1 /*- 2 * SPDX-License-Identifier: BSD-2-Clause 3 * 4 * Copyright (c) 2003 Mike Barcroft <mike@FreeBSD.org> 5 * Copyright (c) 2008 Bjoern A. Zeeb <bz@FreeBSD.org> 6 * Copyright (c) 2009 James Gritton <jamie@FreeBSD.org> 7 * Copyright (c) 2015 Emmanuel Vadot <manu@bocal.org> 8 * All rights reserved. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 20 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 21 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 22 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 23 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 24 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 25 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 26 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 27 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 28 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 29 * SUCH DAMAGE. 30 */ 31 32 #include <sys/param.h> 33 #include <sys/jail.h> 34 #include <sys/socket.h> 35 #include <sys/sysctl.h> 36 37 #include <arpa/inet.h> 38 #include <netinet/in.h> 39 40 #include <ctype.h> 41 #include <errno.h> 42 #include <jail.h> 43 #include <limits.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <string.h> 47 #include <unistd.h> 48 #include <libxo/xo.h> 49 50 #define JP_USER 0x01000000 51 #define JP_OPT 0x02000000 52 53 #define JLS_XO_VERSION "2" 54 55 #define PRINT_DEFAULT 0x01 56 #define PRINT_HEADER 0x02 57 #define PRINT_NAMEVAL 0x04 58 #define PRINT_QUOTED 0x08 59 #define PRINT_SKIP 0x10 60 #define PRINT_VERBOSE 0x20 61 #define PRINT_JAIL_NAME 0x40 62 63 static struct jailparam *params; 64 static int *param_parent; 65 static int nparams; 66 #ifdef INET6 67 static int ip6_ok; 68 #endif 69 #ifdef INET 70 static int ip4_ok; 71 #endif 72 73 static int add_param(const char *name, void *value, size_t valuelen, 74 struct jailparam *source, unsigned flags); 75 static int sort_param(const void *a, const void *b); 76 static char *noname(const char *name); 77 static char *nononame(const char *name); 78 static int print_jail(int pflags, int jflags); 79 static int special_print(int pflags, struct jailparam *param); 80 static void quoted_print(int pflags, char *name, char *value); 81 static void emit_ip_addr_list(int af_family, const char *list_name, 82 struct jailparam *param); 83 84 int 85 main(int argc, char **argv) 86 { 87 char *dot, *ep, *jname, *pname; 88 int c, i, jflags, jid, lastjid, pflags, spc; 89 90 argc = xo_parse_args(argc, argv); 91 if (argc < 0) 92 exit(1); 93 94 xo_set_version(JLS_XO_VERSION); 95 jname = NULL; 96 pflags = jflags = jid = 0; 97 while ((c = getopt(argc, argv, "adj:hNnqsv")) >= 0) 98 switch (c) { 99 case 'a': 100 case 'd': 101 jflags |= JAIL_DYING; 102 break; 103 case 'j': 104 jid = strtoul(optarg, &ep, 10); 105 if (!jid || *ep) { 106 jid = 0; 107 jname = optarg; 108 } 109 break; 110 case 'h': 111 pflags = (pflags & ~(PRINT_SKIP | PRINT_VERBOSE)) | 112 PRINT_HEADER; 113 break; 114 case 'N': 115 pflags |= PRINT_JAIL_NAME; 116 break; 117 case 'n': 118 pflags = (pflags & ~PRINT_VERBOSE) | PRINT_NAMEVAL; 119 break; 120 case 'q': 121 pflags |= PRINT_QUOTED; 122 break; 123 case 's': 124 pflags = (pflags & ~(PRINT_HEADER | PRINT_VERBOSE)) | 125 PRINT_NAMEVAL | PRINT_QUOTED | PRINT_SKIP; 126 break; 127 case 'v': 128 pflags = (pflags & 129 ~(PRINT_HEADER | PRINT_NAMEVAL | PRINT_SKIP)) | 130 PRINT_VERBOSE; 131 break; 132 default: 133 xo_errx(1, "usage: jls [-dhNnqv] [-j jail] [param ...]"); 134 } 135 136 #ifdef INET6 137 ip6_ok = feature_present("inet6"); 138 #endif 139 #ifdef INET 140 ip4_ok = feature_present("inet"); 141 #endif 142 143 /* Add the parameters to print. */ 144 if (optind == argc) { 145 if (pflags & (PRINT_HEADER | PRINT_NAMEVAL)) 146 add_param("all", NULL, (size_t)0, NULL, JP_USER); 147 else if (pflags & PRINT_VERBOSE) { 148 add_param("jid", NULL, (size_t)0, NULL, JP_USER); 149 add_param("host.hostname", NULL, (size_t)0, NULL, 150 JP_USER); 151 add_param("path", NULL, (size_t)0, NULL, JP_USER); 152 add_param("name", NULL, (size_t)0, NULL, JP_USER); 153 add_param("dying", NULL, (size_t)0, NULL, JP_USER); 154 add_param("cpuset.id", NULL, (size_t)0, NULL, JP_USER); 155 #ifdef INET 156 if (ip4_ok) 157 add_param("ip4.addr", NULL, (size_t)0, NULL, 158 JP_USER); 159 #endif 160 #ifdef INET6 161 if (ip6_ok) 162 add_param("ip6.addr", NULL, (size_t)0, NULL, 163 JP_USER | JP_OPT); 164 #endif 165 } else { 166 pflags |= PRINT_DEFAULT; 167 if (pflags & PRINT_JAIL_NAME) 168 add_param("name", NULL, (size_t)0, NULL, JP_USER); 169 else 170 add_param("jid", NULL, (size_t)0, NULL, JP_USER); 171 #ifdef INET 172 if (ip4_ok) 173 add_param("ip4.addr", NULL, (size_t)0, NULL, 174 JP_USER); 175 #endif 176 add_param("host.hostname", NULL, (size_t)0, NULL, 177 JP_USER); 178 add_param("path", NULL, (size_t)0, NULL, JP_USER); 179 } 180 } else { 181 pflags &= ~PRINT_VERBOSE; 182 while (optind < argc) 183 add_param(argv[optind++], NULL, (size_t)0, NULL, 184 JP_USER); 185 } 186 187 if (pflags & PRINT_SKIP) { 188 /* Check for parameters with jailsys parents. */ 189 for (i = 0; i < nparams; i++) { 190 if ((params[i].jp_flags & JP_USER) && 191 (dot = strchr(params[i].jp_name, '.'))) { 192 pname = alloca((dot - params[i].jp_name) + 1); 193 strlcpy(pname, params[i].jp_name, 194 (dot - params[i].jp_name) + 1); 195 param_parent[i] = add_param(pname, 196 NULL, (size_t)0, NULL, JP_OPT); 197 } 198 } 199 } 200 201 /* Add the index key parameters. */ 202 if (jid != 0) 203 add_param("jid", &jid, sizeof(jid), NULL, 0); 204 else if (jname != NULL) 205 add_param("name", jname, strlen(jname), NULL, 0); 206 else 207 add_param("lastjid", &lastjid, sizeof(lastjid), NULL, 0); 208 209 /* Print a header line if requested. */ 210 if (pflags & PRINT_VERBOSE) { 211 xo_emit("{T:/%3s}{T:JID}{P: }{T:Hostname}{Pd:/%22s}{T:Path}\n", 212 "", ""); 213 xo_emit("{P:/%8s}{T:Name}{Pd:/%26s}{T:State}\n", "", ""); 214 xo_emit("{P:/%8s}{T:CPUSetID}\n", ""); 215 xo_emit("{P:/%8s}{T:IP Address(es)}\n", ""); 216 } 217 else if (pflags & PRINT_DEFAULT) 218 if (pflags & PRINT_JAIL_NAME) 219 xo_emit("{P: }{T:JID/%-15s}{P: }{T:IP Address/%-15s}" 220 "{P: }{T:Hostname/%-29s}{P: }{T:Path}\n"); 221 else 222 xo_emit("{T:JID/%6s}{P: }{T:IP Address}{P:/%6s}" 223 "{T:Hostname}{P:/%22s}{T:Path}\n", "", ""); 224 else if (pflags & PRINT_HEADER) { 225 for (i = spc = 0; i < nparams; i++) 226 if (params[i].jp_flags & JP_USER) { 227 if (spc) 228 xo_emit("{P: }"); 229 else 230 spc = 1; 231 xo_emit(params[i].jp_name); 232 } 233 xo_emit("{P:\n}"); 234 } 235 236 xo_open_container("jail-information"); 237 xo_open_list("jail"); 238 /* Fetch the jail(s) and print the