From baec435b801660b649255dac22865d46a42ea80c Mon Sep 17 00:00:00 2001
From: erdgeist <erdgeist@erdgeist.org>
Date: Sat, 19 Nov 2005 04:27:56 +0000
Subject: Checks for already listening services added

---
 ezjail-admin | 28 +++++++++++++++++++++++-----
 1 file changed, 23 insertions(+), 5 deletions(-)

(limited to 'ezjail-admin')

diff --git a/ezjail-admin b/ezjail-admin
index 48dfdc8..b73ebc6 100755
--- a/ezjail-admin
+++ b/ezjail-admin
@@ -55,10 +55,6 @@ create)
   # we need at least a name and an ip for new jail
   [ "$newjail_name" -a "$newjail_ip" -a $# = 2 ] || exerr 'Usage: ezjail create [-f flavour] [-r jailroot] [-x] jailname jailip'
 
-  # check, whether IP is configured on a local interface, warn if it isnt
-  ping -c 1 -m 1 -t 1 -q $newjail_ip > /dev/null
-  [ $? = 0 ] || echo "Warning: IP $newjail_ip not configured on a local interface"
-
   # check, whether ezjail-update has been called. existence of
   # ezjail_jailbase is our indicator
   [ -d $ezjail_jailbase ] || exerr "Error: base jail does not exist. Please run 'ezjail-admin update' first"
@@ -128,11 +124,33 @@ create)
   echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\"   >> ${ezjail_jailcfgs}/${newjail_nname}
   echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
 
+  # check, whether IP is configured on a local interface, warn if it isnt
+  ping -c 1 -m 1 -t 1 -q $newjail_ip > /dev/null
+  [ $? = 0 ] || echo "Warning: IP $newjail_ip not configured on a local interface"
+
+  # check, whether some host system services do listen on the Jails IP
+  TIFS=$IFS; IFS=_
+  newjail_listener=`sockstat -4 -l | grep $newjail_ip:[[:digit:]]`
+  if [ $? = 0 ]; then
+    echo "Warning: Some services already seem to be listening on IP $newjail_ip"
+    echo "         This may cause some confusion, here they are:"
+    echo $newjail_listener
+  fi
+
+  newjail_listener=`sockstat -4 -l | grep \*:[[:digit:]]`
+  if [ $? = 0 ]; then
+    echo "Warning: Some services already seem to be listening on all IPs"
+    echo "         (including $newjail_ip)"
+    echo "         This may cause some confusion, here they are:"
+    echo $newjail_listener
+  fi
+  IFS=$TIFS
+
   # Final steps for flavour installation
   if [ "${newjail_flav}" ]; then
     install -o root -g wheel -m 0755 ${newjail_flav} ${newjail_root}/etc/ezjail.flavour
     install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh
-    echo "Shell scripts installed, flavourizing on jails first startup"
+    echo "Note: Shell scripts installed, flavourizing on jails first startup"
   fi
 
   ;;
-- 
cgit v1.2.3