diff options
-rw-r--r-- | ezjail-config.sh | 59 | ||||
-rw-r--r-- | ezjail.template | 8 |
2 files changed, 45 insertions, 22 deletions
diff --git a/ezjail-config.sh b/ezjail-config.sh index 0b9d083..a84407c 100644 --- a/ezjail-config.sh +++ b/ezjail-config.sh | |||
@@ -1,14 +1,16 @@ | |||
1 | #!/bin/sh | 1 | #!/bin/sh |
2 | # | ||
3 | # BEFORE: rcconf | ||
2 | 4 | ||
3 | if [ -f /etc/ezjail.template ]; then | 5 | if [ -f /etc/ezjail.template ]; then |
4 | . /etc/ezjail.template | 6 | . /etc/ezjail.template |
5 | 7 | ||
6 | # we do need to install only once | 8 | # we do need to install only once |
7 | # rm /etc/ezjail.template | 9 | # rm -f /etc/ezjail.template |
8 | fi | 10 | fi |
9 | 11 | ||
10 | # set defaults | 12 | # set defaults |
11 | ezjail_template_root=${ezjail_template_root:-"/basejail/config/_JAILNAME_"} | 13 | ezjail_template_root=${ezjail_template_root:-"/basejail/config/default"} |
12 | ezjail_template_files=${ezjail_template_files:-""} | 14 | ezjail_template_files=${ezjail_template_files:-""} |
13 | ezjail_template_users=${ezjail_template_users:-""} | 15 | ezjail_template_users=${ezjail_template_users:-""} |
14 | ezjail_template_packages=${ezjail_template_packages:-""} | 16 | ezjail_template_packages=${ezjail_template_packages:-""} |
@@ -16,28 +18,49 @@ ezjail_template_packages=${ezjail_template_packages:-""} | |||
16 | # try to create users | 18 | # try to create users |
17 | for user in $ezjail_template_users; do | 19 | for user in $ezjail_template_users; do |
18 | TIFS=$IFS; IFS=:; set -- $user; IFS=$TIFS | 20 | TIFS=$IFS; IFS=:; set -- $user; IFS=$TIFS |
19 | if [ $# -eq 7 ]; then | ||
20 | name=$1; grouplist=$3; gidlist=$4 | ||
21 | 21 | ||
22 | [ $2 ] && uid="-u $2" || uid="" | 22 | if [ $# -eq 8 ]; then |
23 | [ $5 ] && pass=$5 || pass="*" | 23 | gc=1; name=$1; grouplist=$3; gidlist=$4; home=$7 |
24 | [ $6 ] && home=$6 | ||
25 | [ $7 ] && shell="-s $7" | ||
26 | 24 | ||
27 | [ x$6 = x${6#-} ] && mkhome="-r" || mkhome=""; home=${6#-} | 25 | [ $2 ] && uid="-u $2" || uid="" |
28 | [ $home ] && home="-h $home"; | 26 | [ $5 ] && comment="-c \"`echo $5 | tr _ ' '`\"" || comment="" |
27 | [ $6 ] && pass="$6" || pass="*" | ||
28 | [ $8 ] && shell="-s $8" || shell="" | ||
29 | 29 | ||
30 | [ "$home" = "${home#-}" ] && mkhome="-m" || mkhome="" | ||
31 | [ ${home#-} ] && home="-d ${home#-}" || home="" | ||
32 | |||
33 | # ensure all groups | ||
30 | if [ $grouplist ]; then | 34 | if [ $grouplist ]; then |
31 | gc=1 | 35 | for group in `echo $grouplist | tr "," " "`; do |
32 | for $group in `echo $grouplist | tr "," " "`; do | 36 | gid=`echo $gidlist | cut -d , -f $gc`; [ $gid ] && gid="-g $gid" |
33 | gid=`echo $gidlist | cut -d , -f $gc`; [ $gid ] && gid="-n $gid" | 37 | pw groupadd -n $group $gid |
34 | echo pw groupadd -n $group $gid | 38 | gc=$((1+$gc)) |
35 | gc=(($gc + 1)) | ||
36 | done | 39 | done |
37 | endif | ||
38 | if [ $name ]; then | ||
39 | echo pw useradd $name $uid $shell $home $grouplist | ||
40 | fi | 40 | fi |
41 | # create user | ||
42 | [ $grouplist ] && grouplist="-G $grouplist" | ||
43 | [ $name ] && echo "$pass" | pw useradd -n $name $uid $shell $mkhome $home $grouplist $comment -H 0 | ||
41 | fi | 44 | fi |
45 | done | ||
46 | |||
47 | # try to install files | ||
48 | cd $ezjail_template_root | ||
49 | for file in $ezjail_template_files; do | ||
50 | TIFS=$IFS; IFS=:; set -- $file; IFS=$TIFS | ||
42 | 51 | ||
52 | if [ $# -eq 3 -a "$3" ]; then | ||
53 | owner=$1; [ $2 ] && owner="$1:$2" | ||
54 | for file in $3; do | ||
55 | find ${file#/} | cpio -p -d / | ||
56 | chown -R $owner $file | ||
57 | done | ||
58 | fi | ||
43 | done | 59 | done |
60 | |||
61 | # finally install packages | ||
62 | [ -d /basejail/config/pkg ] && cd /basejail/config/pkg | ||
63 | [ $ezjail_template_packages ] && pkg_add $ezjail_template_packages | ||
64 | |||
65 | # Get rid off ourself | ||
66 | rm -f /etc/rc.d/ezjail-config.sh | ||
diff --git a/ezjail.template b/ezjail.template index 543b75e..2157961 100644 --- a/ezjail.template +++ b/ezjail.template | |||
@@ -4,13 +4,13 @@ | |||
4 | # ezjails jail init script tries to create the following users. Format is | 4 | # ezjails jail init script tries to create the following users. Format is |
5 | # as follows: | 5 | # as follows: |
6 | # | 6 | # |
7 | # username:<uid>:group[,group,...]:<gid[,gid,...]>:cryptpw:[-]homedir:shell | 7 | # username:uid:group[,group,..]:gid[,gid,..]:fullname:cryptpw:[-]homedir:shell |
8 | # | 8 | # |
9 | # Example: | 9 | # Example: |
10 | # | 10 | # |
11 | # ezjail_template_users='::heroes:1003::: \ | 11 | # ezjail_template_users='::heroes:1003:::: \ |
12 | # admin::wheel::$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ | 12 | # admin::wheel::"Admin User":$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ |
13 | # pgsql:1002:pgsql:1002::-/usr/local/psql:/bin/nologin' | 13 | # pgsql:1002:pgsql:1002:"PostGres"::-/usr/local/psql:/bin/nologin' |
14 | 14 | ||
15 | # ezjails init script tries to install all files listed here from the path | 15 | # ezjails init script tries to install all files listed here from the path |
16 | # specified in the ezjail_template_root variable root to the corresponding | 16 | # specified in the ezjail_template_root variable root to the corresponding |