From 89a8a70f026a6d0a4bec498e830aabdd7d8025b5 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Thu, 4 May 2006 18:49:52 +0000 Subject: Flag jails that would interrupt boot process as attachblocking. Skip or choose them deliberately in ezjail.sh --- ezjail-admin | 37 ++++++++++++++++++++++--------------- ezjail.sh | 19 ++++++++----------- 2 files changed, 30 insertions(+), 26 deletions(-) diff --git a/ezjail-admin b/ezjail-admin index 1846138..49ddee3 100755 --- a/ezjail-admin +++ b/ezjail-admin @@ -148,8 +148,7 @@ case "$1" in ######################## ezjail-admin CREATE ######################## create) # Clean variables, prevent polution - unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_passphraseurl ezjail_exists - + unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_passphraseurl ezjail_exists ezjail_attachblocking shift; while getopts :f:r:s:xic:u:C: arg; do case ${arg} in x) ezjail_exists="YES";; r) ezjail_rootdir="${OPTARG}";; @@ -253,13 +252,14 @@ create) # And attach device ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')" - case "${ezjail_imagetype}" in bde|eli) # parse imageparams, generate attachparams + ezjail_attachblocking="YES" if [ -n "${ezjail_imageparams}" ]; then ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh ` - [ 0 -eq $? ] || exerr "processing of ezjail_imageparams failed" + [ 5 -eq $? ] && exerr "processing of ezjail_imageparams failed" + [ 3 -eq $? ] && unset ezjail_attachblocking fi case "${ezjail_imagetype}" in bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}" @@ -267,13 +267,14 @@ create) eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}" attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";; esac - echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)" + [ -n "${ezjail_attachblocking}" ] && echo "Initialising crypto device. Enter a new passphrase twice... " + ( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image." - echo "Attaching crypto device. Enter the passphrase... (if necessary)" + [ -n "${ezjail_attachblocking}" ] && echo "Attaching crypto device. Enter the passphrase... " ( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image." ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype} - ;; + ;; simple) ezjail_device=${ezjail_imagedevice} ;; @@ -324,6 +325,7 @@ create) echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config} + echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_passphraseurl=\"${ezjail_passphraseurl}\" >> ${ezjail_config} # Final steps for flavour installation @@ -570,18 +572,20 @@ config) ############################################################################## # ezjail_imageparams HACK starts here # -# +# _parse_geli_attach_args_) # create geli(8) attach arguments from geli(8) init arguments: - # -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present, + # -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present, # everything else is dicarded + # exit values: 2->NO_ERROR, 3->NO_ERROR,PASSWORD_SET, 5->PARSER_ERROR + _exit=2 shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in b|v|a|i|l|s);; # ignore these - P) echo -n "-p ";; + P) echo -n "-p "; _exit=3 ;; K) echo -n "-k '$OPTARG' ";; - ?) exit 11;; + ?) exit 5;; esac; done - exit 0 + exit ${_exit} ;; _parse_gbde_attach_args_) # create gbde(8) attach arguments from gbde(8) init arguments: @@ -589,18 +593,21 @@ _parse_gbde_attach_args_) # -K keyfile becomes -k keyfile if present # -P passphrase becomes -p passphrase if present # everything else is discarded + # exit values: 2->NO_ERROR, 3->NO_ERROR+PASSWORD_SET, 5->PARSER_ERROR + _exit=2 shift; while getopts :iK:f:L:P: arg; do case ${arg} in i|f);; # ignore these - P) echo -n "-p '$OPTARG' ";; + P) echo -n "-p '$OPTARG' "; _exit=3;; K) echo -n "-k '$OPTARG' ";; L) echo -n "-l '$OPTARG' ";; - ?) exit 11;; + ?) exit 5;; esac; done - exit 0 + exit ${_exit} ;; # # ezjail_imageparams HACK ends here (thank god) ############################################################################## + *) exerr ${ezjail_usage_ezjail} ;; diff --git a/ezjail.sh b/ezjail.sh index dbf78ca..5db8acc 100755 --- a/ezjail.sh +++ b/ezjail.sh @@ -62,19 +62,16 @@ do_cmd() eval ezjail_image=\"\$jail_${ezjail}_image\" eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\" + eval ezjail_attachblocking=\"\$jail_${ezjail}_attachblocking\" - # Cannot auto mount crypto jails without interrupting boot process - if [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" ]; then - case "${ezjail_imagetype}" in crypto|eli|bde) continue;; esac - fi + # Cannot auto mount blocking crypto jails without interrupting boot process + [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" && "${ezjail_attachblocking}" = "YES" ] && continue - # Explicitely do only run crypto jails when *crypto is requested - if [ "${action%crypto}" != "${action}" ]; then - case "${ezjail_imagetype}" in crypto|eli|bde) ;; *) continue;; esac - fi + # Explicitely do only run blocking crypto jails when *crypto is requested + [ "${action%crypto}" != "${action}" -a -z "${ezjail_attachblocking}" ] && continue # Try to attach (crypto) devices - [ "${ezjail_image}" ] && attach_detach_pre + [ -n "${ezjail_image}" ] && attach_detach_pre ezjail_pass="${ezjail_pass} ${ezjail}" done @@ -100,13 +97,13 @@ attach_detach_pre () # this is. In this case, the device to mount is case ${ezjail_imagetype} in crypto|bde) - echo "Attaching gbde device for image jail ${ezjail}..." + echo "Attaching bde device for image jail ${ezjail}..." echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh # Device to mount is not md anymore ezjail_device=${ezjail_device}.bde ;; eli) - echo "Attaching gbde device for image jail ${ezjail}..." + echo "Attaching eli device for image jail ${ezjail}..." echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh # Device to mount is not md anymore ezjail_device=${ezjail_device}.eli -- cgit v1.2.3