2 * ----------------------------------------------------------------------------
3 * "THE BEER-WARE LICENSE" (Revision 42):
4 * <phk@FreeBSD.ORG> wrote this file. As long as you retain this notice you
5 * can do whatever you want with this stuff. If we meet some day, and you think
6 * this stuff is worth it, you can buy me a beer in return. Poul-Henning Kamp
7 * ----------------------------------------------------------------------------
9 * $FreeBSD: src/usr.sbin/jail/jail.c,v 1.5.2.2 2003/05/08 13:04:24 maxim Exp $
10 * $DragonFly: src/usr.sbin/jail/jail.c,v 1.2 2003/06/17 04:29:55 dillon Exp $
14 #include <sys/param.h>
17 #include <netinet/in.h>
18 #include <arpa/inet.h>
22 #include <login_cap.h>
29 static void usage(void);
32 main(int argc, char **argv)
38 int ch, groups[NGROUPS], ngroups;
43 while ((ch = getopt(argc, argv, "u:")) != -1)
57 if (username != NULL) {
58 pwd = getpwnam(username);
60 err(1, "getpwnam: %s", username);
61 lcap = login_getpwclass(pwd);
63 err(1, "getpwclass: %s", username);
65 if (getgrouplist(username, pwd->pw_gid, groups, &ngroups) != 0)
66 err(1, "getgrouplist: %s", username);
68 if (chdir(argv[0]) != 0)
69 err(1, "chdir: %s", argv[0]);
70 memset(&j, 0, sizeof(j));
74 if (inet_aton(argv[2], &in) == 0)
75 errx(1, "Could not make sense of ip-number: %s", argv[2]);
76 j.ip_number = ntohl(in.s_addr);
79 if (username != NULL) {
80 if (setgroups(ngroups, groups) != 0)
82 if (setgid(pwd->pw_gid) != 0)
84 if (setusercontext(lcap, pwd, pwd->pw_uid,
85 LOGIN_SETALL & ~LOGIN_SETGROUP) != 0)
86 err(1, "setusercontext");
89 if (execv(argv[3], argv + 3) != 0)
90 err(1, "execv: %s", argv[3]);
98 (void)fprintf(stderr, "%s\n",
99 "Usage: jail [-u username] path hostname ip-number command ...");