diff options
| -rwxr-xr-x | ezjail-admin | 74 |
1 files changed, 67 insertions, 7 deletions
diff --git a/ezjail-admin b/ezjail-admin index 19725d2..324168f 100755 --- a/ezjail-admin +++ b/ezjail-admin | |||
| @@ -2,6 +2,7 @@ | |||
| 2 | 2 | ||
| 3 | # ugly: this variable is set during port install time | 3 | # ugly: this variable is set during port install time |
| 4 | ezjail_prefix=EZJAIL_PREFIX | 4 | ezjail_prefix=EZJAIL_PREFIX |
| 5 | ezjail_jailcfgs=${ezjail_prefix}/etc/ezjail | ||
| 5 | 6 | ||
| 6 | if [ "0" != "`id -u`" ]; then | 7 | if [ "0" != "`id -u`" ]; then |
| 7 | echo "Retry as root"; exit 1; | 8 | echo "Retry as root"; exit 1; |
| @@ -24,8 +25,9 @@ ezjail_procfs_enable=${ezjail_procfs_enable:-"YES"} | |||
| 24 | ezjail_fdescfs_enable=${ezjail_fdescfs_enable:-"YES"} | 25 | ezjail_fdescfs_enable=${ezjail_fdescfs_enable:-"YES"} |
| 25 | 26 | ||
| 26 | # check for command | 27 | # check for command |
| 27 | if [ -z "$1" ]; | 28 | if [ -z "$1" ]; then |
| 28 | then echo "Usage: `basename $0` [create|delete|list|update] {params}"; exit; | 29 | echo "Usage: `basename $0` [create|delete|list|update] {params}"; |
| 30 | exit 1; | ||
| 29 | fi | 31 | fi |
| 30 | 32 | ||
| 31 | case "$1" in | 33 | case "$1" in |
| @@ -33,10 +35,12 @@ create) | |||
| 33 | shift | 35 | shift |
| 34 | args=`getopt xr: $*` | 36 | args=`getopt xr: $*` |
| 35 | if [ $? != 0 ]; then | 37 | if [ $? != 0 ]; then |
| 36 | echo 'Usage: ezjail create [-r jailroot] [-x] jailname jailip'; exit 1; | 38 | echo 'Usage: ezjail create [-r jailroot] [-x] jailname jailip'; |
| 39 | exit 1; | ||
| 37 | fi | 40 | fi |
| 38 | 41 | ||
| 39 | newjail_root= | 42 | newjail_root= |
| 43 | newjail_softlink= | ||
| 40 | newjail_fill="YES" | 44 | newjail_fill="YES" |
| 41 | 45 | ||
| 42 | for arg in args; do | 46 | for arg in args; do |
| @@ -48,16 +52,72 @@ create) | |||
| 48 | done; | 52 | done; |
| 49 | newjail_name=$1; newjail_ip=$2; shift 2; | 53 | newjail_name=$1; newjail_ip=$2; shift 2; |
| 50 | 54 | ||
| 55 | # wee need at least a name and an ip for new jail | ||
| 51 | if [ -z "$newjail_name" -o -z "$newjail_ip" -o $# != 0 ]; then | 56 | if [ -z "$newjail_name" -o -z "$newjail_ip" -o $# != 0 ]; then |
| 52 | echo 'Usage: ezjail create [-r jailroot] [-x] jailname jailip'; exit 1; | 57 | echo 'Usage: ezjail create [-r jailroot] [-x] jailname jailip'; exit 1; |
| 53 | fi | 58 | fi |
| 54 | 59 | ||
| 55 | echo running CREATE $newjail_name $newjail_ip $newjail_fill | 60 | # relative paths don't make sense in rc.scripts |
| 61 | if [ ${ezjail_jaildir:1:1} != / ]; then | ||
| 62 | echo Error: Need an absolute path in ezjail_jaildir, it is currently set to: $ezjail_jaildir | ||
| 63 | exit 1; | ||
| 64 | fi | ||
| 65 | |||
| 66 | # jail names must not have names that irritate file systems, | ||
