diff options
-rwxr-xr-x | ezjail-admin | 111 |
1 files changed, 106 insertions, 5 deletions
diff --git a/ezjail-admin b/ezjail-admin index c4c754a..655e939 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
@@ -38,7 +38,7 @@ ezjail_usage_install="Usage: ${ezjail_admin} install [-mps] [-h host] [-r releas | |||
38 | ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli] [-C args] jailname jailip" | 38 | ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli] [-C args] jailname jailip" |
39 | ezjail_usage_delete="Usage: ${ezjail_admin} delete [-w] jailname" | 39 | ezjail_usage_delete="Usage: ${ezjail_admin} delete [-w] jailname" |
40 | ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree] [-i] [-pP]" | 40 | ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree] [-i] [-pP]" |
41 | ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-i attach|detach] jailname" | 41 | ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [-i attach|detach] jailname" |
42 | ezjail_usage_list="Usage: ${ezjail_admin} list" | 42 | ezjail_usage_list="Usage: ${ezjail_admin} list" |
43 | 43 | ||
44 | ################################ | 44 | ################################ |
@@ -239,7 +239,7 @@ create) | |||
239 | 239 | ||
240 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com | 240 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com |
241 | # so check, whether we might be running into problems | 241 | # so check, whether we might be running into problems |
242 | [ -e ${ezjail_config} ] && exerr "Error: an ezjail config already exists at ${ezjail_config}. Please rename the ezjail." | 242 | [ -e ${ezjail_config} -o -e ${ezjail_config}.norun ] && exerr "Error: an ezjail config already exists at ${ezjail_config}. Please rename the ezjail." |
243 | 243 | ||
244 | # if jail root specified on command line is not absolute, make it absolute | 244 | # if jail root specified on command line is not absolute, make it absolute |
245 | # inside our jail directory | 245 | # inside our jail directory |
@@ -343,7 +343,7 @@ create) | |||
343 | # if the automount feature is not disabled, this fstab entry for new jail | 343 | # if the automount feature is not disabled, this fstab entry for new jail |
344 | # will be obeyed | 344 | # will be obeyed |
345 | echo -n > /etc/fstab.${ezjail_safename} | 345 | echo -n > /etc/fstab.${ezjail_safename} |
346 | [ "${ezjail_imagetype}" ] && \ | 346 | [ -n "${ezjail_imagetype}" ] && \ |
347 | echo ${ezjail_rootdir}.device ${ezjail_rootdir} ufs rw 0 0 >> /etc/fstab.${ezjail_safename} | 347 | echo ${ezjail_rootdir}.device ${ezjail_rootdir} ufs rw 0 0 >> /etc/fstab.${ezjail_safename} |
348 | echo ${ezjail_jailbase} ${ezjail_rootdir}/basejail nullfs ro 0 0 >> /etc/fstab.${ezjail_safename} | 348 | echo ${ezjail_jailbase} ${ezjail_rootdir}/basejail nullfs ro 0 0 >> /etc/fstab.${ezjail_safename} |
349 | 349 | ||
@@ -596,9 +596,10 @@ config) | |||
596 | # Clean variables, prevent polution | 596 | # Clean variables, prevent polution |
597 | unset ezjail_setrunnable ezjail_imageaction | 597 | unset ezjail_setrunnable ezjail_imageaction |
598 | 598 | ||
599 | shift; while getopts :r:i: arg; do case ${arg} in | 599 | shift; while getopts :r:i:n: arg; do case ${arg} in |
600 | i) ezjail_imageaction=${OPTARG};; | 600 | i) ezjail_imageaction=${OPTARG};; |
601 | r) ezjail_setrunnable=${OPTARG};; | 601 | r) ezjail_setrunnable=${OPTARG};; |
602 | n) ezjail_new_name=${OPTARG};; | ||
