summaryrefslogtreecommitdiff
path: root/ezjail.sh
diff options
context:
space:
mode:
Diffstat (limited to 'ezjail.sh')
-rwxr-xr-xezjail.sh95
1 files changed, 86 insertions, 9 deletions
diff --git a/ezjail.sh b/ezjail.sh
index f278166..6fb45ab 100755
--- a/ezjail.sh
+++ b/ezjail.sh
@@ -14,7 +14,8 @@
14# Please do not change this file, configure in EZJAIL_PREFIX/etc/ezjail.conf 14# Please do not change this file, configure in EZJAIL_PREFIX/etc/ezjail.conf
15 15
16# ugly: this variable is set on port install time 16# ugly: this variable is set on port install time
17ezjail_prefix=EZJAIL_PREFIX 17#ezjail_prefix=EZJAIL_PREFIX
18ezjail_prefix=/usr/local
18 19
19. /etc/rc.subr 20. /etc/rc.subr
20 21
@@ -32,18 +33,94 @@ do_cmd()
32{ 33{
33 action=$1; message=$2; shift 2; 34 action=$1; message=$2; shift 2;
34 ezjail_list= 35 ezjail_list=
35 [ -n "$*" ] && ezjail_list=`echo -n $* | tr -c "[:alnum:] " _` || echo -n "${message##_}"
36 ezjail_list=${ezjail_list:-`ls ${ezjail_prefix}/etc/ezjail/`}
37 ezjail_pass= 36 ezjail_pass=
37 ezjail_mds=
38 ezjail_fromrc="YES"
39
40 # If a jail list is given on command line, process it
41 # If not, fetch it from our config directory
42 if [ -n "$*" ]; then
43 ezjail_list=`echo -n $* | tr -c "[:alnum:] " _`
44 ezjail_fromrc="NO"
45 else
46 ezjail_list=${ezjail_list:-`ls ${ezjail_prefix}/etc/ezjail/`}
47 echo -n "${message##_}"
48 fi
49
38 for ezjail in ${ezjail_list}; do 50 for ezjail in ${ezjail_list}; do
39 if [ -f ${ezjail_prefix}/etc/ezjail/${ezjail} ]; then 51 # If jail is temporary disabled (dot in name), skip it
40 . ${ezjail_prefix}/etc/ezjail/${ezjail} 52 [ ${ezjail%.*} = ${ezjail} ] || continue
41 ezjail_pass="${ezjail_pass} ${ezjail}" 53
42 else 54 # Check for jails config
43 echo " Warning: Jail ${ezjail} not found." 55 [ ! -r ${ezjail_prefix}/etc/ezjail/${ezjail} ] && echo " Warning: Jail ${ezjail} not found." && continue
44 fi 56
57 # Read config file
58 . ${ezjail_prefix}/etc/ezjail/${ezjail}
59
60 eval ezjail_root=\"\$jail_${ezjail}_rootdir\"
61 eval ezjail_image=\"\$jail_${ezjail}_image\"
62 eval ezjail_crypt=\"\$jail_${ezjail}_cryptimage\"
63
64 # Cannot auto mount crypto jails without interrupting boot process
65 [ "${ezjail_fromrc}" = "YES" -a "${ezjail_crypt}" = "YES" ] && continue
66
67 # Try to attach (crypto) devices
68 [ "${ezjail_image}" ] && attach_detach_pre
69
70 ezjail_pass="${ezjail_pass} ${ezjail}"
45 done 71 done
72
73 # Pass control to jail script which does the actual work
46 [ "${ezjail_pass}" ] && sh /etc/rc.d/jail one${action} ${ezjail_pass} 74 [ "${ezjail_pass}" ] && sh /etc/rc.d/jail one${action} ${ezjail_pass}
75
76 # Can only detach after unmounting (from fstab.JAILNAME in /etc/rc.d/jail)
77 attach_detach_post
78}
79
80attach_detach_pre ()
81{
82 if [ "${action}" = start ]; then
83 # If jail is running, do not mount devices, this is the same check as
84 # /etc/rc.d/jail does
85 [ -e /var/run/jail_${ezjail}.id ] && return
86
87 # Create a memory disc from jail image
88 ezjail_device=`mdconfig -a -t vnode -f ${ezjail_image}`
89
90 # If this is a crypto jail, try to mount it, remind user, which jail
91 # this is. In this case, the device to mount is
92 if [ "${ezjail_crypt}" = "YES" ]; then
93 echo "Attaching gbde device for image jail ${ezjail}..."
94 gbde attach /dev/${ezjail_device} -l ${ezjail_image%.img}.lock
95
96 # Device to mount is not md anymore
97 ezjail_device=${ezjail_device}.bde
98 fi
99
100 # relink image device
101 rm -f ${ezjail_root}.device
102 ln -s /dev/${ezjail_device} ${ezjail_root}.device
103 else
104 # If soft link to device is not set, we cannot unmount
105 [ -e ${ezjail_root}.device ] || return
106
107 # Fetch destination of soft link
108 ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
109
110 # Add this device to the list of devices to be unmounted
111 ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}"
112
113 # Remove soft link (which acts as a lock)
114 rm -f ${ezjail_root}.device
115 fi
116}
117
118attach_detach_post () {
119 # In case of a stop, unmount image devices after stopping jails
120 for md in ${ezjail_mds}; do
121 [ -e ${md}.bde ] && gbde detach ${md}
122 mdconfig -d -u ${md#/dev/}
123 done
47} 124}
48 125
49run_rc_command $* 126run_rc_command $*