diff options
-rwxr-xr-x | ezjail-admin | 139 |
1 files changed, 118 insertions, 21 deletions
diff --git a/ezjail-admin b/ezjail-admin index d4e2b64..5d5e0fd 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
@@ -65,7 +65,7 @@ fetchjailinfo () { | |||
65 | } | 65 | } |
66 | 66 | ||
67 | # check for command | 67 | # check for command |
68 | [ "$1" ] || exerr "Usage: `basename -- $0` [config|create|delete|list|update] {params}" | 68 | [ "$1" ] || exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}" |
69 | 69 | ||
70 | case "$1" in | 70 | case "$1" in |
71 | ######################## ezjail-admin CREATE ######################## | 71 | ######################## ezjail-admin CREATE ######################## |
@@ -95,7 +95,7 @@ create) | |||
95 | [ "${ezjail_name}" -a "${ezjail_ip}" -a $# = 2 ] || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-s size] [-xic] jailname jailip" | 95 | [ "${ezjail_name}" -a "${ezjail_ip}" -a $# = 2 ] || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-s size] [-xic] jailname jailip" |
96 | 96 | ||
97 | # check for sanity of settings concerning the image feature | 97 | # check for sanity of settings concerning the image feature |
98 | [ "${ezjail_imagetype}" -a "$ezjail_fillme" = "YES" -a ! "${ezjail_imagesize}" ] && exerr "Image jails need an image size." | 98 | [ "${ezjail_imagetype}" -a "${ezjail_fillme}" = "YES" -a ! "${ezjail_imagesize}" ] && exerr "Image jails need an image size." |
99 | 99 | ||
100 | # check, whether ezjail-update has been called. existence of | 100 | # check, whether ezjail-update has been called. existence of |
101 | # ezjail_jailbase is our indicator | 101 | # ezjail_jailbase is our indicator |
@@ -116,7 +116,7 @@ create) | |||
116 | # This scenario really will only lead to real troubles in the 'fulljail' | 116 | # This scenario really will only lead to real troubles in the 'fulljail' |
117 | # case, but I should still explain this to the user and not claim that | 117 | # case, but I should still explain this to the user and not claim that |
118 | # "an ezjail would already exist" | 118 | # "an ezjail would already exist" |
119 | [ "${ezjail_hostname}" = "basejail" -o "${ezjail_hostname}" = "newjail" -o "${ezjail_hostname}" = "fulljail" -o "${ezjail_hostname}" = "flavours" ] && \ | 119 | [ "${ezjail_hostname}" = "basejail" -o "${ezjail_hostname}" = "newjail" -o "${ezjail_hostname}" = "fulljail" -o "${ezjail_hostname}" = "flavours" -o "${ezjail_hostname}" = "ezjailtemp" ] && \ |
120 | exerr "Error: ezjail needs the ${ezjail_hostname} directory for its own administrative purposes. Please rename the ezjail." | 120 | exerr "Error: ezjail needs the ${ezjail_hostname} directory for its own administrative purposes. Please rename the ezjail." |
121 | 121 | ||
122 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com | 122 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com |
@@ -275,12 +275,12 @@ delete) | |||
275 | esac | 275 | esac |
276 | done | 276 | done |
277 | 277 | ||
278 | # we need name of jail to vanish | ||
279 | [ $# = 1 ] || exerr "Usage: `basename -- $0` delete [-w] jailname" | ||
280 | |||
278 | # Get all info we have on that jail | 281 | # Get all info we have on that jail |
279 | fetchjailinfo $1 | 282 | fetchjailinfo $1 |
280 | 283 | ||
281 | # we only need name of jail to vanish | ||
282 | [ "${ezjail_safename}" -a $# = 1 ] || exerr "Usage: `basename -- $0` delete [-w] jailname" | ||
283 | |||
284 | # check for existence of jail in our records | 284 | # check for existence of jail in our records |
285 | [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." | 285 | [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." |
286 | 286 | ||
@@ -289,8 +289,7 @@ delete) | |||
289 | 289 | ||
290 | # now we know everything we need to let the jail be gone remove entry | 290 | # now we know everything we need to let the jail be gone remove entry |
