Crypto image init-attach args converter introduced.

author: erdgeist <erdgeist@erdgeist.org> 2006-05-03 16:01:41 +0000
committer: erdgeist <erdgeist@erdgeist.org> 2006-05-03 16:01:41 +0000
commit: 96700dbb845dfae4facc52e361c36d32adc3e9b3 (patch)
tree: 284785f5a9353b284c1bf05abc08875c6c8c4095
parent: b5acbdb9036346482acbc32ded6dfb3774f38f8a (diff)
2 files changed, 66 insertions, 15 deletions
diff --git a/ezjail-admin b/ezjail-admin
index 5e30c9f..2c6e7ee 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -43,7 +43,7 @@ detach_images () {
    umount ${ezjail_rootdir} > /dev/null
    case ${ezjail_imagetype} in
      bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;;
-      eli) geil detach /dev/${ezjail_imagedevice} > /dev/null;;
+      eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;
    esac
    mdconfig -d -u ${ezjail_imagedevice} > /dev/null
    [ "$1" = "success" ] || rm -f ${ezjail_image}
@@ -139,7 +139,7 @@ case "$1" in
 ######################## ezjail-admin CREATE ########################
 create)
  # Clean variables, prevent polution
-  unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config
+  unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams
  ezjail_fillme="YES"
  shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in
@@ -246,16 +246,24 @@ create)
      [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')"
      case "${ezjail_imagetype}" in
-        bde)
+        bde|eli)
-          # Initialise crypto image
+          # parse imageparams, generate attachparams
-          echo "Initialising crypto device. Enter a new passphrase twice..."
+          if [ -n "${ezjail_imageparams}" ] ; then 
-          gbde init /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not initialise crypto image."
+            ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh `
+            [ 0 -eq $? ] ||  exerr "processing of ezjail_imageparams failed"
-          echo "Attaching crypto device. Enter the passphrase..."
+          fi  
-          gbde attach /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not attach crypto image."
+          case "${ezjail_imagetype}" in 
-          ezjail_device=${ezjail_imagedevice}.bde
+            bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}"
-        ;;
+                 attach_cmd="gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams}";;
-       eli)
+            eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}"
+                 attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";;
+          esac       
+          echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)"
+          ( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image."
+          echo "Attaching crypto device. Enter the passphrase... (if necessary)"
+          ( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image."
+          ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype}
        ;;
       simple)
        ezjail_device=${ezjail_imagedevice}
@@ -306,6 +314,7 @@ create)
  echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config}
  echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config}
  echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config}
+  echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config}
  # Final steps for flavour installation
  if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then
@@ -545,6 +554,41 @@ config)
  esac
  ;;
+##############################################################################
+# ezjail_imageparams HACK starts here
+#
+#  
+_parse_geli_attach_args_)
+  # create geli(8) attach arguments from geli(8) init arguments:
+  #    -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present, 
+  #    everything else is dicarded
+  shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in
+      b|v|a|i|l|s);; # ignore these
+      P) echo -n "-p ";;
+      K) echo -n "-k '$OPTARG' ";;
+      ?) exit 11;;
+  esac; done
+  exit 0
+  ;;
+_parse_gbde_attach_args_)
+  # create gbde(8) attach arguments from gbde(8) init arguments:
+  #   -L lockfile becomes -l lockfile if present
+  #   -K keyfile becomes -k keyfile if present
+  #   -P passphrase becomes -p passphrase if present
+  #   everything else is discarded
+  shift; while getopts :iK:f:L:P: arg; do case ${arg} in
+      i|f);; # ignore these
+      P) echo -n "-p '$OPTARG' ";;
+      K) echo -n "-k '$OPTARG' ";;
+      L) echo -n "-l '$OPTARG' ";;
+      ?) exit 11;;
+  esac; done
+  exit 0
+  ;;
+#
+# ezjail_imageparams HACK ends here (thank god)
+##############################################################################
 *)
  exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}"
  ;;
diff --git a/ezjail.sh b/ezjail.sh
index 49d915f..e461436 100755
--- a/ezjail.sh
+++ b/ezjail.sh
@@ -60,6 +60,7 @@ do_cmd()
    eval ezjail_root=\"\$jail_${ezjail}_rootdir\"
    eval ezjail_image=\"\$jail_${ezjail}_image\"
    eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
+    eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
    # Cannot auto mount crypto jails without interrupting boot process
    [ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue
@@ -95,12 +96,15 @@ attach_detach_pre ()
    case ${ezjail_imagetype} in
    crypto|bde)
      echo "Attaching gbde device for image jail ${ezjail}..."
