diff options
| -rwxr-xr-x | examples/example/ezjail.flavour | 13 | ||||
| -rwxr-xr-x | ezjail-admin | 7 | ||||
| -rw-r--r-- | ezjail-config.sh | 26 |
3 files changed, 25 insertions, 21 deletions
diff --git a/examples/example/ezjail.flavour b/examples/example/ezjail.flavour index eee2a67..25ae08d 100755 --- a/examples/example/ezjail.flavour +++ b/examples/example/ezjail.flavour | |||
| @@ -17,15 +17,16 @@ | |||
| 17 | # admin::wheel::Admin=User:$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ | 17 | # admin::wheel::Admin=User:$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ |
| 18 | # pgsql:1002:pgsql:1002:Post=Gres::-/usr/local/psql:/bin/nologin' | 18 | # pgsql:1002:pgsql:1002:Post=Gres::-/usr/local/psql:/bin/nologin' |
| 19 | 19 | ||
| 20 | # ezjails init script tries to install all files listed here from the path | 20 | # ezjail-admin script installs all files found in FLAVOUR/root to the |
| 21 | # /config to the corresponding location inside the jail. Directories are being | 21 | # new jail's root |
| 22 | # copied recursively. | 22 | # |
| 23 | # Files or directories that should not belong to root:wheel will be | ||
| 24 | # chowned -R according to the following variable | ||
| 25 | # | ||
| 23 | # Format is as follows: | 26 | # Format is as follows: |
| 24 | # | 27 | # |
| 25 | # user:group:file(s) | 28 | # user:group:file(s) |
| 26 | # | 29 | # |
| 27 | # Example: | 30 | # Example: |
| 28 | # | 31 | # |
| 29 | # ezjail_flavour_files='root:wheel:/etc/*.conf \ | 32 | # ezjail_flavour_files='admin:wheel:/home/admin/' |
| 30 | # root:wheel:/etc/localtime \ | ||
| 31 | # admin:wheel:/home/admin/' | ||
diff --git a/ezjail-admin b/ezjail-admin index d7c8791..59d6ce9 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
| @@ -85,7 +85,6 @@ create) | |||
| 85 | # do some sanity checks on the selected flavour (if any) | 85 | # do some sanity checks on the selected flavour (if any) |
| 86 | if [ "${newjail_flavour}" ]; then | 86 | if [ "${newjail_flavour}" ]; then |
| 87 | [ -d ${ezjail_flavours}/${newjail_flavour}/ ] || exerr "Error: Flavour config directory ${ezjail_flavours}/${newjail_flavour} not found" | 87 | [ -d ${ezjail_flavours}/${newjail_flavour}/ ] || exerr "Error: Flavour config directory ${ezjail_flavours}/${newjail_flavour} not found" |
| 88 | [ -d ${ezjail_flavours}/${newjail_flavour}/ezjail.flavour ] || exerr "Error: Flavour config ${ezjail_flavours}/${newjail_flavour}/ezjail.flavour not found" | ||
| 89 | fi | 88 | fi |
| 90 | 89 | ||
| 91 | # now take a copy of our template jail | 90 | # now take a copy of our template jail |
| @@ -138,7 +137,11 @@ create) | |||
| 138 | 137 | ||
| 139 | # Final steps for flavour installation | 138 | # Final steps for flavour installation |
| 140 | if [ "${newjail_flavour}" ]; then | 139 | if [ "${newjail_flavour}" ]; then |
| 141 | cp -r -p ${ezjail_jaildir}/${newjail_flavour} ${newjail_root}/config | 140 | # install files, packages and config to new jail |
| 141 | # user creating, chown and package installation on jails startup | ||
