diff options
| -rwxr-xr-x | ezjail.sh | 54 |
1 files changed, 27 insertions, 27 deletions
| @@ -40,23 +40,23 @@ do_cmd() | |||
| 40 | 40 | ||
| 41 | # If a jail list is given on command line, process it | 41 | # If a jail list is given on command line, process it |
| 42 | # If not, fetch it from our config directory | 42 | # If not, fetch it from our config directory |
| 43 | if [ -n "$*" ]; then | 43 | if [ "$*" ]; then |
| 44 | ezjail_list=`echo -n $* | tr -c '[:alnum:] ' '_'` | 44 | ezjail_list=`echo -n $* | tr -c '[:alnum:] ' '_'` |
| 45 | ezjail_fromrc="NO" | 45 | ezjail_fromrc="NO" |
| 46 | else | 46 | else |
| 47 | [ -d ${ezjail_prefix}/etc/ezjail/ ] && cd ${ezjail_prefix}/etc/ezjail/ && ezjail_list=`ls | xargs rcorder` | 47 | [ -d "${ezjail_prefix}/etc/ezjail/" ] && cd "${ezjail_prefix}/etc/ezjail/" && ezjail_list=`ls | xargs rcorder` |
| 48 | echo -n "${message##_}" | 48 | echo -n "${message##_}" |
| 49 | fi | 49 | fi |
| 50 | 50 | ||
| 51 | for ezjail in ${ezjail_list}; do | 51 | for ezjail in ${ezjail_list}; do |
| 52 | # If jail is temporary disabled (dot in name), skip it | 52 | # If jail is temporary disabled (dot in name), skip it |
| 53 | [ "${ezjail%.*}" != "${ezjail}" ] && continue | 53 | [ -f "${ezjail_prefix}/etc/ezjail/${ezjail}.norun" -o "${ezjail%.*}" != "${ezjail}" ] && echo -n " skipping ${ezjail}" && continue |
| 54 | 54 | ||
| 55 | # Check for jails config | 55 | # Check for jails config |
| 56 | [ ! -r ${ezjail_prefix}/etc/ezjail/${ezjail} ] && echo " Warning: Jail ${ezjail} not found." && continue | 56 | [ ! -r "${ezjail_prefix}/etc/ezjail/${ezjail}" ] && echo " Warning: Jail ${ezjail} not found." && continue |
| 57 | 57 | ||
| 58 | # Read config file | 58 | # Read config file |
| 59 | . ${ezjail_prefix}/etc/ezjail/${ezjail} | 59 | . "${ezjail_prefix}/etc/ezjail/${ezjail}" |
| 60 | 60 | ||
| 61 | eval ezjail_rootdir=\"\$jail_${ezjail}_rootdir\" | 61 | eval ezjail_rootdir=\"\$jail_${ezjail}_rootdir\" |
| 62 | eval ezjail_image=\"\$jail_${ezjail}_image\" | 62 | eval ezjail_image=\"\$jail_${ezjail}_image\" |
| @@ -68,16 +68,16 @@ do_cmd() | |||
| 68 | # Do we still have a root to run in? | 68 | # Do we still have a root to run in? |
| 69 | [ ! -d "${ezjail_rootdir}" ] && echo " Warning: root directory ${ezjail_rootdir} of ${ezjail} does not exist." && continue | 69 | [ ! -d "${ezjail_rootdir}" ] && echo " Warning: root directory ${ezjail_rootdir} of ${ezjail} does not exist." && continue |
| 70 | 70 | ||
| 71 | [ "${ezjail_attachblocking}" = "YES" -o "${ezjail_forceblocking}" = "YES" ] && ezjail_blocking="YES" || unset ezjail_blocking | 71 | [ "${ezjail_attachblocking}" -o "${ezjail_forceblocking}" ] && ezjail_blocking="YES" || unset ezjail_blocking |
| 72 | 72 | ||
| 73 | # Cannot auto mount blocking jails without interrupting boot process | 73 | # Cannot auto mount blocking jails without interrupting boot process |
| 74 | [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" -a "${ezjail_blocking}" = "YES" ] && echo -n " ...skipping blocking jail ${ezjail}" && continue | 74 | [ "${ezjail_fromrc}" -a "${action}" = "start" -a "${ezjail_blocking}" ] && echo -n " ...skipping blocking jail ${ezjail}" && continue |
| 75 | 75 | ||
