Index: rc.subr =================================================================== RCS file: /private/FreeBSD/src/etc/rc.subr,v retrieving revision 1.19 diff -u -p -r1.19 rc.subr --- rc.subr 22 Jan 2004 08:46:03 -0000 1.19 +++ rc.subr 22 Feb 2004 17:27:16 -0000 @@ -59,6 +59,9 @@ NetBSD) ;; esac +# By default, scripts are available inside jail. +injail="yes" + # # functions # --------- @@ -177,6 +180,36 @@ mount_critical_filesystems() } # +# check_jail +# Return 1 if we are not in jail or script is available inside jail +# and 0 otherwise. +# +check_jail() +{ + + # If script is available in jail, return 1 imediately. + case ${injail} in + [Yy][Ee][Ss]) + return 1 + ;; + esac + + _jailed=`${SYSCTL_N} security.jail.jailed` + case $_jailed in + 1) + return 0 + ;; + 0) + return 1 + ;; + *) + warn "Unexpected security.jail.jailed value: ${_jailed}." + return 1 + ;; + esac +} + +# # check_pidfile pidfile procname [interpreter] # Parses the first line of pidfile for a PID, and ensures # that the process is running and matches procname. @@ -518,6 +551,11 @@ run_rc_command() # if [ -n "${rcvar}" -a "$rc_arg" != "rcvar" ]; then if ! checkyesno ${rcvar}; then + return 0 + fi + fi + if [ -z "$rc_force" -a "$rc_arg" != "rcvar" ]; then + if check_jail; then return 0 fi fi Index: rc.d/abi =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/abi,v retrieving revision 1.2 diff -u -p -r1.2 abi --- rc.d/abi 5 May 2003 15:38:41 -0000 1.2 +++ rc.d/abi 22 Feb 2004 17:25:32 -0000 @@ -10,6 +10,8 @@ . /etc/rc.subr +injail="no" + echo -n 'Additional ABI support:' name="sysvipc" Index: rc.d/adjkerntz =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/adjkerntz,v retrieving revision 1.2 diff -u -p -r1.2 adjkerntz --- rc.d/adjkerntz 18 Apr 2003 17:55:05 -0000 1.2 +++ rc.d/adjkerntz 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="adjkerntz" start_cmd="adjkerntz -i" stop_cmd=":" +injail="no" load_rc_config $name run_rc_command "$1" Index: rc.d/apm =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/apm,v retrieving revision 1.4 diff -u -p -r1.4 apm --- rc.d/apm 9 Jun 2003 17:44:30 -0000 1.4 +++ rc.d/apm 22 Feb 2004 17:25:32 -0000 @@ -17,6 +17,7 @@ command="/usr/sbin/${name}" start_cmd="${command} -e enable" stop_cmd="${command} -e disable" status_cmd="apm_status" +injail="no" apm_precmd() { Index: rc.d/apmd =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/apmd,v retrieving revision 1.10 diff -u -p -r1.10 apmd --- rc.d/apmd 17 Jan 2004 11:25:16 -0000 1.10 +++ rc.d/apmd 22 Feb 2004 17:25:32 -0000 @@ -15,6 +15,7 @@ name="apmd" rcvar=`set_rcvar` command="/usr/sbin/${name}" start_precmd="apmd_prestart" +injail="no" apmd_prestart() { Index: rc.d/devd =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/devd,v retrieving revision 1.5 diff -u -p -r1.5 devd --- rc.d/devd 12 Feb 2003 04:22:40 -0000 1.5 +++ rc.d/devd 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="devd" rcvar=`set_rcvar` command="/sbin/devd" +injail="no" load_rc_config $name run_rc_command "$1" Index: rc.d/dumpon =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/dumpon,v retrieving revision 1.2 diff -u -p -r1.2 dumpon --- rc.d/dumpon 2 Feb 2004 19:05:06 -0000 1.2 +++ rc.d/dumpon 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="dumpon" start_cmd="dumpon_start" stop_cmd="dumpon_stop" +injail="no" dumpon_start() { Index: rc.d/fsck =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/fsck,v retrieving revision 1.7 diff -u -p -r1.7 fsck --- rc.d/fsck 17 Jan 2004 11:52:37 -0000 1.7 +++ rc.d/fsck 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="fsck" start_cmd="fsck_start" stop_cmd=":" +injail="no" stop_boot() { Index: rc.d/initrandom =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/initrandom,v retrieving revision 1.1 diff -u -p -r1.1 initrandom --- rc.d/initrandom 13 Jun 2002 22:14:36 -0000 1.1 +++ rc.d/initrandom 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="initrandom" start_cmd="initrandom_start" stop_cmd=":" +injail="no" feed_dev_random() { Index: rc.d/ipfw =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/ipfw,v retrieving revision 1.5 diff -u -p -r1.5 ipfw --- rc.d/ipfw 27 Jul 2003 20:34:30 -0000 1.5 +++ rc.d/ipfw 22 Feb 2004 17:25:32 -0000 @@ -16,6 +16,7 @@ rcvar="firewall_enable" start_cmd="ipfw_start" start_precmd="ipfw_precmd" stop_cmd="ipfw_stop" +injail="no" ipfw_precmd() { Index: rc.d/jail =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/jail,v retrieving revision 1.13 diff -u -p -r1.13 jail --- rc.d/jail 3 Feb 2004 12:59:30 -0000 1.13 +++ rc.d/jail 22 Feb 2004 17:25:32 -0000 @@ -14,6 +14,7 @@ name="jail" rcvar=`set_rcvar` start_cmd="jail_start" stop_cmd="jail_stop" +injail="no" # init_variables _j # Initialize the various jail variables for jail _j. Index: rc.d/mountcritlocal =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/mountcritlocal,v retrieving revision 1.10 diff -u -p -r1.10 mountcritlocal --- rc.d/mountcritlocal 17 Jan 2004 10:40:45 -0000 1.10 +++ rc.d/mountcritlocal 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="mountcritlocal" start_cmd="mountcritlocal_start" stop_cmd=":" +injail="no" mountcritlocal_start() { Index: rc.d/mountcritremote =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/mountcritremote,v retrieving revision 1.8 diff -u -p -r1.8 mountcritremote --- rc.d/mountcritremote 17 Jan 2004 10:59:43 -0000 1.8 +++ rc.d/mountcritremote 22 Feb 2004 17:25:32 -0000 @@ -14,6 +14,7 @@ name="mountcritremote" stop_cmd=":" start_cmd="mountcritremote_start" start_precmd="mountcritremote_precmd" +injail="no" # Mount NFS filesystems if present in /etc/fstab # Index: rc.d/mountd =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/mountd,v retrieving revision 1.12 diff -u -p -r1.12 mountd --- rc.d/mountd 17 Jan 2004 11:31:15 -0000 1.12 +++ rc.d/mountd 22 Feb 2004 17:25:32 -0000 @@ -16,6 +16,7 @@ command="/usr/sbin/${name}" required_files="/etc/exports" start_precmd="mountd_precmd" extra_commands="reload" +injail="no" mountd_precmd() { Index: rc.d/moused =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/moused,v retrieving revision 1.5 diff -u -p -r1.5 moused --- rc.d/moused 17 Jan 2004 11:25:16 -0000 1.5 +++ rc.d/moused 22 Feb 2004 17:25:32 -0000 @@ -14,6 +14,7 @@ name=moused rcvar=`set_rcvar` command="/usr/sbin/${name}" start_cmd="moused_start" +injail="no" moused_start() { Index: rc.d/netif =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/netif,v retrieving revision 1.3 diff -u -p -r1.3 netif --- rc.d/netif 30 Jul 2003 18:53:59 -0000 1.3 +++ rc.d/netif 22 Feb 2004 17:25:32 -0000 @@ -39,6 +39,7 @@ cloneup_cmd="clone_up" clonedown_cmd="clone_down" extra_commands="cloneup clonedown" _cmdifn= +injail="no" network_start() { Index: rc.d/network_ipv6 =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/network_ipv6,v retrieving revision 1.35 diff -u -p -r1.35 network_ipv6 --- rc.d/network_ipv6 29 Jun 2003 05:15:57 -0000 1.35 +++ rc.d/network_ipv6 22 Feb 2004 17:25:32 -0000 @@ -38,6 +38,7 @@ name="network_ipv6" rcvar=`set_rcvar ipv6` start_cmd="network_ipv6_start" +injail="no" network_ipv6_start() { Index: rc.d/nfsclient =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/nfsclient,v retrieving revision 1.3 diff -u -p -r1.3 nfsclient --- rc.d/nfsclient 12 Oct 2002 10:31:31 -0000 1.3 +++ rc.d/nfsclient 22 Feb 2004 17:25:32 -0000 @@ -14,6 +14,7 @@ rcvar="nfs_client_enable" start_cmd="nfsclient_start" start_precmd="nfsclient_precmd" stop_cmd="unmount_all" +injail="no" # Load nfs module if it was not compiled into the kernel nfsclient_precmd() Index: rc.d/nfsd =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/nfsd,v retrieving revision 1.11 diff -u -p -r1.11 nfsd --- rc.d/nfsd 17 Jan 2004 10:59:43 -0000 1.11 +++ rc.d/nfsd 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="nfsd" rcvar=`set_rcvar nfs_server` command="/usr/sbin/${name}" +injail="no" load_rc_config $name command_args="${nfs_server_flags}" Index: rc.d/nfslocking =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/nfslocking,v retrieving revision 1.8 diff -u -p -r1.8 nfslocking --- rc.d/nfslocking 19 Feb 2004 05:49:06 -0000 1.8 +++ rc.d/nfslocking 22 Feb 2004 17:25:32 -0000 @@ -11,6 +11,8 @@ . /etc/rc.subr +injail="no" + # Save the (one) commandline argument incase it gets clobbered. arg=$1 Index: rc.d/nfsserver =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/nfsserver,v retrieving revision 1.2 diff -u -p -r1.2 nfsserver --- rc.d/nfsserver 12 Oct 2002 10:31:31 -0000 1.2 +++ rc.d/nfsserver 22 Feb 2004 17:25:32 -0000 @@ -13,6 +13,7 @@ name="nfsserver" rcvar="nfs_server_enable" start_cmd="nfsserver_start" stop_cmd=":" +injail="no" # Load nfs modules if they were not compiled into the kernel nfsserver_start() Index: rc.d/routing =================================================================== RCS file: /private/FreeBSD/src/etc/rc.d/routing,v retrieving revision 1.139 diff -u -p -r1.139 routing --- rc.d/routing 14 Aug 2003 15:27:32 -0000 1.139 +++ rc.d/routing 22 Feb 2004 17:25:32 -0000 @@ -17,6 +17,7 @@ stop_cmd="routing_stop" extra_commands="options static" static_cmd="static_start" options_cmd="options_start" +injail="no" routing_start() {