summaryrefslogtreecommitdiff
path: root/ezjail-admin
diff options
context:
space:
mode:
authorerdgeist <erdgeist@erdgeist.org>2005-12-18 16:47:21 +0000
committererdgeist <erdgeist@erdgeist.org>2005-12-18 16:47:21 +0000
commit485fad901585be80d9f4c7a3fddb8a7d407b5a35 (patch)
tree094208bdd5afcf71271f52da76c03999b01b25c7 /ezjail-admin
parent980f41c3784ba5f643754ecaf5f0290d0ba2ddcb (diff)
Rethought flavours
Diffstat (limited to 'ezjail-admin')
-rwxr-xr-xezjail-admin57
1 files changed, 25 insertions, 32 deletions
diff --git a/ezjail-admin b/ezjail-admin
index 17adb60..d7c8791 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -4,6 +4,7 @@
4ezjail_prefix=EZJAIL_PREFIX 4ezjail_prefix=EZJAIL_PREFIX
5ezjail_etc=${ezjail_prefix}/etc 5ezjail_etc=${ezjail_prefix}/etc
6ezjail_share=${ezjail_prefix}/share/ezjail 6ezjail_share=${ezjail_prefix}/share/ezjail
7ezjail_examples=${ezjail_prefix}/share/examples/ezjail
7ezjail_jailcfgs=${ezjail_etc}/ezjail 8ezjail_jailcfgs=${ezjail_etc}/ezjail
8 9
9if [ -f ${ezjail_etc}/ezjail.conf ]; then 10if [ -f ${ezjail_etc}/ezjail.conf ]; then
@@ -15,6 +16,7 @@ ezjail_jaildir=${ezjail_jaildir:-"/usr/jails"}
15ezjail_jailtemplate=${ezjail_jailtemplate:-"$ezjail_jaildir/newjail"} 16ezjail_jailtemplate=${ezjail_jailtemplate:-"$ezjail_jaildir/newjail"}
16ezjail_jailbase=${ezjail_jailbase:-"$ezjail_jaildir/basejail"} 17ezjail_jailbase=${ezjail_jailbase:-"$ezjail_jaildir/basejail"}
17ezjail_jailfull=${ezjail_jailfull:-"$ezjail_jaildir/fulljail"} 18ezjail_jailfull=${ezjail_jailfull:-"$ezjail_jaildir/fulljail"}
19ezjail_flavours=${ezjail_flavours:-"$ezjail_jaildir/flavours"}
18ezjail_sourcetree=${ezjail_sourcetree:-"/usr/src"} 20ezjail_sourcetree=${ezjail_sourcetree:-"/usr/src"}
19 21
20ezjail_mount_enable=${ezjail_mount_enable:-"YES"} 22ezjail_mount_enable=${ezjail_mount_enable:-"YES"}
@@ -37,7 +39,6 @@ create)
37 39
38 newjail_root= 40 newjail_root=
39 newjail_flavour= 41 newjail_flavour=
40 newjail_flav=
41 newjail_softlink= 42 newjail_softlink=
42 newjail_fill="YES" 43 newjail_fill="YES"
43 44
@@ -82,20 +83,9 @@ create)
82 fi 83 fi
83 84
84 # do some sanity checks on the selected flavour (if any) 85 # do some sanity checks on the selected flavour (if any)
85 if [ "$newjail_flavour" ]; then 86 if [ "${newjail_flavour}" ]; then
86 # simple case wins, most often you won't have a ezjail.flavour.FLAV 87 [ -d ${ezjail_flavours}/${newjail_flavour}/ ] || exerr "Error: Flavour config directory ${ezjail_flavours}/${newjail_flavour} not found"
87 # AND a ./FLAV lying around. If you do, you won't need "./httpd" 88 [ -d ${ezjail_flavours}/${newjail_flavour}/ezjail.flavour ] || exerr "Error: Flavour config ${ezjail_flavours}/${newjail_flavour}/ezjail.flavour not found"
88 # but /ezjail_etc/ezjail.flavour.httpd, whatever ./httpd would be
89 # For now exit with error, maybe just warn later.
