ifconfig: Enter jail as soon as possible

Some options (in particular, -g) are processed immediately upon being
parsed.  This will produce the wrong result in combination with -j since
we only attach to the jail after we're done parsing arguments.  Solve
this by attaching to the jail immediately when -j is encountered.  The
downside is that e.g. `ifconfig -j foo -j bar` would previously attach
to jail “bar”, whereas now it will attempt to attach to jail “foo”, and
if successful, attempt to attach to jail “bar” within jail “foo”.  This
may be considered a feature.

PR:		289134
MFC after:	1 week
Reviewed by:	zlei
Differential Revision:	https://reviews.freebsd.org/D52501

(cherry picked from commit 18fd1443d205aed6be22966125a4820f77571948)

sbin/ifconfig/ifconfig.8

@@ -28,7 +28,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd July 30, 2025
+.Dd September 12, 2025
 .Dt IFCONFIG 8
 .Os
 .Sh NAME
@@ -36,7 +36,7 @@
 .Nd configure network interface parameters
 .Sh SYNOPSIS
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Op Fl DkLmn
 .Op Fl f Ar type Ns Cm \&: Ns Ar format
 .Ar interface
@@ -50,11 +50,11 @@
 .Oc
 .Op Ar parameters
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Ar interface
 .Cm destroy
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Fl a
 .Op Fl dDkLmuv
 .Op Fl f Ar type Ns Cm \&: Ns Ar format
@@ -64,16 +64,16 @@
 .Nm
 .Fl C
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Fl g Ar groupname
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Fl l
 .Op Fl du
 .Op Fl g Ar groupname
 .Op Ar address_family
 .Nm
-.Op Fl j Ar jail
+.Op Fl j Ar jid
 .Op Fl dkLmuv
 .Op Fl f Ar type Ns Cm \&: Ns Ar format
 .Sh DESCRIPTION
@@ -257,22 +257,22 @@ Setting
 to
 .Cm all
 selects all interfaces.
-.It Fl j Ar jail
-Perform the actions inside the
-.Ar jail .
+.It Fl j Ar jid
+Perform the actions inside the jail specified by
+.Ar jid ,
+which may be either a jail name or a numeric jail ID.
 .Pp
 The
-.Cm ifconfig
-will first attach to the
-.Ar jail
-(by jail id or jail name) before performing the effects.
+.Nm
+utility will attach to the specified jail immediately upon
+encountering the option on the command line.
+The option may be specified multiple times to attach to a nested jail
+(jail within a jail).
 .Pp
-This allow network interfaces of
-.Ar jail
-to be configured even if the
-.Cm ifconfig
-binary is not available in
-.Ar jail .
+This makes it possible to configure network interfaces within a vnet
+jail even if the
+.Nm
+binary is not available inside the jail.
 .It Fl k
 Print keying information for the
 .Ar interface ,

sbin/ifconfig/ifconfig.c

@@ -472,6 +472,9 @@ args_parse(struct ifconfig_args *args, int argc, char *argv[])
 {
 	char options[1024];
 	struct option *p;
+#ifdef JAIL
+	int jid;
+#endif
 	int c;
 
 	/* Parse leading line options */
@@ -503,7 +506,11 @@ args_parse(struct ifconfig_args *args, int argc, char *argv[])
 #ifdef JAIL
 			if (optarg == NULL)
 				usage();
-			args->jail_name = optarg;
+			jid = jail_getid(optarg);
+			if (jid == -1)
+				Perror("jail not found");
+			if (jail_attach(jid) != 0)
+				Perror("cannot attach to jail");
 #else
 			Perror("not built with jail support");
 #endif
@@ -620,9 +627,6 @@ main(int ac, char *av[])
 {
 	char *envformat;
 	int flags;
-#ifdef JAIL
-	int jid;
-#endif
 	struct ifconfig_args _args = {};
 	struct ifconfig_args *args = &_args;
 
@@ -647,16 +651,6 @@ main(int ac, char *av[])
 
 	args_parse(args, ac, av);
 
-#ifdef JAIL
-	if (args->jail_name) {
-		jid = jail_getid(args->jail_name);
-		if (jid == -1)
-			Perror("jail not found");
-		if (jail_attach(jid) != 0)
-			Perror("cannot attach to jail");
-	}
-#endif
-
 	if (!args->all && !args->namesonly) {
 		/* not listing, need an argument */
 		args->ifname = args_pop(args);

sbin/ifconfig/ifconfig.h

@@ -248,7 +248,6 @@ struct ifconfig_args {
 	const char *matchgroup;		/* Group name to match */
 	const char *nogroup;		/* Group name to exclude */
 	const struct afswtch *afp;	/* AF we're operating on */
-	const char *jail_name;	/* Jail name or jail id specified */
 };
 
 struct option {