diff options
| -rw-r--r-- | ezjail-config.sh | 59 | ||||
| -rw-r--r-- | ezjail.template | 8 |
2 files changed, 45 insertions, 22 deletions
diff --git a/ezjail-config.sh b/ezjail-config.sh index 0b9d083..a84407c 100644 --- a/ezjail-config.sh +++ b/ezjail-config.sh | |||
| @@ -1,14 +1,16 @@ | |||
| 1 | #!/bin/sh | 1 | #!/bin/sh |
| 2 | # | ||
| 3 | # BEFORE: rcconf | ||
| 2 | 4 | ||
| 3 | if [ -f /etc/ezjail.template ]; then | 5 | if [ -f /etc/ezjail.template ]; then |
| 4 | . /etc/ezjail.template | 6 | . /etc/ezjail.template |
| 5 | 7 | ||
| 6 | # we do need to install only once | 8 | # we do need to install only once |
| 7 | # rm /etc/ezjail.template | 9 | # rm -f /etc/ezjail.template |
| 8 | fi | 10 | fi |
| 9 | 11 | ||
| 10 | # set defaults | 12 | # set defaults |
| 11 | ezjail_template_root=${ezjail_template_root:-"/basejail/config/_JAILNAME_"} | 13 | ezjail_template_root=${ezjail_template_root:-"/basejail/config/default"} |
| 12 | ezjail_template_files=${ezjail_template_files:-""} | 14 | ezjail_template_files=${ezjail_template_files:-""} |
| 13 | ezjail_template_users=${ezjail_template_users:-""} | 15 | ezjail_template_users=${ezjail_template_users:-""} |
| 14 | ezjail_template_packages=${ezjail_template_packages:-""} | 16 | ezjail_template_packages=${ezjail_template_packages:-""} |
| @@ -16,28 +18,49 @@ ezjail_template_packages=${ezjail_template_packages:-""} | |||
| 16 | # try to create users | 18 | # try to create users |
| 17 | for user in $ezjail_template_users; do | 19 | for user in $ezjail_template_users; do |
| 18 | TIFS=$IFS; IFS=:; set -- $user; IFS=$TIFS | 20 | TIFS=$IFS; IFS=:; set -- $user; IFS=$TIFS |
| 19 | if [ $# -eq 7 ]; then | ||
| 20 | name=$1; grouplist=$3; gidlist=$4 | ||
| 21 | 21 | ||
| 22 | [ $2 ] && uid="-u $2" || uid="" | 22 | if [ $# -eq 8 ]; then |
| 23 | [ $5 ] && pass=$5 || pass="*" | 23 | gc=1; name=$1; grouplist=$3; gidlist=$4; home=$7 |
| 24 | [ $6 ] && home=$6 | ||
| 25 | [ $7 ] && shell="-s $7" | ||
| 26 | 24 | ||
| 27 | [ x$6 = x${6#-} ] && mkhome="-r" || mkhome=""; home=${6#-} | 25 | [ $2 ] && uid="-u $2" || uid="" |
| 28 | [ $home ] && home="-h $home"; | 26 | [ $5 ] && comment="-c \"`echo $5 | tr _ ' '`\"" || comment="" |
| 27 | [ $6 ] && pass="$6" || pass="*" | ||
| 28 | [ $8 ] && shell="-s $8" || shell="" | ||
| 29 | 29 | ||
| 30 | [ "$home" = "${home#-}" ] && mkhome="-m" || mkhome="" | ||
| 31 | [ ${home#-} ] && home="-d ${home#-}" || home="" | ||
| 32 | |||
| 33 | # ensure all groups | ||
| 30 | if [ $grouplist ]; then | 34 | if [ $grouplist ]; then |
| 31 | gc=1 | 35 | for group in `echo $grouplist | tr "," " "`; do |
| 32 | for $group in `echo $grouplist | tr "," " "`; do | 36 | gid=`echo $gidlist | cut -d , -f $gc`; [ $gid ] && gid="-g $gid" |
| 33 | gid=`echo $gidlist | cut -d , -f $gc`; [ $gid ] && gid="-n $gid" | 37 | pw groupadd -n $group $gid |
| 34 | echo pw groupadd -n $group $gid | 38 | gc=$((1+$gc)) |
| 35 | gc=(($gc + 1)) | ||
| 36 | done | 39 | done |
| 37 | endif | ||
| 38 | if [ $name ]; then | ||
| 39 | echo pw useradd $name $uid $shell $home $grouplist | ||
| 40 | fi | 40 | fi |
| 41 | # create user | ||
| 42 | [ $grouplist ] && grouplist="-G $grouplist" | ||
| 43 | [ $name ] && echo "$pass" | pw useradd -n $name $uid $shell $mkhome $home $grouplist $comment -H 0 | ||
| 41 | fi | 44 | fi |
| 45 | done | ||
| 46 | |||
| 47 | # try to install files | ||
| 48 | cd $ezjail_template_root | ||
| 49 | for file in $ezjail_template_files; do | ||
| 50 | TIFS=$IFS; IFS=:; set -- $file; IFS=$TIFS | ||
| 42 | 51 | ||
| 52 | if [ $# -eq 3 -a "$3" ]; then | ||
| 53 | owner=$1; [ $2 ] && owner="$1:$2" | ||
| 54 | for file in $3; do | ||
| 55 | find ${file#/} | cpio -p -d / | ||
| 56 | chown -R $owner $file | ||
| 57 | done | ||
| 58 | fi | ||
| 43 | done | 59 | done |
| 60 | |||
| 61 | # finally install packages | ||
| 62 | [ -d /basejail/config/pkg ] && cd /basejail/config/pkg | ||
| 63 | [ $ezjail_template_packages ] && pkg_add $ezjail_template_packages | ||
| 64 | |||
| 65 | # Get rid off ourself | ||
| 66 | rm -f /etc/rc.d/ezjail-config.sh | ||
diff --git a/ezjail.template b/ezjail.template index 543b75e..2157961 100644 --- a/ezjail.template +++ b/ezjail.template | |||
| @@ -4,13 +4,13 @@ | |||
| 4 | # ezjails jail init script tries to create the following users. Format is | 4 | # ezjails jail init script tries to create the following users. Format is |
| 5 | # as follows: | 5 | # as follows: |
| 6 | # | 6 | # |
| 7 | # username:<uid>:group[,group,...]:<gid[,gid,...]>:cryptpw:[-]homedir:shell | 7 | # username:uid:group[,group,..]:gid[,gid,..]:fullname:cryptpw:[-]homedir:shell |
| 8 | # | 8 | # |
| 9 | # Example: | 9 | # Example: |
| 10 | # | 10 | # |
| 11 | # ezjail_template_users='::heroes:1003::: \ | 11 | # ezjail_template_users='::heroes:1003:::: \ |
| 12 | # admin::wheel::$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ | 12 | # admin::wheel::"Admin User":$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ |
| 13 | # pgsql:1002:pgsql:1002::-/usr/local/psql:/bin/nologin' | 13 | # pgsql:1002:pgsql:1002:"PostGres"::-/usr/local/psql:/bin/nologin' |
| 14 | 14 | ||
| 15 | # ezjails init script tries to install all files listed here from the path | 15 | # ezjails init script tries to install all files listed here from the path |
| 16 | # specified in the ezjail_template_root variable root to the corresponding | 16 | # specified in the ezjail_template_root variable root to the corresponding |