291 | # from ezjail resource structure, delete fstab.JAILNAME | 291 | # from ezjail resource structure, delete fstab.JAILNAME |
292 | rm -f ${ezjail_config} | 292 | rm -f ${ezjail_config} /etc/fstab.${ezjail_safename} |
293 | rm -f /etc/fstab.${ezjail_safename} | ||
294 | 293 | ||
295 | # if there is a soft link pointing to the jail root, remove it | 294 | # if there is a soft link pointing to the jail root, remove it |
296 | [ -L ${ezjail_softlink} ] && rm ${ezjail_softlink} | 295 | [ -L ${ezjail_softlink} ] && rm ${ezjail_softlink} |
@@ -311,7 +310,6 @@ list) | |||
311 | echo "--- ----- --------------- ---------------------------- -----------------------------" | 310 | echo "--- ----- --------------- ---------------------------- -----------------------------" |
312 | for ezjail in ${ezjail_list}; do | 311 | for ezjail in ${ezjail_list}; do |
313 | fetchjailinfo ${ezjail%.norun} | 312 | fetchjailinfo ${ezjail%.norun} |
314 | ezjail_id=`jls | grep " ${ezjail_hostname} " | head -n 1 | awk {'print $1'}` | ||
315 | ezjail_state="D" | 313 | ezjail_state="D" |
316 | [ "${ezjail_imagetype}" = "simple" ] && ezjail_state="I" | 314 | [ "${ezjail_imagetype}" = "simple" ] && ezjail_state="I" |
317 | [ "${ezjail_imagetype}" = "crypto" ] && ezjail_state="C" | 315 | [ "${ezjail_imagetype}" = "crypto" ] && ezjail_state="C" |
@@ -327,21 +325,23 @@ setup|update) | |||
327 | shift | 325 | shift |
328 | args=`getopt ipPs: $*` || exerr "Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]" | 326 | args=`getopt ipPs: $*` || exerr "Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]" |
329 | 327 | ||
330 | updatejail_installaction="world" | 328 | # Clean variables, prevent polution |
331 | updatejail_provideports= | 329 | unset ezjail_provideports |
330 | |||
331 | ezjail_installaction="world" | ||
332 | 332 | ||
333 | set -- ${args} | 333 | set -- ${args} |
334 | for arg do | 334 | for arg do |
335 | case ${arg} in | 335 | case ${arg} in |
336 | -i) updatejail_installaction="installworld"; shift;; | 336 | -i) ezjail_installaction="installworld"; shift;; |
337 | -s) ezjail_sourcetree="$2"; shift 2;; | 337 | -s) ezjail_sourcetree="$2"; shift 2;; |
338 | -p) updatejail_provideports="YES"; shift;; | 338 | -p) ezjail_provideports="YES"; shift;; |
339 | -P) updatejail_provideports="YES"; updatejail_installaction="none"; shift;; | 339 | -P) ezjail_provideports="YES"; ezjail_installaction="none"; shift;; |
340 | --) shift; break;; | 340 | --) shift; break;; |
341 | esac | 341 | esac |
342 | done | 342 | done |
343 | 343 | ||
344 | if [ "${updatejail_installaction}" = "none" ]; then | 344 | if [ "${ezjail_installaction}" = "none" ]; then |
345 | # check, whether ezjail-update has been called. existence of | 345 | # check, whether ezjail-update has been called. existence of |
346 | # ezjail_jailbase is our indicator | 346 | # ezjail_jailbase is our indicator |
347 | [ -d ${ezjail_jailbase} ] || exerr "Error: base jail does not exist. You cannot fill base jails ports tree before creating it. Please run 'ezjail-admin update' first." | 347 | [ -d ${ezjail_jailbase} ] || exerr "Error: base jail does not exist. You cannot fill base jails ports tree before creating it. Please run 'ezjail-admin update' first." |
@@ -356,7 +356,7 @@ setup|update) | |||
356 | mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory." | 356 | mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory." |
357 | 357 | ||
358 | # make our world | 358 | # make our world |
359 | cd ${ezjail_sourcetree} && make ${updatejail_installaction} DESTDIR=${ezjail_jailfull} || exerr "make ${updatejail_installaction} failed." | 359 | cd ${ezjail_sourcetree} && make ${ezjail_installaction} DESTDIR=${ezjail_jailfull} || exerr "make ${ezjail_installaction} failed." |
360 | 360 | ||
361 | # setup world | 361 | # setup world |
