diff options
-rwxr-xr-x | ezjail-admin | 322 |
1 files changed, 103 insertions, 219 deletions
diff --git a/ezjail-admin b/ezjail-admin index 0cac308..1e8207b 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
@@ -144,6 +144,41 @@ start_stop_jail_by_script () { | |||
144 | [ ${ezjail_success_check} "${ezjail_id}" ] || exerr "Error: Could not ${ezjail_action} ${ezjail_name}.\n You need to ${ezjail_action} it by hand." | 144 | [ ${ezjail_success_check} "${ezjail_id}" ] || exerr "Error: Could not ${ezjail_action} ${ezjail_name}.\n You need to ${ezjail_action} it by hand." |
145 | } | 145 | } |
146 | 146 | ||
147 | # write everything we know about an ezjail to config | ||
148 | writejailinfo () { | ||
149 | ezjail_destconf=$1 | ||
150 | ezjail_sourceconf=$2 | ||
151 | |||
152 | ( | ||
153 | if [ "${ezjail_sourceconf}" ]; then | ||
154 | grep -E ^\# ${ezjail_sourceconf}; echo | ||
155 | else | ||
156 | echo -e "# To specify the start up order of your ezjails, use these lines to\n# create a Jail dependency tree. See rcorder(8) for more details." | ||
157 | echo -e "#\n# PROVIDE: standard_ezjail\n# REQUIRE: \n# BEFORE: \n#\n" | ||
158 | fi | ||
159 | |||
160 | echo export jail_${ezjail_safename}_hostname=\"${ezjail_hostname}\" | ||
161 | echo export jail_${ezjail_safename}_ip=\"${ezjail_ips}\" | ||
162 | echo export jail_${ezjail_safename}_rootdir=\"${ezjail_rootdir}\" | ||
163 | echo export jail_${ezjail_safename}_exec=\"/bin/sh /etc/rc\" | ||
164 | echo export jail_${ezjail_safename}_mount_enable=\"${ezjail_mount_enable}\" | ||
165 | echo export jail_${ezjail_safename}_devfs_enable=\"${ezjail_devfs_enable}\" | ||
166 | echo export jail_${ezjail_safename}_devfs_ruleset=\"devfsrules_jail\" | ||
167 | echo export jail_${ezjail_safename}_procfs_enable=\"${ezjail_procfs_enable}\" | ||
168 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" | ||
169 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" | ||
170 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" | ||
171 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" | ||
172 | echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" | ||
173 | echo export jail_${ezjail_safename}_forceblocking=\"${ezjail_forceblocking}\" | ||
174 | echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_zfs_datasets}\" | ||
175 | echo export jail_${ezjail_safename}_cpuset=\"${ezjail_cpuset}\" | ||
176 | echo export jail_${ezjail_safename}_fib=\"${ezjail_fib}\" | ||
177 | |||
178 | ) > "${ezjail_destconf}" | ||
179 | |||
180 | } | ||
181 | |||
147 | # fetch everything we need to know about an ezjail from config | 182 | # fetch everything we need to know about an ezjail from config |
148 | fetchjailinfo () { | 183 | fetchjailinfo () { |
149 | ezjail_name=$1 | 184 | ezjail_name=$1 |
@@ -383,20 +418,14 @@ create) | |||
383 | # we need at least a name and an ip for new jail | 418 | # we need at least a name and an ip for new jail |
384 | [ "${ezjail_name}" -a "${ezjail_ips}" -a $# -eq 2 ] || exerr ${ezjail_usage_create} | 419 | [ "${ezjail_name}" -a "${ezjail_ips}" -a $# -eq 2 ] || exerr ${ezjail_usage_create} |
385 | 420 | ||
386 | # show the user the type of image used | ||
387 | echo "TYPE: $ezjail_imagetype" | ||
388 | |||
389 | # check for an active ZFS zpool | 421 | # check for an active ZFS zpool |
390 | if [ "${ezjail_imagetype}" = "zfs" ]; then | 422 | [ "${ezjail_imagetype}" = "zfs" ] && check_for_zpool |
391 | check_for_zpool | ||
392 | fi | ||
393 | 423 | ||
394 | # check for sanity of settings concerning the image feature | 424 | # check for sanity of settings concerning the image feature |
395 | if [ "${ezjail_imagetype}" != "zfs" ]; then | 425 | if [ "${ezjail_imagetype}" != "zfs" ]; then |
