1 /*-
2 * SPDX-License-Identifier: BSD-2-Clause
3 *
4 * Copyright (c) 2003 Mike Barcroft <mike@FreeBSD.org>
5 * Copyright (c) 2008 Bjoern A. Zeeb <bz@FreeBSD.org>
6 * Copyright (c) 2009 James Gritton <jamie@FreeBSD.org>
7 * Copyright (c) 2015 Emmanuel Vadot <manu@bocal.org>
8 * All rights reserved.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 * SUCH DAMAGE.
30 */
31
32 #include <sys/param.h>
33 #include <sys/jail.h>
34 #include <sys/socket.h>
35 #include <sys/sysctl.h>
36
37 #include <arpa/inet.h>
38 #include <netinet/in.h>
39
40 #include <ctype.h>
41 #include <errno.h>
42 #include <jail.h>
43 #include <limits.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <string.h>
47 #include <unistd.h>
48 #include <libxo/xo.h>
49
50 #define JP_USER 0x01000000
51 #define JP_OPT 0x02000000
52
53 #define JLS_XO_VERSION "2"
54
55 #define PRINT_DEFAULT 0x01
56 #define PRINT_HEADER 0x02
57 #define PRINT_NAMEVAL 0x04
58 #define PRINT_QUOTED 0x08
59 #define PRINT_SKIP 0x10
60 #define PRINT_VERBOSE 0x20
61 #define PRINT_JAIL_NAME 0x40
62
63 static struct jailparam *params;
64 static int *param_parent;
65 static int nparams;
66 #ifdef INET6
67 static int ip6_ok;
68 #endif
69 #ifdef INET
70 static int ip4_ok;
71 #endif
72
73 static int add_param(const char *name, void *value, size_t valuelen,
74 struct jailparam *source, unsigned flags);
75 static int sort_param(const void *a, const void *b);
76 static char *noname(const char *name);
77 static char *nononame(const char *name);
78 static int print_jail(int pflags, int jflags);
79 static int special_print(int pflags, struct jailparam *param);
80 static void quoted_print(int pflags, char *name, char *value);
81 static void emit_ip_addr_list(int af_family, const char *list_name,
82 struct jailparam *param);
83
84 int
main(int argc,char ** argv)85 main(int argc, char **argv)
86 {
87 char *dot, *ep, *jname, *pname;
88 int c, i, jflags, jid, lastjid, pflags, spc;
89
90 argc = xo_parse_args(argc, argv);
91 if (argc < 0)
92 exit(1);
93
94 xo_set_version(JLS_XO_VERSION);
95 jname = NULL;
96 pflags = jflags = jid = 0;
97 while ((c = getopt(argc, argv, "adj:hNnqsv")) >= 0)
98 switch (c) {
99 case 'a':
100 case 'd':
101 jflags |= JAIL_DYING;
102 break;
103 case 'j':
104 jid = strtoul(optarg, &ep, 10);
105 if (!jid || *ep) {
106 jid = 0;
107 jname = optarg;
108 }
109 break;
110 case 'h':
111 pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) |
112 PRINT_HEADER;
113 break;
114 case 'N':
115 pflags |= PRINT_JAIL_NAME;
116 break;
117 case 'n':
118 pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL;
119 break;
120 case 'q':
121 pflags |= PRINT_QUOTED;
122 break;
123 case 's':
124 pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) |
125 PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP;
126 break;
127 case 'v':
128 pflags = (pflags &
129 ~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) |
130 PRINT_VERBOSE;
131 break;
132 default:
133 xo_errx(1, "usage: jls [-dhNnqv] [-j jail] [param ...]");
134 }
135
136 #ifdef INET6
137 ip6_ok = feature_present("inet6");
138 #endif
139 #ifdef INET
140 ip4_ok = feature_present("inet");
141 #endif
142
143 /* Add the parameters to print. */
