1#!/bin/sh 2#- 3# Copyright (c) 2010-2012 Devin Teske 4# All rights reserved. 5# 6# Redistribution and use in source and binary forms, with or without 7# modification, are permitted provided that the following conditions 8# are met: 9# 1. Redistributions of source code must retain the above copyright 10# notice, this list of conditions and the following disclaimer. 11# 2. Redistributions in binary form must reproduce the above copyright 12# notice, this list of conditions and the following disclaimer in the 13# documentation and/or other materials provided with the distribution. 14# 15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE 17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25# SUCH DAMAGE. 26# 27# $FreeBSD$ 28# 29############################################################ INCLUDES 30 31BSDCFG_SHARE="/usr/share/bsdconfig" 32[ "$_COMMON_SUBR" ] || . $BSDCFG_SHARE/common.subr || exit 1 33[ "$_SYSRC_SUBR" ] || f_include $BSDCFG_SHARE/sysrc.subr 34 35############################################################ CONFIGURATION 36 37# 38# Default verbosity. 39# 40: ${SYSRC_VERBOSE:=} 41 42############################################################ GLOBALS 43 44# 45# Options 46# 47DELETE= 48DESCRIBE= 49IGNORE_UNKNOWNS= 50JAIL= 51QUIET= 52ROOTDIR= 53SHOW_ALL= 54SHOW_EQUALS= 55SHOW_FILE= 56SHOW_NAME=1 57SHOW_VALUE=1 58 59############################################################ FUNCTIONS 60 61# die [ $fmt [ $opts ... ]] 62# 63# Optionally print a message to stderr before exiting with failure status. 64# 65die() 66{ 67 local fmt="$1" 68 [ $# -gt 0 ] && shift 1 69 [ "$fmt" ] && f_err "$fmt\n" "$@" 70 71 exit $FAILURE 72} 73 74# usage 75# 76# Prints a short syntax statement and exits. 77# 78usage() 79{ 80 f_err "Usage: %s [OPTIONS] name[=value] ...\n" "$pgm" 81 f_err "Try \`%s --help' for more information.\n" "$pgm" 82 die 83} 84 85# help 86# 87# Prints a full syntax statement and exits. 88# 89help() 90{ 91 local optfmt="\t%-11s%s\n" 92 local envfmt="\t%-17s%s\n" 93 94 f_err "Usage: %s [OPTIONS] name[=value] ...\n" "$pgm" 95 96 f_err "OPTIONS:\n" 97 f_err "$optfmt" "-a" \ 98 "Dump a list of all non-default configuration variables." 99 f_err "$optfmt" "-A" \ 100 "Dump a list of all configuration variables (incl. defaults)." 101 f_err "$optfmt" "-d" \ 102 "Print a description of the given variable." 103 f_err "$optfmt" "-D" \ 104 "Show default value(s) only (this is the same as setting" 105 f_err "$optfmt" "" \ 106 "RC_CONFS to NULL or passing \`-f' with a NULL file-argument)." 107 f_err "$optfmt" "-e" \ 108 "Print query results as \`var=value' (useful for producing" 109 f_err "$optfmt" "" \ 110 "output to be fed back in). Ignored if \`-n' is specified." 111 f_err "$optfmt" "-f file" \ 112 "Operate on the specified file(s) instead of rc_conf_files." 113 f_err "$optfmt" "" \ 114 "Can be specified multiple times for additional files." 115 f_err "$optfmt" "-F" \ 116 "Show only the last rc.conf(5) file each directive is in." 117 f_err "$optfmt" "-h" \ 118 "Print a short usage statement to stderr and exit." 119 f_err "$optfmt" "--help" \ 120 "Print this message to stderr and exit." 121 f_err "$optfmt" "-i" \ 122 "Ignore unknown variables." 