| 76 | # Explicitely do only run blocking crypto jails when *crypto is requested | 76 | # Explicitely do only run blocking crypto jails when *crypto is requested |
| 77 | [ "${action%crypto}" != "${action}" -a -z "${ezjail_blocking}" ] && continue | 77 | [ "${action%crypto}" != "${action}" -a "${ezjail_blocking}" ] && continue |
| 78 | 78 | ||
| 79 | # Try to attach (crypto) devices | 79 | # Try to attach (crypto) devices |
| 80 | if [ -n "${ezjail_image}" ]; then | 80 | if [ "${ezjail_image}" ]; then |
| 81 | attach_detach_pre || continue | 81 | attach_detach_pre || continue |
| 82 | fi | 82 | fi |
| 83 | 83 | ||
| @@ -97,7 +97,7 @@ attach_detach_pre () | |||
| 97 | start|restart) | 97 | start|restart) |
| 98 | # If jail is running, do not mount devices, this is the same check as | 98 | # If jail is running, do not mount devices, this is the same check as |
| 99 | # /etc/rc.d/jail does | 99 | # /etc/rc.d/jail does |
| 100 | [ -e /var/run/jail_${ezjail}.id ] && return 0 | 100 | [ -e "/var/run/jail_${ezjail}.id" ] && return 0 |
| 101 | 101 | ||
| 102 | if [ -L "${ezjail_rootdir}.device" ]; then | 102 | if [ -L "${ezjail_rootdir}.device" ]; then |
| 103 | # Fetch destination of soft link | 103 | # Fetch destination of soft link |
| @@ -107,7 +107,7 @@ attach_detach_pre () | |||
| 107 | mount -p -v | grep -E "^${ezjail_device}.${ezjail_rootdir}" && echo "Warning: Skipping jail. Jail image file ${ezjail} already attached as ${ezjail_device}. 'ezjail-admin config -i detach' it first." && return 1 | 107 | mount -p -v | grep -E "^${ezjail_device}.${ezjail_rootdir}" && echo "Warning: Skipping jail. Jail image file ${ezjail} already attached as ${ezjail_device}. 'ezjail-admin config -i detach' it first." && return 1 |
| 108 | 108 | ||
| 109 | # Remove stale device link | 109 | # Remove stale device link |
| 110 | rm -f ${ezjail_rootdir}.device | 110 | rm -f "${ezjail_rootdir}.device" |
| 111 | fi | 111 | fi |
| 112 | 112 | ||
| 113 | # Create a memory disc from jail image | 113 | # Create a memory disc from jail image |
| @@ -118,43 +118,43 @@ attach_detach_pre () | |||
| 118 | case ${ezjail_imagetype} in | 118 | case ${ezjail_imagetype} in |
| 119 | crypto|bde) | 119 | crypto|bde) |
| 120 | echo "Attaching bde device for image jail ${ezjail}..." | 120 | echo "Attaching bde device for image jail ${ezjail}..." |
| 121 | echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh | 121 | echo gbde attach "/dev/${ezjail_device}" ${ezjail_attachparams} | /bin/sh |
| 122 | if [ $? -ne 0 ]; then | 122 | if [ $? -ne 0 ]; then |
| 123 | mdconfig -d -u ${ezjail_device} > /dev/null | 123 | mdconfig -d -u "${ezjail_device}" > /dev/null |
| 124 | echo "Error: Attaching bde device failed."; return 1 | 124 | echo "Error: Attaching bde device failed."; return 1 |
| 125 | fi | 125 | fi |
| 126 | # Device to mount is not md anymore | 126 | # Device to mount is not md anymore |
| 127 | ezjail_device=${ezjail_device}.bde | 127 | ezjail_device="${ezjail_device}.bde" |
| 128 | ;; | 128 | ;; |
| 129 | eli) | 129 | eli) |
| 130 | echo "Attaching eli device for image jail ${ezjail}..." | 130 | echo "Attaching eli device for image jail ${ezjail}..." |
