jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the ja

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the jail, especially in OCI containers created with the scratch
layer (i.e., those containers that are only a single static binary,
plus configuration files and related stuff). With this option, we
can specify environment variables of arbitrary length for the
specified process running inside the jail.

Reviewed by: jamie@
Approved by: jamie@
Differential Revision: https://reviews.freebsd.org/D54660

show more ...

jail: add jexec -d, to specify a working directory
PR: 283170
Submitted by: DtxdF at disroot.org

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the us

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the user's home
directory. While this makes sense when auser is specified (via one of
the exec.*_user parameters), it leads to all commands being run in the
jail's /root directory even in the absence of an explicitly specified
user. This can lead to problems when e.g. rc scripts are run from that
non-world-readable directory, and run counter to expectations that jail
startup is analogous to system startup.

Restrict this behvaiour to only users exlicitly specified, either via
the command line or jail parameters, but not the implicit root user.
While this changes long-stand practice, it's the more intuitive action.

jexec(8) has the same problem, and the same fix.

PR: 277210
Reported by: johannes.kunde at gmail
Differential Revision: https://reviews.freebsd.org/D46226

show more ...

Remove $FreeBSD$: two-line .h pattern

Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

show more ...

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the ja

jexec: Add -e parameter to customize the environment

Currently, to define a new environment variable or modify an existing
one, we need to use env(1), which may or may not be available inside
the jail, especially in OCI containers created with the scratch
layer (i.e., those containers that are only a single static binary,
plus configuration files and related stuff). With this option, we
can specify environment variables of arbitrary length for the
specified process running inside the jail.

Reviewed by: jamie@
Approved by: jamie@
Differential Revision: https://reviews.freebsd.org/D54660

show more ...

jail: add jexec -d, to specify a working directory
PR: 283170
Submitted by: DtxdF at disroot.org

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the us

jail: only chdir to user's home directory when user is specified

jail(8) with the "exec.clean" parameter not only cleans the enviromnent
variables before running commands, but also changes to the user's home
directory. While this makes sense when auser is specified (via one of
the exec.*_user parameters), it leads to all commands being run in the
jail's /root directory even in the absence of an explicitly specified
user. This can lead to problems when e.g. rc scripts are run from that
non-world-readable directory, and run counter to expectations that jail
startup is analogous to system startup.

Restrict this behvaiour to only users exlicitly specified, either via
the command line or jail parameters, but not the implicit root user.
While this changes long-stand practice, it's the more intuitive action.

jexec(8) has the same problem, and the same fix.

PR: 277210
Reported by: johannes.kunde at gmail
Differential Revision: https://reviews.freebsd.org/D46226

show more ...

Remove $FreeBSD$: two-line .h pattern

Remove /^\s*\*\n \*\s+\$FreeBSD\$$\n/

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of

spdx: The BSD-2-Clause-FreeBSD identifier is obsolete, drop -FreeBSD

The SPDX folks have obsoleted the BSD-2-Clause-FreeBSD identifier. Catch
up to that fact and revert to their recommended match of BSD-2-Clause.

Discussed with: pfg
MFC After: 3 days
Sponsored by: Netflix

show more ...

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.

show more ...

Merge ^/head r325663 through r325841.

Strip EOL whitespace in usr.sbin/{jail,jexec}

Merge from head

Catch up with head, primarily for the 1.14.4.0 firmware.

Merge ^/head r285341 through r285792.

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted b

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted by: Willem Jan Withagen
MFC after: 3 days

show more ...

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error

various: general adoption of SPDX licensing ID tags.

Mainly focus on files that use BSD 2-Clause license, however the tool I
was using misidentified many licenses so this was mostly a manual - error
prone - task.

The Software Package Data Exchange (SPDX) group provides a specification
to make it easier for automated tools to detect and summarize well known
opensource licenses. We are gradually adopting the specification, noting
that the tags are considered only advisory and do not, in any way,
superceed or replace the license texts.

No functional change intended.

show more ...

Merge ^/head r325663 through r325841.

Strip EOL whitespace in usr.sbin/{jail,jexec}

Merge from head

Catch up with head, primarily for the 1.14.4.0 firmware.

Merge ^/head r285341 through r285792.

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted b

Run a shell in the jail when no command is specified.
Add a new flag, -l, for a clean environment, same as jail(8) exec.clean.
Change the GET_USER_INFO macro into a function.

PR: 201300
Submitted by: Willem Jan Withagen
MFC after: 3 days

show more ...

Merge from head