diff options
| author | Mark Johnston <markj@FreeBSD.org> | 2025-11-17 16:39:43 +0000 |
|---|---|---|
| committer | Mark Johnston <markj@FreeBSD.org> | 2025-11-18 16:24:20 +0000 |
| commit | 7861d051de2ea2f244bcf73111a04389dc5bcf51 (patch) | |
| tree | 8c513b7b5d7b07cf46b623906720e1a10b0beaf7 | |
| parent | 8f2f66b323ac3ea29ebedf12cad06fbbb76edd3c (diff) | |
rc.subr: Try to make svjc option handling a bit easier to read
Specifically, make this code fit in fewer columns:
- deindent cases to conform to the usual style,
- use a local variable to minimize duplication in each case.
No functional change intended.
Reviewed by: 0mp, netchild
MFC after: 2 weeks
Sponsored by: Klara, Inc.
Sponsored by: Modirum MDPay
Differential Revision: https://reviews.freebsd.org/D53754
| -rw-r--r-- | libexec/rc/rc.subr | 88 |
1 files changed, 47 insertions, 41 deletions
diff --git a/libexec/rc/rc.subr b/libexec/rc/rc.subr index e4ad14f582d6..4718123a71e9 100644 --- a/libexec/rc/rc.subr +++ b/libexec/rc/rc.subr @@ -1256,49 +1256,55 @@ run_rc_command() if [ -n "$_svcj_options" ]; then # translate service jail options _svcj_sysvipc_x=0 for _svcj_option in $_svcj_options; do + _opts= case "$_svcj_option" in - mlock) - _svcj_cmd_options="allow.mlock ${_svcj_cmd_options}" - ;; - netv4) - _svcj_cmd_options="${_svcj_ip4} allow.reserved_ports ${_svcj_cmd_options}" - ;; - netv6) - _svcj_cmd_options="${_svcj_ip6} allow.reserved_ports ${_svcj_cmd_options}" - ;; - net_basic) - _svcj_cmd_options="${_svcj_ip4} ${_svcj_ip6} allow.reserved_ports ${_svcj_cmd_options}" - ;; - net_raw) - _svcj_cmd_options="allow.raw_sockets ${_svcj_cmd_options}" - ;; - net_all) - _svcj_cmd_options="allow.socket_af allow.raw_sockets allow.reserved_ports ${_svcj_ip4} ${_svcj_ip6} ${_svcj_cmd_options}" - ;; - nfsd) - _svcj_cmd_options="allow.nfsd enforce_statfs=1 ${_svcj_cmd_options}" - ;; - routing) - _svcj_cmd_options="allow.routing ${_svcj_cmd_options}" - ;; - settime) - _svcj_cmd_options="allow.settime ${_svcj_cmd_options}" - ;; - sysvipc) - _svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1)) - _svcj_cmd_options="sysvmsg=inherit sysvsem=inherit sysvshm=inherit ${_svcj_cmd_options}" - ;; - sysvipcnew) - _svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1)) - _svcj_cmd_options="sysvmsg=new sysvsem=new sysvshm=new ${_svcj_cmd_options}" - ;; - vmm) - _svcj_cmd_options="allow.vmm ${_svcj_cmd_options}" - ;; - *) - echo ${name}: unknown service jail option: $_svcj_option - ;; + mlock) + _opts="allow.mlock" + ;; + netv4) + _opts="${_svcj_ip4} allow.reserved_ports" + ;; + netv6) + _opts="${_svcj_ip6} allow.reserved_ports" + ;; + net_basic) + _opts="${_svcj_ip4} ${_svcj_ip6}" + _opts="${_opts} allow.reserved_ports" + ;; + net_raw) + _opts="allow.raw_sockets" + ;; + net_all) + _opts="allow.socket_af" + _opts="${_opts} allow.raw_sockets" + _opts="${_opts} allow.reserved_ports" + _opts="${_opts} ${_svcj_ip4} ${_svcj_ip6}" + ;; + nfsd) + _opts="allow.nfsd enforce_statfs=1" + ;; + routing) + _opts="allow.routing" + ;; + settime) + _opts="allow.settime" + ;; + sysvipc) + _svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1)) + _opts="sysvmsg=inherit sysvsem=inherit sysvshm=inherit" + ;; + sysvipcnew) + _svcj_sysvipc_x=$((${_svcj_sysvipc_x} + 1)) + _opts="sysvmsg=new sysvsem=new sysvshm=new" + ;; + vmm) + _opts="allow.vmm" + ;; + *) + echo ${name}: unknown service jail option: $_svcj_option + ;; esac + _svcj_cmd_options="${_opts} ${_svcj_cmd_options}" done if [ ${_svcj_sysvipc_x} -gt 1 ]; then echo -n "ERROR: more than one sysvipc option is " |