123 f_err "$optfmt" "-j jail" \ 124 "The jid or name of the jail to operate within (overrides" 125 f_err "$optfmt" "" \ 126 "\`-R dir'; requires jexec(8))." 127 f_err "$optfmt" "-n" \ 128 "Show only variable values, not their names." 129 f_err "$optfmt" "-N" \ 130 "Show only variable names, not their values." 131 f_err "$optfmt" "-q" \ 132 "Quiet. Ignore previous \`-v' and/or SYSRC_VERBOSE." 133 f_err "$optfmt" "-R dir" \ 134 "Operate within the root directory \`dir' rather than \`/'." 135 f_err "$optfmt" "-v" \ 136 "Verbose. Print the pathname of the specific rc.conf(5)" 137 f_err "$optfmt" "" \ 138 "file where the directive was found." 139 f_err "$optfmt" "-x" \ 140 "Remove variable(s) from specified file(s)." 141 f_err "\n" 142 143 f_err "ENVIRONMENT:\n" 144 f_err "$envfmt" "RC_CONFS" \ 145 "Override default rc_conf_files (even if set to NULL)." 146 f_err "$envfmt" "RC_DEFAULTS" \ 147 "Location of \`/etc/defaults/rc.conf' file." 148 f_err "$envfmt" "SYSRC_VERBOSE" \ 149 "Default verbosity. Set to non-NULL to enable." 150 151 die 152} 153 154# jail_depend 155# 156# Dump dependencies such as language-file variables and include files to stdout 157# to be piped-into sh(1) running via jexec(8)/chroot(8). As a security measure, 158# this prevents existing language files and library files from being loaded in 159# the jail. This also relaxes the requirement to have these files in every jail 160# before sysrc can be used on said jail. 161# 162jail_depend() 163{ 164 # 165 # Indicate that we are jailed 166 # 167 echo export _SYSRC_JAILED=1 168 169 # 170 # Print i18n language variables (their current values are sanitized 171 # and re-printed for interpretation so that the i18n language files 172 # do not need to exist within the jail). 173 # 174 local var val 175 for var in \ 176 msg_cannot_create_permission_denied \ 177 msg_permission_denied \ 178 msg_previous_syntax_errors \ 179 ; do 180 val=$( eval echo \"\$$var\" | 181 awk '{ gsub(/'\''/, "'\''\\'\'\''"); print }' ) 182 echo $var="'$val'" 183 done 184 185 # 186 # Print include dependencies 187 # 188 cat $BSDCFG_SHARE/common.subr 189 cat $BSDCFG_SHARE/sysrc.subr 190} 191 192############################################################ MAIN SOURCE 193 194# 195# Perform sanity checks 196# 197[ $# -gt 0 ] || usage 198 199# 200# Check for `--help' command-line option 201# 202( # Operate in sub-shell to protect $@ in parent 203 while [ $# -gt 0 ]; do 204 case "$1" in 205 --help) exit 1;; 206 -[fRj]) # These flags take an argument 207 shift 1;; 208 esac 209 shift 1 210 done 211 exit 0 212) || help 213 214# 215# Process command-line flags 216# 217while getopts aAdDef:Fhij:nNqR:vxX flag; do 218 case "$flag" in 219 a) SHOW_ALL=${SHOW_ALL:-1};; 220 A) SHOW_ALL=2;; 221 d) DESCRIBE=1;; 222 D) RC_CONFS=;; 223 e) SHOW_EQUALS=1;; 224 f) RC_CONFS="$RC_CONFS${RC_CONFS:+ }$OPTARG";; 225 F) SHOW_FILE=1;; 226 h) usage;; 227 i) IGNORE_UNKNOWNS=1;; 228 j) [ "$OPTARG" ] || die \ 229 "%s: Missing or null argument to \`-j' flag" "$pgm" 230 JAIL="$OPTARG";; 231 n) SHOW_NAME=;; 