parameters. */ 239 if (jid != 0 || jname != NULL) { 240 if (print_jail(pflags, jflags) < 0) 241 xo_errx(1, "%s", jail_errmsg); 242 } else { 243 for (lastjid = 0; 244 (lastjid = print_jail(pflags, jflags)) >= 0; ) 245 ; 246 if (errno != 0 && errno != ENOENT) 247 xo_errx(1, "%s", jail_errmsg); 248 } 249 xo_close_list("jail"); 250 xo_close_container("jail-information"); 251 if (xo_finish() < 0) 252 xo_err(1, "stdout"); 253 exit(0); 254 } 255 256 static int 257 add_param(const char *name, void *value, size_t valuelen, 258 struct jailparam *source, unsigned flags) 259 { 260 struct jailparam *param, *tparams; 261 int i, tnparams; 262 263 static int paramlistsize; 264 265 /* The pseudo-parameter "all" scans the list of available parameters. */ 266 if (!strcmp(name, "all")) { 267 tnparams = jailparam_all(&tparams); 268 if (tnparams < 0) 269 xo_errx(1, "%s", jail_errmsg); 270 qsort(tparams, (size_t)tnparams, sizeof(struct jailparam), 271 sort_param); 272 for (i = 0; i < tnparams; i++) 273 add_param(tparams[i].jp_name, NULL, (size_t)0, 274 tparams + i, flags); 275 free(tparams); 276 return -1; 277 } 278 279 /* Check for repeat parameters. */ 280 for (i = 0; i < nparams; i++) 281 if (!strcmp(name, params[i].jp_name)) { 282 if (value != NULL && jailparam_import_raw(params + i, 283 value, valuelen) < 0) 284 xo_errx(1, "%s", jail_errmsg); 285 params[i].jp_flags |= flags; 286 if (source != NULL) 287 jailparam_free(source, 1); 288 return i; 289 } 290 291 /* Make sure there is room for the new param record. */ 292 if (!nparams) { 293 paramlistsize = 32; 294 params = malloc(paramlistsize * sizeof(*params)); 295 param_parent = malloc(paramlistsize * sizeof(*param_parent)); 296 if (params == NULL || param_parent == NULL) 297 xo_err(1, "malloc"); 298 } else if (nparams >= paramlistsize) { 299 paramlistsize *= 2; 300 params = realloc(params, paramlistsize * sizeof(*params)); 301 param_parent = realloc(param_parent, 302 paramlistsize * sizeof(*param_parent)); 303 if (params == NULL || param_parent == NULL) 304 xo_err(1, "realloc"); 305 } 306 307 /* Look up the parameter. */ 308 param_parent[nparams] = -1; 309 param = params + nparams++; 310 if (source != NULL) { 311 *param = *source; 312 param->jp_flags |= flags; 313 return param - params; 314 } 315 if (jailparam_init(param, name) < 0 || 316 (value != NULL ? jailparam_import_raw(param, value, valuelen) 317 : jailparam_import(param, value)) < 0) { 318 if (flags & JP_OPT) { 319 nparams--; 320 return (-1); 321 } 322 xo_errx(1, "%s", jail_errmsg); 323 } 324 param->jp_flags |= flags; 325 return param - params; 326 } 327 328 static int 329 sort_param(const void *a, const void *b) 330 { 331 const struct jailparam *parama, *paramb; 332 char *ap, *bp; 333 334 /* Put top-level parameters first. */ 335 parama = a; 336 paramb = b; 337 ap = strchr(parama->jp_name, '.'); 338 bp = strchr(paramb->jp_name, '.'); 339 if (ap && !bp) 340 return (1); 341 if (bp && !ap) 342 return (-1); 343 return (strcmp(parama->jp_name, paramb->jp_name)); 344 } 345 346 static char * 347 noname(const char *name) 348 { 349 char *nname, *p; 350 351 nname = malloc(strlen(name) + 3); 352 if (nname == NULL) 353 xo_err(1, "malloc"); 354 p = strrchr(name, '.'); 355 if (p != NULL) 356 sprintf(nname, "%.