362 | cd ${ezjail_sourcetree}/etc && make distribution DESTDIR=${ezjail_jailfull} || exerr "make distribution failed." | 362 | cd ${ezjail_sourcetree}/etc && make distribution DESTDIR=${ezjail_jailfull} || exerr "make distribution failed." |
@@ -373,7 +373,7 @@ setup|update) | |||
373 | mkdir basejail | 373 | mkdir basejail |
374 | 374 | ||
375 | # Try to remove the old template jail | 375 | # Try to remove the old template jail |
376 | [ -d ${ezjail_template} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate} | 376 | [ -d ${ezjail_jailtemplate} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate} |
377 | mv ${ezjail_jailfull} ${ezjail_jailtemplate} | 377 | mv ${ezjail_jailfull} ${ezjail_jailtemplate} |
378 | 378 | ||
379 | # If the default flavour example has not yet been copied, do it now | 379 | # If the default flavour example has not yet been copied, do it now |
@@ -382,7 +382,7 @@ setup|update) | |||
382 | fi # installaction="none" | 382 | fi # installaction="none" |
383 | 383 | ||
384 | # The user may want to have a ports tree in basejail | 384 | # The user may want to have a ports tree in basejail |
385 | if [ "${updatejail_provideports}" = "YES" ]; then | 385 | if [ "${ezjail_provideports}" = "YES" ]; then |
386 | # if /usr/ports/CVS exists, assume cvs up is safe | 386 | # if /usr/ports/CVS exists, assume cvs up is safe |
387 | if [ -f ${ezjail_jailbase}/usr/ports/CVS/Root ]; then | 387 | if [ -f ${ezjail_jailbase}/usr/ports/CVS/Root ]; then |
388 | echo -n "Updating ports from "; cat ${ezjail_jailbase}/usr/ports/CVS/Root | 388 | echo -n "Updating ports from "; cat ${ezjail_jailbase}/usr/ports/CVS/Root |
@@ -415,13 +415,110 @@ setup|update) | |||
415 | [ "${ezjail_uglyperlhack}" = "YES" -a ! -L ${ezjail_jailbase}/usr/bin/perl ] && ln -s /usr/local/bin/perl ${ezjail_jailbase}/usr/bin/perl | 415 | [ "${ezjail_uglyperlhack}" = "YES" -a ! -L ${ezjail_jailbase}/usr/bin/perl ] && ln -s /usr/local/bin/perl ${ezjail_jailbase}/usr/bin/perl |
416 | 416 | ||
417 | ;; | 417 | ;; |
418 | ######################## ezjail-admin INSTALL ######################## | ||
419 | install) | ||
420 | shift | ||
421 | args=`getopt mpsh:r: $*` || exerr "Usage: `basename -- $0` install [-mps] [-h host] [-r release]" | ||
422 | |||
423 | # Clean variables, prevent polution | ||
424 | unset ezjail_release ezjail_ftphost ezjail_installmanpages ezjail_installports ezjail_installsources ezjail_dir ezjail_reldir ezjail_temp | ||
425 | |||
426 | set -- ${args} | ||
427 | for arg do | ||
428 | case ${arg} in | ||
429 | -m) ezjail_installmanpages=" manpages"; shift;; | ||
430 | -p) ezjail_installports=" ports"; shift;; | ||
431 | -s) ezjail_installsources=" src"; shift;; | ||
432 | -h) ezjail_ftphost="$2"; shift 2;; | ||
433 | -r) ezjail_release="$2"; shift 2;; | ||
434 | --) shift; break;; | ||
435 | esac | ||
436 | done | ||
437 | |||
438 | ezjail_installarch=`uname -p` | ||
439 | ezjail_ftphost=${ezjail_ftphost:-"ftp.freebsd.org"} | ||
440 | ezjail_ftphost=${ezjail_host#ftp://} | ||
441 | ezjail_dir=${ezjail_ftphost#file://} | ||
442 | [ "${ezjail_dir%%[!/]*}" ] || ezjail_reldir=${PWD} | ||
443 | # XXX | ||
444 | ezjail_temp=${ezjail_jaildir}/ezjailtemp | ||
445 | |||
446 | # ftp servers normally wont provide CURRENT-builds | ||
447 | if [ -z "${ezjail_release}" ]; then | ||
448 | ezjail_release=`uname -r` | ||
449 | if [ "${ezjail_release%CURRENT}" != "${ezjail_release}" -a "${ezjail_dir}" = "${ezjail_ftphost}" ]; then | ||
450 | echo "Your system is ${ezjail_release}. Normally FTP-servers don't provide CURRENT-builds." | ||
451 | echo -n "Release [ ${ezjail_release} ]: " | ||
452 | read ezjail_releasetmp | ||
453 | [ "${ezjail_releasetmp}" ] && ezjail_release=${ezjail_releasetmp} | ||
454 | fi | ||
455 | fi | ||
456 | |||
457 | # Normally fulljail should be renamed by past ezjail-admin commands. | ||
458 | # However those may have failed | ||
