From 265e1dc36d0f4246b267967dbdc023575f1dc943 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Sun, 11 May 2008 03:04:46 +0000 Subject: Fix ezjail_makeabsolute, it was broken, when the provided 2nd path wasnt absolute. Also add lots of logic to the restore command. Soon will be working[tm]. --- ezjail-admin | 73 +++++++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 58 insertions(+), 15 deletions(-) (limited to 'ezjail-admin') diff --git a/ezjail-admin b/ezjail-admin index 17d7349..26a626b 100755 --- a/ezjail-admin +++ b/ezjail-admin @@ -249,7 +249,12 @@ ezjail_queryftpserver () { # Make a path absolute, if it isn't already ezjail_makeabsolute ( ) { - [ $# -eq 1 ] && path=`pwd -P` || path=$2 + if [ $# -eq 1 ]; then + path=`pwd -P` + else + path=$2 + ezjail_makeabsolute path + fi eval [ \"\${$1%%[!/]*}\" -o "\${$1}" = "-" ] || eval export ${1}="${path}/\${$1}" } @@ -825,19 +830,29 @@ archive) # Jail name mandatory fetchjailinfo ${1%.norun} - # check for existence of jail in our records + # Check for existence of jail in our records [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." - # if jail is still running, refuse to go any further - unless forced + # If jail is still running, refuse to go any further - unless forced [ "${ezjail_id}" -a -z "${ezjail_force}" ] && exerr "Error: Jail appears to be still running, stop it first or [-f]orce archiving." # This one goes into archive to identify jail by name and restore date ezjail_archive_tag="${ezjail_safename}-`date +%Y%m%d%H%M.%S`" - # if no archive name was specified, make one up + # If no archive name was specified, make one up [ "${ezjail_archive}" ] || ezjail_archive="${ezjail_archive_tag}.tar.gz" - # if archive location is not absolute, prepend archive directory + # Archives need to now, where they came from. Restore by default only + # reinstalls jails on the same machine. We also warn on OS upgrades and + # processor type changes + ezjail_hostsystem_name=$( echo -n `uname -n` | tr -c '[:alnum:].' _ ) + ezjail_hostsystem_version=$( echo -n `uname -r` | tr -c '[:alnum:].' _ ) + ezjail_hostsystem_cpu=$( echo -n `uname -p` | tr -c '[:alnum:].' _ ) + + ezjail_archive_tag="${ezjail_archive_tag}-${ezjail_hostsystem_name}-${ezjail_hostsystem_version}-${ezjail_hostsystem_cpu}" + echo $ezjail_archive_tag + + # If archive location is not absolute, prepend archive directory ezjail_makeabsolute ezjail_archive ${ezjail_archivedir} # It's a tar archive, after all @@ -849,12 +864,10 @@ archive) # For stdout do specify nothing [ "${ezjail_archive}" = "-" ] && unset ezjail_archive_opt || ezjail_archive_opt="-f ${ezjail_archive}" - [ -f "${ezjail_etc}/ezjail.conf" ] && ezjail_addfiles="${ezjail_etc}/ezjail.conf" - [ -f "/etc/fstab.${ezjail_safename}" ] && ezjail_addfiles="${ezjail_addfiles} /etc/fstab.${ezjail_safename}" + [ -f "/etc/fstab.${ezjail_safename}" ] && ezjail_addfiles=/etc/fstab.${ezjail_safename} cd "${ezjail_rootdir}" || exerr "Error: can't cd to ${ezjail_root}." - pax -wXtz -x ustar ${ezjail_archive_opt} \ - -s:"^[^\\.].*/ezjail\\.conf\$":ezjail.conf: \ + pax -wzXt -x ustar ${ezjail_archive_opt} \ -s:"^[^\\.].*/${ezjail_safename}\$":prop.ezjail-${ezjail_archive_tag}: \ -s:"^[^\\.].*/${ezjail_safename}.norun\$":prop.ezjail-${ezjail_archive_tag}.norun: \ -s:"etc/fstab.${ezjail_safename}\$":fstab.ezjail: \ @@ -875,9 +888,7 @@ archive) ####################### ezjail-admin RESTORE ######################## restore) # Clean variables, prevent polution - unset ezjail_archivedir - -#ezjail_usage_restore="Usage: ${ezjail_admin} restore [-d archivedir] (archive|jailname)..." + unset ezjail_archivedir ezjail_safename shift; while getopts :d: arg; do case ${arg} in d) ezjail_archivedir=${OPTARG};; @@ -911,11 +922,43 @@ restore) fi fi - ezjail_nameprop=`tar tzf ${ezjail_fromarchive} --fast-read prop.ezjail_\*` + # We want to parse some content from archive. In order to reduce + # security implication this may have, we check owner and permission. + # + # However, this does not protect against admins transporting + # archives over insecure lines over the net. + [ `stat -f %u "${ezjail_fromarchive}"` -eq 0 ] || exerr "Error: Insecure ownership of archive ${ezjail_fromarchive}. Please check the file and chown it to root if you trust its source." + [ $(( `stat -f %OLp "${ezjail_fromarchive}"` & 0022 )) -eq 0 ] || exerr "Error: Insecure permissions for archive ${ezjail_fromarchive}. Please check the file and fix permission (chmod og-w) if you trust its source." + + ezjail_nameprop=`pax -zn -f ${ezjail_fromarchive} prop.ezjail-\*` [ $? -eq 0 -a "${ezjail_nameprop}" ] || exerr "Error: File ${ezjail_fromarchive} is not an ezjail archive." - echo "${ezjail_nameprop}" - + # Figure out, what archive believes it contains + ezjail_nameprop_safename=`echo ${ezjail_nameprop} | cut -d '-' -f 2` + + # Figure out system environment when archive was created + ezjail_nameprop_hsname=`echo ${ezjail_nameprop} | cut -d '-' -f 4` + ezjail_nameprop_hsversion=`echo ${ezjail_nameprop} | cut -d '-' -f 5` + ezjail_nameprop_hscpu=`echo ${ezjail_nameprop} | cut -d '-' -f 6` + + # Figure out current system environment + ezjail_hsname=$( echo -n `uname -n` | tr -c '[:alnum:].' _ ) + ezjail_hsversion=$( echo -n `uname -r` | tr -c '[:alnum:].' _ ) + ezjail_hscpu=$( echo -n `uname -p` | tr -c '[:alnum:].' _ ) + + # Catch all errors that will likely create a broken backup + [ "${ezjail_safename}" -a "${ezjail_safename}" != "${ezjail_nameprop_safename}" ] && exerr "Error: Archive name ${ezjail_fromarchive} does not match archived jail ${ezjail_nameprop_safename}." + [ "${ezjail_hsname}" != "${ezjail_nameprop_hsname}" ] && exerr "Error: Can only use restore on the same machine. Consider using \"ezjail-admin create -a\" when migrating ezjails." + [ "${ezjail_hscpu} != "${ezjail_nameprop_hscpu}" ] && exerr Error: Archive was created on a different cpu Can not restore. Consider using \"ezjail-admin create -a\" when migrating ezjails." + + # BIG security hole here. Must trust content of archive +# pax -wzXt -x ustar ${ezjail_fromarchive} \ +# -s:prop.ezjail(): \ +# -s:"^[^\\.].*/${ezjail_safename}.norun\$":prop.ezjail-${ezjail_archive_tag}.norun: \ +# -s:"etc/fstab.${ezjail_safename}\$":fstab.ezjail: \ +# -s:"^\\.":ezjail: \ +# "${ezjail_config}" ${ezjail_addfiles} . + shift 1 done -- cgit v1.2.3