summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rwxr-xr-xezjail-admin139
1 files changed, 118 insertions, 21 deletions
diff --git a/ezjail-admin b/ezjail-admin
index d4e2b64..5d5e0fd 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -65,7 +65,7 @@ fetchjailinfo () {
65} 65}
66 66
67# check for command 67# check for command
68[ "$1" ] || exerr "Usage: `basename -- $0` [config|create|delete|list|update] {params}" 68[ "$1" ] || exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}"
69 69
70case "$1" in 70case "$1" in
71######################## ezjail-admin CREATE ######################## 71######################## ezjail-admin CREATE ########################
@@ -95,7 +95,7 @@ create)
95 [ "${ezjail_name}" -a "${ezjail_ip}" -a $# = 2 ] || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-s size] [-xic] jailname jailip" 95 [ "${ezjail_name}" -a "${ezjail_ip}" -a $# = 2 ] || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-s size] [-xic] jailname jailip"
96 96
97 # check for sanity of settings concerning the image feature 97 # check for sanity of settings concerning the image feature
98 [ "${ezjail_imagetype}" -a "$ezjail_fillme" = "YES" -a ! "${ezjail_imagesize}" ] && exerr "Image jails need an image size." 98 [ "${ezjail_imagetype}" -a "${ezjail_fillme}" = "YES" -a ! "${ezjail_imagesize}" ] && exerr "Image jails need an image size."
99 99
100 # check, whether ezjail-update has been called. existence of 100 # check, whether ezjail-update has been called. existence of
101 # ezjail_jailbase is our indicator 101 # ezjail_jailbase is our indicator
@@ -116,7 +116,7 @@ create)
116 # This scenario really will only lead to real troubles in the 'fulljail' 116 # This scenario really will only lead to real troubles in the 'fulljail'
117 # case, but I should still explain this to the user and not claim that 117 # case, but I should still explain this to the user and not claim that
118 # "an ezjail would already exist" 118 # "an ezjail would already exist"
119 [ "${ezjail_hostname}" = "basejail" -o "${ezjail_hostname}" = "newjail" -o "${ezjail_hostname}" = "fulljail" -o "${ezjail_hostname}" = "flavours" ] && \ 119 [ "${ezjail_hostname}" = "basejail" -o "${ezjail_hostname}" = "newjail" -o "${ezjail_hostname}" = "fulljail" -o "${ezjail_hostname}" = "flavours" -o "${ezjail_hostname}" = "ezjailtemp" ] && \
120 exerr "Error: ezjail needs the ${ezjail_hostname} directory for its own administrative purposes. Please rename the ezjail." 120 exerr "Error: ezjail needs the ${ezjail_hostname} directory for its own administrative purposes. Please rename the ezjail."
121 121
122 # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com 122 # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com
@@ -275,12 +275,12 @@ delete)
275 esac 275 esac
276 done 276 done
277 277
278 # we need name of jail to vanish
279 [ $# = 1 ] || exerr "Usage: `basename -- $0` delete [-w] jailname"
280
278 # Get all info we have on that jail 281 # Get all info we have on that jail
279 fetchjailinfo $1 282 fetchjailinfo $1
280 283
281 # we only need name of jail to vanish
282 [ "${ezjail_safename}" -a $# = 1 ] || exerr "Usage: `basename -- $0` delete [-w] jailname"
283
284 # check for existence of jail in our records 284 # check for existence of jail in our records
285 [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." 285 [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
286 286
@@ -289,8 +289,7 @@ delete)
289 289
290 # now we know everything we need to let the jail be gone remove entry 290 # now we know everything we need to let the jail be gone remove entry