-      gbde attach /dev/${ezjail_device}
+      echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh 
      # Device to mount is not md anymore
      ezjail_device=${ezjail_device}.bde
      ;;
    eli)
+      echo "Attaching gbde device for image jail ${ezjail}..."
+      echo geli attach  ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh 
+      # Device to mount is not md anymore
+      ezjail_device=${ezjail_device}.eli
      ;;
    esac
@@ -115,7 +119,10 @@ attach_detach_pre ()
    ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
    # Add this device to the list of devices to be unmounted
-    ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}"
+    case ${ezjail_imagetype} in
+      crypto|bde) ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" ;;
+      eli) ezjail_mds="${ezjail_mds} ${ezjail_device%.eli}" ;;
+    esac
    # Remove soft link (which acts as a lock)
    rm -f ${ezjail_root}.device
author	erdgeist <erdgeist@erdgeist.org>	2006-05-03 16:01:41 +0000
committer	erdgeist <erdgeist@erdgeist.org>	2006-05-03 16:01:41 +0000
commit	96700dbb845dfae4facc52e361c36d32adc3e9b3 (patch)
tree	284785f5a9353b284c1bf05abc08875c6c8c4095
parent	b5acbdb9036346482acbc32ded6dfb3774f38f8a (diff)

diff --git a/ezjail-admin b/ezjail-admin index 5e30c9f..2c6e7ee 100755 --- a/ezjail-admin +++ b/ezjail-admin
@@ -43,7 +43,7 @@ detach_images () {
43	umount ${ezjail_rootdir} > /dev/null	43	umount ${ezjail_rootdir} > /dev/null
44	case ${ezjail_imagetype} in	44	case ${ezjail_imagetype} in
45	bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;;	45	bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;;
46	eli) geil detach /dev/${ezjail_imagedevice} > /dev/null;;	46	eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;
47	esac	47	esac
48	mdconfig -d -u ${ezjail_imagedevice} > /dev/null	48	mdconfig -d -u ${ezjail_imagedevice} > /dev/null
49	[ "$1" = "success" ] \|\| rm -f ${ezjail_image}	49	[ "$1" = "success" ] \|\| rm -f ${ezjail_image}
@@ -139,7 +139,7 @@ case "$1" in
139	######################## ezjail-admin CREATE ########################	139	######################## ezjail-admin CREATE ########################
140	create)	140	create)
141	# Clean variables, prevent polution	141	# Clean variables, prevent polution
142	unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config	142	unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams
143	ezjail_fillme="YES"	143	ezjail_fillme="YES"
144		144
145	shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in	145	shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in
@@ -246,16 +246,24 @@ create)
246	[ $? = 0 ] \|\| detach_images \|\| exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')"	246	[ $? = 0 ] \|\| detach_images \|\| exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')"
247		247
248	case "${ezjail_imagetype}" in	248	case "${ezjail_imagetype}" in
249	bde)	249	bde\|eli)
250	# Initialise crypto image	250	# parse imageparams, generate attachparams
251	echo "Initialising crypto device. Enter a new passphrase twice..."	251	if [ -n "${ezjail_imageparams}" ] ; then
252	gbde init /dev/${ezjail_imagedevice} \|\| detach_images \|\| exerr "Error: Could not initialise crypto image."	252	ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} \| /bin/sh `
253		253	[ 0 -eq $? ] \|\| exerr "processing of ezjail_imageparams failed"
254	echo "Attaching crypto device. Enter the passphrase..."	254	fi
255	gbde attach /dev/${ezjail_imagedevice} \|\| detach_images \|\| exerr "Error: Could not attach crypto image."	255	case "${ezjail_imagetype}" in
256	ezjail_device=${ezjail_imagedevice}.bde	256	bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}"
257	;;	257	attach_cmd="gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams}";;
258	eli)	258	eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}"
		259	attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";;
		260	esac
		261	echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)"
		262	( echo ${init_cmd} \| /bin/sh ) \|\| detach_images \|\| exerr "Error: Could not initialise crypto image."
		263
		264	echo "Attaching crypto device. Enter the passphrase... (if necessary)"
		265	( echo ${attach_cmd} \| /bin/sh ) \|\| detach_images \|\| exerr "Error: Could not attach crypto image."