| 142 | cd ${ezjail_jaildir}/${newjail_flavour} | ||
| 143 | find * | cpio -p -v ${newjail_root} > /dev/null | ||
| 144 | |||
| 142 | install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh | 145 | install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh |
| 143 | echo "Note: Shell scripts installed, flavourizing on jails first startup" | 146 | echo "Note: Shell scripts installed, flavourizing on jails first startup" |
| 144 | fi | 147 | fi |
diff --git a/ezjail-config.sh b/ezjail-config.sh index 19aa801..e7e9d9c 100644 --- a/ezjail-config.sh +++ b/ezjail-config.sh | |||
| @@ -1,18 +1,17 @@ | |||
| 1 | #!/bin/sh | 1 | #!/bin/sh |
| 2 | # | ||
| 3 | # BEFORE: rcconf | ||
| 4 | 2 | ||
| 5 | set -o noglob | 3 | set -o noglob |
| 6 | if [ -f /config/ezjail.flavour ]; then | 4 | if [ -f /ezjail.flavour ]; then |
| 7 | . /config/ezjail.flavour | 5 | . /ezjail.flavour |
| 8 | 6 | ||
| 9 | # we do need to install only once | 7 | # we do need to install only once delete here to avoid errors |
| 10 | rm -f /config/ezjail.flavour | 8 | # in this script to prevent jail startup forever |
| 9 | rm -f /ezjail.flavour | ||
| 11 | fi | 10 | fi |
| 12 | 11 | ||
| 13 | # set defaults | 12 | # set defaults |
| 14 | ezjail_flavour_files=${ezjail_flavour_files:-""} | ||
| 15 | ezjail_flavour_users=${ezjail_flavour_users:-""} | 13 | ezjail_flavour_users=${ezjail_flavour_users:-""} |
| 14 | ezjail_flavour_files=${ezjail_flavour_files:-""} | ||
| 16 | 15 | ||
| 17 | # try to create users | 16 | # try to create users |
| 18 | for user in $ezjail_flavour_users; do | 17 | for user in $ezjail_flavour_users; do |
| @@ -42,24 +41,25 @@ for user in $ezjail_flavour_users; do | |||
| 42 | fi | 41 | fi |
| 43 | done | 42 | done |
| 44 | 43 | ||
| 45 | # try to install files | 44 | # chmod all files not belonging to root |
| 46 | cd /config | ||
| 47 | for file in $ezjail_flavour_files; do | 45 | for file in $ezjail_flavour_files; do |
| 48 | TIFS=$IFS; IFS=:; set -- $file; IFS=$TIFS | 46 | TIFS=$IFS; IFS=:; set -- $file; IFS=$TIFS |
| 49 | set +o noglob | 47 | set +o noglob |
| 50 | if [ $# -eq 3 -a "$3" ]; then | 48 | if [ $# -eq 3 -a "$3" ]; then |
| 51 | owner=$1; [ $2 ] && owner="$1:$2" | 49 | owner=$1; [ $2 ] && owner="$1:$2" |
| 52 | for file in ./$3; do | 50 | for file in ./$3; do |
| 53 | find ${file} | cpio -p -d / | ||
| 54 | chown -R $owner /$file | 51 | chown -R $owner /$file |
| 55 | done | 52 | done |
| 56 | fi | 53 | fi |
| 57 | set -o noglob | 54 | set -o noglob |
| 58 | done | 55 | done |
| 59 | 56 | ||
| 60 | # finally install packages | 57 | # install packages |
| 61 | set -o noglob | 58 | set -o noglob |
| 62 | [ -d /config/pkg ] && cd /config/pkg && pkg_add * | 59 | [ -d /pkg ] && cd /pkg && pkg_add * |
| 60 | |||
| 61 | # source post install script | ||
| 62 | [ -d /ezjail.postinstall ] && . /ezjail.postinstall | ||
| 63 | 63 | ||
| 64 | # Get rid off ourself | 64 | # Get rid off ourself |
| 65 | rm -f /etc/rc.d/ezjail-config.sh | 65 | rm -rf /pkg /etc/rc.d/ezjail-config.sh /ezjail.postinstall |