291 # from ezjail resource structure, delete fstab.JAILNAME 291 # from ezjail resource structure, delete fstab.JAILNAME
292 rm -f ${ezjail_config} 292 rm -f ${ezjail_config} /etc/fstab.${ezjail_safename}
293 rm -f /etc/fstab.${ezjail_safename}
294 293
295 # if there is a soft link pointing to the jail root, remove it 294 # if there is a soft link pointing to the jail root, remove it
296 [ -L ${ezjail_softlink} ] && rm ${ezjail_softlink} 295 [ -L ${ezjail_softlink} ] && rm ${ezjail_softlink}
@@ -311,7 +310,6 @@ list)
311 echo "--- ----- --------------- ---------------------------- -----------------------------" 310 echo "--- ----- --------------- ---------------------------- -----------------------------"
312 for ezjail in ${ezjail_list}; do 311 for ezjail in ${ezjail_list}; do
313 fetchjailinfo ${ezjail%.norun} 312 fetchjailinfo ${ezjail%.norun}
314 ezjail_id=`jls | grep " ${ezjail_hostname} " | head -n 1 | awk {'print $1'}`
315 ezjail_state="D" 313 ezjail_state="D"
316 [ "${ezjail_imagetype}" = "simple" ] && ezjail_state="I" 314 [ "${ezjail_imagetype}" = "simple" ] && ezjail_state="I"
317 [ "${ezjail_imagetype}" = "crypto" ] && ezjail_state="C" 315 [ "${ezjail_imagetype}" = "crypto" ] && ezjail_state="C"
@@ -327,21 +325,23 @@ setup|update)
327 shift 325 shift
328 args=`getopt ipPs: $*` || exerr "Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]" 326 args=`getopt ipPs: $*` || exerr "Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]"
329 327
330 updatejail_installaction="world" 328 # Clean variables, prevent polution
331 updatejail_provideports= 329 unset ezjail_provideports
330
331 ezjail_installaction="world"
332 332
333 set -- ${args} 333 set -- ${args}
334 for arg do 334 for arg do
335 case ${arg} in 335 case ${arg} in
336 -i) updatejail_installaction="installworld"; shift;; 336 -i) ezjail_installaction="installworld"; shift;;
337 -s) ezjail_sourcetree="$2"; shift 2;; 337 -s) ezjail_sourcetree="$2"; shift 2;;
338 -p) updatejail_provideports="YES"; shift;; 338 -p) ezjail_provideports="YES"; shift;;
339 -P) updatejail_provideports="YES"; updatejail_installaction="none"; shift;; 339 -P) ezjail_provideports="YES"; ezjail_installaction="none"; shift;;
340 --) shift; break;; 340 --) shift; break;;
341 esac 341 esac
342 done 342 done
343 343
344 if [ "${updatejail_installaction}" = "none" ]; then 344 if [ "${ezjail_installaction}" = "none" ]; then
345 # check, whether ezjail-update has been called. existence of 345 # check, whether ezjail-update has been called. existence of
346 # ezjail_jailbase is our indicator 346 # ezjail_jailbase is our indicator
347 [ -d ${ezjail_jailbase} ] || exerr "Error: base jail does not exist. You cannot fill base jails ports tree before creating it. Please run 'ezjail-admin update' first." 347 [ -d ${ezjail_jailbase} ] || exerr "Error: base jail does not exist. You cannot fill base jails ports tree before creating it. Please run 'ezjail-admin update' first."
@@ -356,7 +356,7 @@ setup|update)
356 mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory." 356 mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory."
357 357
358 # make our world 358 # make our world
359 cd ${ezjail_sourcetree} && make ${updatejail_installaction} DESTDIR=${ezjail_jailfull} || exerr "make ${updatejail_installaction} failed." 359 cd ${ezjail_sourcetree} && make ${ezjail_installaction} DESTDIR=${ezjail_jailfull} || exerr "make ${ezjail_installaction} failed."
360 360
361 # setup world 361 # setup world
362 cd ${ezjail_sourcetree}/etc && make distribution DESTDIR=${ezjail_jailfull} || exerr "make distribution failed." 362 cd ${ezjail_sourcetree}/etc && make distribution DESTDIR=${ezjail_jailfull} || exerr "make distribution failed."
