summaryrefslogtreecommitdiff
path: root/ezjail-admin
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2006-05-15 20:15:18 +0000
committererdgeist <erdgeist@erdgeist.org>2006-05-15 20:15:18 +0000
commit26564f875883e981b9b7a3b74fa0a54acfe1b68d (patch)
treea0f1c154493a144a08d4ea55ced46df7f77e593d /ezjail-admin
parent43f3679ff52db9ee475ae25d3366a6ef3360ebda (diff)
simple jails are now initialised from /dev/zero
Diffstat (limited to 'ezjail-admin')
-rwxr-xr-xezjail-admin10
1 files changed, 7 insertions, 3 deletions
diff --git a/ezjail-admin b/ezjail-admin
index dbf44e6..04c3780 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -162,7 +162,7 @@ case "$1" in
162######################## ezjail-admin CREATE ######################## 162######################## ezjail-admin CREATE ########################
163create) 163create)
164 # Clean variables, prevent polution 164 # Clean variables, prevent polution
165 unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking 165 unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking ezjail_sourcedevice
166 shift; while getopts :f:r:s:xbic:C: arg; do case ${arg} in 166 shift; while getopts :f:r:s:xbic:C: arg; do case ${arg} in
167 x) ezjail_exists="YES";; 167 x) ezjail_exists="YES";;
168 r) ezjail_rootdir="${OPTARG}";; 168 r) ezjail_rootdir="${OPTARG}";;
@@ -250,6 +250,10 @@ create)
250 # Location of our image file 250 # Location of our image file
251 ezjail_image=${ezjail_image}.img 251 ezjail_image=${ezjail_image}.img
252 252
253 # Prepare crypto jail so that an attacker cannot guess which blocks
254 # have been written
255 case ${ezjail_imagetype} in crypto|bde|eli) ezjail_sourcedevice=/dev/random;; simple) ezjail_sourcedevice=/dev/zero;; esac
256
253 # If NOT exist, create image 257 # If NOT exist, create image
254 if [ -z "${ezjail_exists}" ]; then 258 if [ -z "${ezjail_exists}" ]; then
255 [ -e "${ezjail_image}" ] && exerr "Error: a file exists at the location ${ezjail_image}, preventing our own image file to be created." 259 [ -e "${ezjail_image}" ] && exerr "Error: a file exists at the location ${ezjail_image}, preventing our own image file to be created."
@@ -257,10 +261,10 @@ create)
257 # Now create jail disc image 261 # Now create jail disc image
258 touch "${ezjail_image}" 262 touch "${ezjail_image}"
259 if [ "${ezjail_imageblockcount}" -gt 0 ]; then 263 if [ "${ezjail_imageblockcount}" -gt 0 ]; then
260 dd if=/dev/random of="${ezjail_image}" bs=1m count=${ezjail_imageblockcount} || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}." 264 dd if=${ezjail_sourcedevice} of="${ezjail_image}" bs=1m count=${ezjail_imageblockcount} || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}."
261 fi 265 fi
262 if [ "${ezjail_imagerestbytes}" -gt 0 ]; then 266 if [ "${ezjail_imagerestbytes}" -gt 0 ]; then
263 ( dd if=/dev/random bs=${ezjail_imagerestbytes} count=1 >> "${ezjail_image}" ) || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}." 267 ( dd if=${ezjail_sourcedevice} bs=${ezjail_imagerestbytes} count=1 >> "${ezjail_image}" ) || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}."
264 fi 268 fi
265 269
266 # And attach device 270 # And attach device
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-27 01:20:27 +0000