summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2006-02-09 00:44:49 +0000
committererdgeist <erdgeist@erdgeist.org>2006-02-09 00:44:49 +0000
commitc270955ae0294666d25984244588456723579b38 (patch)
treee1d810b2fa734daf76aa39d6b0fb284cfba2a798
parentea7235c93e6bf0a241a6767301a7a2de4675d913 (diff)
Radical change of what an ezjail flavour is. The old way got me stuck.
-rwxr-xr-xexamples/example/ezjail.flavour74
-rwxr-xr-xezjail-admin7
-rw-r--r--ezjail-config.sh48
3 files changed, 58 insertions, 71 deletions
diff --git a/examples/example/ezjail.flavour b/examples/example/ezjail.flavour
index 6b33d11..c0e160f 100755
--- a/examples/example/ezjail.flavour
+++ b/examples/example/ezjail.flavour
@@ -1,29 +1,61 @@
1# ezjail flavour example 1#!/bin/sh
2# refer to ezjail-admin(1) for more information
3#
4# ezjails jail init script tries to create the following users. Format is
5# as follows:
6#
7# username:uid:group[,group,..]:gid[,gid,..]:comment:cryptpw:[-]homedir:shell
8#
9# Note: Since ' ' (space) does not survive shell expansion, still often is
10# useful in the comment field, '=' will be converted to ' '.
11# 2#
12# Note: Always use ''' (single ticks) to provide variables containing '$'s 3# ezjail flavour example
4
5# Hide
6######
13# 7#
14# Example: 8# Prevent this script from being called over and over
9# if something fails.
10
11rm -f /etc/rc.d/ezjail-config.sh /ezjail.flavour
12
13# Groups
14#########
15# 15#
16# ezjail_flavour_users='::heroes:1003:::: \ 16# You will probably start with some groups your users
17# admin::wheel::Admin=User:$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ 17# should be in
18# pgsql:1002:pgsql:1002:Post=Gres::-/usr/local/psql:/bin/nologin'
19 18
20# Files or directories that should not belong to root:wheel will be 19# pw groupadd -q -n coders # -g 1004
21# chowned -R according to the following variable 20# pw groupadd -q -n sales # -g 1005
21
22# Users
23########
22# 24#
23# Format is as follows: 25# You might want to add some users.
26# The password is to be provided in the encrypted form
27# as found in /etc/master.passwd
28# refer to pw(8) for more information
29
30# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
31# pw useradd -n admin -u 1001 -s /bin/sh -m -d$ /home/admin -G wheel -c 'Admin User' -H 0
32# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
33# pw useradd -n saag -u 1002 -s /bin/sh -m -d$ /home/saag -G coders -c 'Mutton Saag' -H 0
34# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
35# pw useradd -n mac -u 1002 -s /bin/sh -m -d$ /home/mac -G sales -c 'Big Mac' -H 0
36
37# Files
38########
24# 39#
25# user:group:file[:file...] 40# You can now give files to users just created
41
42# chown -R admin:coders /usr/local/cvsroot
43# chown -R admin:sales /usr/local/nfs/sales
44
45# Packages
46###########
26# 47#
27# Example: 48# Install all packages previously put to /pkg
49
50[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
51rm -rf /pkg
52
53# Postinstall
54#################
28# 55#
29# ezjail_flavour_files='admin:wheel:/home/admin/' 56# Your own stuff here, for example set login shells
57# that were only installed just before
58
59# chpass -s /usr/local/bin/bash admin
60# pkg_add -r pico
61# cd /usr/ports/sysutils/screen && make install
diff --git a/ezjail-admin b/ezjail-admin
index f629a73..cf3ddf9 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -130,8 +130,11 @@ create)
130 cd ${ezjail_flavours}/${newjail_flavour} 130 cd ${ezjail_flavours}/${newjail_flavour}
131 find * | cpio -p -v ${newjail_root} > /dev/null 131 find * | cpio -p -v ${newjail_root} > /dev/null
132 132
133 install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh 133 if [ -f ${ezjail_share}/ezjail.flavour ]; then
134 echo "Note: Shell scripts installed, flavourizing on jails first startup." 134 ln -s /ezjail.flavour ${newjail_root}/etc/rc.d/ezjail-config.sh
135 chmod 0700 ${newjail_root}/etc/rc.d/ezjail-config.sh
136 echo "Note: Shell scripts installed, flavourizing on jails first startup."
137 fi
135 fi 138 fi
136 139
137 # For user convenience, some scenarios commonly causing 140 # For user convenience, some scenarios commonly causing
diff --git a/ezjail-config.sh b/ezjail-config.sh
deleted file mode 100644
index 71080e2..0000000
--- a/ezjail-config.sh
+++ /dev/null
@@ -1,48 +0,0 @@
1#!/bin/sh
2
3set -o noglob
4if [ -f /ezjail.flavour ]; then
5 . /ezjail.flavour
6
7 # we do need to install only once delete here to avoid errors
8 # in this script to prevent jail startup forever
9 rm -f /ezjail.flavour
10fi
11
12# set defaults
13ezjail_flavour_users=${ezjail_flavour_users:-""}
14ezjail_flavour_files=${ezjail_flavour_files:-""}
15
16# try to create users, variables named after pw useradd params
17for user in ${ezjail_flavour_users}; do
18 TIFS=${IFS}; IFS=:; set -- ${user}; IFS=${TIFS}
19 if [ $# -eq 8 ]; then
20 u=${2:+-u$2}; G=$3; gs=$4; c=${5:+-c$5}; p=${6:-*}; d=${7#-}; m=${7%%[!-]*}; s=${8:+-s$8};
21
22 # ensure all groups
23 gc=1; for n in `echo -n ${G} | tr , ' '`; do
24 g=`echo -n ${gs} | cut -d , -f ${gc}`
25 pw groupadd -q -n ${n} ${g:+-g${g}}
26 gc=$((1+${gc}))
27 done
28
29 # create user
30 [ $1 ] && echo ${p} | pw useradd -n $1 ${u} ${s} ${m:+-m} ${d:+-d${d}} ${G:+-G${G}} "`echo -n ${c} | tr = ' '`" -H 0
31 fi
32done
33set +o noglob
34
35# chmod all files not belonging to root
36for file in ${ezjail_flavour_files}; do
37 TIFS=${IFS}; IFS=:; set -- ${file}; IFS=${TIFS}
38 [ $# -gt 2 ] && owner="$1:$2" && shift 2 && chown -R ${owner} $*
39done
40
41# install packages
42[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
43
44# source post install script
45[ -d /ezjail.postinstall ] && . /ezjail.postinstall
46
47# Get rid off ourself
48rm -rf /pkg /etc/rc.d/ezjail-config.sh /ezjail.postinstall