Cryptoimage creation now works in principle. Follows: a lot of sanity checking and user guidance

author: erdgeist <erdgeist@erdgeist.org> 2006-03-20 12:30:45 +0000
committer: erdgeist <erdgeist@erdgeist.org> 2006-03-20 12:30:45 +0000
commit: d34be4420a086093b328040b3f3fdcb86feda233 (patch)
tree: 1f057c05f6f0e8e713d776d28f12b09db1aee600
parent: c6763b6e35e1cfcd0e6aa3fba945b9326bb9054d (diff)
1 files changed, 37 insertions, 24 deletions
diff --git a/ezjail-img.sh b/ezjail-img.sh
index 6e28c45..b41e7ad 100644
--- a/ezjail-img.sh
+++ b/ezjail-img.sh
@@ -32,9 +32,10 @@ exerr () { echo -e "$*"; exit 1; }
 # define detach strategy for image jails
 detach_images () {
  # unmount and detach memory disc
-  if [ "${newjail_device}" ]; then
+  if [ "${newjail_img_device}" ]; then
    umount ${newjail_root}
-    mdconfig -d -u ${newjail_device}
+    [ "${newjail_image}" = "crypto" ] && gbde detach /dev/${newjail_img_device}
+    mdconfig -d -u ${newjail_img_device}
  fi
 }
@@ -45,13 +46,13 @@ case "$1" in
 ######################## ezjail-admin CREATE ########################
 create)
  shift
-  args=`getopt xf:r:i: $*` || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-i size] [-xc] jailname jailip"
+  args=`getopt xf:r:is:c $*` || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-i size] [-xc] jailname jailip"
  
  newjail_root=
  newjail_flavour=
  newjail_softlink=
+  newjail_image=
  newjail_imagesize=
-  newjail_cryptimage=
  newjail_device=
  newjail_fill="YES"
  
@@ -61,8 +62,9 @@ create)
      -x) newjail_fill="NO"; shift;;
      -r) newjail_root="$2"; shift 2;;
      -f) newjail_flavour="$2"; shift 2;;
-      -i) newjail_imagesize="$2"; shift 2;;
+      -i) newjail_image="simple"; shift;;
-      -c) newjail_cryptimage="YES"; shift;;
+      -s) newjail_imagesize="$2"; shift 2;;
+      -c) newjail_image="crypto"; shift;;
      --) shift; break;;
    esac
  done
@@ -72,7 +74,7 @@ create)
  [ "${newjail_name}" -a "${newjail_ip}" -a $# = 2 ] || exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-x] jailname jailip"
  # check for sanity of settings concerning the image feature
-  [ "${newjail_cryptimage}" = "YES" -a ! "${newjail_imagesize}" ] && exerr "Cryptimages need an image size."
+  [ "${newjail_image}" -a "$newjail_fill" = "YES" -a ! "${newjail_imagesize}" ] && exerr "Image jails need an image size."
  # check, whether ezjail-update has been called. existence of
  # ezjail_jailbase is our indicator
@@ -121,19 +123,30 @@ create)
  # All sanity checks that may lead to errors are hopefully passed here
  #
-  # if image is wanted, check, whether the img-file already is present
+  if [ "${newjail_image}" ]; then
-  if [ "${newjail_imagesize}" ]; then
+    newjail_img=${newjail_root%/}; while [ "${newjail_img}" -a -z "${newjail_img%%*/}" ]; do newjail_img=${newjail_img%/}; done
-    newjail_image=${newjail_root%/}; while [ "${newjail_image}" -a -z "${newjail_image%%*/}" ]; do newjail_image=${newjail_image%/}; done
+    [ -z "${newjail_img}" ] && exerr "Error: Could not determine image file name, something is wrong with the jail root: ${newjail_root}."
-    [ -z "${newjail_image}" ] && exerr "Error: Could not determine image file name, something is wrong with the jail root: ${newjail_root}."
+    newjail_lock=${newjail_img}.lock
-    newjail_image=${newjail_image}.img
+    newjail_img=${newjail_img}.img
-    [ -e "${newjail_image}" ] && exerr "Error: a file exists at the location ${newjail_image}, preventing our own image file to be created."
+    if [ "$newjail_fill" = "YES" ]; then
+      [ -e "${newjail_img}" ] && exerr "Error: a file exists at the location ${newjail_img}, preventing our own image file to be created."