144 if (optind == argc) {
145 if (pflags & (PRINT_HEADER | PRINT_NAMEVAL))
146 add_param("all", NULL, (size_t)0, NULL, JP_USER);
147 else if (pflags & PRINT_VERBOSE) {
148 add_param("jid", NULL, (size_t)0, NULL, JP_USER);
149 add_param("host.hostname", NULL, (size_t)0, NULL,
150 JP_USER);
151 add_param("path", NULL, (size_t)0, NULL, JP_USER);
152 add_param("name", NULL, (size_t)0, NULL, JP_USER);
153 add_param("dying", NULL, (size_t)0, NULL, JP_USER);
154 add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER);
155 #ifdef INET
156 if (ip4_ok)
157 add_param("ip4.addr", NULL, (size_t)0, NULL,
158 JP_USER);
159 #endif
160 #ifdef INET6
161 if (ip6_ok)
162 add_param("ip6.addr", NULL, (size_t)0, NULL,
163 JP_USER | JP_OPT);
164 #endif
165 } else {
166 pflags |= PRINT_DEFAULT;
167 if (pflags & PRINT_JAIL_NAME)
168 add_param("name", NULL, (size_t)0, NULL, JP_USER);
169 else
170 add_param("jid", NULL, (size_t)0, NULL, JP_USER);
171 #ifdef INET
172 if (ip4_ok)
173 add_param("ip4.addr", NULL, (size_t)0, NULL,
174 JP_USER);
175 #endif
176 add_param("host.hostname", NULL, (size_t)0, NULL,
177 JP_USER);
178 add_param("path", NULL, (size_t)0, NULL, JP_USER);
179 }
180 } else {
181 pflags &= ~PRINT_VERBOSE;
182 while (optind < argc)
183 add_param(argv[optind++], NULL, (size_t)0, NULL,
184 JP_USER);
185 }
186
187 if (pflags & PRINT_SKIP) {
188 /* Check for parameters with jailsys parents. */
189 for (i = 0; i < nparams; i++) {
190 if ((params[i].jp_flags & JP_USER) &&
191 (dot = strchr(params[i].jp_name, '.'))) {
192 pname = alloca((dot - params[i].jp_name) + 1);
193 strlcpy(pname, params[i].jp_name,
194 (dot - params[i].jp_name) + 1);
195 param_parent[i] = add_param(pname,
196 NULL, (size_t)0, NULL, JP_OPT);
197 }
198 }
199 }
200
201 /* Add the index key parameters. */
202 if (jid != 0)
203 add_param("jid", &jid, sizeof(jid), NULL, 0);
204 else if (jname != NULL)
205 add_param("name", jname, strlen(jname), NULL, 0);
206 else
207 add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0);
208
209 /* Print a header line if requested. */
210 if (pflags & PRINT_VERBOSE) {
211 xo_emit("{T:/%3s}{T:JID}{P: }{T:Hostname}{Pd:/%22s}{T:Path}\n",
212 "", "");
213 xo_emit("{P:/%8s}{T:Name}{Pd:/%26s}{T:State}\n", "", "");
214 xo_emit("{P:/%8s}{T:CPUSetID}\n", "");
215 xo_emit("{P:/%8s}{T:IP Address(es)}\n", "");
216 }
217 else if (pflags & PRINT_DEFAULT)
218 if (pflags & PRINT_JAIL_NAME)
219 xo_emit("{P: }{T:JID/%-15s}{P: }{T:IP Address/%-15s}"
220 "{P: }{T:Hostname/%-29s}{P: }{T:Path}\n");
221 else
222 xo_emit("{T:JID/%6s}{P: }{T:IP Address}{P:/%6s}"
223 "{T:Hostname}{P:/%22s}{T:Path}\n", "", "");
224 else if (pflags & PRINT_HEADER) {
225 for (i = spc = 0; i < nparams; i++)
226 if (params[i].jp_flags & JP_USER) {
227 if (spc)
228 xo_emit("{P: }");
229 else
230 spc = 1;
231 xo_emit(params[i].jp_name);
232 }
233 xo_emit("{P:\n}");
234 }
235
236 xo_open_container("jail-information");
237 xo_open_list("jail");
238 /* Fetch the jail(s) and print the parameters. */
239 if (jid != 0 || jname != NULL) {
240 if (print_jail(pflags, jflags) < 0)
241 xo_errx(1, "%s", jail_errmsg);
242 } else {
243 for (lastjid = 0;