232 N) SHOW_VALUE=;; 233 q) QUIET=1 SYSRC_VERBOSE=;; 234 R) [ "$OPTARG" ] || die \ 235 "%s: Missing or null argument to \`-R' flag" "$pgm" 236 ROOTDIR="$OPTARG";; 237 v) SYSRC_VERBOSE=1 QUIET=;; 238 x) DELETE=${DELETE:-1};; 239 X) DELETE=2;; 240 \?) usage;; 241 esac 242done 243shift $(( $OPTIND - 1 )) 244 245# 246# [More] Sanity checks (e.g., "sysrc --") 247# 248[ $# -eq 0 -a ! "$SHOW_ALL" ] && usage 249 250# 251# Taint-check all rc.conf(5) files 252# 253errmsg="$pgm: Exiting due to previous syntax errors" 254if [ "${RC_CONFS+set}" ]; then 255 ( for i in $RC_CONFS; do 256 [ -e "$i" ] || continue 257 /bin/sh -n "$i" || exit $FAILURE 258 done 259 exit $SUCCESS 260 ) || die "$errmsg" 261else 262 /bin/sh -n "$RC_DEFAULTS" || die "$errmsg" 263 ( . "$RC_DEFAULTS" 264 for i in $rc_conf_files; do 265 [ -e "$i" ] || continue 266 /bin/sh -n "$i" || exit $FAILURE 267 done 268 exit $SUCCESS 269 ) || die "$errmsg" 270fi 271 272# 273# Process `-x' (and secret `-X') command-line options 274# 275errmsg="$pgm: \`-x' option incompatible with \`-a'/\`-A' options" 276errmsg="$errmsg (use \`-X' to override)" 277if [ "$DELETE" -a "$SHOW_ALL" ]; then 278 [ "$DELETE" = "2" ] || die "$errmsg" 279fi 280 281# 282# Process `-e', `-n', and `-N' command-line options 283# 284SEP=': ' 285[ "$SHOW_EQUALS" ] && SEP='="' 286[ "$SHOW_NAME" ] || SHOW_EQUALS= 287[ "$SYSRC_VERBOSE" = "0" ] && SYSRC_VERBOSE= 288if [ ! "$SHOW_VALUE" ]; then 289 SHOW_NAME=1 290 SHOW_EQUALS= 291fi 292 293# 294# Process `-j jail' and `-R dir' command-line options 295# 296if [ "$JAIL" -o "$ROOTDIR" ]; then 297 # 298 # Reconstruct the arguments that we want to carry-over 299 # 300 args=" 301 ${SYSRC_VERBOSE:+-v} 302 ${QUIET:+-q} 303 $( [ "$DELETE" = "1" ] && echo \ -x ) 304 $( [ "$DELETE" = "2" ] && echo \ -X ) 305 $( [ "$SHOW_ALL" = "1" ] && echo \ -a ) 306 $( [ "$SHOW_ALL" = "2" ] && echo \ -A ) 307 ${DESCRIBE:+-d} 308 ${SHOW_EQUALS:+-e} 309 ${IGNORE_UNKNOWNS:+-i} 310 $( [ "$SHOW_NAME" ] || echo \ -n ) 311 $( [ "$SHOW_VALUE" ] || echo \ -N ) 312 $( [ "$SHOW_FILE" ] && echo \ -F ) 313 " 314 if [ "${RC_CONFS+set}" ]; then 315 args="$args -f '$RC_CONFS'" 316 fi 317 for arg in "$@"; do 318 args="$args '$arg'" 319 done 320 321 # 322 # If both are supplied, `-j jail' supercedes `-R dir' 323 # 324 if [ "$JAIL" ]; then 325 # 326 # Re-execute ourselves with sh(1) via jexec(8) 327 # 328 ( echo set -- $args 329 jail_depend 330 cat $0 331 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 332 /usr/sbin/jexec "$JAIL" /bin/sh 333 exit $? 334 elif [ "$ROOTDIR" ]; then 335 # 336 # Make sure that the root directory specified is not to any 337 # running jails. 338 # 339 # NOTE: To maintain backward compatibility with older jails on 340 # older systems, we will not perform this check if either the 341 # jls(1) or jexec(8) utilities are missing. 342 # 343 if f_have jexec && f_have jls; then 344 jid="`jls jid path | \ 345 ( 346 while read JID JROOT; do 347 [ "$JROOT" = "$ROOTDIR" ] || continue 348 echo $JID 349 done 350 )`" 351 352 # 353 # If multiple running jails match the specified root 354 # directory, exit with error. 