1 files changed, 80 insertions, 13 deletions
diff --git a/ezjail-admin b/ezjail-admin
index 857dcae..72f7b3c 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -37,7 +37,7 @@ ezjail_usage_delete="Usage: `basename -- $0` delete [-w] jailname"
 ezjail_usage_list="Usage: `basename -- $0` list"
 ezjail_usage_update="Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]"
 ezjail_usage_install="Usage: `basename -- $0` install [-mps] [-h host] [-r release]"
-ezjail_usage_config="Usage: `basename -- $0` config [-r run|norun] jailname"
+ezjail_usage_config="Usage: `basename -- $0` config [-r run|norun] [-i attach|detach] jailname"
 ################################
 # End of variable initialization
@@ -56,8 +56,10 @@ detach_images () {
      eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;
    esac
    mdconfig -d -u ${ezjail_imagedevice} > /dev/null
-    [ "$1" = "success" ] || rm -f ${ezjail_image}
+    [ "$1" = "keep" ] || rm -f ${ezjail_image}
  fi
+  # This function is being called in case of error. Keep $? bad
+  return 1
 }
 # fetch everything we need to know about an ezjail from config
@@ -76,9 +78,13 @@ fetchjailinfo () {
  . ${ezjail_config}
  eval ezjail_hostname=\"\$jail_${ezjail_safename}_hostname\"
  eval ezjail_rootdir=\"\$jail_${ezjail_safename}_rootdir\"
+  eval ezjail_ip=\"\$jail_${ezjail_safename}_ip\"
  eval ezjail_image=\"\$jail_${ezjail_safename}_image\"
  eval ezjail_imagetype=\"\$jail_${ezjail_safename}_imagetype\"
-  eval ezjail_ip=\"\$jail_${ezjail_safename}_ip\"
+  eval ezjail_attachparams=\"\$jail_${ezjail_safename}_attachparams\"
+  eval ezjail_attachblocking=\"\$jail_${ezjail_safename}_attachblocking\"
+  eval ezjail_forceblocking=\"\$jail_${ezjail_safename}_forceblocking\"
+  eval ezjail_passphraseurl=\"\$jail_${ezjail_safename}_passphraseurl\"
  ezjail_softlink=${ezjail_jaildir}/`basename -- ${ezjail_rootdir}`
  [ -f /var/run/jail_${ezjail_safename}.id ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return
@@ -345,7 +351,7 @@ create)
  fi
  # Detach (crypto and) memory discs
-  detach_images success
+  detach_images keep
  #
  # For user convenience some scenarios commonly causing headaches are checked
@@ -542,9 +548,10 @@ install)
 ######################## ezjail-admin CONFIG ########################
 config)
  # Clean variables, prevent polution
-  unset ezjail_setrunnable
+  unset ezjail_setrunnable ezjail_imageaction
  shift; while getopts :r: arg; do case ${arg} in
+    i) ezjail_imageaction=${OPTARG};;
    r) ezjail_setrunnable=${OPTARG};;
    ?) exerr ${ezjail_usage_config};;
  esac; done; shift $(( ${OPTIND} - 1 ))
@@ -555,20 +562,80 @@ config)
  fetchjailinfo $1
  # check for existence of jail in our records
-  [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+  [ -n "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
  # Nothing to be configured?
-  [ "${ezjail_setrunnable}" ] || echo "Warning: No config option specified."
+  [ -z "${ezjail_setrunnable}" -a -z "${ezjail_imageaction}" ] && echo "Warning: No config option specified."
  case ${ezjail_setrunnable} in
-    run)
+    run)   [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun};;
-    [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun}
+    norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun ;;
-    ;;
+    *)     echo "Warning: Unknow runnable option specified.";;
-    norun)
-    [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun
-    ;;
  esac
+  [ -n "${ezjail_imageaction} -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail."