244 (lastjid = print_jail(pflags, jflags)) >= 0; )
245 ;
246 if (errno != 0 && errno != ENOENT)
247 xo_errx(1, "%s", jail_errmsg);
248 }
249 xo_close_list("jail");
250 xo_close_container("jail-information");
251 if (xo_finish() < 0)
252 xo_err(1, "stdout");
253 exit(0);
254 }
255
256 static int
add_param(const char * name,void * value,size_t valuelen,struct jailparam * source,unsigned flags)257 add_param(const char *name, void *value, size_t valuelen,
258 struct jailparam *source, unsigned flags)
259 {
260 struct jailparam *param, *tparams;
261 int i, tnparams;
262
263 static int paramlistsize;
264
265 /* The pseudo-parameter "all" scans the list of available parameters. */
266 if (!strcmp(name, "all")) {
267 tnparams = jailparam_all(&tparams);
268 if (tnparams < 0)
269 xo_errx(1, "%s", jail_errmsg);
270 qsort(tparams, (size_t)tnparams, sizeof(struct jailparam),
271 sort_param);
272 for (i = 0; i < tnparams; i++)
273 add_param(tparams[i].jp_name, NULL, (size_t)0,
274 tparams + i, flags);
275 free(tparams);
276 return -1;
277 }
278
279 /* Check for repeat parameters. */
280 for (i = 0; i < nparams; i++)
281 if (!strcmp(name, params[i].jp_name)) {
282 if (value != NULL && jailparam_import_raw(params + i,
283 value, valuelen) < 0)
284 xo_errx(1, "%s", jail_errmsg);
285 params[i].jp_flags |= flags;
286 if (source != NULL)
287 jailparam_free(source, 1);
288 return i;
289 }
290
291 /* Make sure there is room for the new param record. */
292 if (!nparams) {
293 paramlistsize = 32;
294 params = malloc(paramlistsize * sizeof(*params));
295 param_parent = malloc(paramlistsize * sizeof(*param_parent));
296 if (params == NULL || param_parent == NULL)
297 xo_err(1, "malloc");
298 } else if (nparams >= paramlistsize) {
299 paramlistsize *= 2;
300 params = realloc(params, paramlistsize * sizeof(*params));
301 param_parent = realloc(param_parent,
302 paramlistsize * sizeof(*param_parent));
303 if (params == NULL || param_parent == NULL)
304 xo_err(1, "realloc");
305 }
306
307 /* Look up the parameter. */
308 param_parent[nparams] = -1;
309 param = params + nparams++;
310 if (source != NULL) {
311 *param = *source;
312 param->jp_flags |= flags;
313 return param - params;
314 }
315 if (jailparam_init(param, name) < 0 ||
316 (value != NULL ? jailparam_import_raw(param, value, valuelen)
317 : jailparam_import(param, value)) < 0) {
318 if (flags & JP_OPT) {
319 nparams--;
320 return (-1);
321 }
322 xo_errx(1, "%s", jail_errmsg);
323 }
324 param->jp_flags |= flags;
325 return param - params;
326 }
327
328 static int
sort_param(const void * a,const void * b)329 sort_param(const void *a, const void *b)
330 {
331 const struct jailparam *parama, *paramb;
332 char *ap, *bp;
333
334 /* Put top-level parameters first. */
335 parama = a;
336 paramb = b;
337 ap = strchr(parama->jp_name, '.');
338 bp = strchr(paramb->jp_name, '.');
339 if (ap && !bp)
340 return (1);
341 if (bp && !ap)
342 return (-1);
343 return (strcmp(parama->jp_name, paramb->jp_name));
344 }
345
346 static char *
noname(const char * name)347 noname(const char *name)
348 {
349 char *nname, *p;
350
351 nname = malloc(strlen(name) + 3);
352 if (nname == NULL)
353 xo_err(1, "malloc");