355 # 356 if [ "$jid" -a "${jid%[$IFS]*}" != "$jid" ]; then 357 die "%s: %s: %s" "$pgm" "$ROOTDIR" \ 358 "$( echo "Multiple jails claim this" \ 359 "directory as their root." \ 360 "(use \`-j jail' instead)" )" 361 fi 362 363 # 364 # If only a single running jail matches the specified 365 # root directory, implicitly use `-j jail'. 366 # 367 if [ "$jid" ]; then 368 # 369 # Re-execute outselves with sh(1) via jexec(8) 370 # 371 ( echo set -- $args 372 jail_depend 373 cat $0 374 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 375 /usr/sbin/jexec "$jid" /bin/sh 376 exit $? 377 fi 378 379 # Otherwise, fall through and allow chroot(8) 380 fi 381 382 # 383 # Re-execute ourselves with sh(1) via chroot(8) 384 # 385 ( echo set -- $args 386 jail_depend 387 cat $0 388 ) | env - RC_DEFAULTS="$RC_DEFAULTS" \ 389 /usr/sbin/chroot "$ROOTDIR" /bin/sh 390 exit $? 391 fi 392fi 393 394# 395# Process `-a' or `-A' command-line options 396# 397if [ "$SHOW_ALL" ]; then 398 # 399 # Get a list of variables that are currently set in the rc.conf(5) 400 # files (included `/etc/defaults/rc.conf') by performing a call to 401 # source_rc_confs() in a clean environment. 402 # 403 ( # Operate in a sub-shell to protect the parent environment 404 # 405 # Set which variables we want to preserve in the environment. 406 # Append the pipe-character (|) to the list of internal field 407 # separation (IFS) characters, allowing us to use the below 408 # list both as an extended grep (-E) pattern and argument list 409 # (required to first get f_clean_env() to preserve these in the 410 # environment and then later to prune them from the list of 411 # variables produced by set(1)). 412 # 413 IFS="$IFS|" 414 EXCEPT="IFS|EXCEPT|PATH|RC_DEFAULTS|OPTIND|DESCRIBE|SEP" 415 EXCEPT="$EXCEPT|DELETE|SHOW_ALL|SHOW_EQUALS|SHOW_NAME" 416 EXCEPT="$EXCEPT|SHOW_VALUE|SHOW_FILE|SYSRC_VERBOSE|RC_CONFS" 417 EXCEPT="$EXCEPT|pgm|SUCCESS|FAILURE" 418 EXCEPT="$EXCEPT|f_sysrc_desc_awk|f_sysrc_delete_awk" 419 420 # 421 # Clean the environment (except for our required variables) 422 # and then source the required files. 423 # 424 f_clean_env --except $EXCEPT 425 if [ -f "$RC_DEFAULTS" -a -r "$RC_DEFAULTS" ]; then 426 . "$RC_DEFAULTS" 427 428 # 429 # If passed `-a' (rather than `-A'), re-purge the 430 # environment, removing the rc.conf(5) defaults. 431 # 432 [ "$SHOW_ALL" = "1" ] \ 433 && f_clean_env --except rc_conf_files $EXCEPT 434 435 # 436 # If `-f file' was passed, set $rc_conf_files to an 437 # explicit value, modifying the default behavior of 438 # source_rc_confs(). 439 # 440 [ "${RC_CONFS+set}" ] && rc_conf_files="$RC_CONFS" 441 442 source_rc_confs 443 444 # 445 # If passed `-a' (rather than `-A'), remove 446 # `rc_conf_files' unless it was defined somewhere 447 # other than rc.conf(5) defaults. 