From c270955ae0294666d25984244588456723579b38 Mon Sep 17 00:00:00 2001 From: erdgeist Date: Thu, 9 Feb 2006 00:44:49 +0000 Subject: Radical change of what an ezjail flavour is. The old way got me stuck. --- examples/example/ezjail.flavour | 74 +++++++++++++++++++++++++++++------------ ezjail-admin | 7 ++-- ezjail-config.sh | 48 -------------------------- 3 files changed, 58 insertions(+), 71 deletions(-) delete mode 100644 ezjail-config.sh diff --git a/examples/example/ezjail.flavour b/examples/example/ezjail.flavour index 6b33d11..c0e160f 100755 --- a/examples/example/ezjail.flavour +++ b/examples/example/ezjail.flavour @@ -1,29 +1,61 @@ -# ezjail flavour example -# refer to ezjail-admin(1) for more information -# -# ezjails jail init script tries to create the following users. Format is -# as follows: -# -# username:uid:group[,group,..]:gid[,gid,..]:comment:cryptpw:[-]homedir:shell -# -# Note: Since ' ' (space) does not survive shell expansion, still often is -# useful in the comment field, '=' will be converted to ' '. +#!/bin/sh # -# Note: Always use ''' (single ticks) to provide variables containing '$'s +# ezjail flavour example + +# Hide +###### # -# Example: +# Prevent this script from being called over and over +# if something fails. + +rm -f /etc/rc.d/ezjail-config.sh /ezjail.flavour + +# Groups +######### # -# ezjail_flavour_users='::heroes:1003:::: \ -# admin::wheel::Admin=User:$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \ -# pgsql:1002:pgsql:1002:Post=Gres::-/usr/local/psql:/bin/nologin' +# You will probably start with some groups your users +# should be in -# Files or directories that should not belong to root:wheel will be -# chowned -R according to the following variable +# pw groupadd -q -n coders # -g 1004 +# pw groupadd -q -n sales # -g 1005 + +# Users +######## # -# Format is as follows: +# You might want to add some users. +# The password is to be provided in the encrypted form +# as found in /etc/master.passwd +# refer to pw(8) for more information + +# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\ +# pw useradd -n admin -u 1001 -s /bin/sh -m -d$ /home/admin -G wheel -c 'Admin User' -H 0 +# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\ +# pw useradd -n saag -u 1002 -s /bin/sh -m -d$ /home/saag -G coders -c 'Mutton Saag' -H 0 +# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\ +# pw useradd -n mac -u 1002 -s /bin/sh -m -d$ /home/mac -G sales -c 'Big Mac' -H 0 + +# Files +######## # -# user:group:file[:file...] +# You can now give files to users just created + +# chown -R admin:coders /usr/local/cvsroot +# chown -R admin:sales /usr/local/nfs/sales + +# Packages +########### # -# Example: +# Install all packages previously put to /pkg + +[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/* +rm -rf /pkg + +# Postinstall +################# # -# ezjail_flavour_files='admin:wheel:/home/admin/' +# Your own stuff here, for example set login shells +# that were only installed just before + +# chpass -s /usr/local/bin/bash admin +# pkg_add -r pico +# cd /usr/ports/sysutils/screen && make install diff --git a/ezjail-admin b/ezjail-admin index f629a73..cf3ddf9 100755 --- a/ezjail-admin +++ b/ezjail-admin @@ -130,8 +130,11 @@ create) cd ${ezjail_flavours}/${newjail_flavour} find * | cpio -p -v ${newjail_root} > /dev/null - install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh - echo "Note: Shell scripts installed, flavourizing on jails first startup." + if [ -f ${ezjail_share}/ezjail.flavour ]; then + ln -s /ezjail.flavour ${newjail_root}/etc/rc.d/ezjail-config.sh + chmod 0700 ${newjail_root}/etc/rc.d/ezjail-config.sh + echo "Note: Shell scripts installed, flavourizing on jails first startup." + fi fi # For user convenience, some scenarios commonly causing diff --git a/ezjail-config.sh b/ezjail-config.sh deleted file mode 100644 index 71080e2..0000000 --- a/ezjail-config.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/bin/sh - -set -o noglob -if [ -f /ezjail.flavour ]; then - . /ezjail.flavour - - # we do need to install only once delete here to avoid errors - # in this script to prevent jail startup forever - rm -f /ezjail.flavour -fi - -# set defaults -ezjail_flavour_users=${ezjail_flavour_users:-""} -ezjail_flavour_files=${ezjail_flavour_files:-""} - -# try to create users, variables named after pw useradd params -for user in ${ezjail_flavour_users}; do - TIFS=${IFS}; IFS=:; set -- ${user}; IFS=${TIFS} - if [ $# -eq 8 ]; then - u=${2:+-u$2}; G=$3; gs=$4; c=${5:+-c$5}; p=${6:-*}; d=${7#-}; m=${7%%[!-]*}; s=${8:+-s$8}; - - # ensure all groups - gc=1; for n in `echo -n ${G} | tr , ' '`; do - g=`echo -n ${gs} | cut -d , -f ${gc}` - pw groupadd -q -n ${n} ${g:+-g${g}} - gc=$((1+${gc})) - done - - # create user - [ $1 ] && echo ${p} | pw useradd -n $1 ${u} ${s} ${m:+-m} ${d:+-d${d}} ${G:+-G${G}} "`echo -n ${c} | tr = ' '`" -H 0 - fi -done -set +o noglob - -# chmod all files not belonging to root -for file in ${ezjail_flavour_files}; do - TIFS=${IFS}; IFS=:; set -- ${file}; IFS=${TIFS} - [ $# -gt 2 ] && owner="$1:$2" && shift 2 && chown -R ${owner} $* -done - -# install packages -[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/* - -# source post install script -[ -d /ezjail.postinstall ] && . /ezjail.postinstall - -# Get rid off ourself -rm -rf /pkg /etc/rc.d/ezjail-config.sh /ezjail.postinstall -- cgit v1.2.3