396 | [ -z "${ezjail_imagetype}" -o "${ezjail_exists}" -o "${ezjail_imagesize}" ] || exerr "Error: Image jails need an image size." | 426 | [ -z "${ezjail_imagetype}" -o "${ezjail_exists}" -o "${ezjail_imagesize}" ] || exerr "Error: Image jails need an image size." |
397 | fi | 427 | fi |
398 | 428 | ||
399 | |||
400 | # check for a sane image type | 429 | # check for a sane image type |
401 | case ${ezjail_imagetype} in ""|simple|bde|eli|zfs) ;; *) exerr ${ezjail_usage_create};; esac | 430 | case ${ezjail_imagetype} in ""|simple|bde|eli|zfs) ;; *) exerr ${ezjail_usage_create};; esac |
402 | 431 | ||
@@ -447,7 +476,7 @@ create) | |||
447 | # directory, we need to create a softlink | 476 | # directory, we need to create a softlink |
448 | if [ "${ezjail_rootdir##${ezjail_jaildir}}" = "${ezjail_rootdir}" ]; then | 477 | if [ "${ezjail_rootdir##${ezjail_jaildir}}" = "${ezjail_rootdir}" ]; then |
449 | ezjail_softlink=${ezjail_jaildir}/`basename -- "${ezjail_rootdir}"` | 478 | ezjail_softlink=${ezjail_jaildir}/`basename -- "${ezjail_rootdir}"` |
450 | [ -e "${ezjail_softlink}" ] && exerr "Error: An ezjail already exists at ${ezjail_softlink}.\n Please specify another jail root with the -r switch." | 479 | [ -e "${ezjail_softlink}" ] && ezjail_softlink=`mktemp -u "${ezjail_softlink}.XXXXXX"` |
451 | fi | 480 | fi |
452 | 481 | ||
453 | # do some sanity checks on the selected flavour (if any) | 482 | # do some sanity checks on the selected flavour (if any) |
@@ -576,7 +605,7 @@ create) | |||
576 | fi | 605 | fi |
577 | 606 | ||
578 | # if a soft link is necessary, create it now | 607 | # if a soft link is necessary, create it now |
579 | [ "${ezjail_softlink}" ] && ln -s "${ezjail_rootdir}" "${ezjail_softlink}" | 608 | [ "${ezjail_softlink}" ] && ln -fs "${ezjail_rootdir}" "${ezjail_softlink}" |
580 | 609 | ||
581 | # if the automount feature is not disabled, this fstab entry for new jail | 610 | # if the automount feature is not disabled, this fstab entry for new jail |
582 | # will be obeyed | 611 | # will be obeyed |
@@ -588,31 +617,7 @@ create) | |||
588 | 617 | ||
589 | # now, where everything seems to have gone right, create control file in | 618 | # now, where everything seems to have gone right, create control file in |
590 | # ezjails config dir | 619 | # ezjails config dir |
591 | ( | 620 | writejailinfo "${ezjail_config}" "${ezjail_fromarchive_config}" |
592 | if [ "${ezjail_fromarchive_config}" ]; then | ||
593 | grep -E ^\# ${ezjail_fromarchive_config}; echo | ||
594 | else | ||
595 | echo -e "# To specify the start up order of your ezjails, use these lines to\n# create a Jail dependency tree. See rcorder(8) for more details." | ||
596 | echo -e "#\n# PROVIDE: standard_ezjail\n# REQUIRE: \n# BEFORE: \n#\n" | ||
597 | fi | ||
598 | echo export jail_${ezjail_safename}_hostname=\"${ezjail_hostname}\" | ||
599 | echo export jail_${ezjail_safename}_ip=\"${ezjail_ips}\" | ||
600 | echo export jail_${ezjail_safename}_rootdir=\"${ezjail_rootdir}\" | ||
601 | echo export jail_${ezjail_safename}_exec=\"/bin/sh /etc/rc\" | ||
602 | echo export jail_${ezjail_safename}_mount_enable=\"${ezjail_mount_enable}\" | ||
603 | echo export jail_${ezjail_safename}_devfs_enable=\"${ezjail_devfs_enable}\" | ||
604 | echo export jail_${ezjail_safename}_devfs_ruleset=\"devfsrules_jail\" | ||
605 | echo export jail_${ezjail_safename}_procfs_enable=\"${ezjail_procfs_enable}\" | ||
606 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" | ||
607 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" | ||
608 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" | ||
609 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" | ||
610 | echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" | ||