354 p = strrchr(name, '.');
355 if (p != NULL)
356 sprintf(nname, "%.*s.no%s", (int)(p - name), name, p + 1);
357 else
358 sprintf(nname, "no%s", name);
359 return nname;
360 }
361
362 static char *
nononame(const char * name)363 nononame(const char *name)
364 {
365 char *nname, *p;
366
367 p = strrchr(name, '.');
368 if (strncmp(p ? p + 1 : name, "no", 2))
369 return NULL;
370 nname = malloc(strlen(name) - 1);
371 if (nname == NULL)
372 xo_err(1, "malloc");
373 if (p != NULL)
374 sprintf(nname, "%.*s.%s", (int)(p - name), name, p + 3);
375 else
376 strcpy(nname, name + 2);
377 return nname;
378 }
379
380 static int
print_jail(int pflags,int jflags)381 print_jail(int pflags, int jflags)
382 {
383 char *nname, *xo_nname;
384 char **param_values;
385 int i, jid, spc;
386 #if (defined INET || defined INET6)
387 int n;
388 #endif
389
390 jid = jailparam_get(params, nparams, jflags);
391 if (jid < 0)
392 return jid;
393
394 xo_open_instance("jail");
395
396 if (pflags & PRINT_VERBOSE) {
397 xo_emit("{:jid/%6d}{P: }{:hostname/%-29.29s/%s}{P: }"
398 "{:path/%.74s/%s}\n",
399 *(int *)params[0].jp_value,
400 (char *)params[1].jp_value,
401 (char *)params[2].jp_value);
402 xo_emit("{P: }{:name/%-29.29s/%s}{P: }{:state/%.74s}\n",
403 (char *)params[3].jp_value,
404 *(int *)params[4].jp_value ? "DYING" : "ACTIVE");
405 xo_emit("{P: }{:cpusetid/%d}\n", *(int *)params[5].jp_value);
406 #if (defined INET || defined INET6)
407 n = 6;
408 #endif
409 #ifdef INET
410 if (ip4_ok && !strcmp(params[n].jp_name, "ip4.addr")) {
411 emit_ip_addr_list(AF_INET, "ipv4_addrs", params + n);
412 n++;
413 }
414 #endif
415 #ifdef INET6
416 if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) {
417 emit_ip_addr_list(AF_INET6, "ipv6_addrs", params + n);
418 n++;
419 }
420 #endif
421 } else if (pflags & PRINT_DEFAULT) {
422 if (pflags & PRINT_JAIL_NAME)
423 xo_emit("{P: }{:name/%-15s/%s}{P: }",
424 (char *)params[0].jp_value);
425 else
426 xo_emit("{:jid/%6d}{P: }", *(int *)params[0].jp_value);
427 xo_emit("{:ipv4/%-15.15s/%s}{P: }{:hostname/%-29.29s/%s}{P: }{:path/%.74s/%s}\n",
428 #ifdef INET
429 (!ip4_ok || params[1].jp_valuelen == 0) ? ""
430 : inet_ntoa(*(struct in_addr *)params[1].jp_value),
431 (char *)params[2-!ip4_ok].jp_value,
432 (char *)params[3-!ip4_ok].jp_value);
433 #else
434 "-",
435 (char *)params[1].jp_value,
436 (char *)params[2].jp_value);
437 #endif
438 } else {
439 param_values = alloca(nparams * sizeof(*param_values));
440 for (i = 0; i < nparams; i++) {
441 if (!(params[i].jp_flags & JP_USER))
442 continue;
443 param_values[i] = jailparam_export(params + i);
444 if (param_values[i] == NULL)
445 xo_errx(1, "%s", jail_errmsg);
446 }
447 for (i = spc = 0; i < nparams; i++) {
448 if (!(params[i].jp_flags & JP_USER))
449 continue;
450 if ((pflags & PRINT_SKIP) &&
451 ((!(params[i].jp_ctltype &
452 (CTLFLAG_WR | CTLFLAG_TUN))) ||
453 (param_parent[i] >= 0 &&
454 *(int *)params[param_parent[i]].jp_value !=
455 JAIL_SYS_NEW)))
456 continue;
457 if (spc)
458 xo_emit("{P: }");
459 else
460 spc = 1;
461 if (pflags & PRINT_NAMEVAL) {
462 /*
463 * Generally "name=value", but for booleans
464 * either "name" or "noname".