+  case ${ezjail_imageaction} in
+    attach)
+      # Check, if image already attached
+      if [ -L "${ezjail_root}.device" ]; then
+        # Fetch destination of soft link
+        ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
+        [ -b "${ezjail_device}" ] && exerr "Error: Jail image file ${ezjail_name} already attached as ${ezjail_device}."
+        rm -f ${ezjail_root}.device
+      fi
+      # Create a memory disc from jail image
+      ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` || exerr "Error: Could not attach memory disc."
+      # If this is a crypto jail, try to mount it, remind user, which jail
+      # this is. In this case, the device to mount is 
+      case ${ezjail_imagetype} in
+      crypto|bde)
+        echo "Attaching bde device for image jail ${ezjail}..."
+        echo gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams} | /bin/sh 
+        [ $? -eq 0 ] || detach_images keep || exerr "Error: Attaching bde device failed."
+        # Device to mount is not md anymore
+        ezjail_device=${ezjail_imagedevice}.bde
+        ;;
+      eli)
+        echo "Attaching eli device for image jail ${ezjail}..."
+        echo geli attach  ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh 
+        [ $? -eq 0 ] || detach_images keep || exerr "Error: Attaching eli device failed."
+        # Device to mount is not md anymore
+        ezjail_device=${ezjail_imagedevice}.eli
+        ;;
+      esac
+      mount /dev/${ezjail_device} ${ezjail_rootdir} || detach_images keep || exerr "Error: Could not mount /dev/${ezjail_device} to ${ezjail_root}."
+      # relink image device
+      ln -s /dev/${ezjail_device} ${ezjail_root}.device
+      ;;
+    detach)
+      [ -n "${ezjail_id}" ] && exerr "Error: Jail ${ezjail_name} still running. Can't detach."
+      # Check, if image really attached
+      if [ -L "${ezjail_root}.device" ]; then
+        # Fetch destination of soft link
+        ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
+        [ -b "${ezjail_device}" ] || exerr "Error: Jail image file ${ezjail_name} is not attached."
+      fi
+      # Add this device to the list of devices to be unmounted
+      case ${ezjail_imagetype} in
+        crypto|bde) ezjail_imagedevice="${ezjail_device%.bde}" ;;
+        eli)        ezjail_imagedevice="${ezjail_device%.eli}" ;;
+        *)          ezjail_imagedevice="${ezjail_device} ;;
+      esac
+      # Unmount/detach everything
+      detach_images keep
+      # Remove soft link (which acts as a lock)
+      rm -f ${ezjail_root}.device
+      ;;
+    *) echo "Warning: Unknow image action specified.";;
  ;;
 ##############################################################################

diff --git a/ezjail-admin b/ezjail-admin index 857dcae..72f7b3c 100755 --- a/ezjail-admin +++ b/ezjail-admin
@@ -37,7 +37,7 @@ ezjail_usage_delete="Usage: `basename -- $0` delete [-w] jailname"
37	ezjail_usage_list="Usage: `basename -- $0` list"	37	ezjail_usage_list="Usage: `basename -- $0` list"
38	ezjail_usage_update="Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]"	38	ezjail_usage_update="Usage: `basename -- $0` update [-s sourcetree] [-i] [-pP]"
39	ezjail_usage_install="Usage: `basename -- $0` install [-mps] [-h host] [-r release]"	39	ezjail_usage_install="Usage: `basename -- $0` install [-mps] [-h host] [-r release]"
40	ezjail_usage_config="Usage: `basename -- $0` config [-r run\|norun] jailname"	40	ezjail_usage_config="Usage: `basename -- $0` config [-r run\|norun] [-i attach\|detach] jailname"
41		41