602 | ?) exerr ${ezjail_usage_config};; | 603 | ?) exerr ${ezjail_usage_config};; |
603 | esac; done; shift $(( ${OPTIND} - 1 )) | 604 | esac; done; shift $(( ${OPTIND} - 1 )) |
604 | 605 | ||
@@ -611,7 +612,107 @@ config) | |||
611 | [ -n "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." | 612 | [ -n "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." |
612 | 613 | ||
613 | # Nothing to be configured? | 614 | # Nothing to be configured? |
614 | [ -z "${ezjail_setrunnable}" -a -z "${ezjail_imageaction}" ] && echo "Warning: No config option specified." | 615 | [ -z "${ezjail_setrunnable}" -a -z "${ezjail_new_name}" -a -z "${ezjail_imageaction}" ] && echo "Warning: No config option specified." |
616 | |||
617 | # Do we want a new name for our jail? | ||
618 | if [ -n "${ezjail_new_name}" ]; then | ||
619 | # if jail is still running, refuse to go any further | ||
620 | [ -n "${ezjail_id}" ] && exerr "Error: Jail appears to be still running, stop it first." | ||
621 | |||
622 | # Cannot rename an attached jail | ||
623 | [ -n "${ezjail_attached}" ] && exerr "Error: Jail image file ${ezjail_image} is attached as ${ezjail_device}. '${ezjail_admin} config -i detach' it first." | ||
624 | |||
625 | # The new values for the jail | ||
626 | ezjail_new_hostname=`echo -n ${ezjail_new_name} | tr '/~' '__'` | ||
627 | ezjail_new_safename=`echo -n "${ezjail_new_name}" | tr -c '[:alnum:]' _` | ||
628 | ezjail_new_rootdir=`basename -- ${ezjail_rootdir}`/${ezjail_new_hostname} | ||
629 | ezjail_new_config=${ezjail_jailcfgs}/${ezjail_new_safename} | ||
630 | [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || ezjail_new_config=${ezjail_jailcfgs}/${ezjail_new_safename}.norun | ||
631 | ezjail_new_softlink=${ezjail_jaildir}/`basename -- ${ezjail_new_rootdir}` | ||
632 | |||
633 | # those are just copied | ||
634 | eval ezjail_new_ip=\"\$jail_${ezjail_safename}_ip\" | ||
635 | eval ezjail_new_exec=\"\$jail_${ezjail_safename}_exec\" | ||
636 | eval ezjail_new_mount_enable=\"\$jail_${ezjail_safename}_mount_enable\" | ||
637 | eval ezjail_new_devfs_enable=\"\$jail_${ezjail_safename}_devfs_enable\" | ||
638 | eval ezjail_new_devfs_ruleset=\"\$jail_${ezjail_safename}_devfs_ruleset\" | ||
639 | eval ezjail_new_procfs_enable=\"\$jail_${ezjail_safename}_devfs_enable\" | ||
640 | eval ezjail_new_fdescfs_enable=\"\$jail_${ezjail_safename}_fdescfs_enable\" | ||
641 | eval ezjail_new_attachparams=\"\$jail_${ezjail_safename}_attachparams\" | ||
642 | eval ezjail_new_attachblocking=\"\$jail_${ezjail_safename}_attachblocking\" | ||
643 | eval ezjail_new_forceblocking=\"\$jail_${ezjail_safename}_forceblocking\" | ||
644 | eval ezjail_new_imagetype=\"\$jail_${ezjail_safename}_imagetype\" | ||
645 | |||
646 | # This scenario really will only lead to real troubles in the 'fulljail' | ||
647 | # case, but I should still explain this to the user and not claim that | ||
648 | # "an ezjail would already exist" | ||
649 | case ${ezjail_new_hostname} in basejail|newjail|fulljail|flavours|ezjailtemp) exerr "Error: ezjail needs the ${ezjail_new_hostname} directory for its own administrative purposes. Please rename the ezjail.";; esac | ||
650 | |||
651 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com | ||
652 | # so check, whether we might be running into problems | ||
653 | [ -e ${ezjail_new_config} -o -e ${ezjail_new_config}.norun ] && exerr "Error: an ezjail config already exists at ${ezjail_new_config}. Please rename the ezjail." | ||