448 # 449 [ "$SHOW_ALL" = "1" -a \ 450 "$( f_sysrc_find rc_conf_files )" = "$RC_DEFAULTS" \ 451 ] \ 452 && unset rc_conf_files 453 fi 454 455 for NAME in $( set | 456 awk -F= '/^[[:alpha:]_][[:alnum:]_]*=/ {print $1}' | 457 grep -Ev "^($EXCEPT)$" 458 ); do 459 # 460 # If enabled, describe rather than expand value 461 # 462 if [ "$DESCRIBE" ]; then 463 echo "$NAME: $( f_sysrc_desc "$NAME" )" 464 continue 465 fi 466 467 # 468 # If `-F' is passed, find it and move on 469 # 470 if [ "$SHOW_FILE" ]; then 471 [ "$SHOW_NAME" ] && echo -n "$NAME: " 472 f_sysrc_find "$NAME" 473 continue 474 fi 475 476 # 477 # If `-X' is passed, delete the variables 478 # 479 if [ "$DELETE" = "2" ]; then 480 f_sysrc_delete "$NAME" 481 continue 482 fi 483 484 [ "$SYSRC_VERBOSE" ] && \ 485 echo -n "$( f_sysrc_find "$NAME" ): " 486 487 # 488 # If `-N' is passed, simplify the output 489 # 490 if [ ! "$SHOW_VALUE" ]; then 491 echo "$NAME" 492 continue 493 fi 494 495 echo "${SHOW_NAME:+$NAME$SEP}$( 496 f_sysrc_get "$NAME" )${SHOW_EQUALS:+\"}" 497 498 done 499 ) 500 501 # 502 # Ignore the remainder of positional arguments. 503 # 504 exit $SUCCESS 505fi 506 507# 508# Process command-line arguments 509# 510while [ $# -gt 0 ]; do 511 NAME="${1%%=*}" 512 513 [ "$DESCRIBE" ] && \ 514 echo "$NAME: $( f_sysrc_desc "$NAME" )" 515 516 case "$1" in 517 *=*) 518 # 519 # Like sysctl(8), if both `-d' AND "name=value" is passed, 520 # first describe, then attempt to set 521 # 522 523 if [ "$SYSRC_VERBOSE" ]; then 524 file=$( f_sysrc_find "$NAME" ) 525 [ "$file" = "$RC_DEFAULTS" -o ! "$file" ] && \ 526 file=$( f_sysrc_get 'rc_conf_files%%[$IFS]*' ) 527 echo -n "$file: " 528 fi 529 530 # 531 # If `-x' or `-X' is passed, delete the variable and ignore the 532 # desire to set some value 533 # 534 if [ "$DELETE" ]; then 535 f_sysrc_delete "$NAME" 536 shift 1 537 continue 538 fi 539 540 # 541 # If `-N' is passed, simplify the output 542 # 543 if [ ! "$SHOW_VALUE" ]; then 544 echo "$NAME" 545 f_sysrc_set "$NAME" "${1#*}" 546 else 547 if [ "$SHOW_FILE" ]; then 548 before=$( f_sysrc_find "$NAME" ) 549 else 550 before=$( f_sysrc_get "$NAME" ) 551 fi 552 if f_sysrc_set "$NAME" "${1#*=}"; then 553 if [ "$SHOW_FILE" ]; then 554 after=$( f_sysrc_find "$NAME" ) 555 echo -n "${SHOW_NAME:+$NAME$SEP}" 556 echo -n "$before${SHOW_EQUALS:+\"}" 557 echo " -> $after" 558 else 559 after=$( f_sysrc_get "$NAME" ) 560 echo -n "${SHOW_NAME:+$NAME$SEP}" 561 echo "$before -> $after" 562 fi 563 fi 564 fi 565 ;; 566 *) 567 if ! IGNORED="$( f_sysrc_get "$NAME?" )"; then 568 [ "$IGNORE_UNKNOWNS" ] \ 569 || echo "$pgm: unknown variable '$NAME'" 570 shift 1 571 continue 572 fi 573 574 # 575 # Like sysctl(8), when `-d' is passed, 576 # desribe it rather than expanding it 577 # 578 579 if [ "$DESCRIBE" ]; then 580 shift 1 581 continue 582 fi 583 584 # 585 # If `-x' or `-X' is passed, delete the variable 586 # 587 if [ "$DELETE" ]; then 588 f_sysrc_delete "$NAME" 589 shift 1 590 continue 591 fi 592 593 # 594 # If `-F' is passed, find it and move on 595 # 596 if [ "$SHOW_FILE" ]; then 597 [ "$SHOW_NAME" ] && echo -n "$NAME: " 598 f_sysrc_find "$NAME" 599 shift 1 600 continue 601 fi 602 603 [ "$SYSRC_VERBOSE" ] && \ 604 echo -n "$( f_sysrc_find "$NAME" ): " 605 606 # 607 # If `-N' is passed, simplify the output 608 # 609 if [ ! "$SHOW_VALUE" ]; then 610 echo "$NAME" 611 else 612 echo "${SHOW_NAME:+$NAME$SEP}$( 613 f_sysrc_get "$NAME" )${SHOW_EQUALS:+\"}" 614 fi 615 esac 616 shift 1 617done 618