42	################################	42	################################
43	# End of variable initialization	43	# End of variable initialization
@@ -56,8 +56,10 @@ detach_images () {
56	eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;	56	eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;
57	esac	57	esac
58	mdconfig -d -u ${ezjail_imagedevice} > /dev/null	58	mdconfig -d -u ${ezjail_imagedevice} > /dev/null
59	[ "$1" = "success" ] \|\| rm -f ${ezjail_image}	59	[ "$1" = "keep" ] \|\| rm -f ${ezjail_image}
60	fi	60	fi
		61	# This function is being called in case of error. Keep $? bad
		62	return 1
61	}	63	}
62		64
63	# fetch everything we need to know about an ezjail from config	65	# fetch everything we need to know about an ezjail from config
@@ -76,9 +78,13 @@ fetchjailinfo () {
76	. ${ezjail_config}	78	. ${ezjail_config}
77	eval ezjail_hostname=\"\$jail_${ezjail_safename}_hostname\"	79	eval ezjail_hostname=\"\$jail_${ezjail_safename}_hostname\"
78	eval ezjail_rootdir=\"\$jail_${ezjail_safename}_rootdir\"	80	eval ezjail_rootdir=\"\$jail_${ezjail_safename}_rootdir\"
		81	eval ezjail_ip=\"\$jail_${ezjail_safename}_ip\"
79	eval ezjail_image=\"\$jail_${ezjail_safename}_image\"	82	eval ezjail_image=\"\$jail_${ezjail_safename}_image\"
80	eval ezjail_imagetype=\"\$jail_${ezjail_safename}_imagetype\"	83	eval ezjail_imagetype=\"\$jail_${ezjail_safename}_imagetype\"
81	eval ezjail_ip=\"\$jail_${ezjail_safename}_ip\"	84	eval ezjail_attachparams=\"\$jail_${ezjail_safename}_attachparams\"
		85	eval ezjail_attachblocking=\"\$jail_${ezjail_safename}_attachblocking\"
		86	eval ezjail_forceblocking=\"\$jail_${ezjail_safename}_forceblocking\"
		87	eval ezjail_passphraseurl=\"\$jail_${ezjail_safename}_passphraseurl\"
82		88
83	ezjail_softlink=${ezjail_jaildir}/`basename -- ${ezjail_rootdir}`	89	ezjail_softlink=${ezjail_jaildir}/`basename -- ${ezjail_rootdir}`
84	[ -f /var/run/jail_${ezjail_safename}.id ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` \|\| return	90	[ -f /var/run/jail_${ezjail_safename}.id ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` \|\| return
@@ -345,7 +351,7 @@ create)
345	fi	351	fi
346		352
347	# Detach (crypto and) memory discs	353	# Detach (crypto and) memory discs
348	detach_images success	354	detach_images keep
349		355
350	#	356	#
351	# For user convenience some scenarios commonly causing headaches are checked	357	# For user convenience some scenarios commonly causing headaches are checked
@@ -542,9 +548,10 @@ install)
542	######################## ezjail-admin CONFIG ########################	548	######################## ezjail-admin CONFIG ########################
543	config)	549	config)
544	# Clean variables, prevent polution	550	# Clean variables, prevent polution
545	unset ezjail_setrunnable	551	unset ezjail_setrunnable ezjail_imageaction
546		552
547	shift; while getopts :r: arg; do case ${arg} in	553	shift; while getopts :r: arg; do case ${arg} in
		554	i) ezjail_imageaction=${OPTARG};;
548	r) ezjail_setrunnable=${OPTARG};;	555	r) ezjail_setrunnable=${OPTARG};;
549	?) exerr ${ezjail_usage_config};;	556	?) exerr ${ezjail_usage_config};;
550	esac; done; shift $(( ${OPTIND} - 1 ))	557	esac; done; shift $(( ${OPTIND} - 1 ))
@@ -555,20 +562,80 @@ config)
555	fetchjailinfo $1	562	fetchjailinfo $1
556		563
557	# check for existence of jail in our records	564	# check for existence of jail in our records
558	[ "${ezjail_config}" ] \|\| exerr "Error: Nothing known about jail ${ezjail_name}."	565	[ -n "${ezjail_config}" ] \|\| exerr "Error: Nothing known about jail ${ezjail_name}."