-    touch "${newjail_image}"
+      touch "${newjail_img}"
-    dd if=/dev/random of="${newjail_image}" bs="${newjail_imagesize}" count=1 || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${newjail_image}. The image size provided was ${newjail_imagesize}."
+      dd if=/dev/random of="${newjail_img}" bs="${newjail_imagesize}" count=1 || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${newjail_img}. The image size provided was ${newjail_imagesize}."
-    newjail_device=`mdconfig -a -t vnode -f ${newjail_image}`
+      newjail_img_device=`mdconfig -a -t vnode -f ${newjail_img}`
-    newfs /dev/${newjail_device}
+      if [ "${newjail_image}" = "crypto" ]; then
-    mkdir -p ${newjail_root}
+        gbde init /dev/${newjail_img_device} -L ${newjail_lock}
-    mount /dev/${newjail_device} ${newjail_root}
+        gbde attach /dev/${newjail_img_device} -l ${newjail_lock}
+        newjail_device=${newjail_img_device}.bde
+      else
+        newjail_device=${newjail_img_device}
+      fi
+      newfs /dev/${newjail_device}
+      mkdir -p ${newjail_root}
+      mount /dev/${newjail_device} ${newjail_root}
+    else
+      [ -e ${newjail_root} -a ! -d ${newjail_root} ] && exerr "Error: Could not create mount point for your jail image. A file exists at its location. (For existing image jails, call this tool without the .img suffix when specifying jail root.)"
+      [ -d ${newjail_root} ] || mkdir -p ${newjail_root}
+    fi
  fi
  # now take a copy of our template jail
@@ -149,7 +162,7 @@ create)
  # if the automount feature is not disabled, this fstab entry for new jail
  # will be obeyed
  echo -n > /etc/fstab.${newjail_nname}
-  [ "${newjail_imagesize}" ] && \
+  [ "${newjail_image}" ] && \
  echo ${newjail_root}.device ${newjail_root} ufs rw 0 0 >> /etc/fstab.${newjail_nname}
  echo ${ezjail_jailbase} ${newjail_root}/basejail nullfs ro 0 0 >> /etc/fstab.${newjail_nname}
@@ -166,12 +179,12 @@ create)
  echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
  echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
  [ "${newjail_imagesize}" ] && \
-  echo export jail_${newjail_nname}_image=\"${newjail_image}\" >> ${ezjail_jailcfgs}/${newjail_nname}
+  echo export jail_${newjail_nname}_image=\"${newjail_img}\" >> ${ezjail_jailcfgs}/${newjail_nname}
-  [ "${newjail_cryptimage}" ] && \
+  [ "${newjail_image}" = "crypto" ] && \
  echo export jail_${newjail_nname}_cryptimage=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname}
  # Final steps for flavour installation   
-  if [ "${newjail_flavour}" ]; then
+  if [ "${newjail_fill}" = "YES" -a "${newjail_flavour}" ]; then
    # install files and config to new jail
    cd ${ezjail_flavours}/${newjail_flavour} && find * | cpio -p -v ${newjail_root} > /dev/null
    [ $? = 0 ] || echo "Warning: Could not fully install flavour."