611 | echo export jail_${ezjail_safename}_forceblocking=\"${ezjail_forceblocking}\" | ||
612 | echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_zfs_datasets}\" | ||
613 | echo export jail_${ezjail_safename}_cpuset=\"${ezjail_cpuset}\" | ||
614 | echo export jail_${ezjail_safename}_fib=\"${ezjail_fib}\" | ||
615 | ) > "${ezjail_config}" | ||
616 | 621 | ||
617 | # Final steps for flavour installation | 622 | # Final steps for flavour installation |
618 | if [ -z "${ezjail_exists}" -a "${ezjail_flavour}" ]; then | 623 | if [ -z "${ezjail_exists}" -a "${ezjail_flavour}" ]; then |
@@ -1160,7 +1165,7 @@ restore) | |||
1160 | ######################## ezjail-admin CONFIG ######################## | 1165 | ######################## ezjail-admin CONFIG ######################## |
1161 | config) | 1166 | config) |
1162 | # Clean variables, prevent polution | 1167 | # Clean variables, prevent polution |
1163 | unset ezjail_setrunnable ezjail_imageaction ezjail_new_name ezjail_new_zfs_datasets ezjail_new_cpuset ezjail_new_fib | 1168 | unset ezjail_setrunnable ezjail_imageaction ezjail_new_name ezjail_new_zfs_datasets ezjail_new_cpuset ezjail_new_fib ezjail_old_config |
1164 | 1169 | ||
1165 | shift; while getopts :r:i:n:z:c:f: arg; do case ${arg} in | 1170 | shift; while getopts :r:i:n:z:c:f: arg; do case ${arg} in |
1166 | i) ezjail_imageaction=${OPTARG};; | 1171 | i) ezjail_imageaction=${OPTARG};; |
@@ -1168,7 +1173,8 @@ config) | |||
1168 | n) ezjail_new_name=${OPTARG};; | 1173 | n) ezjail_new_name=${OPTARG};; |
1169 | z) ezjail_new_zfs_datasets=${OPTARG};; | 1174 | z) ezjail_new_zfs_datasets=${OPTARG};; |
1170 | c) ezjail_new_cpuset=${OPTARG};; | 1175 | c) ezjail_new_cpuset=${OPTARG};; |
1171 | f) ezjail_new_fib=${OPTARG};; | 1176 | f) ezjail_new_fib=${OPTARG} |
1177 | [ "${ezjail_new_fib}" -ge 0 ] || exerr "Error: fib number has to be an integer.";; | ||
1172 | ?) exerr ${ezjail_usage_config};; | 1178 | ?) exerr ${ezjail_usage_config};; |
1173 | esac; done; shift $(( ${OPTIND} - 1 )) | 1179 | esac; done; shift $(( ${OPTIND} - 1 )) |
1174 | 1180 | ||
@@ -1177,224 +1183,102 @@ config) | |||
1177 | # Jail name mandatory | 1183 | # Jail name mandatory |
1178 | fetchjailinfo $1 | 1184 | fetchjailinfo $1 |
1179 | 1185 | ||
1180 | # check for existence of jail in our records | 1186 | # Check for existence of jail in our records |
1181 | [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." | 1187 | [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." |
1182 | 1188 | ||
1183 | # Nothing to be configured? | 1189 | # Nothing to be configured? |
1184 | [ "${ezjail_setrunnable}" -o "${ezjail_new_name}" -o "${ezjail_imageaction}" -o "${ezjail_new_zfs_datasets}" -o "${ezjail_new_cpuset}" -o "${ezjail_new_fib}" ] || echo "Warning: No config option specified." | 1190 | [ -n "${ezjail_setrunnable}" -o -n "${ezjail_new_name}" -o -n "${ezjail_imageaction}" -o -n "${ezjail_new_zfs_datasets}" -o -n "${ezjail_new_cpuset}" -o -n "${ezjail_new_fib}" ] || exerr ${ezjail_usage_config} |
1185 | 1191 | ||
1186 | # Do we want a new name for our jail? | 1192 | [ -n "${ezjail_id}" -a -n "${ezjail_new_name}" ] && exerr "Error: Jail ${ezjail_name} appears to be still running.\n '${ezjail_admin} stop ${ezjail_name}' it first." |
1187 | if [ "${ezjail_new_name}" ]; then | 1193 | [ -n "${ezjail_id}" ] && [ -n "${ezjail_new_zfs_datasets}" -o -n "${ezjail_new_fib}" ] && echo "Warning: New settings for running jail ${ezjail_name} will only take effect when next restarting it." |
1188 | # if jail is still running, refuse to go any further | 1194 | |
1189 | [ "${ezjail_id}" ] && exerr "Error: Jail appears to be still running.\n '${ezjail_admin} stop ${ezjail_name}' it first ." | 1195 | # Mark old config as source for new config written later |
