diff --git a/usr.sbin/jail/command.c b/usr.sbin/jail/command.c index fe6563230bdee8..8ea3f3ee879566 100644 --- a/usr.sbin/jail/command.c +++ b/usr.sbin/jail/command.c @@ -290,7 +290,7 @@ run_command(struct cfjail *j) const struct cfstring *comstring, *s; login_cap_t *lcap; const char **argv; - char *acs, *cs, *comcs, *devpath; + char *acs, *ajidstr, *cs, *comcs, *devpath; const char *jidstr, *conslog, *fmt, *path, *ruleset, *term, *username; enum intparam comparam; size_t comlen, ret; @@ -795,6 +795,18 @@ run_command(struct cfjail *j) } endpwent(); } + if (!injail) { + if (asprintf(&ajidstr, "%d", j->jid) == -1) { + jail_warnx(j, "asprintf jid=%d: %s", j->jid, + strerror(errno)); + exit(1); + } + setenv("JID", ajidstr, 1); + free(ajidstr); + setenv("JNAME", string_param(j->intparams[KP_NAME]), 1); + path = string_param(j->intparams[KP_PATH]); + setenv("JPATH", path ? path : "", 1); + } if (consfd != 0 && (dup2(consfd, 1) < 0 || dup2(consfd, 2) < 0)) { jail_warnx(j, "exec.consolelog: %s", strerror(errno)); diff --git a/usr.sbin/jail/jail.8 b/usr.sbin/jail/jail.8 index aa540a50a7251e..166536ffcf68d3 100644 --- a/usr.sbin/jail/jail.8 +++ b/usr.sbin/jail/jail.8 @@ -819,6 +819,22 @@ commands in sequence. All commands must succeed (return a zero exit status), or the jail will not be created or removed, as appropriate. .Pp +The following variables are added to the environment: +.Bl -tag -width indent -offset indent +.It Ev JID +The +.Va jid +, or jail identifier. +.It Ev JNAME +The +.Va name +of the jail. +.It Ev JPATH +The +.Va path +of the jail. +.El +.Pp The pseudo-parameters are: .Bl -tag -width indent .It Va exec.prepare @@ -883,6 +899,10 @@ is imported from the current environment. is set to "/bin:/usr/bin". The environment variables from the login class capability database for the target login are also set. +.Ev JID , JNAME +and +.Ev JPATH +are not set. If a user is specified (as with .Va exec.jail_user ) , commands are run from that (possibly jailed) user's directory. diff --git a/usr.sbin/jail/tests/commands.jail.conf b/usr.sbin/jail/tests/commands.jail.conf index 4ea24ec6b05805..afd56d1fa5d6d4 100644 --- a/usr.sbin/jail/tests/commands.jail.conf +++ b/usr.sbin/jail/tests/commands.jail.conf @@ -1,6 +1,9 @@ exec.prestop = "echo STOP"; exec.prestart = "echo START"; +exec.poststart = "env"; persist; +path = "/tmp/test_${name}_root"; + basejail {} diff --git a/usr.sbin/jail/tests/jail_basic_test.sh b/usr.sbin/jail/tests/jail_basic_test.sh index 5d67f42c2d5621..6498eb1c1fdc5c 100755 --- a/usr.sbin/jail/tests/jail_basic_test.sh +++ b/usr.sbin/jail/tests/jail_basic_test.sh @@ -129,13 +129,19 @@ commands_head() { atf_set descr 'Commands jail test' atf_set require.user root + mkdir /tmp/test_basejail_root } commands_body() { - # exec.prestart - atf_check -s exit:0 -o inline:"START\n" \ + # exec.prestart (START) and exec.poststart (env) + atf_check -s exit:0 -o save:stdout -e empty \ jail -f $(atf_get_srcdir)/commands.jail.conf -qc basejail + grep -E '^START$' stdout || atf_fail "exec.prestart output not found" + grep -E '^JID=[0-9]+' stdout || atf_fail "JID not found in exec.poststart env output" + grep -E '^JNAME=basejail$' stdout || atf_fail "JNAME not found in exec.poststart env output" + grep -E '^JPATH=/tmp/test_basejail_root$' stdout || atf_fail "JPATH not found in exec.poststart env output" + # exec.prestop by jailname atf_check -s exit:0 -o inline:"STOP\n" \ jail -f $(atf_get_srcdir)/commands.jail.conf -qr basejail @@ -152,6 +158,7 @@ commands_cleanup() then jail -r basejail fi + rmdir /tmp/test_basejail_root } atf_init_test_cases()