author	erdgeist <erdgeist@erdgeist.org>	2006-03-20 12:30:45 +0000
committer	erdgeist <erdgeist@erdgeist.org>	2006-03-20 12:30:45 +0000
commit	d34be4420a086093b328040b3f3fdcb86feda233 (patch)
tree	1f057c05f6f0e8e713d776d28f12b09db1aee600
parent	c6763b6e35e1cfcd0e6aa3fba945b9326bb9054d (diff)

diff --git a/ezjail-img.sh b/ezjail-img.sh index 6e28c45..b41e7ad 100644 --- a/ezjail-img.sh +++ b/ezjail-img.sh
@@ -32,9 +32,10 @@ exerr () { echo -e "$*"; exit 1; }
32	# define detach strategy for image jails	32	# define detach strategy for image jails
33	detach_images () {	33	detach_images () {
34	# unmount and detach memory disc	34	# unmount and detach memory disc
35	if [ "${newjail_device}" ]; then	35	if [ "${newjail_img_device}" ]; then
36	umount ${newjail_root}	36	umount ${newjail_root}
37	mdconfig -d -u ${newjail_device}	37	[ "${newjail_image}" = "crypto" ] && gbde detach /dev/${newjail_img_device}
		38	mdconfig -d -u ${newjail_img_device}
38	fi	39	fi
39	}	40	}
40		41
@@ -45,13 +46,13 @@ case "$1" in
45	######################## ezjail-admin CREATE ########################	46	######################## ezjail-admin CREATE ########################
46	create)	47	create)
47	shift	48	shift
48	args=`getopt xf:r:i: $*` \|\| exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-i size] [-xc] jailname jailip"	49	args=`getopt xf:r:is:c $*` \|\| exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-i size] [-xc] jailname jailip"
49		50
50	newjail_root=	51	newjail_root=
51	newjail_flavour=	52	newjail_flavour=
52	newjail_softlink=	53	newjail_softlink=
		54	newjail_image=
53	newjail_imagesize=	55	newjail_imagesize=
54	newjail_cryptimage=
55	newjail_device=	56	newjail_device=
56	newjail_fill="YES"	57	newjail_fill="YES"
57		58
@@ -61,8 +62,9 @@ create)
61	-x) newjail_fill="NO"; shift;;	62	-x) newjail_fill="NO"; shift;;
62	-r) newjail_root="$2"; shift 2;;	63	-r) newjail_root="$2"; shift 2;;
63	-f) newjail_flavour="$2"; shift 2;;	64	-f) newjail_flavour="$2"; shift 2;;
64	-i) newjail_imagesize="$2"; shift 2;;	65	-i) newjail_image="simple"; shift;;
65	-c) newjail_cryptimage="YES"; shift;;	66	-s) newjail_imagesize="$2"; shift 2;;
		67	-c) newjail_image="crypto"; shift;;
66	--) shift; break;;	68	--) shift; break;;
67	esac	69	esac
68	done	70	done
@@ -72,7 +74,7 @@ create)
72	[ "${newjail_name}" -a "${newjail_ip}" -a $# = 2 ] \|\| exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-x] jailname jailip"	74	[ "${newjail_name}" -a "${newjail_ip}" -a $# = 2 ] \|\| exerr "Usage: `basename -- $0` create [-f flavour] [-r jailroot] [-x] jailname jailip"
73		75
74	# check for sanity of settings concerning the image feature	76	# check for sanity of settings concerning the image feature
75	[ "${newjail_cryptimage}" = "YES" -a ! "${newjail_imagesize}" ] && exerr "Cryptimages need an image size."	77	[ "${newjail_image}" -a "$newjail_fill" = "YES" -a ! "${newjail_imagesize}" ] && exerr "Image jails need an image size."
76		78
77	# check, whether ezjail-update has been called. existence of	79	# check, whether ezjail-update has been called. existence of
78	# ezjail_jailbase is our indicator	80	# ezjail_jailbase is our indicator
@@ -121,19 +123,30 @@ create)
121	# All sanity checks that may lead to errors are hopefully passed here	123	# All sanity checks that may lead to errors are hopefully passed here
122	#	124	#
123		125
124	# if image is wanted, check, whether the img-file already is present	126	if [ "${newjail_image}" ]; then
125	if [ "${newjail_imagesize}" ]; then	127	newjail_img=${newjail_root%/}; while [ "${newjail_img}" -a -z "${newjail_img%%*/}" ]; do newjail_img=${newjail_img%/}; done
126	newjail_image=${newjail_root%/}; while [ "${newjail_image}" -a -z "${newjail_image%%*/}" ]; do newjail_image=${newjail_image%/}; done	128	[ -z "${newjail_img}" ] && exerr "Error: Could not determine image file name, something is wrong with the jail root: ${newjail_root}."
127	[ -z "${newjail_image}" ] && exerr "Error: Could not determine image file name, something is wrong with the jail root: ${newjail_root}."	129	newjail_lock=${newjail_img}.lock
128	newjail_image=${newjail_image}.img	130	newjail_img=${newjail_img}.img
129	[ -e "${newjail_image}" ] && exerr "Error: a file exists at the location ${newjail_image}, preventing our own image file to be created."	131	if [ "$newjail_fill" = "YES" ]; then
130		132	[ -e "${newjail_img}" ] && exerr "Error: a file exists at the location ${newjail_img}, preventing our own image file to be created."