| 67 | # excluding dots from this list was done intentionally to | ||
| 68 | # allow foo.com style directory names, however, the jail | ||
| 69 | # name will be foo_com in most scripts | ||
| 70 | newjail_name=`echo $newjail_name | tr /~ __`; | ||
| 71 | newjail_root=${newjail_root:-"$ezjail_jaildir/$newjail_name"} | ||
| 72 | newjail_nname=`echo $newjail_name | tr . _`; | ||
| 73 | |||
| 74 | # if jail root specified on command line is not absolute, | ||
| 75 | # make it absolute inside our jail directory | ||
| 76 | if [ ${newjail_root:1:1} != / ]; then | ||
| 77 | newjail_root=$ezjail_jaildir/$newjail_root | ||
| 78 | fi | ||
| 79 | |||
| 80 | # if jail root specified on command line does not lie | ||
| 81 | # within our jail directory, we need to create a softlink | ||
| 82 | if [ ${newjail_root##${ezjail_jaildir}} = $newjail_root ]; then | ||
| 83 | newjail_softlink=$ezjail_jaildir/`basename $newjail_root` | ||
| 84 | if [ -e $newjail_softlink -a $newjail_fill = "YES" ]; then | ||
| 85 | echo Error: an ezjail already exists at $newjail_softlink | ||
| 86 | exit 1; | ||
| 87 | fi | ||
| 88 | fi | ||
| 89 | fi | ||
| 90 | |||
| 91 | # now take a copy of our template jail | ||
| 92 | if [ $newjail_fill = "YES" ]; then | ||
| 93 | mkdir -p ${newjail_root} && cd ${ezjail_jailtemplate} \ | ||
| 94 | && find * | cpio -p -v ${newjail_root} | ||
| 95 | fi | ||
| 96 | |||
| 97 | # if a soft link is necessary, create it now | ||
| 98 | if [ $newjail_softlink ]; then | ||
| 99 | ln -s $newjail_root $newjail_softlink | ||
| 100 | fi | ||
| 56 | 101 | ||
| 57 | exit | 102 | # if the automount feature is not disabled, create an |
| 103 | # fstab entry for new jail | ||
| 104 | echo $ezjail_jailbase $newjail_root/basejail nullfs ro 0 0 > /etc/fstab.$newjail_name | ||
| 105 | |||
| 106 | # now, where everything seems to have gone right, | ||
| 107 | # create control file in ezjails config dir | ||
| 108 | mkdir -p $ezjail_jailcfgs | ||
| 109 | echo \ | ||
| 110 | jail_${newjail_nname}_hostname=\"${newjail_name}\" \n \ | ||
| 111 | jail_${newjail_nname}_ip=\"${newjail_ip}\" \n \ | ||
| 112 | jail_${newjail_nname}_rootdir=\"${newjail_root}\" \n \ | ||
| 113 | jail_${newjail_nname}_exec=\"/bin/sh /etc/rc\" | ||
| 114 | jail_${newjail_nname}_mount_enable=\"${ezjail_mount_enable}\" \n \ | ||
| 115 | jail_${newjail_nname}_devfs_enable=\"${ezjail_devfs_enable}\" \n \ | ||
| 116 | jail_${newjail_nname}_devfs_ruleset="devfsrules_jail" | ||
| 117 | jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" \n \ | ||
| 118 | jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" \n \ | ||
| 119 | > ${ezail_jailcfgs}/newjail_nname | ||
| 58 | 120 | ||
| 59 | mkdir ${newjail_root} && cd ${ezjail_jailtemplate} \ | ||
| 60 | && find * | cpio -p -v ${newjail_root} | ||
| 61 | ;; | 121 | ;; |
| 62 | delete) | 122 | delete) |
| 63 | 123 | ||