| 131 | echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh | 131 | echo geli attach ${ezjail_attachparams} "/dev/${ezjail_device}" | /bin/sh |
| 132 | if [ $? -ne 0 ]; then | 132 | if [ $? -ne 0 ]; then |
| 133 | mdconfig -d -u ${ezjail_device} > /dev/null | 133 | mdconfig -d -u "${ezjail_device}" > /dev/null |
| 134 | echo "Error: Attaching eli device failed."; return 1 | 134 | echo "Error: Attaching eli device failed."; return 1 |
| 135 | fi | 135 | fi |
| 136 | # Device to mount is not md anymore | 136 | # Device to mount is not md anymore |
| 137 | ezjail_device=${ezjail_device}.eli | 137 | ezjail_device="${ezjail_device}.eli" |
| 138 | ;; | 138 | ;; |
| 139 | esac | 139 | esac |
| 140 | 140 | ||
| 141 | # Clean image | 141 | # Clean image |
| 142 | fsck -t ufs -p -B /dev/${ezjail_device} | 142 | fsck -t ufs -p -B "/dev/${ezjail_device}" |
| 143 | 143 | ||
| 144 | # relink image device | 144 | # relink image device |
| 145 | rm -f ${ezjail_rootdir}.device | 145 | rm -f "${ezjail_rootdir}.device" |
| 146 | ln -s /dev/${ezjail_device} ${ezjail_rootdir}.device | 146 | ln -s "/dev/${ezjail_device}" "${ezjail_rootdir}.device" |
| 147 | ;; | 147 | ;; |
| 148 | stop) | 148 | stop) |
| 149 | # If jail is not running, do not unmount devices, this is the same check | 149 | # If jail is not running, do not unmount devices, this is the same check |
| 150 | # as /etc/rc.d/jail does | 150 | # as /etc/rc.d/jail does |
| 151 | [ -e /var/run/jail_${ezjail}.id ] || return 1 | 151 | [ -e "/var/run/jail_${ezjail}.id" ] || return 1 |
| 152 | 152 | ||
| 153 | # If soft link to device is not set, we cannot unmount | 153 | # If soft link to device is not set, we cannot unmount |
| 154 | [ -e ${ezjail_rootdir}.device ] || return | 154 | [ -e "${ezjail_rootdir}.device" ] || return |
| 155 | 155 | ||
| 156 | # Fetch destination of soft link | 156 | # Fetch destination of soft link |
| 157 | ezjail_device=`stat -f "%Y" ${ezjail_rootdir}.device` | 157 | ezjail_device=`stat -f "%Y" "${ezjail_rootdir}.device"` |
| 158 | 158 | ||
| 159 | # Add this device to the list of devices to be unmounted | 159 | # Add this device to the list of devices to be unmounted |
| 160 | case ${ezjail_imagetype} in | 160 | case ${ezjail_imagetype} in |
| @@ -164,7 +164,7 @@ attach_detach_pre () | |||
| 164 | esac | 164 | esac |
| 165 | 165 | ||
| 166 | # Remove soft link (which acts as a lock) | 166 | # Remove soft link (which acts as a lock) |
| 167 | rm -f ${ezjail_rootdir}.device | 167 | rm -f "${ezjail_rootdir}.device" |
| 168 | ;; | 168 | ;; |
| 169 | esac | 169 | esac |
| 170 | } | 170 | } |
| @@ -172,9 +172,9 @@ attach_detach_pre () | |||
| 172 | attach_detach_post () { | 172 | attach_detach_post () { |
| 173 | # In case of a stop, unmount image devices after stopping jails | 173 | # In case of a stop, unmount image devices after stopping jails |
| 174 | for md in ${ezjail_mds}; do | 174 | for md in ${ezjail_mds}; do |
| 175 | [ -e ${md}.bde ] && gbde detach ${md} | 175 | [ -e "${md}.bde" ] && gbde detach "${md}" |
| 176 | [ -e ${md}.eli ] && geli detach ${md} | 176 | [ -e "${md}.eli" ] && geli detach "${md}" |
| 177 | mdconfig -d -u ${md#/dev/} | 177 | mdconfig -d -u "${md#/dev/}" |
| 178 | done | 178 | done |
| 179 | } | 179 | } |
| 180 | 180 | ||