*s.no%s", (int)(p - name), name, p + 1); 357 else 358 sprintf(nname, "no%s", name); 359 return nname; 360 } 361 362 static char * 363 nononame(const char *name) 364 { 365 char *nname, *p; 366 367 p = strrchr(name, '.'); 368 if (strncmp(p ? p + 1 : name, "no", 2)) 369 return NULL; 370 nname = malloc(strlen(name) - 1); 371 if (nname == NULL) 372 xo_err(1, "malloc"); 373 if (p != NULL) 374 sprintf(nname, "%.*s.%s", (int)(p - name), name, p + 3); 375 else 376 strcpy(nname, name + 2); 377 return nname; 378 } 379 380 static int 381 print_jail(int pflags, int jflags) 382 { 383 char *nname, *xo_nname; 384 char **param_values; 385 int i, jid, spc; 386 #if (defined INET || defined INET6) 387 int n; 388 #endif 389 390 jid = jailparam_get(params, nparams, jflags); 391 if (jid < 0) 392 return jid; 393 394 xo_open_instance("jail"); 395 396 if (pflags & PRINT_VERBOSE) { 397 xo_emit("{:jid/%6d}{P: }{:hostname/%-29.29s/%s}{P: }" 398 "{:path/%.74s/%s}\n", 399 *(int *)params[0].jp_value, 400 (char *)params[1].jp_value, 401 (char *)params[2].jp_value); 402 xo_emit("{P: }{:name/%-29.29s/%s}{P: }{:state/%.74s}\n", 403 (char *)params[3].jp_value, 404 *(int *)params[4].jp_value ? "DYING" : "ACTIVE"); 405 xo_emit("{P: }{:cpusetid/%d}\n", *(int *)params[5].jp_value); 406 #if (defined INET || defined INET6) 407 n = 6; 408 #endif 409 #ifdef INET 410 if (ip4_ok && !strcmp(params[n].jp_name, "ip4.addr")) { 411 emit_ip_addr_list(AF_INET, "ipv4_addrs", params + n); 412 n++; 413 } 414 #endif 415 #ifdef INET6 416 if (ip6_ok && !strcmp(params[n].jp_name, "ip6.addr")) { 417 emit_ip_addr_list(AF_INET6, "ipv6_addrs", params + n); 418 n++; 419 } 420 #endif 421 } else if (pflags & PRINT_DEFAULT) { 422 if (pflags & PRINT_JAIL_NAME) 423 xo_emit("{P: }{:name/%-15s/%s}{P: }", 424 (char *)params[0].jp_value); 425 else 426 xo_emit("{:jid/%6d}{P: }", *(int *)params[0].jp_value); 427 xo_emit("{:ipv4/%-15.15s/%s}{P: }{:hostname/%-29.29s/%s}{P: }{:path/%.74s/%s}\n", 428 #ifdef INET 429 (!ip4_ok || params[1].jp_valuelen == 0) ? "" 430 : inet_ntoa(*(struct in_addr *)params[1].jp_value), 431 (char *)params[2-!ip4_ok].jp_value, 432 (char *)params[3-!ip4_ok].jp_value); 433 #else 434 "-", 435 (char *)params[1].jp_value, 436 (char *)params[2].jp_value); 437 #endif 438 } else { 439 param_values = alloca(nparams * sizeof(*param_values)); 440 for (i = 0; i < nparams; i++) { 441 if (!(params[i].jp_flags & JP_USER)) 442 continue; 443 param_values[i] = jailparam_export(params + i); 444 if (param_values[i] == NULL) 445 xo_errx(1, "%s", jail_errmsg); 446 } 447 for (i = spc = 0; i < nparams; i++) { 448 if (!(params[i].jp_flags & JP_USER)) 449 continue; 450 if ((pflags & PRINT_SKIP) && 451 !(params[i].jp_flags & JP_KEYVALUE) && 452 ((!(params[i].jp_ctltype & 453 (CTLFLAG_WR | CTLFLAG_TUN))) || 454 (param_parent[i] >= 0 && 455 *(int *)params[param_parent[i]].jp_value != 456 JAIL_SYS_NEW))) 457 continue; 458 if (spc) 459 xo_emit("{P: }"); 460 else 461 spc = 1; 462 if ((params[i].jp_flags & JP_KEYVALUE) && 463 params[i].jp_valuelen == 0) { 464 /* Communicate back a missing key. */ 465 if (pflags & PRINT_NAMEVAL) 466 xo_emit("{d:%s}", params[i].jp_name); 467 continue; 468 } 469 if (pflags & PRINT_NAMEVAL) { 470 /* 471 * Generally "name=value", but for booleans 472 * either "name" or "noname". 