1196 | [ -n "${ezjail_new_name}" -o -n "${ezjail_new_zfs_datasets}" -o -n "${ezjail_new_cpuset}" -o -n "${ezjail_new_fib}" ] && ezjail_old_config="${ezjail_config}" | ||
1190 | 1197 | ||
1198 | [ "${ezjail_new_zfs_datasets}" ] && ezjail_zfs_datasets="${ezjail_new_zfs_datasets}" | ||
1199 | [ "${ezjail_new_fib}" ] && ezjail_fib="${ezjail_new_fib}" | ||
1200 | if [ "${ezjail_new_cpuset}" ]; then | ||
1201 | # Configure the new cpuset if the jail is currently running | ||
1202 | [ "${ezjail_id}" ] && /usr/bin/cpuset -l ${ezjail_new_cpuset} -j ${ezjail_id} || exerr "Error: The defined cpuset is malformed." | ||
1203 | ezjail_cpuset="${ezjail_new_cpuset}" | ||
1204 | fi | ||
1205 | |||
1206 | # Do we want a new name for our jail? | ||
1207 | if [ "${ezjail_new_name}" -a "${ezjail_new_name}" != "${ezjail_name}" ]; then | ||
1191 | # Cannot rename an attached jail | 1208 | # Cannot rename an attached jail |
1192 | [ "${ezjail_attached}" ] && exerr "Error: Jail image file ${ezjail_image} is attached as ${ezjail_device}.\n '${ezjail_admin} config -i detach ${ezjail_name}' it first." | 1209 | [ "${ezjail_attached}" ] && exerr "Error: Jail image file ${ezjail_image} is attached as ${ezjail_device}.\n '${ezjail_admin} config -i detach ${ezjail_name}' it first." |
1193 | 1210 | ||
1211 | # Save some old values | ||
1212 | ezjail_old_hostname="${ezjail_hostname}" | ||
1213 | ezjail_old_safename="${ezjail_safename}" | ||
1214 | ezjail_old_rootdir="${ezjail_rootdir}" | ||
1215 | ezjail_old_image="${ezjail_image}" | ||
1216 | |||
1194 | # The new values for the jail | 1217 | # The new values for the jail |
1195 | ezjail_new_hostname=`echo -n ${ezjail_new_name} | tr '/~' '__'` | 1218 | ezjail_hostname=`echo -n ${ezjail_new_name} | tr '/~' '__'` |
1196 | ezjail_new_safename=`echo -n "${ezjail_new_name}" | tr -c '[:alnum:]' _` | 1219 | ezjail_safename=`echo -n "${ezjail_new_name}" | tr -c '[:alnum:]' _` |
1197 | ezjail_new_rootdir=`dirname -- ${ezjail_rootdir}`/${ezjail_new_hostname} | 1220 | ezjail_config="${ezjail_jailcfgs}/${ezjail_safename}" |
1198 | ezjail_new_config="${ezjail_jailcfgs}/${ezjail_new_safename}" | 1221 | [ "${ezjail_old_config}" = "${ezjail_old_config%.norun}" ] || ezjail_config="${ezjail_jailcfgs}/${ezjail_safename}.norun" |
1199 | [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || ezjail_new_config="${ezjail_jailcfgs}/${ezjail_new_safename}.norun" | 1222 | |
1200 | ezjail_new_softlink=${ezjail_jaildir}/`basename -- "${ezjail_new_rootdir}"` | 1223 | # If rootdir is in our jails directory, and was auto generated, also rename the root |
1201 | 1224 | if [ "${ezjail_old_rootdir}" = "${ezjail_jaildir}/${ezjail_old_hostname}" ]; then | |
1202 | # those are just copied | 1225 | ezjail_rootdir=`dirname -- ${ezjail_rootdir}`/${ezjail_hostname} |
1203 | eval ezjail_new_ip=\"\$jail_${ezjail_safename}_ip\" | 1226 | |
1204 | eval ezjail_new_exec=\"\$jail_${ezjail_safename}_exec\" | 1227 | # since we just used the old rootdir prefix and added the new hostname, |
1205 | eval ezjail_new_mount_enable=\"\$jail_${ezjail_safename}_mount_enable\" | 1228 | # we might end up at an existing directory |
1206 | eval ezjail_new_devfs_enable=\"\$jail_${ezjail_safename}_devfs_enable\" | 1229 | [ -e "${ezjail_rootdir}" ] && exerr "Error: An object already exists at ${ezjail_rootdir}, cant rename." |
1207 | eval ezjail_new_devfs_ruleset=\"\$jail_${ezjail_safename}_devfs_ruleset\" | 1230 | |
1208 | eval ezjail_new_procfs_enable=\"\$jail_${ezjail_safename}_devfs_enable\" | 1231 | mv "${ezjail_old_rootdir}" "${ezjail_rootdir}" |
1209 | eval ezjail_new_fdescfs_enable=\"\$jail_${ezjail_safename}_fdescfs_enable\" | 1232 | fi |