		266	ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype}
259	;;	267	;;
260	simple)	268	simple)
261	ezjail_device=${ezjail_imagedevice}	269	ezjail_device=${ezjail_imagedevice}
@@ -306,6 +314,7 @@ create)
306	echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config}	314	echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config}
307	echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config}	315	echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config}
308	echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config}	316	echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config}
		317	echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config}
309		318
310	# Final steps for flavour installation	319	# Final steps for flavour installation
311	if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then	320	if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then
@@ -545,6 +554,41 @@ config)
545	esac	554	esac
546		555
547	;;	556	;;
		557
		558	##############################################################################
		559	# ezjail_imageparams HACK starts here
		560	#
		561	#
		562	_parse_geli_attach_args_)
		563	# create geli(8) attach arguments from geli(8) init arguments:
		564	# -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present,
		565	# everything else is dicarded
		566	shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in
		567	b\|v\|a\|i\|l\|s);; # ignore these
		568	P) echo -n "-p ";;
		569	K) echo -n "-k '$OPTARG' ";;
		570	?) exit 11;;
		571	esac; done
		572	exit 0
		573	;;
		574	_parse_gbde_attach_args_)
		575	# create gbde(8) attach arguments from gbde(8) init arguments:
		576	# -L lockfile becomes -l lockfile if present
		577	# -K keyfile becomes -k keyfile if present
		578	# -P passphrase becomes -p passphrase if present
		579	# everything else is discarded
		580	shift; while getopts :iK:f:L:P: arg; do case ${arg} in
		581	i\|f);; # ignore these
		582	P) echo -n "-p '$OPTARG' ";;
		583	K) echo -n "-k '$OPTARG' ";;
		584	L) echo -n "-l '$OPTARG' ";;
		585	?) exit 11;;
		586	esac; done
		587	exit 0
		588	;;
		589	#
		590	# ezjail_imageparams HACK ends here (thank god)
		591	##############################################################################
548	*)	592	*)
549	exerr "Usage: `basename -- $0` [config\|create\|delete\|install\|list\|update] {params}"	593	exerr "Usage: `basename -- $0` [config\|create\|delete\|install\|list\|update] {params}"
550	;;	594	;;


diff --git a/ezjail.sh b/ezjail.sh index 49d915f..e461436 100755 --- a/ezjail.sh +++ b/ezjail.sh
@@ -60,6 +60,7 @@ do_cmd()
60	eval ezjail_root=\"\$jail_${ezjail}_rootdir\"	60	eval ezjail_root=\"\$jail_${ezjail}_rootdir\"
61	eval ezjail_image=\"\$jail_${ezjail}_image\"	61	eval ezjail_image=\"\$jail_${ezjail}_image\"
62	eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"	62	eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
		63	eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
63		64
64	# Cannot auto mount crypto jails without interrupting boot process	65	# Cannot auto mount crypto jails without interrupting boot process
65	[ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue	66	[ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue
@@ -95,12 +96,15 @@ attach_detach_pre ()
95	case ${ezjail_imagetype} in	96	case ${ezjail_imagetype} in
96	crypto\|bde)	97	crypto\|bde)
97	echo "Attaching gbde device for image jail ${ezjail}..."	98	echo "Attaching gbde device for image jail ${ezjail}..."
98	gbde attach /dev/${ezjail_device}	99	echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} \| /bin/sh
99
100	# Device to mount is not md anymore	100	# Device to mount is not md anymore
101	ezjail_device=${ezjail_device}.bde	101	ezjail_device=${ezjail_device}.bde
102	;;	102	;;
103	eli)	103	eli)
		104	echo "Attaching gbde device for image jail ${ezjail}..."
		105	echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} \| /bin/sh
		106	# Device to mount is not md anymore
		107	ezjail_device=${ezjail_device}.eli
104	;;	108	;;
105	esac	109	esac
106		110
@@ -115,7 +119,10 @@ attach_detach_pre ()
115	ezjail_device=`stat -f "%Y" ${ezjail_root}.device`	119	ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
116		120
117	# Add this device to the list of devices to be unmounted	121	# Add this device to the list of devices to be unmounted
118	ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}"	122	case ${ezjail_imagetype} in
		123	crypto\|bde) ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" ;;
		124	eli) ezjail_mds="${ezjail_mds} ${ezjail_device%.eli}" ;;
		125	esac
119		126
120	# Remove soft link (which acts as a lock)	127	# Remove soft link (which acts as a lock)
121	rm -f ${ezjail_root}.device	128	rm -f ${ezjail_root}.device