654 | |||
655 | # need to rename the image? | ||
656 | if [ -n "${ezjail_image}" ] | ||
657 | # Do we have an auto generated image name? | ||
658 | if [ "${ezjail_rootdir}.img" = "${ezjail_image}" ] | ||
659 | ezjail_newimage=${ezjail_newrootdir}.img} | ||
660 | mv ${ezjail_image} ${ezjail_new_image} | ||
661 | else | ||
662 | ezjail_new_image=${ezjail_image} | ||
663 | echo "Warning: Image file for jail ${ezjail_name} remains ${ezjail_image}, as it was not auto generated" | ||
664 | fi | ||
665 | else | ||
666 | unset ezjail_new_image | ||
667 | fi | ||
668 | |||
669 | # adjust softlink | ||
670 | if [ -L "${ezjail_softlink}" ]; then | ||
671 | rm ${ezjail_softlink} | ||
672 | ln -s ${ezjail_new_rootdir} ${ezjail_new_softlink} | ||
673 | fi | ||
674 | |||
675 | # rename rootdir | ||
676 | mv ${ezjail_rootdir} ${ezjail_new_rootdir} | ||
677 | |||
678 | # rename fstab | ||
679 | echo -n > /etc/fstab.${ezjail_new_safename} | ||
680 | [ -n "${ezjail_new_imagetype}" ] && \ | ||
681 | echo ${ezjail_new_rootdir}.device ${ezjail_new_rootdir} ufs rw 0 0 >> /etc/fstab.${ezjail_new_safename} | ||
682 | echo ${ezjail_jailbase} ${ezjail_new_rootdir}/basejail nullfs ro 0 0 >> /etc/fstab.${ezjail_new_safename} | ||
683 | rm /etc/fstab.${ezjail_safename} | ||
684 | |||
685 | # rename config file, preserve comments | ||
686 | ( | ||
687 | grep -e ^\# ${ezjail_config} | ||
688 | echo | ||
689 | echo export jail_${ezjail_new_safename}_hostname=\"${ezjail_new_hostname}\" | ||
690 | echo export jail_${ezjail_new_safename}_ip=\"${ezjail_new_ip}\" | ||
691 | echo export jail_${ezjail_new_safename}_rootdir=\"${ezjail_new_rootdir}\" | ||
692 | echo export jail_${ezjail_new_safename}_exec=\"${ezjail_new_exec}\" | ||
693 | echo export jail_${ezjail_new_safename}_mount_enable=\"${ezjail_new_mount_enable}\" | ||
694 | echo export jail_${ezjail_new_safename}_devfs_enable=\"${ezjail_new_devfs_enable}\" | ||
695 | echo export jail_${ezjail_new_safename}_devfs_ruleset=\"${ezjail_new_devfs_ruleset\" | ||
696 | echo export jail_${ezjail_new_safename}_procfs_enable=\"${ezjail_new_procfs_enable}\" | ||
697 | echo export jail_${ezjail_new_safename}_fdescfs_enable=\"${ezjail_new_fdescfs_enable}\" | ||
698 | echo export jail_${ezjail_new_safename}_image=\"${ezjail_new_image}\" | ||
699 | echo export jail_${ezjail_new_safename}_imagetype=\"${ezjail_new_imagetype}\" | ||
700 | echo export jail_${ezjail_new_safename}_attachparams=\"${ezjail_new_attachparams}\" | ||
701 | echo export jail_${ezjail_new_safename}_attachblocking=\"${ezjail_new_attachblocking}\" | ||
702 | echo export jail_${ezjail_new_safename}_forceblocking=\"${ezjail_new_forceblocking}\" | ||
703 | ) > ${ezjail_new_config} | ||
704 | |||
705 | # remove old config | ||
706 | rm ${ezjail_config} | ||
707 | |||
708 | # usually that doesnt go smoothly, but the user wanted it | ||
709 | # that way ;) | ||
710 | echo Jail has been renamed. You might want to check ${ezjail_new_config} and /etc/fstab.${ezjail_new_safename} to ensure everything has gone smoothly. | ||
711 | echo Also check settings in your Jail's /etc/ directory (especially /etc/rc.conf). | ||
712 | |||
713 | # reread config | ||
714 | fetchjailinfo ${ezjail_new_safename} | ||
715 | fi | ||
615 | 716 | ||
616 | case ${ezjail_setrunnable} in | 717 | case ${ezjail_setrunnable} in |
617 | run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun};; | 718 | run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun};; |