1210 | eval ezjail_new_attachparams=\"\$jail_${ezjail_safename}_attachparams\" | ||
1211 | eval ezjail_new_attachblocking=\"\$jail_${ezjail_safename}_attachblocking\" | ||
1212 | eval ezjail_new_forceblocking=\"\$jail_${ezjail_safename}_forceblocking\" | ||
1213 | eval ezjail_new_imagetype=\"\$jail_${ezjail_safename}_imagetype\" | ||
1214 | eval ezjail_new_zfs_datasets=\"\$jail_${ezjail_safename}_zfs_datasets\" | ||
1215 | eval ezjail_new_cpuset=\"\$jail_${ezjail_safename}_cpuset\" | ||
1216 | eval ezjail_new_fib=\"\$jail_${ezjail_safename}_fib\" | ||
1217 | 1233 | ||
1218 | # This scenario really will only lead to real troubles in the 'fulljail' | 1234 | # This scenario really will only lead to real troubles in the 'fulljail' |
1219 | # case, but I should still explain this to the user and not claim that | 1235 | # case, but I should still explain this to the user and not claim that |
1220 | # "an ezjail would already exist" | 1236 | # "an ezjail would already exist" |
1221 | case ${ezjail_new_hostname} in basejail|newjail|fulljail|flavours|ezjailtemp) exerr "Error: ezjail needs the ${ezjail_new_hostname} directory for its own administrative purposes.\n Please chose another name.";; esac | 1237 | case ${ezjail_hostname} in basejail|newjail|fulljail|flavours|ezjailtemp) exerr "Error: ezjail needs the ${ezjail_hostname} directory for its own administrative purposes.\n Please chose another name.";; esac |
1222 | 1238 | ||
1223 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com | 1239 | # jail names may lead to identical configs, eg. foo.bar.com == foo-bar.com |
1224 | # so check, whether we might be running into problems | 1240 | # so check, whether we might be running into problems |
1225 | [ -e "${ezjail_new_config}" -o -e "${ezjail_new_config}.norun" ] && exerr "Error: An ezjail config already exists at ${ezjail_new_config}.\n Please chose another name." | 1241 | [ -e "${ezjail_config}" -o -e "${ezjail_config}.norun" ] && exerr "Error: An ezjail config already exists at ${ezjail_config}.\n Please chose another name." |
1226 | |||
1227 | # since we just used the old rootdir prefix and added the new hostname, | ||
1228 | # we might end up at an existing directory | ||
1229 | [ -e "${ezjail_new_rootdir}" ] && exerr "Error: An object already exists at ${ezjail_new_rootdir}, cant rename." | ||
1230 | |||
1231 | # prevent trouble with creating our softlink | ||
1232 | [ -L "${ezjail_softlink}" -a -e "${ezjail_new_softlink}" ] && exerr "Error: An object already exists at ${ezjail_new_softlink}, cant create softlink there." | ||
1233 | 1242 | ||
1234 | # need to rename the image? | 1243 | # need to rename the image? |
1235 | if [ "${ezjail_image}" ]; then | 1244 | if [ "${ezjail_old_image}" ]; then |
1236 | # Do we have an auto generated image name? | 1245 | # Do we have an auto generated image name? Then auto generate the new one |
1237 | if [ "${ezjail_rootdir}.img" = "${ezjail_image}" ]; then | 1246 | if [ "${ezjail_old_rootdir}.img" = "${ezjail_old_image}" ]; then |
1238 | ezjail_new_image="${ezjail_new_rootdir}.img" | 1247 | ezjail_image="${ezjail_rootdir}.img" |
1239 | [ -e "${ezjail_new_image}" ] && exerr "Error: An object already exists at ${ezjail_new_image}, cant rename image." | 1248 | [ -e "${ezjail_image}" ] && exerr "Error: An object already exists at ${ezjail_image}, cant rename image." |
1240 | mv "${ezjail_image}" "${ezjail_new_image}" | 1249 | mv "${ezjail_old_image}" "${ezjail_image}" |
1241 | else | 1250 | else |
1242 | ezjail_new_image=${ezjail_image} | 1251 | echo "Warning: Image file for jail ${ezjail_new_name} remains ${ezjail_image}, as it was not auto generated" |
1243 | echo "Warning: Image file for jail ${ezjail_name} remains ${ezjail_image}, as it was not auto generated" | ||
