diff options
author | erdgeist <erdgeist@erdgeist.org> | 2006-05-03 16:01:41 +0000 |
---|---|---|
committer | erdgeist <erdgeist@erdgeist.org> | 2006-05-03 16:01:41 +0000 |
commit | 96700dbb845dfae4facc52e361c36d32adc3e9b3 (patch) | |
tree | 284785f5a9353b284c1bf05abc08875c6c8c4095 | |
parent | b5acbdb9036346482acbc32ded6dfb3774f38f8a (diff) |
Crypto image init-attach args converter introduced.
-rwxr-xr-x | ezjail-admin | 68 | ||||
-rwxr-xr-x | ezjail.sh | 13 |
2 files changed, 66 insertions, 15 deletions
diff --git a/ezjail-admin b/ezjail-admin index 5e30c9f..2c6e7ee 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
@@ -43,7 +43,7 @@ detach_images () { | |||
43 | umount ${ezjail_rootdir} > /dev/null | 43 | umount ${ezjail_rootdir} > /dev/null |
44 | case ${ezjail_imagetype} in | 44 | case ${ezjail_imagetype} in |
45 | bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;; | 45 | bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;; |
46 | eli) geil detach /dev/${ezjail_imagedevice} > /dev/null;; | 46 | eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;; |
47 | esac | 47 | esac |
48 | mdconfig -d -u ${ezjail_imagedevice} > /dev/null | 48 | mdconfig -d -u ${ezjail_imagedevice} > /dev/null |
49 | [ "$1" = "success" ] || rm -f ${ezjail_image} | 49 | [ "$1" = "success" ] || rm -f ${ezjail_image} |
@@ -139,7 +139,7 @@ case "$1" in | |||
139 | ######################## ezjail-admin CREATE ######################## | 139 | ######################## ezjail-admin CREATE ######################## |
140 | create) | 140 | create) |
141 | # Clean variables, prevent polution | 141 | # Clean variables, prevent polution |
142 | unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config | 142 | unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams |
143 | ezjail_fillme="YES" | 143 | ezjail_fillme="YES" |
144 | 144 | ||
145 | shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in | 145 | shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in |
@@ -246,16 +246,24 @@ create) | |||
246 | [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')" | 246 | [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')" |
247 | 247 | ||
248 | case "${ezjail_imagetype}" in | 248 | case "${ezjail_imagetype}" in |
249 | bde) | 249 | bde|eli) |
250 | # Initialise crypto image | 250 | # parse imageparams, generate attachparams |
251 | echo "Initialising crypto device. Enter a new passphrase twice..." | 251 | if [ -n "${ezjail_imageparams}" ] ; then |
252 | gbde init /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not initialise crypto image." | 252 | ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh ` |
253 | 253 | [ 0 -eq $? ] || exerr "processing of ezjail_imageparams failed" | |
254 | echo "Attaching crypto device. Enter the passphrase..." | 254 | fi |
255 | gbde attach /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not attach crypto image." | 255 | case "${ezjail_imagetype}" in |
256 | ezjail_device=${ezjail_imagedevice}.bde | 256 | bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}" |
257 | ;; | 257 | attach_cmd="gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams}";; |
258 | eli) | 258 | eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}" |
259 | attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";; | ||
260 | esac | ||
261 | echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)" | ||
262 | ( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image." | ||
263 | |||
264 | echo "Attaching crypto device. Enter the passphrase... (if necessary)" | ||
265 | ( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image." | ||
266 | ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype} | ||
259 | ;; | 267 | ;; |
260 | simple) | 268 | simple) |
261 | ezjail_device=${ezjail_imagedevice} | 269 | ezjail_device=${ezjail_imagedevice} |
@@ -306,6 +314,7 @@ create) | |||
306 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config} | 314 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config} |
307 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config} | 315 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config} |
308 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config} | 316 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config} |
317 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config} | ||
309 | 318 | ||
