From 6628078be74eb5bd56553c7fa404e9e925b9dc89 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Tue, 21 Mar 2006 14:06:09 +0000 Subject: ezjail.sh now is ready for image jails. Merging ezjail-img.sh to ezjail-admin soon --- ezjail.sh | 95 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 86 insertions(+), 9 deletions(-) (limited to 'ezjail.sh') diff --git a/ezjail.sh b/ezjail.sh index f278166..6fb45ab 100755 --- a/ezjail.sh +++ b/ezjail.sh @@ -14,7 +14,8 @@ # Please do not change this file, configure in EZJAIL_PREFIX/etc/ezjail.conf # ugly: this variable is set on port install time -ezjail_prefix=EZJAIL_PREFIX +#ezjail_prefix=EZJAIL_PREFIX +ezjail_prefix=/usr/local . /etc/rc.subr @@ -32,18 +33,94 @@ do_cmd() { action=$1; message=$2; shift 2; ezjail_list= - [ -n "$*" ] && ezjail_list=`echo -n $* | tr -c "[:alnum:] " _` || echo -n "${message##_}" - ezjail_list=${ezjail_list:-`ls ${ezjail_prefix}/etc/ezjail/`} ezjail_pass= + ezjail_mds= + ezjail_fromrc="YES" + + # If a jail list is given on command line, process it + # If not, fetch it from our config directory + if [ -n "$*" ]; then + ezjail_list=`echo -n $* | tr -c "[:alnum:] " _` + ezjail_fromrc="NO" + else + ezjail_list=${ezjail_list:-`ls ${ezjail_prefix}/etc/ezjail/`} + echo -n "${message##_}" + fi + for ezjail in ${ezjail_list}; do - if [ -f ${ezjail_prefix}/etc/ezjail/${ezjail} ]; then - . ${ezjail_prefix}/etc/ezjail/${ezjail} - ezjail_pass="${ezjail_pass} ${ezjail}" - else - echo " Warning: Jail ${ezjail} not found." - fi + # If jail is temporary disabled (dot in name), skip it + [ ${ezjail%.*} = ${ezjail} ] || continue + + # Check for jails config + [ ! -r ${ezjail_prefix}/etc/ezjail/${ezjail} ] && echo " Warning: Jail ${ezjail} not found." && continue + + # Read config file + . ${ezjail_prefix}/etc/ezjail/${ezjail} + + eval ezjail_root=\"\$jail_${ezjail}_rootdir\" + eval ezjail_image=\"\$jail_${ezjail}_image\" + eval ezjail_crypt=\"\$jail_${ezjail}_cryptimage\" + + # Cannot auto mount crypto jails without interrupting boot process + [ "${ezjail_fromrc}" = "YES" -a "${ezjail_crypt}" = "YES" ] && continue + + # Try to attach (crypto) devices + [ "${ezjail_image}" ] && attach_detach_pre + + ezjail_pass="${ezjail_pass} ${ezjail}" done + + # Pass control to jail script which does the actual work [ "${ezjail_pass}" ] && sh /etc/rc.d/jail one${action} ${ezjail_pass} + + # Can only detach after unmounting (from fstab.JAILNAME in /etc/rc.d/jail) + attach_detach_post +} + +attach_detach_pre () +{ + if [ "${action}" = start ]; then + # If jail is running, do not mount devices, this is the same check as + # /etc/rc.d/jail does + [ -e /var/run/jail_${ezjail}.id ] && return + + # Create a memory disc from jail image + ezjail_device=`mdconfig -a -t vnode -f ${ezjail_image}` + + # If this is a crypto jail, try to mount it, remind user, which jail + # this is. In this case, the device to mount is + if [ "${ezjail_crypt}" = "YES" ]; then + echo "Attaching gbde device for image jail ${ezjail}..." + gbde attach /dev/${ezjail_device} -l ${ezjail_image%.img}.lock + + # Device to mount is not md anymore + ezjail_device=${ezjail_device}.bde + fi + + # relink image device + rm -f ${ezjail_root}.device + ln -s /dev/${ezjail_device} ${ezjail_root}.device + else + # If soft link to device is not set, we cannot unmount + [ -e ${ezjail_root}.device ] || return + + # Fetch destination of soft link + ezjail_device=`stat -f "%Y" ${ezjail_root}.device` + + # Add this device to the list of devices to be unmounted + ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" + + # Remove soft link (which acts as a lock) + rm -f ${ezjail_root}.device + fi +} + +attach_detach_post () { + # In case of a stop, unmount image devices after stopping jails + for md in ${ezjail_mds}; do + [ -e ${md}.bde ] && gbde detach ${md} + mdconfig -d -u ${md#/dev/} + done } run_rc_command $* -- cgit v1.2.3