459 | [ -d "${ezjail_jailfull}" ] && chflags -R noschg ${ezjail_jailfull} && rm -rf ${ezjail_jailfull} | ||
460 | mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory." | ||
461 | DESTDIR=${ezjail_jailfull} | ||
462 | |||
463 | # XXX | ||
464 | rm -rf ${ezjail_temp} | ||
465 | for pkg in base ${ezjail_installmanpages} ${ezjail_installports} ${ezjail_installsources}; do | ||
466 | |||
467 | # The first case means, that a remote host has been specified. | ||
468 | if [ "${ezjail_dir}" = "${ezjail_ftphost}" ]; then | ||
469 | # Create and try to access temp dir | ||
470 | mkdir -p ${ezjail_temp} || exerr "Could not create temporary base jail directory ${ezjail_temp}." | ||
471 | cd ${ezjail_temp} || exerr "Could not cd to ${ezjail_temp}." | ||
472 | |||
473 | # Try all paths as stolen from sysinstall, break on success. | ||
474 | for ezjail_path in pub/FreeBSD/releases pub/FreeBSD/snapshot pub/FreeBSD releases snapshots NO; do | ||
475 | [ "${ezjail_path}" = "NO" ] && exerr "Could not fetch ${pkg} from ${ezjail_ftphost}." | ||
476 | ftp "${ezjail_ftphost}:${ezjail_path}/${ezjail_arch}/${ezjail_release}/${pkg}/*" && break | ||
477 | done | ||
478 | |||
479 | # These actions are really ugly: sources want $1 to contain the set | ||
480 | # of sources to install, base asks the user if he is sure, hence the | ||
481 | # yes and the set -- all | ||
482 | set -- all | ||
483 | [ -f install.sh ] && yes | . install.sh | ||
484 | # XXX error checking. | ||
485 | |||
486 | rm -rf ${ezjail_temp} | ||
487 | else | ||
488 | cd ${basejail_reldir}/${basejail_dir}/${pkg} || exerr "Could not cd to ${basejail_dir}." | ||
489 | set -- all | ||
490 | [ -f install.sh ] && yes | . install.sh | ||
491 | fi | ||
492 | done | ||
493 | |||
494 | # Fill basejail from installed world | ||
495 | cd ${ezjail_jailfull} || exerr "Cant access temporary Jail directory." | ||
496 | # This mkdir is important, since cpio will create intermediate | ||
497 | # directories with permission 0700 which is bad | ||
498 | mkdir -p ${ezjail_jailbase}/usr | ||
499 | for dir in bin boot lib libexec rescue sbin usr/bin usr/games usr/include usr/lib usr/libdata usr/libexec usr/sbin usr/src usr/share; do | ||
500 | find ${dir} | cpio -d -p -v ${ezjail_jailbase} || exerr "Installation of ${dir} failed." | ||
501 | chflags -R noschg ${dir}; rm -r ${dir}; ln -s /basejail/${dir} ${dir} | ||
502 | done | ||
503 | mkdir basejail | ||
504 | |||
505 | # Try to remove the old template jail | ||
506 | [ -d ${ezjail_jailtemplate} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate} | ||
507 | mv ${ezjail_jailfull} ${ezjail_jailtemplate} | ||
508 | |||
509 | # If the default flavour example has not yet been copied, do it now | ||
510 | [ -d ${ezjail_flavours}/default ] || mkdir -p ${ezjail_flavours} && cp -p -R ${ezjail_examples}/default ${ezjail_flavours} | ||
511 | |||
512 | # XXX ports stuff still missing | ||
513 | |||
514 | ;; | ||
418 | ######################## ezjail-admin CONFIG ######################## | 515 | ######################## ezjail-admin CONFIG ######################## |
419 | config) | 516 | config) |
420 | shift | 517 | shift |
421 | |||
422 | args=`getopt -r: $*` || exerr "Usage: `basename -- $0` config [-r run|norun] jailname" | 518 | args=`getopt -r: $*` || exerr "Usage: `basename -- $0` config [-r run|norun] jailname" |
423 | 519 | ||
424 | ezjail_setrunnable= | 520 | # Clean variables, prevent polution |
521 | unset ezjail_setrunnable | ||
425 | 522 | ||
426 | set -- ${args} | 523 | set -- ${args} |
427 | for arg do | 524 | for arg do |
@@ -453,6 +550,6 @@ config) | |||
453 | 550 | ||
454 | ;; | 551 | ;; |
455 | *) | 552 | *) |
456 | exerr "Usage: `basename -- $0` [config|create|delete|list|update] {params}" | 553 | exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}" |
457 | ;; | 554 | ;; |
458 | esac | 555 | esac |