559		566
560	# Nothing to be configured?	567	# Nothing to be configured?
561	[ "${ezjail_setrunnable}" ] \|\| echo "Warning: No config option specified."	568	[ -z "${ezjail_setrunnable}" -a -z "${ezjail_imageaction}" ] && echo "Warning: No config option specified."
562		569
563	case ${ezjail_setrunnable} in	570	case ${ezjail_setrunnable} in
564	run)	571	run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] \|\| mv ${ezjail_config} ${ezjail_config%.norun};;
565	[ "${ezjail_config}" = "${ezjail_config%.norun}" ] \|\| mv ${ezjail_config} ${ezjail_config%.norun}	572	norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun ;;
566	;;	573	*) echo "Warning: Unknow runnable option specified.";;
567	norun)
568	[ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun
569	;;
570	esac	574	esac
571		575
		576	[ -n "${ezjail_imageaction} -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail."
		577
		578	case ${ezjail_imageaction} in
		579	attach)
		580	# Check, if image already attached
		581	if [ -L "${ezjail_root}.device" ]; then
		582	# Fetch destination of soft link
		583	ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
		584	[ -b "${ezjail_device}" ] && exerr "Error: Jail image file ${ezjail_name} already attached as ${ezjail_device}."
		585	rm -f ${ezjail_root}.device
		586	fi
		587
		588	# Create a memory disc from jail image
		589	ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` \|\| exerr "Error: Could not attach memory disc."
		590
		591	# If this is a crypto jail, try to mount it, remind user, which jail
		592	# this is. In this case, the device to mount is
		593	case ${ezjail_imagetype} in
		594	crypto\|bde)
		595	echo "Attaching bde device for image jail ${ezjail}..."
		596	echo gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams} \| /bin/sh
		597	[ $? -eq 0 ] \|\| detach_images keep \|\| exerr "Error: Attaching bde device failed."
		598	# Device to mount is not md anymore
		599	ezjail_device=${ezjail_imagedevice}.bde
		600	;;
		601	eli)
		602	echo "Attaching eli device for image jail ${ezjail}..."
		603	echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} \| /bin/sh
		604	[ $? -eq 0 ] \|\| detach_images keep \|\| exerr "Error: Attaching eli device failed."
		605	# Device to mount is not md anymore
		606	ezjail_device=${ezjail_imagedevice}.eli
		607	;;
		608	esac
		609
		610	mount /dev/${ezjail_device} ${ezjail_rootdir} \|\| detach_images keep \|\| exerr "Error: Could not mount /dev/${ezjail_device} to ${ezjail_root}."
		611	# relink image device
		612	ln -s /dev/${ezjail_device} ${ezjail_root}.device
		613
		614	;;
		615	detach)
		616	[ -n "${ezjail_id}" ] && exerr "Error: Jail ${ezjail_name} still running. Can't detach."
		617
		618	# Check, if image really attached
		619	if [ -L "${ezjail_root}.device" ]; then
		620	# Fetch destination of soft link
		621	ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
		622	[ -b "${ezjail_device}" ] \|\| exerr "Error: Jail image file ${ezjail_name} is not attached."
		623	fi
		624
		625	# Add this device to the list of devices to be unmounted
		626	case ${ezjail_imagetype} in
		627	crypto\|bde) ezjail_imagedevice="${ezjail_device%.bde}" ;;
		628	eli) ezjail_imagedevice="${ezjail_device%.eli}" ;;
		629	*) ezjail_imagedevice="${ezjail_device} ;;
		630	esac
		631
		632	# Unmount/detach everything
		633	detach_images keep
		634
		635	# Remove soft link (which acts as a lock)
		636	rm -f ${ezjail_root}.device
		637	;;
		638	*) echo "Warning: Unknow image action specified.";;
572	;;	639	;;
573		640
574	##############################################################################	641	##############################################################################