131	touch "${newjail_image}"	133	touch "${newjail_img}"
132	dd if=/dev/random of="${newjail_image}" bs="${newjail_imagesize}" count=1 \|\| exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${newjail_image}. The image size provided was ${newjail_imagesize}."	134	dd if=/dev/random of="${newjail_img}" bs="${newjail_imagesize}" count=1 \|\| exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${newjail_img}. The image size provided was ${newjail_imagesize}."
133	newjail_device=`mdconfig -a -t vnode -f ${newjail_image}`	135	newjail_img_device=`mdconfig -a -t vnode -f ${newjail_img}`
134	newfs /dev/${newjail_device}	136	if [ "${newjail_image}" = "crypto" ]; then
135	mkdir -p ${newjail_root}	137	gbde init /dev/${newjail_img_device} -L ${newjail_lock}
136	mount /dev/${newjail_device} ${newjail_root}	138	gbde attach /dev/${newjail_img_device} -l ${newjail_lock}
		139	newjail_device=${newjail_img_device}.bde
		140	else
		141	newjail_device=${newjail_img_device}
		142	fi
		143	newfs /dev/${newjail_device}
		144	mkdir -p ${newjail_root}
		145	mount /dev/${newjail_device} ${newjail_root}
		146	else
		147	[ -e ${newjail_root} -a ! -d ${newjail_root} ] && exerr "Error: Could not create mount point for your jail image. A file exists at its location. (For existing image jails, call this tool without the .img suffix when specifying jail root.)"
		148	[ -d ${newjail_root} ] \|\| mkdir -p ${newjail_root}
		149	fi
137	fi	150	fi
138		151
139	# now take a copy of our template jail	152	# now take a copy of our template jail
@@ -149,7 +162,7 @@ create)
149	# if the automount feature is not disabled, this fstab entry for new jail	162	# if the automount feature is not disabled, this fstab entry for new jail
150	# will be obeyed	163	# will be obeyed
151	echo -n > /etc/fstab.${newjail_nname}	164	echo -n > /etc/fstab.${newjail_nname}
152	[ "${newjail_imagesize}" ] && \	165	[ "${newjail_image}" ] && \
153	echo ${newjail_root}.device ${newjail_root} ufs rw 0 0 >> /etc/fstab.${newjail_nname}	166	echo ${newjail_root}.device ${newjail_root} ufs rw 0 0 >> /etc/fstab.${newjail_nname}
154	echo ${ezjail_jailbase} ${newjail_root}/basejail nullfs ro 0 0 >> /etc/fstab.${newjail_nname}	167	echo ${ezjail_jailbase} ${newjail_root}/basejail nullfs ro 0 0 >> /etc/fstab.${newjail_nname}
155		168
@@ -166,12 +179,12 @@ create)
166	echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}	179	echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
167	echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}	180	echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
168	[ "${newjail_imagesize}" ] && \	181	[ "${newjail_imagesize}" ] && \
169	echo export jail_${newjail_nname}_image=\"${newjail_image}\" >> ${ezjail_jailcfgs}/${newjail_nname}	182	echo export jail_${newjail_nname}_image=\"${newjail_img}\" >> ${ezjail_jailcfgs}/${newjail_nname}
170	[ "${newjail_cryptimage}" ] && \	183	[ "${newjail_image}" = "crypto" ] && \
171	echo export jail_${newjail_nname}_cryptimage=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname}	184	echo export jail_${newjail_nname}_cryptimage=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname}
172		185
173	# Final steps for flavour installation	186	# Final steps for flavour installation
174	if [ "${newjail_flavour}" ]; then	187	if [ "${newjail_fill}" = "YES" -a "${newjail_flavour}" ]; then
175	# install files and config to new jail	188	# install files and config to new jail
176	cd ${ezjail_flavours}/${newjail_flavour} && find * \| cpio -p -v ${newjail_root} > /dev/null	189	cd ${ezjail_flavours}/${newjail_flavour} && find * \| cpio -p -v ${newjail_root} > /dev/null
177	[ $? = 0 ] \|\| echo "Warning: Could not fully install flavour."	190	[ $? = 0 ] \|\| echo "Warning: Could not fully install flavour."