FreeBSD: Fix zfs jail and add a test

zfs_jail was not using zfs_ioctl so failed to map the IOC number
correctly.  Use zfs_ioctl to perform the jail ioctl and add a test 
case for FreeBSD.

Reviewed-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: Ryan Moeller <ryan@iXsystems.com>
Closes #10658
This commit is contained in:
Ryan Moeller 2020-08-01 11:44:54 -04:00 committed by GitHub
parent fe628bc21d
commit b6737193ee
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 194 additions and 2 deletions

View File

@ -258,6 +258,7 @@ AC_CONFIG_FILES([
tests/zfs-tests/tests/functional/cli_root/zfs_get/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_ids_to_path/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_inherit/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_jail/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_load-key/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_mount/Makefile
tests/zfs-tests/tests/functional/cli_root/zfs_program/Makefile

View File

@ -268,7 +268,7 @@ zfs_jail(zfs_handle_t *zhp, int jailid, int attach)
zc.zc_zoneid = jailid;
cmd = attach ? ZFS_IOC_JAIL : ZFS_IOC_UNJAIL;
if ((ret = ioctl(hdl->libzfs_fd, cmd, &zc)) != 0)
if ((ret = zfs_ioctl(hdl, cmd, &zc)) != 0)
zfs_standard_error(hdl, errno, errbuf);
return (ret);

View File

@ -1 +1,27 @@
# don't delete this file
#
# This file and its contents are supplied under the terms of the
# Common Development and Distribution License ("CDDL"), version 1.0.
# You may only use this file in accordance with the terms of version
# 1.0 of the CDDL.
#
# A full copy of the text of the CDDL should have accompanied this
# source. A copy of the CDDL is also available via the Internet at
# http://www.illumos.org/license/CDDL.
#
[DEFAULT]
pre = setup
quiet = False
pre_user = root
user = root
timeout = 600
post_user = root
post = cleanup
failsafe_user = root
failsafe = callbacks/zfs_failsafe
outputdir = /var/tmp/test_results
tags = ['functional']
[tests/functional/cli_root/zfs_jail:FreeBSD]
tests = ['zfs_jail_001_pos']
tags = ['functional', 'cli_root', 'zfs_jail']

View File

@ -120,6 +120,9 @@ export SYSTEM_FILES_FREEBSD='chflags
fsck
getextattr
gpart
jail
jexec
jls
lsextattr
md5
mdconfig

View File

@ -15,6 +15,7 @@ SUBDIRS = \
zfs_get \
zfs_ids_to_path \
zfs_inherit \
zfs_jail \
zfs_load-key \
zfs_mount \
zfs_program \

View File

@ -0,0 +1,6 @@
pkgdatadir = $(datadir)/@PACKAGE@/zfs-tests/tests/functional/cli_root/zfs_jail
dist_pkgdata_SCRIPTS = \
setup.ksh \
cleanup.ksh \
jail.conf \
zfs_jail_001_pos.ksh

View File

@ -0,0 +1,30 @@
#!/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
. $STF_SUITE/include/libtest.shlib
default_cleanup

View File

@ -0,0 +1,9 @@
testjail {
allow.mount.zfs;
allow.mount;
devfs_ruleset = 4;
enforce_statfs = 0;
mount.devfs;
path = "/";
persist;
}

View File

@ -0,0 +1,32 @@
#!/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
. $STF_SUITE/include/libtest.shlib
DISK=${DISKS%% *}
default_setup $DISK

View File

@ -0,0 +1,84 @@
#!/bin/ksh -p
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2020 iXsystems, Inc.
#
. $STF_SUITE/include/libtest.shlib
#
# DESCRIPTION:
# Test basic functionality of `zfs jail` and `zfs unjail`.
#
# STRATEGY:
# 1. Create a jail.
# 2. Perform some basic ZFS operations on a dataset both in the host and
# in the jail to confirm the dataset is functional in the host
# and hidden in in the jail.
# 3. Run `zfs jail` to expose the dataset in the jail.
# 4. Perform some basic ZFS operations on the dataset both in the host and
# in the jail to confirm the dataset is functional in the jail and host.
# 5. Run `zfs unjail` to return the dataset to the host.
# 6. Perform some basic ZFS operations on the dataset both in the host and
# in the jail to confirm the dataset is functional in the host
# and hidden in in the jail.
#
verify_runnable "global"
JAIL="testjail"
JAIL_CONF="$STF_SUITE/tests/functional/cli_root/zfs_jail/jail.conf"
function cleanup
{
if jls -j $JAIL name >/dev/null 2>&1; then
jail -r -f $JAIL_CONF $JAIL
fi
}
log_onexit cleanup
log_assert "Verify that a dataset can be jailed and unjailed."
# 1. Create a jail.
log_must jail -c -f $JAIL_CONF $JAIL
# 2. Try some basic ZFS operations.
log_must zfs list $TESTPOOL
log_mustnot jexec $JAIL zfs list $TESTPOOL
# 3. Jail the dataset.
log_must zfs jail $JAIL $TESTPOOL
# 4. Try some basic ZFS operations.
log_must zfs list $TESTPOOL
log_must jexec $JAIL zfs list $TESTPOOL
# 5. Unjail the dataset.
log_must zfs unjail $JAIL $TESTPOOL
# 6. Try some basic ZFS operations.
log_must zfs list $TESTPOOL
log_mustnot jexec $JAIL zfs list $TESTPOOL
log_pass "Datasets can be jailed and unjailed."