90 [ -f "$newjail_flavour" ] && newjail_flav=${newjail_flavour}
91 # if flavour contains a '/', it aint a short name
92 if [ ${newjail_flavour} = ${newjail_flavour%/*} -a \
93 -f ${ezjail_etc}/ezjail.flavour.${newjail_flavour} ]; then
94 [ "$newjail_flav" ] && exerr "Error: flavour ${newjail_flavour} conflicts with file ./${newjail_flavour}"
95 newjail_flav=${ezjail_etc}/ezjail.flavour.${newjail_flavour}
96 fi
97 # Flavour not found
98 [ "$newjail_flav" ] || exerr "Error: Flavour config file ${newjail_flavour} not found"
99 fi 89 fi
100 90
101 # now take a copy of our template jail 91 # now take a copy of our template jail
@@ -109,19 +99,19 @@ create)
109 99
110 # if the automount feature is not disabled, create an 100 # if the automount feature is not disabled, create an
111 # fstab entry for new jail 101 # fstab entry for new jail
112 echo $ezjail_jailbase $newjail_root/basejail nullfs ro 0 0 > /etc/fstab.$newjail_nname 102 echo $ezjail_jailbase $newjail_root/basejail nullfs ro 0 0 > /etc/fstab.$newjail_nname
113 103
114 # now, where everything seems to have gone right, 104 # now, where everything seems to have gone right,
115 # create control file in ezjails config dir 105 # create control file in ezjails config dir
116 mkdir -p $ezjail_jailcfgs 106 mkdir -p $ezjail_jailcfgs
117 echo export jail_${newjail_nname}_hostname=\"${newjail_name}\" > ${ezjail_jailcfgs}/${newjail_nname} 107 echo export jail_${newjail_nname}_hostname=\"${newjail_name}\" > ${ezjail_jailcfgs}/${newjail_nname}
118 echo export jail_${newjail_nname}_ip=\"${newjail_ip}\" >> ${ezjail_jailcfgs}/${newjail_nname} 108 echo export jail_${newjail_nname}_ip=\"${newjail_ip}\" >> ${ezjail_jailcfgs}/${newjail_nname}
119 echo export jail_${newjail_nname}_rootdir=\"${newjail_root}\" >> ${ezjail_jailcfgs}/${newjail_nname} 109 echo export jail_${newjail_nname}_rootdir=\"${newjail_root}\" >> ${ezjail_jailcfgs}/${newjail_nname}
120 echo export jail_${newjail_nname}_exec=\"/bin/sh /etc/rc\" >> ${ezjail_jailcfgs}/${newjail_nname} 110 echo export jail_${newjail_nname}_exec=\"/bin/sh /etc/rc\" >> ${ezjail_jailcfgs}/${newjail_nname}
121 echo export jail_${newjail_nname}_mount_enable=\"${ezjail_mount_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} 111 echo export jail_${newjail_nname}_mount_enable=\"${ezjail_mount_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
122 echo export jail_${newjail_nname}_devfs_enable=\"${ezjail_devfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} 112 echo export jail_${newjail_nname}_devfs_enable=\"${ezjail_devfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
123 echo export jail_${newjail_nname}_devfs_ruleset=\"devfsrules_jail\" >> ${ezjail_jailcfgs}/${newjail_nname} 113 echo export jail_${newjail_nname}_devfs_ruleset=\"devfsrules_jail\" >> ${ezjail_jailcfgs}/${newjail_nname}
124 echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} 114 echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
125 echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} 115 echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
126 116
127 # check, whether IP is configured on a local interface, warn if it isnt 117 # check, whether IP is configured on a local interface, warn if it isnt
@@ -133,29 +123,29 @@ create)
133 newjail_listener=`sockstat -4 -l | grep $newjail_ip:[[:digit:]]` 123 newjail_listener=`sockstat -4 -l | grep $newjail_ip:[[:digit:]]`
134 if [ $? = 0 ]; then 124 if [ $? = 0 ]; then