@@ -373,7 +373,7 @@ setup|update)
373 mkdir basejail 373 mkdir basejail
374 374
375 # Try to remove the old template jail 375 # Try to remove the old template jail
376 [ -d ${ezjail_template} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate} 376 [ -d ${ezjail_jailtemplate} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate}
377 mv ${ezjail_jailfull} ${ezjail_jailtemplate} 377 mv ${ezjail_jailfull} ${ezjail_jailtemplate}
378 378
379 # If the default flavour example has not yet been copied, do it now 379 # If the default flavour example has not yet been copied, do it now
@@ -382,7 +382,7 @@ setup|update)
382 fi # installaction="none" 382 fi # installaction="none"
383 383
384 # The user may want to have a ports tree in basejail 384 # The user may want to have a ports tree in basejail
385 if [ "${updatejail_provideports}" = "YES" ]; then 385 if [ "${ezjail_provideports}" = "YES" ]; then
386 # if /usr/ports/CVS exists, assume cvs up is safe 386 # if /usr/ports/CVS exists, assume cvs up is safe
387 if [ -f ${ezjail_jailbase}/usr/ports/CVS/Root ]; then 387 if [ -f ${ezjail_jailbase}/usr/ports/CVS/Root ]; then
388 echo -n "Updating ports from "; cat ${ezjail_jailbase}/usr/ports/CVS/Root 388 echo -n "Updating ports from "; cat ${ezjail_jailbase}/usr/ports/CVS/Root
@@ -415,13 +415,110 @@ setup|update)
415 [ "${ezjail_uglyperlhack}" = "YES" -a ! -L ${ezjail_jailbase}/usr/bin/perl ] && ln -s /usr/local/bin/perl ${ezjail_jailbase}/usr/bin/perl 415 [ "${ezjail_uglyperlhack}" = "YES" -a ! -L ${ezjail_jailbase}/usr/bin/perl ] && ln -s /usr/local/bin/perl ${ezjail_jailbase}/usr/bin/perl
416 416
417 ;; 417 ;;
418######################## ezjail-admin INSTALL ########################
419install)
420 shift
421 args=`getopt mpsh:r: $*` || exerr "Usage: `basename -- $0` install [-mps] [-h host] [-r release]"
422
423 # Clean variables, prevent polution
424 unset ezjail_release ezjail_ftphost ezjail_installmanpages ezjail_installports ezjail_installsources ezjail_dir ezjail_reldir ezjail_temp
425
426 set -- ${args}
427 for arg do
428 case ${arg} in
429 -m) ezjail_installmanpages=" manpages"; shift;;
430 -p) ezjail_installports=" ports"; shift;;
431 -s) ezjail_installsources=" src"; shift;;
432 -h) ezjail_ftphost="$2"; shift 2;;
433 -r) ezjail_release="$2"; shift 2;;
434 --) shift; break;;
435 esac
436 done
437
438 ezjail_installarch=`uname -p`
439 ezjail_ftphost=${ezjail_ftphost:-"ftp.freebsd.org"}
440 ezjail_ftphost=${ezjail_host#ftp://}
441 ezjail_dir=${ezjail_ftphost#file://}
442 [ "${ezjail_dir%%[!/]*}" ] || ezjail_reldir=${PWD}
443 # XXX
444 ezjail_temp=${ezjail_jaildir}/ezjailtemp
445
446 # ftp servers normally wont provide CURRENT-builds
447 if [ -z "${ezjail_release}" ]; then
448 ezjail_release=`uname -r`
449 if [ "${ezjail_release%CURRENT}" != "${ezjail_release}" -a "${ezjail_dir}" = "${ezjail_ftphost}" ]; then
450 echo "Your system is ${ezjail_release}. Normally FTP-servers don't provide CURRENT-builds."
451 echo -n "Release [ ${ezjail_release} ]: "
452 read ezjail_releasetmp
453 [ "${ezjail_releasetmp}" ] && ezjail_release=${ezjail_releasetmp}
454 fi
455 fi
456
457 # Normally fulljail should be renamed by past ezjail-admin commands.