310 | # Final steps for flavour installation | 319 | # Final steps for flavour installation |
311 | if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then | 320 | if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then |
@@ -545,6 +554,41 @@ config) | |||
545 | esac | 554 | esac |
546 | 555 | ||
547 | ;; | 556 | ;; |
557 | |||
558 | ############################################################################## | ||
559 | # ezjail_imageparams HACK starts here | ||
560 | # | ||
561 | # | ||
562 | _parse_geli_attach_args_) | ||
563 | # create geli(8) attach arguments from geli(8) init arguments: | ||
564 | # -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present, | ||
565 | # everything else is dicarded | ||
566 | shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in | ||
567 | b|v|a|i|l|s);; # ignore these | ||
568 | P) echo -n "-p ";; | ||
569 | K) echo -n "-k '$OPTARG' ";; | ||
570 | ?) exit 11;; | ||
571 | esac; done | ||
572 | exit 0 | ||
573 | ;; | ||
574 | _parse_gbde_attach_args_) | ||
575 | # create gbde(8) attach arguments from gbde(8) init arguments: | ||
576 | # -L lockfile becomes -l lockfile if present | ||
577 | # -K keyfile becomes -k keyfile if present | ||
578 | # -P passphrase becomes -p passphrase if present | ||
579 | # everything else is discarded | ||
580 | shift; while getopts :iK:f:L:P: arg; do case ${arg} in | ||
581 | i|f);; # ignore these | ||
582 | P) echo -n "-p '$OPTARG' ";; | ||
583 | K) echo -n "-k '$OPTARG' ";; | ||
584 | L) echo -n "-l '$OPTARG' ";; | ||
585 | ?) exit 11;; | ||
586 | esac; done | ||
587 | exit 0 | ||
588 | ;; | ||
589 | # | ||
590 | # ezjail_imageparams HACK ends here (thank god) | ||
591 | ############################################################################## | ||
548 | *) | 592 | *) |
549 | exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}" | 593 | exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}" |
550 | ;; | 594 | ;; |
@@ -60,6 +60,7 @@ do_cmd() | |||
60 | eval ezjail_root=\"\$jail_${ezjail}_rootdir\" | 60 | eval ezjail_root=\"\$jail_${ezjail}_rootdir\" |
61 | eval ezjail_image=\"\$jail_${ezjail}_image\" | 61 | eval ezjail_image=\"\$jail_${ezjail}_image\" |
62 | eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" | 62 | eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" |
63 | eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\" | ||
63 | 64 | ||
64 | # Cannot auto mount crypto jails without interrupting boot process | 65 | # Cannot auto mount crypto jails without interrupting boot process |
65 | [ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue | 66 | [ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue |
@@ -95,12 +96,15 @@ attach_detach_pre () | |||
95 | case ${ezjail_imagetype} in | 96 | case ${ezjail_imagetype} in |
96 | crypto|bde) | 97 | crypto|bde) |
97 | echo "Attaching gbde device for image jail ${ezjail}..." | 98 | echo "Attaching gbde device for image jail ${ezjail}..." |
98 | gbde attach /dev/${ezjail_device} | 99 | echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh |
99 | |||
100 | # Device to mount is not md anymore | 100 | # Device to mount is not md anymore |
101 | ezjail_device=${ezjail_device}.bde | 101 | ezjail_device=${ezjail_device}.bde |
102 | ;; | 102 | ;; |
103 | eli) | 103 | eli) |
104 | echo "Attaching gbde device for image jail ${ezjail}..." | ||
105 | echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh | ||
106 | # Device to mount is not md anymore | ||
107 | ezjail_device=${ezjail_device}.eli | ||
104 | ;; | 108 | ;; |
105 | esac | 109 | esac |
106 | 110 | ||
@@ -115,7 +119,10 @@ attach_detach_pre () | |||
115 | ezjail_device=`stat -f "%Y" ${ezjail_root}.device` | 119 | ezjail_device=`stat -f "%Y" ${ezjail_root}.device` |
116 | 120 | ||
117 | # Add this device to the list of devices to be unmounted | 121 | # Add this device to the list of devices to be unmounted |
118 | ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" | 122 | case ${ezjail_imagetype} in |
123 | crypto|bde) ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" ;; | ||
124 | eli) ezjail_mds="${ezjail_mds} ${ezjail_device%.eli}" ;; | ||
125 | esac | ||
119 | 126 | ||
120 | # Remove soft link (which acts as a lock) | 127 | # Remove soft link (which acts as a lock) |
121 | rm -f ${ezjail_root}.device | 128 | rm -f ${ezjail_root}.device |