135 echo "Warning: Some services already seem to be listening on IP $newjail_ip" 125 echo "Warning: Some services already seem to be listening on IP $newjail_ip"
136 echo " This may cause some confusion, here they are:" 126 echo " This may cause some confusion, here they are:"
137 echo $newjail_listener 127 echo $newjail_listener
138 fi 128 fi
139 129
140 newjail_listener=`sockstat -4 -l | grep \*:[[:digit:]]` 130 newjail_listener=`sockstat -4 -l | grep \*:[[:digit:]]`
141 if [ $? = 0 ]; then 131 if [ $? = 0 ]; then
142 echo "Warning: Some services already seem to be listening on all IPs" 132 echo "Warning: Some services already seem to be listening on all IPs"
143 echo " (including $newjail_ip)" 133 echo " (including $newjail_ip)"
144 echo " This may cause some confusion, here they are:" 134 echo " This may cause some confusion, here they are:"
145 echo $newjail_listener 135 echo $newjail_listener
146 fi 136 fi
147 IFS=$TIFS 137 IFS=$TIFS
148 138
149 # Final steps for flavour installation 139 # Final steps for flavour installation
150 if [ "${newjail_flav}" ]; then 140 if [ "${newjail_flavour}" ]; then
151 install -o root -g wheel -m 0755 ${newjail_flav} ${newjail_root}/etc/ezjail.flavour 141 cp -r -p ${ezjail_jaildir}/${newjail_flavour} ${newjail_root}/config
152 install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh 142 install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh
153 echo "Note: Shell scripts installed, flavourizing on jails first startup" 143 echo "Note: Shell scripts installed, flavourizing on jails first startup"
154 fi 144 fi
155 145
156 ;; 146 ;;
157delete)
158######################## ezjail-admin DELETE ######################## 147######################## ezjail-admin DELETE ########################
148delete)
159 shift 149 shift
160 args=`getopt w $*` 150 args=`getopt w $*`
161 [ $? = 0 ] || exerr 'Usage: ezjail delete [-w] jailname'; 151 [ $? = 0 ] || exerr 'Usage: ezjail delete [-w] jailname';
@@ -207,8 +197,8 @@ delete)
207 [ $oldjail_wipe = "YES" ] && rm -rf $oldjail_rootdir 197 [ $oldjail_wipe = "YES" ] && rm -rf $oldjail_rootdir
208 198
209 ;; 199 ;;
210list)
211######################## ezjail-admin LIST ######################## 200######################## ezjail-admin LIST ########################
201 list)
212 jail_list=`ls $ezjail_jailcfgs` 202 jail_list=`ls $ezjail_jailcfgs`
213 for jail in $jail_list; do 203 for jail in $jail_list; do
214 . ${ezjail_jailcfgs}/$jail 204 . ${ezjail_jailcfgs}/$jail
@@ -219,8 +209,8 @@ list)
219 done 209 done
220 210
221 ;; 211 ;;
222setup|update)
223######################## ezjail-admin UPDATE ######################## 212######################## ezjail-admin UPDATE ########################
213setup|update)
224 shift 214 shift
225 args=`getopt is: $*` 215 args=`getopt is: $*`
226 [ $? = 0 ] || exerr 'Usage: ezjail update [-s sourcetree] [-i]' 216 [ $? = 0 ] || exerr 'Usage: ezjail update [-s sourcetree] [-i]'
@@ -269,6 +259,9 @@ setup|update)
269 fi 259 fi
270 mv ${ezjail_jailfull} ${ezjail_jailtemplate} 260 mv ${ezjail_jailfull} ${ezjail_jailtemplate}
271 261
262 # If the default flavour example has not yet been copied, do it now
263 [ -d ${ezjail_flavours}/default ] || cp -p -r ${ezjail_examples}/default ${ezjail_flavours}
264
272 ;; 265 ;;
273*) 266*)
274 exerr "Usage: `basename $0` [create|delete|list|update] {params}" 267 exerr "Usage: `basename $0` [create|delete|list|update] {params}"