NAME
jexec —
execute a command inside an existing
jail
SYNOPSIS
jexec |
[-l] [-u
username | -U
username] jail
[command ...] |
DESCRIPTION
The jexec utility executes
command inside the jail
identified by its jid or name. If command is not
specified then the user's shell is used.
The following options are available:
-l- Execute in a clean environment. The environment is discarded except for
HOME,SHELL,TERM,USER, and anything from the login class capability database for the user.PATHis set to "/bin:/usr/bin". If a user is specified (via-uor-U), commands are run from that (possibly jailed) user's directory. -uusername- The user name from host environment as whom the command should run. This is the default.
-Uusername- The user name from jailed environment as whom the command should run.
EXAMPLES
Example 1: Open a shell in a jail
The following command specifies a jail by its name and utilizes the current user's shell:
# jexec nameIt is also possible to specify a jail by its jid:
# jexec JIDExample 2: Run a single command without opening a shell
The following command runs ‘uname
-a’ in a jail called “name”. Since a command is
specified explicitly, jexec does not spawn an
interactive shell. Instead, jexec executes the
specified command directly.
# jexec name uname -aExample 3: Open a shell in a jail with a clean environment
The following command opens a sh(1) shell in a jail with a clean environment:
# jexec -l name shExample 4: Open a shell in a jail with the login command
The following command utilizes login(1) to access the jail, submitting an audit record, and displaying the user's last login, system copyright, and motd(5) message:
# jexec -l name login -f
rootSEE ALSO
HISTORY
The jexec utility was added in
FreeBSD 5.1.
BUGS
If the jail is not identified by jid there is a possible race in between the lookup of the jail and executing the command inside the jail. Giving a jid has a similar race as another process can stop the jail and start another one after the user looked up the jid.