differential Revision: https://reviews.freebsd.org/D54660

show more ...

jail: add jexec -d, to specify a working directory
PR: 283170
Submitted by: DtxdF at disroot.org

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the us

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the user's home
directory. While this makes sense when auser is specified (via one of
the exec.*_user parameters), it leads to all commands being run in the
jail's /root directory even in the absence of an explicitly specified
user. This can lead to problems when e.g. rc scripts are run from that
non-world-readable directory, and run counter to expectations that jail
startup is analogous to system startup.

Restrict this behvaiour to only users exlicitly specified, either via
the command line or jail parameters, but not the implicit root user.
While this changes long-stand practice, it's the more intuitive action.

jexec(8) has the same problem, and the same fix.

PR: 277210
Reported by: johannes.kunde at gmail
Differential Revision: https://reviews.freebsd.org/D46226

show more ...

jexec.8: Add examples section

MFC after: 3 days
Reviewed by: gbe, 0mp, danfe, pauamma_gundo.com
Differential Revision: https://reviews.freebsd.org/D40831

Remove $FreeBSD$: two-line nroff pattern

Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/

jexec man: Explain how PATH is adjusted.

Add a sentence that explains that PATH is set to `/bin:/usr/bin`.
I had to dive into `jexec.c` to find this out.

Reviewed by: markj
Differential Revision: h

jexec man: Explain how PATH is adjusted.

Add a sentence that explains that PATH is set to `/bin:/usr/bin`.
I had to dive into `jexec.c` to find this out.

Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D35251

show more ...

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the ja

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the jail, especially in OCI containers created with the scratch
layer (i.e., those containers that are only a single static binary,
plus configuration files and related stuff). With this option, we
can specify environment variables of arbitrary length for the
specified process running inside the jail.

Reviewed by: jamie@
Approved by: jamie@
Differential Revision: https://reviews.freebsd.org/D54660

show more ...

jail: add jexec -d, to specify a working directory
PR: 283170
Submitted by: DtxdF at disroot.org

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the us

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the user's home
directory. While this makes sense when auser is specified (via one of
the exec.*_user parameters), it leads to all commands being run in the
jail's /root directory even in the absence of an explicitly specified
user. This can lead to problems when e.g. rc scripts are run from that
non-world-readable directory, and run counter to expectations that jail
startup is analogous to system startup.

Restrict this behvaiour to only users exlicitly specified, either via
the command line or jail parameters, but not the implicit root user.
While this changes long-stand practice, it's the more intuitive action.

jexec(8) has the same problem, and the same fix.

PR: 277210
Reported by: johannes.kunde at gmail
Differential Revision: https://reviews.freebsd.org/D46226

show more ...

jexec.8: Add examples section

MFC after: 3 days
Reviewed by: gbe, 0mp, danfe, pauamma_gundo.com
Differential Revision: https://reviews.freebsd.org/D40831

Remove $FreeBSD$: two-line nroff pattern

Remove /^\.\\"\n\.\\"\s*\$FreeBSD\$$\n/

jexec man: Explain how PATH is adjusted.

Add a sentence that explains that PATH is set to `/bin:/usr/bin`.
I had to dive into `jexec.c` to find this out.

Reviewed by: markj
Differential Revision: h

jexec man: Explain how PATH is adjusted.

Add a sentence that explains that PATH is set to `/bin:/usr/bin`.
I had to dive into `jexec.c` to find this out.

Reviewed by: markj
Differential Revision: https://reviews.freebsd.org/D35251

show more ...

Define which of the username options (-u/-U) to jexec(8) is the default.
Bump Dd.

PR: 207587
Submitted by: dewayne@heuristicsystems.com.au
MFC after: 3 days
Sponsored by: Essen Hackathon 2016

Merge from head

Catch up with head, primarily for the 1.14.4.0 firmware.

Merge ^/head r285341 through r285792.

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted b

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted by: Willem Jan Withagen
MFC after: 3 days

show more ...

Define which of the username options (-u/-U) to jexec(8) is the default.
Bump Dd.

PR: 207587
Submitted by: dewayne@heuristicsystems.com.au
MFC after: 3 days
Sponsored by: Essen Hackathon 2016

Merge from head

Catch up with head, primarily for the 1.14.4.0 firmware.

Merge ^/head r285341 through r285792.

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted b

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted by: Willem Jan Withagen
MFC after: 3 days

show more ...

Merge from head

- Merge from HEAD

Add support for the arbitrary named jail parameters used by jail_set(2)
and jail_get(2). Jail(8) can now create jails using a "name=value"
format instead of just specifying a limited set of fixed pa

Add support for the arbitrary named jail parameters used by jail_set(2)
and jail_get(2). Jail(8) can now create jails using a "name=value"
format instead of just specifying a limited set of fixed parameters; it
can also modify parameters of existing jails. Jls(8) can display all
parameters of jails, or a specified set of parameters. The available
parameters are gathered from the kernel, and not hard-coded into these
programs.

Small patches on killall(1) and jexec(8) to support jail names with
jail_get(2).

Approved by: bz (mentor)

show more ...