1244 | fi | 1252 | fi |
1245 | else | ||
1246 | unset ezjail_new_image | ||
1247 | fi | 1253 | fi |
1248 | 1254 | ||
1249 | # ZFS: using the zfs rename feature to rename the filesystem, remounting is done by ZFS | 1255 | # rename the filesystem, remounting is done by ZFS |
1250 | [ "${ezjail_imagetype}" = "zfs" ] && zfs rename ${ezjail_jailzfs}/${ezjail_hostname} ${ezjail_jailzfs}/${ezjail_new_hostname} | 1256 | [ "${ezjail_imagetype}" = "zfs" ] && zfs rename ${ezjail_jailzfs}/${ezjail_old_hostname} ${ezjail_jailzfs}/${ezjail_hostname} |
1251 | |||
1252 | # adjust softlink | ||
1253 | if [ -L "${ezjail_softlink}" ]; then | ||
1254 | rm -f "${ezjail_softlink}" | ||
1255 | ln -s "${ezjail_new_rootdir}" "${ezjail_new_softlink}" | ||
1256 | fi | ||
1257 | |||
1258 | # rename rootdir | ||
1259 | if [ ! "${ezjail_imagetype}" = "zfs" ]; then | ||
1260 | mv "${ezjail_rootdir}" "${ezjail_new_rootdir}" | ||
1261 | fi | ||
1262 | 1257 | ||
1263 | # rename fstab | 1258 | # rename fstab |
1264 | echo -n > "/etc/fstab.${ezjail_new_safename}" | 1259 | rm -f "/etc/fstab.${ezjail_old_safename}" |
1265 | [ "${ezjail_new_imagetype}" ] && \ | 1260 | echo -n > "/etc/fstab.${ezjail_safename}" |
1266 | echo ${ezjail_new_rootdir}.device ${ezjail_new_rootdir} ufs rw 0 0 >> "/etc/fstab.${ezjail_new_safename}" | 1261 | [ "${ezjail_imagetype}" ] && \ |
1267 | echo ${ezjail_jailbase} ${ezjail_new_rootdir}/basejail nullfs ro 0 0 >> "/etc/fstab.${ezjail_new_safename}" | 1262 | echo ${ezjail_rootdir}.device ${ezjail_rootdir} ufs rw 0 0 >> "/etc/fstab.${ezjail_safename}" |
1268 | rm -f "/etc/fstab.${ezjail_safename}" | 1263 | echo ${ezjail_jailbase} ${ezjail_rootdir}/basejail nullfs ro 0 0 >> "/etc/fstab.${ezjail_safename}" |
1269 | |||
1270 | # rename config file, preserve comments | ||
1271 | ( | ||
1272 | grep -e ^\# "${ezjail_config}" | ||
1273 | echo | ||
1274 | echo export jail_${ezjail_new_safename}_hostname=\"${ezjail_new_hostname}\" | ||
1275 | echo export jail_${ezjail_new_safename}_ip=\"${ezjail_new_ip}\" | ||
1276 | echo export jail_${ezjail_new_safename}_rootdir=\"${ezjail_new_rootdir}\" | ||
1277 | echo export jail_${ezjail_new_safename}_exec=\"${ezjail_new_exec}\" | ||
1278 | echo export jail_${ezjail_new_safename}_mount_enable=\"${ezjail_new_mount_enable}\" | ||
1279 | echo export jail_${ezjail_new_safename}_devfs_enable=\"${ezjail_new_devfs_enable}\" | ||
1280 | echo export jail_${ezjail_new_safename}_devfs_ruleset=\"${ezjail_new_devfs_ruleset}\" | ||
1281 | echo export jail_${ezjail_new_safename}_procfs_enable=\"${ezjail_new_procfs_enable}\" | ||
1282 | echo export jail_${ezjail_new_safename}_fdescfs_enable=\"${ezjail_new_fdescfs_enable}\" | ||
1283 | echo export jail_${ezjail_new_safename}_image=\"${ezjail_new_image}\" | ||
1284 | echo export jail_${ezjail_new_safename}_imagetype=\"${ezjail_new_imagetype}\" | ||
1285 | echo export jail_${ezjail_new_safename}_attachparams=\"${ezjail_new_attachparams}\" | ||
1286 | echo export jail_${ezjail_new_safename}_attachblocking=\"${ezjail_new_attachblocking}\" | ||
1287 | echo export jail_${ezjail_new_safename}_forceblocking=\"${ezjail_new_forceblocking}\" | ||
1288 | echo export jail_${ezjail_new_safename}_zfs_datasets=\"${ezjail_new_zfs_datasets}\" | ||
1289 | echo export jail_${ezjail_new_safename}_cpuset=\"${ezjail_new_cpuset}\" | ||
1290 | echo export jail_${ezjail_new_safename}_fib=\"${ezjail_new_fib}\" | ||
1291 | ) > "${ezjail_new_config}" | ||
1292 | |||
1293 | # remove old config | ||
1294 | rm -f "${ezjail_config}" | ||
1295 | 1264 | ||
1296 | # usually that doesnt go smoothly, but the user wanted it | 1265 | # usually that doesnt go smoothly, but the user wanted it |