458 # However those may have failed
459 [ -d "${ezjail_jailfull}" ] && chflags -R noschg ${ezjail_jailfull} && rm -rf ${ezjail_jailfull}
460 mkdir -p ${ezjail_jailfull} || exerr "Cannot create temporary Jail directory."
461 DESTDIR=${ezjail_jailfull}
462
463 # XXX
464 rm -rf ${ezjail_temp}
465 for pkg in base ${ezjail_installmanpages} ${ezjail_installports} ${ezjail_installsources}; do
466
467 # The first case means, that a remote host has been specified.
468 if [ "${ezjail_dir}" = "${ezjail_ftphost}" ]; then
469 # Create and try to access temp dir
470 mkdir -p ${ezjail_temp} || exerr "Could not create temporary base jail directory ${ezjail_temp}."
471 cd ${ezjail_temp} || exerr "Could not cd to ${ezjail_temp}."
472
473 # Try all paths as stolen from sysinstall, break on success.
474 for ezjail_path in pub/FreeBSD/releases pub/FreeBSD/snapshot pub/FreeBSD releases snapshots NO; do
475 [ "${ezjail_path}" = "NO" ] && exerr "Could not fetch ${pkg} from ${ezjail_ftphost}."
476 ftp "${ezjail_ftphost}:${ezjail_path}/${ezjail_arch}/${ezjail_release}/${pkg}/*" && break
477 done
478
479 # These actions are really ugly: sources want $1 to contain the set
480 # of sources to install, base asks the user if he is sure, hence the
481 # yes and the set -- all
482 set -- all
483 [ -f install.sh ] && yes | . install.sh
484 # XXX error checking.
485
486 rm -rf ${ezjail_temp}
487 else
488 cd ${basejail_reldir}/${basejail_dir}/${pkg} || exerr "Could not cd to ${basejail_dir}."
489 set -- all
490 [ -f install.sh ] && yes | . install.sh
491 fi
492 done
493
494 # Fill basejail from installed world
495 cd ${ezjail_jailfull} || exerr "Cant access temporary Jail directory."
496 # This mkdir is important, since cpio will create intermediate
497 # directories with permission 0700 which is bad
498 mkdir -p ${ezjail_jailbase}/usr
499 for dir in bin boot lib libexec rescue sbin usr/bin usr/games usr/include usr/lib usr/libdata usr/libexec usr/sbin usr/src usr/share; do
500 find ${dir} | cpio -d -p -v ${ezjail_jailbase} || exerr "Installation of ${dir} failed."
501 chflags -R noschg ${dir}; rm -r ${dir}; ln -s /basejail/${dir} ${dir}
502 done
503 mkdir basejail
504
505 # Try to remove the old template jail
506 [ -d ${ezjail_jailtemplate} ] && chflags -R noschg ${ezjail_jailtemplate} && rm -rf ${ezjail_jailtemplate}
507 mv ${ezjail_jailfull} ${ezjail_jailtemplate}
508
509 # If the default flavour example has not yet been copied, do it now
510 [ -d ${ezjail_flavours}/default ] || mkdir -p ${ezjail_flavours} && cp -p -R ${ezjail_examples}/default ${ezjail_flavours}
511
512 # XXX ports stuff still missing
513
514 ;;
418######################## ezjail-admin CONFIG ######################## 515######################## ezjail-admin CONFIG ########################
419config) 516config)
420 shift 517 shift
421
422 args=`getopt -r: $*` || exerr "Usage: `basename -- $0` config [-r run|norun] jailname" 518 args=`getopt -r: $*` || exerr "Usage: `basename -- $0` config [-r run|norun] jailname"
423 519
424 ezjail_setrunnable= 520 # Clean variables, prevent polution
521 unset ezjail_setrunnable
425 522
426 set -- ${args} 523 set -- ${args}
427 for arg do 524 for arg do
@@ -453,6 +550,6 @@ config)
453 550
454 ;; 551 ;;
455*) 552*)
456 exerr "Usage: `basename -- $0` [config|create|delete|list|update] {params}" 553 exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}"
457 ;; 554 ;;
458esac 555esac