From c404a6ae6b583089d0b1d89edfb8a843a964f364 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Sat, 15 Sep 2007 00:25:52 +0000 Subject: introduced a console subcommand that allows attaching to a jail by it jailname. Also added documentation for that and the magic rc.d/ezjail.sh-proxy introduced before --- ezjail-admin | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++- ezjail.conf.sample | 3 +++ man1/ezjail-admin.1 | 16 ++++++++++++++-- man5/ezjail.conf.5 | 5 +++++ 4 files changed, 72 insertions(+), 3 deletions(-) diff --git a/ezjail-admin b/ezjail-admin index 56290c9..372f30e 100755 --- a/ezjail-admin +++ b/ezjail-admin @@ -22,6 +22,7 @@ ezjail_flavours=${ezjail_flavours:-"${ezjail_jaildir}/flavours"} ezjail_portscvsroot=${ezjail_portscvsroot:-":pserver:anoncvs@anoncvs.at.FreeBSD.org:/home/ncvs"} ezjail_sourcetree=${ezjail_sourcetree:-"/usr/src"} ezjail_uglyperlhack=${ezjail_uglyperlhack:-"YES"} +ezjail_default_execute=${ezjail_default_execute:-"/bin/sh"} ezjail_mount_enable=${ezjail_mount_enable:-"YES"} ezjail_devfs_enable=${ezjail_devfs_enable:-"YES"} @@ -33,12 +34,13 @@ ezjail_dirlist="bin boot lib libexec rescue sbin usr/bin usr/games usr/include u case `uname -p` in amd64) ezjail_dirlist="${ezjail_dirlist} usr/lib32";; esac # Synopsis messages -ezjail_usage_ezjailadmin="Usage: ${ezjail_admin} [config|create|delete|install|list|update] {params}" +ezjail_usage_ezjailadmin="Usage: ${ezjail_admin} [config|console|create|delete|install|list|update] {params}" ezjail_usage_install="Usage: ${ezjail_admin} install [-mps] [-h host] [-r release]" ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli] [-C args] jailname jailip" ezjail_usage_delete="Usage: ${ezjail_admin} delete [-w] jailname" ezjail_usage_update="Usage: ${ezjail_admin} update [-s sourcetree] [-i] [-pP]" ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [-i attach|detach|fsck] jailname" +ezjail_usage_console="Usage: ${ezjail_admin} console [-f] [-e command] jailname" ezjail_usage_list="Usage: ${ezjail_admin} list" ################################ @@ -639,6 +641,53 @@ install) exerr "Could not find ezjail's rc.d script in ${ezjail_prefix}/etc/rc.d/. You need to type it the long way." ;; +######################## ezjail-admin CONSOLE ######################## +console) + # Clean variables, prevent polution + unset ezjail_execute ezjail_forcestart + + shift; while getopts :e:f arg; do case ${arg} in + e) ezjail_execute=${OPTARG};; + f) ezjail_forcestart="YES";; + ?) exerr ${ezjail_usage_console};; + esac; done; shift $(( $OPTIND - 1 )) + + # we need name of jail to attach to + [ $# -eq 1 ] || exerr ${ezjail_usage_console} + + # Get all info we have on that jail + fetchjailinfo $1 + + # check for existence of jail in our records + [ -n "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." + + # if jail is not running, we either try to force start it or fail + if [ -z "${ezjail_id}" ]; then + + # If force start is requested, try that + [ -n "$ezjail_forcestart}" ] || exerr "Error: Jail ${ezjail_name} appears not to be running, start it first (or use console -f for force start)." + + echo "Trying to bring up ${ezjail_name} ..." + # Try to locate and run ezjails rc.d script + if [ -x "${ezjail_prefix}/etc/rc.d/ezjail" ]; then + (exec "${ezjail_prefix}/etc/rc.d/ezjail" start ${ezjail_name}); + elif [ -x "${ezjail_prefix}/etc/rc.d/ezjail.sh" ]; then + (exec "${ezjail_prefix}/etc/rc.d/ezjail.sh" start ${ezjail_name}); + else + exerr "Could not find ezjail's rc.d script in ${ezjail_prefix}/etc/rc.d/. You need to start ${ezjail_name} by hand." + fi + + # See, if it is running now + fetchjailinfo ${ezjail_name} + + [ -n "${ezjail_id}" ] || exerr "Error: Could not start ${ezjail_name}. You need to start it by hand." + fi + + # Try to attach to jail + [ -n "${ezjail_execute}" ] && exec jexec ${ezjail_id} ${ezjail_execute} + + exec jexec ${ezjail_id} ${ezjail_default_execute} + ;; ######################## ezjail-admin CONFIG ######################## config) # Clean variables, prevent polution diff --git a/ezjail.conf.sample b/ezjail.conf.sample index 3dfd336..5fee81a 100755 --- a/ezjail.conf.sample +++ b/ezjail.conf.sample @@ -26,6 +26,9 @@ # This is where the install sub command defaults to fetch its packages from # ezjail_ftphost=ftp.freebsd.org +# This is the command that is being executed by the console subcommand +# ezjail_default_execute=/bin/sh + # base jail will provide a soft link from /usr/bin/perl to /usr/local/bin/perl # to accomodate all scripts using '#!/usr/bin/perl'... # ezjail_uglyperlhack="YES" diff --git a/man1/ezjail-admin.1 b/man1/ezjail-admin.1 index 4425ac6..81d98d8 100755 --- a/man1/ezjail-admin.1 +++ b/man1/ezjail-admin.1 @@ -15,6 +15,9 @@ ezjail-admin \- Administrate ezjail .T .B ezjail-admin config\fR [-r run|norun] [-n newname] [-i attach|detach|fsck]\fI jailname +.T +.B ezjail-admin console\fR [-f] [-e command]\fI jailname + .T .B ezjail-admin install\fR [-mps] [-h host] [-r release] @@ -22,8 +25,11 @@ ezjail-admin \- Administrate ezjail .B ezjail-admin update\fR [-s sourcetree] [-i] [-pP] .SH DESCRIPTION The \fB ezjail-admin\fR tool is used to manage jails inside the ezjail -scope. It is not used to start or stop ezjails jails. Refer to \fIezjail(5)\fR -for more details. +scope. + +It can also be used to start or stop and to get a console in ezjails +jails by proxying everything looking like +\fBezjail-admin start\fR, \fBstop\fR or \fBrestart\fR to the ezjail rc.d script. .SH ezjail-admin create copies the template jail to the root of a new jail, whose name and IP address are provided as mandatory parameters. @@ -87,6 +93,12 @@ renamed as well. You can attach image jails for administrative purposes by the -i attach option and detach them with -i detach. It is not possible to run or delete an attached jail. You can force fscking a jail image with the -i fsck command. +.SH ezjail-admin console +Attaches your console to a jail by executing a jexec with its jid. + +The command executed in that jail defaults to /bin/sh but can be set with the +-e modifier or by the ezjail_default_execute config variable. A non-running +jail is not started by default. If you want that, force it with -f. .SH ezjail-admin install fetches everything needed to setup a base jail from an FTP server and installs it. diff --git a/man5/ezjail.conf.5 b/man5/ezjail.conf.5 index 6afede0..8e00e87 100755 --- a/man5/ezjail.conf.5 +++ b/man5/ezjail.conf.5 @@ -46,6 +46,11 @@ This is where the install sub command defaults to fetch its packages from Set to YES, if ezjail should provide a soft link from /usr/bin/perl to /usr/local/bin/perl in base jail. .br .I default: YES +.TP +.B ezjail_default_execute (str) +This is the default command executed in a jail by ezjail-admin console. +.br +.I default: YES .SH JAIL CREATION OPTIONS Default options for newly created jails. Used by the .B ezjail-admin(1) -- cgit v1.2.3