1297 | # that way ;) | 1266 | # that way ;) |
1298 | echo "Jail has been renamed. You might want to check ${ezjail_new_config} and /etc/fstab.${ezjail_new_safename} to ensure everything has gone smoothly." | 1267 | echo "Jail has been renamed. You might want to check ${ezjail_config} and /etc/fstab.${ezjail_safename} to ensure everything has gone smoothly." |
1299 | echo "Also check settings in your Jail's /etc/ directory (especially /etc/rc.conf)." | 1268 | echo "Also check settings in your Jail's /etc/ directory (especially /etc/rc.conf)." |
1300 | |||
1301 | # reread config | ||
1302 | fetchjailinfo ${ezjail_new_safename} | ||
1303 | fi | ||
1304 | |||
1305 | if [ "${ezjail_new_zfs_datasets}" ]; then | ||
1306 | # if jail is still running, refuse to go any further | ||
1307 | [ "${ezjail_id}" ] && exerr "Error: Jail appears to be still running.\n '${ezjail_admin} stop ${ezjail_name}' it first ." | ||
1308 | |||
1309 | # write new config file, preserve comments | ||
1310 | ( | ||
1311 | grep -e ^\# "${ezjail_config}" | ||
1312 | echo | ||
1313 | echo export jail_${ezjail_safename}_hostname=\"${ezjail_hostname}\" | ||
1314 | echo export jail_${ezjail_safename}_ip=\"${ezjail_ips}\" | ||
1315 | echo export jail_${ezjail_safename}_rootdir=\"${ezjail_rootdir}\" | ||
1316 | echo export jail_${ezjail_safename}_exec=\"${ezjail_exec}\" | ||
1317 | echo export jail_${ezjail_safename}_mount_enable=\"${ezjail_mount_enable}\" | ||
1318 | echo export jail_${ezjail_safename}_devfs_enable=\"${ezjail_devfs_enable}\" | ||
1319 | echo export jail_${ezjail_safename}_devfs_ruleset=\"${ezjail_devfs_ruleset}\" | ||
1320 | echo export jail_${ezjail_safename}_procfs_enable=\"${ezjail_procfs_enable}\" | ||
1321 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" | ||
1322 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" | ||
1323 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" | ||
1324 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" | ||
1325 | echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" | ||
1326 | echo export jail_${ezjail_safename}_forceblocking=\"${ezjail_forceblocking}\" | ||
1327 | echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_new_zfs_datasets}\" | ||
1328 | echo export jail_${ezjail_safename}_cpuset=\"${ezjail_cpuset}\" | ||
1329 | echo export jail_${ezjail_safename}_fib=\"${ezjail_fib}\" | ||
1330 | ) > "${ezjail_config}_" | ||
1331 | mv "${ezjail_config}_" "${ezjail_config}" | ||
1332 | fi | 1269 | fi |
1333 | 1270 | ||
1334 | if [ "${ezjail_new_cpuset}" ]; then | 1271 | if [ "${ezjail_old_config}" ]; then |
1335 | # configure the new cpuset if the jail is currently running | 1272 | ezjail_tmpconfig=`mktemp -u "${ezjail_config}".XXXXXX` || exerr "Error: Could not write new config.\n You will have to manually fix ${ezjail_old_config}. Sorry." |
1336 | [ "${ezjail_id}" ] && /usr/bin/cpuset -l ${ezjail_new_cpuset} -j ${ezjail_id} || exerr "Error: The defined cpuset is malformed" | ||
1337 | |||
1338 | # write new config file, preserve comments | ||
1339 | ( | ||
1340 | grep -e ^\# "${ezjail_config}" | ||
1341 | echo | ||
1342 | echo export jail_${ezjail_safename}_hostname=\"${ezjail_hostname}\" | ||
1343 | echo export jail_${ezjail_safename}_ip=\"${ezjail_ips}\" | ||
1344 | echo export jail_${ezjail_safename}_rootdir=\"${ezjail_rootdir}\" | ||
1345 | echo export jail_${ezjail_safename}_exec=\"${ezjail_exec}\" | ||
1346 | echo export jail_${ezjail_safename}_mount_enable=\"${ezjail_mount_enable}\" | ||
1347 | echo export jail_${ezjail_safename}_devfs_enable=\"${ezjail_devfs_enable}\" | ||
1348 | echo export jail_${ezjail_safename}_devfs_ruleset=\"${ezjail_devfs_ruleset}\" | ||
1349 | echo export jail_${ezjail_safename}_procfs_enable=\"${ezjail_procfs_enable}\" | ||