465 */
466 if (params[i].jp_flags &
467 (JP_BOOL | JP_NOBOOL)) {
468 if (*(int *)params[i].jp_value) {
469 asprintf(&xo_nname, "{en:%s/true}", params[i].jp_name);
470 xo_emit(xo_nname);
471 xo_emit("{d:/%s}", params[i].jp_name);
472 }
473 else {
474 nname = (params[i].jp_flags &
475 JP_NOBOOL) ?
476 nononame(params[i].jp_name)
477 : noname(params[i].jp_name);
478 if (params[i].jp_flags & JP_NOBOOL) {
479 asprintf(&xo_nname, "{en:%s/true}", params[i].jp_name);
480 xo_emit(xo_nname);
481 } else {
482 asprintf(&xo_nname, "{en:%s/false}", params[i].jp_name);
483 xo_emit(xo_nname);
484 }
485 xo_emit("{d:/%s}", nname);
486 free(nname);
487 }
488 free(xo_nname);
489 continue;
490 }
491 xo_emit("{d:%s}=", params[i].jp_name);
492 }
493 if (!special_print(pflags, params + i))
494 quoted_print(pflags, params[i].jp_name, param_values[i]);
495 }
496 xo_emit("{P:\n}");
497 for (i = 0; i < nparams; i++)
498 if (params[i].jp_flags & JP_USER)
499 free(param_values[i]);
500 }
501
502 xo_close_instance("jail");
503 return (jid);
504 }
505
506 static void
quoted_print(int pflags,char * name,char * value)507 quoted_print(int pflags, char *name, char *value)
508 {
509 int qc;
510 char *p = value;
511
512 /* An empty string needs quoting. */
513 if (!*p) {
514 xo_emit("{ea:/%s}{da:/\"\"}", name, value, name);
515 return;
516 }
517
518 /*
519 * The value will be surrounded by quotes if it contains
520 * whitespace or quotes.
521 */
522 if (strchr(p, '\''))
523 qc = '"';
524 else if (strchr(p, '"'))
525 qc = '\'';
526 else {
527 qc = 0;
528 for (; *p; ++p)
529 if (isspace(*p)) {
530 qc = '"';
531 break;
532 }
533 }
534
535 if (qc && pflags & PRINT_QUOTED)
536 xo_emit("{P:/%c}", qc);
537
538 xo_emit("{a:/%s}", name, value);
539
540 if (qc && pflags & PRINT_QUOTED)
541 xo_emit("{P:/%c}", qc);
542 }
543
544 static int
special_print(int pflags,struct jailparam * param)545 special_print(int pflags, struct jailparam *param)
546 {
547 int ip_as_list;
548
549 switch (xo_get_style(NULL)) {
550 case XO_STYLE_JSON:
551 case XO_STYLE_XML:
552 ip_as_list = 1;
553 break;
554 default:
555 ip_as_list = 0;
556 }
557
558 if (!ip_as_list && param->jp_valuelen == 0) {
559 if (pflags & PRINT_QUOTED)
560 xo_emit("{P:\"\"}");
561 else if (!(pflags & PRINT_NAMEVAL))
562 xo_emit("{P:-}");
563 } else if (ip_as_list && !strcmp(param->jp_name, "ip4.addr")) {
564 emit_ip_addr_list(AF_INET, param->jp_name, param);
565 } else if (ip_as_list && !strcmp(param->jp_name, "ip6.addr")) {
566 emit_ip_addr_list(AF_INET6, param->jp_name, param);
567 } else {
568 return 0;
569 }
570
571 return 1;
572 }
573
574 static void
emit_ip_addr_list(int af_family,const char * list_name,struct jailparam * param)575 emit_ip_addr_list(int af_family, const char *list_name, struct jailparam *param)
576 {
577 char ipbuf[INET6_ADDRSTRLEN];
578 size_t addr_len;
579 const char *emit_str;
580 int ai, count;
581
582 switch (af_family) {
583 case AF_INET:
584 addr_len = sizeof(struct in_addr);
585 emit_str = "{P: }{ql:ipv4_addr}{P:\n}";
586 break;
587 case AF_INET6:
588 addr_len = sizeof(struct in6_addr);
589 emit_str = "{P: }{ql:ipv6_addr}{P:\n}";
590 break;
591 default:
592 xo_err(1, "unsupported af_family");
593 return;
594 }
595
596 count = param->jp_valuelen / addr_len;
597
598 xo_open_list(list_name);
599 for (ai = 0; ai < count; ai++) {
600 if (inet_ntop(af_family,
601 ((uint8_t *)param->jp_value) + addr_len * ai,
602 ipbuf, sizeof(ipbuf)) == NULL) {
603 xo_err(1, "inet_ntop");
604 } else {
605 xo_emit(emit_str, ipbuf);
606 }
607 }
608 xo_close_list(list_name);
609 }
610