From 7e5a83e30848ca2e549f2afcc4c85d23526e44d3 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Mon, 7 Mar 2011 03:57:49 +0000 Subject: Make the warning about the IP address being already used work with processes bound to * in a jail with multiple IP addresses --- ezjail-admin | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/ezjail-admin b/ezjail-admin index 9c8e485..9a6c363 100755 --- a/ezjail-admin +++ b/ezjail-admin @@ -709,10 +709,26 @@ EOF # check, whether some host system services do listen on the Jails IP IFS=_ - ezjail_listener=`sockstat -4 -l | grep "${ezjail_ip}:[[:digit:]]"` + ezjail_listener=`sockstat -64l | grep "${ezjail_ip}:[[:digit:]]"` [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on IP ${ezjail_ip}\n This may cause some confusion, here they are:\n${ezjail_listener}" - ezjail_listener=`sockstat -4 -l | grep "*:[[:digit:]]"` + # collect list of jail ids with our ip address in their ip address set. + # Add none meaning the host system. Prepare this list as argument for pgrep + # by prepending -j to each jid + IFS=${TIFS} + jail_ids=`( echo none= + jls -n | sed -E -n s/'.*jid=([0-9]+).*ip4\.addr=([0-9.,]+)'.*/'\1=\2'/p | grep -Ee "${ezjail_ip}(,|$)" + jls -n | sed -E -n s/'.*jid=([0-9]+).*ip6\.addr=([0-9a-f:,]+)'.*/'\1=\2'/p | grep -Ee "${ezjail_ip}(,|$)" + ) | cut -d= -f1 | sed s/^/-j/` + + # Fetch all corresponding process ids for all matching jail + jail_pids=`pgrep $jail_ids` + + # expand pids to form a greppable expression + jail_grep=`echo $jail_pids | sed -E -e"s/ /)|(/g" -e"s/^/(/" -e"s/$/)/"` + + IFS=_ + ezjail_listener=`sockstat -46l | grep -E -e "*:[[:digit:]]" -e " ${jail_grep} "` [ $? -eq 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${ezjail_ip})\n This may cause some confusion, here they are:\n${ezjail_listener}" IFS=, done -- cgit v1.2.3