1350 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" | ||
1351 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" | ||
1352 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" | ||
1353 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" | ||
1354 | echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" | ||
1355 | echo export jail_${ezjail_safename}_forceblocking=\"${ezjail_forceblocking}\" | ||
1356 | echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_zfs_datasets}\" | ||
1357 | echo export jail_${ezjail_safename}_cpuset=\"${ezjail_new_cpuset}\" | ||
1358 | echo export jail_${ezjail_safename}_fib=\"${ezjail_fib}\" | ||
1359 | ) > "${ezjail_config}_" | ||
1360 | mv "${ezjail_config}_" "${ezjail_config}" | ||
1361 | |||
1362 | fi | ||
1363 | |||
1364 | if [ "${ezjail_new_fib}" ]; then | ||
1365 | # if jail is still running, refuse to go any further | ||
1366 | [ "${ezjail_id}" ] && exerr "Error: Jail appears to be still running.\n '${ezjail_admin} stop ${ezjail_name}' it first ." | ||
1367 | [ "${ezjail_new_fib}" -ge "0" ] || exerr "Error: fib number has to be an integer." | ||
1368 | |||
1369 | # write new config file, preserve comments | ||
1370 | ( | ||
1371 | grep -e ^\# "${ezjail_config}" | ||
1372 | echo | ||
1373 | echo export jail_${ezjail_safename}_hostname=\"${ezjail_hostname}\" | ||
1374 | echo export jail_${ezjail_safename}_ip=\"${ezjail_ips}\" | ||
1375 | echo export jail_${ezjail_safename}_rootdir=\"${ezjail_rootdir}\" | ||
1376 | echo export jail_${ezjail_safename}_exec=\"${ezjail_exec}\" | ||
1377 | echo export jail_${ezjail_safename}_mount_enable=\"${ezjail_mount_enable}\" | ||
1378 | echo export jail_${ezjail_safename}_devfs_enable=\"${ezjail_devfs_enable}\" | ||
1379 | echo export jail_${ezjail_safename}_devfs_ruleset=\"${ezjail_devfs_ruleset}\" | ||
1380 | echo export jail_${ezjail_safename}_procfs_enable=\"${ezjail_procfs_enable}\" | ||
1381 | echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" | ||
1382 | echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" | ||
1383 | echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" | ||
1384 | echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" | ||
1385 | echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" | ||
1386 | echo export jail_${ezjail_safename}_forceblocking=\"${ezjail_forceblocking}\" | ||
1387 | echo export jail_${ezjail_safename}_zfs_datasets=\"${ezjail_zfs_datasets}\" | ||
1388 | echo export jail_${ezjail_safename}_cpuset=\"${ezjail_cpuset}\" | ||
1389 | echo export jail_${ezjail_safename}_fib=\"${ezjail_new_fib}\" | ||
1390 | ) > "${ezjail_config}_" | ||
1391 | mv "${ezjail_config}_" "${ezjail_config}" | ||
1392 | 1273 | ||
1274 | writejailinfo "${ezjail_tmpconfig}" "${ezjail_old_config}" | ||
1275 | mv "${ezjail_tmpconfig}" "${ezjail_config}" | ||
1276 | [ "${ezjail_config}" != "${ezjail_old_config}" ] && rm -f "${ezjail_old_config}" | ||
1393 | fi | 1277 | fi |
1394 | 1278 | ||
1395 | case "${ezjail_setrunnable}" in | 1279 | case "${ezjail_setrunnable}" in |
1396 | run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv "${ezjail_config}" "${ezjail_config%.norun}";; | 1280 | run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv "${ezjail_config}" "${ezjail_config%.norun}";; |
1397 | norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv "${ezjail_config}" "${ezjail_config}.norun" ;; | 1281 | norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv "${ezjail_config}" "${ezjail_config}.norun";; |
1398 | esac | 1282 | esac |
1399 | 1283 | ||
1400 | [ "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail." | 1284 | [ "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail." |