473 */ 474 if (params[i].jp_flags & 475 (JP_BOOL | JP_NOBOOL)) { 476 if (*(int *)params[i].jp_value) { 477 asprintf(&xo_nname, "{en:%s/true}", params[i].jp_name); 478 xo_emit(xo_nname); 479 xo_emit("{d:/%s}", params[i].jp_name); 480 } 481 else { 482 nname = (params[i].jp_flags & 483 JP_NOBOOL) ? 484 nononame(params[i].jp_name) 485 : noname(params[i].jp_name); 486 if (params[i].jp_flags & JP_NOBOOL) { 487 asprintf(&xo_nname, "{en:%s/true}", params[i].jp_name); 488 xo_emit(xo_nname); 489 } else { 490 asprintf(&xo_nname, "{en:%s/false}", params[i].jp_name); 491 xo_emit(xo_nname); 492 } 493 xo_emit("{d:/%s}", nname); 494 free(nname); 495 } 496 free(xo_nname); 497 continue; 498 } 499 xo_emit("{d:%s}=", params[i].jp_name); 500 } 501 if (!special_print(pflags, params + i)) 502 quoted_print(pflags, params[i].jp_name, param_values[i]); 503 } 504 xo_emit("{P:\n}"); 505 for (i = 0; i < nparams; i++) 506 if (params[i].jp_flags & JP_USER) 507 free(param_values[i]); 508 } 509 510 xo_close_instance("jail"); 511 return (jid); 512 } 513 514 static void 515 quoted_print(int pflags, char *name, char *value) 516 { 517 int qc; 518 char *p = value; 519 520 /* An empty string needs quoting. */ 521 if (!*p) { 522 xo_emit("{ea:/%s}{da:/\"\"}", name, value, name); 523 return; 524 } 525 526 /* 527 * The value will be surrounded by quotes if it contains 528 * whitespace or quotes. 529 */ 530 if (strchr(p, '\'')) 531 qc = '"'; 532 else if (strchr(p, '"')) 533 qc = '\''; 534 else { 535 qc = 0; 536 for (; *p; ++p) 537 if (isspace(*p)) { 538 qc = '"'; 539 break; 540 } 541 } 542 543 if (qc && pflags & PRINT_QUOTED) 544 xo_emit("{P:/%c}", qc); 545 546 xo_emit("{a:/%s}", name, value); 547 548 if (qc && pflags & PRINT_QUOTED) 549 xo_emit("{P:/%c}", qc); 550 } 551 552 static int 553 special_print(int pflags, struct jailparam *param) 554 { 555 int ip_as_list; 556 557 switch (xo_get_style(NULL)) { 558 case XO_STYLE_JSON: 559 case XO_STYLE_XML: 560 ip_as_list = 1; 561 break; 562 default: 563 ip_as_list = 0; 564 } 565 566 if (!ip_as_list && param->jp_valuelen == 0) { 567 if (pflags & PRINT_QUOTED) 568 xo_emit("{P:\"\"}"); 569 else if (!(pflags & PRINT_NAMEVAL)) 570 xo_emit("{P:-}"); 571 } else if (ip_as_list && !strcmp(param->jp_name, "ip4.addr")) { 572 emit_ip_addr_list(AF_INET, param->jp_name, param); 573 } else if (ip_as_list && !strcmp(param->jp_name, "ip6.addr")) { 574 emit_ip_addr_list(AF_INET6, param->jp_name, param); 575 } else { 576 return 0; 577 } 578 579 return 1; 580 } 581 582 static void 583 emit_ip_addr_list(int af_family, const char *list_name, struct jailparam *param) 584 { 585 char ipbuf[INET6_ADDRSTRLEN]; 586 size_t addr_len; 587 const char *emit_str; 588 int ai, count; 589 590 switch (af_family) { 591 case AF_INET: 592 addr_len = sizeof(struct in_addr); 593 emit_str = "{P: }{ql:ipv4_addr}{P:\n}"; 594 break; 595 case AF_INET6: 596 addr_len = sizeof(struct in6_addr); 597 emit_str = "{P: }{ql:ipv6_addr}{P:\n}"; 598 break; 599 default: 600 xo_err(1, "unsupported af_family"); 601 return; 602 } 603 604 count = param->jp_valuelen / addr_len; 605 606 xo_open_list(list_name); 607 for (ai = 0; ai < count; ai++) { 608 if (inet_ntop(af_family, 609 ((uint8_t *)param->jp_value) + addr_len * ai, 610 ipbuf, sizeof(ipbuf)) == NULL) { 611 xo_err(1, "inet_ntop"); 612 } else { 613 xo_emit(emit_str, ipbuf); 614 } 615 } 616 xo_close_list(list_name); 617 } 618