BastilleBSD/bastille
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

Merge pull request #251 from chriswells0/require-running-jail

Browse Source 
Require target to be running for specific commands
This commit is contained in:
Christer Edwards
2020-09-22 09:48:28 -06:00
committed by GitHub
parent 976aa077b6 c6aded8d0a
commit 935118fc99
20 changed files with 162 additions and 320 deletions
Download Patch File Download Diff File Expand all files Collapse all files

58
usr/local/bin/bastille
View File

@@ -133,20 +133,48 @@ version|-v|--version)
help|-h|--help) help|-h|--help)
usage usage
;; ;;
esac bootstrap|create|destroy|import|list|rdr|restart|start|update|upgrade|verify)
# Nothing "extra" to do for these commands. -- cwells
;;
clone|cmd|console|convert|cp|edit|export|htop|limits|mount|pkg|rename|service|stop|sysrc|template|top|umount|zfs)
# Parse the target and ensure it exists. -- cwells
if [ $# -eq 0 ]; then # No target was given, so show the command's help. -- cwells
PARAMS='help'
elif [ "${1}" != 'help' ] && [ "${1}" != '-h' ] && [ "${1}" != '--help' ]; then
TARGET="${1}"
shift
# Filter out all non-commands if [ "${TARGET}" = 'ALL' ]; then
case "${CMD}" in JAILS=$(jls name)
bootstrap|clone|cmd|console|convert|cp|create) else
JAILS=$(jls name | awk "/^${TARGET}$/")
# Ensure the target exists. -- cwells
if [ ! -d "${bastille_jailsdir}/${TARGET}" ]; then
error_exit "[${TARGET}]: Not found."
fi
case "${CMD}" in
cmd|console|htop|pkg|service|stop|sysrc|template|top)
# Require the target to be running. -- cwells
if [ ! "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "[${TARGET}]: Not started. See 'bastille start ${TARGET}'."
fi
;;
convert|rename)
# Require the target to be stopped. -- cwells
if [ "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "${TARGET} is running. See 'bastille stop ${TARGET}'."
fi
;;
esac
fi
export TARGET
export JAILS
fi
;; ;;
destroy|edit|export|htop|import|limits|list|mount) *) # Filter out all non-commands
;; usage
pkg|rdr|rename|restart|service|start|stop|sysrc|umount)
;;
template|top|update|upgrade|verify|zfs)
;;
*)
usage
;; ;;
esac esac
@@ -157,7 +185,11 @@ if [ -f "${SCRIPTPATH}" ]; then
: "${SH:=sh}" : "${SH:=sh}"
exec "${SH}" "${SCRIPTPATH}" "$@" if [ -n "${PARAMS}" ]; then
exec "${SH}" "${SCRIPTPATH}" "${PARAMS}"
else
exec "${SH}" "${SCRIPTPATH}" "$@"
fi
else else
error_exit "${SCRIPTPATH} not found." error_exit "${SCRIPTPATH} not found."
fi fi

58
usr/local/share/bastille/clone.sh
View File

@@ -42,14 +42,12 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -ne 3 ]; then if [ $# -ne 2 ]; then
usage usage
fi fi
TARGET="${1}" NEWNAME="${1}"
NEWNAME="${2}" IP="${2}"
IP="${3}"
shift
validate_ip() { validate_ip() {
IPX_ADDR="ip4.addr" IPX_ADDR="ip4.addr"
@@ -146,39 +144,35 @@ update_fstab() {
clone_jail() { clone_jail() {
# Attempt container clone # Attempt container clone
if [ -d "${bastille_jailsdir}/${TARGET}" ]; then echo -e "${COLOR_GREEN}Attempting to clone '${TARGET}' to ${NEWNAME}...${COLOR_RESET}"
echo -e "${COLOR_GREEN}Attempting to clone '${TARGET}' to ${NEWNAME}...${COLOR_RESET}" if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then if [ "${bastille_zfs_enable}" = "YES" ]; then
if [ "${bastille_zfs_enable}" = "YES" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
if [ -n "${bastille_zfs_zpool}" ]; then # Replicate the existing container
# Replicate the existing container DATE=$(date +%F-%H%M%S)
DATE=$(date +%F-%H%M%S) zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}"
zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}" zfs send -R "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}" | zfs recv "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}"
zfs send -R "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}" | zfs recv "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}"
# Cleanup source temporary snapshots # Cleanup source temporary snapshots
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}/root@bastille_clone_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}/root@bastille_clone_${DATE}"
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_clone_${DATE}"
# Cleanup target temporary snapshots # Cleanup target temporary snapshots
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}/root@bastille_clone_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}/root@bastille_clone_${DATE}"
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}@bastille_clone_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}@bastille_clone_${DATE}"
fi
else
# Just clone the jail directory
# Check if container is running
if [ -n "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "${TARGET} is running, See 'bastille stop ${TARGET}'."
fi
# Perform container file copy(archive mode)
cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi fi
else else
error_exit "${NEWNAME} already exists." # Just clone the jail directory
# Check if container is running
if [ -n "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "${TARGET} is running. See 'bastille stop ${TARGET}'."
fi
# Perform container file copy(archive mode)
cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi fi
else else
error_exit "${TARGET} not found. See bootstrap." error_exit "${NEWNAME} already exists."
fi fi
# Generate jail configuration files # Generate jail configuration files

12
usr/local/share/bastille/cmd.sh
View File

@@ -41,20 +41,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -lt 2 ]; then if [ $# -eq 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jexec -l "${_jail}" "$@" jexec -l "${_jail}" "$@"

13
usr/local/share/bastille/console.sh
View File

@@ -31,7 +31,7 @@
. /usr/local/share/bastille/common.sh . /usr/local/share/bastille/common.sh
usage() { usage() {
error_exit "Usage: bastille console TARGET [user]'." error_exit "Usage: bastille console TARGET [user]'"
} }
# Handle special-case commands first. # Handle special-case commands first.
@@ -41,21 +41,12 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 2 ] || [ $# -lt 1 ]; then if [ $# -gt 1 ]; then
usage usage
fi fi
TARGET="${1}"
shift
USER="${1}" USER="${1}"
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
validate_user() { validate_user() {
if jexec -l "${_jail}" id "${USER}" >/dev/null 2>&1; then if jexec -l "${_jail}" id "${USER}" >/dev/null 2>&1; then
USER_SHELL="$(jexec -l "${_jail}" getent passwd "${USER}" | cut -d: -f7)" USER_SHELL="$(jexec -l "${_jail}" getent passwd "${USER}" | cut -d: -f7)"

12
usr/local/share/bastille/convert.sh
View File

@@ -32,7 +32,7 @@
. /usr/local/etc/bastille/bastille.conf . /usr/local/etc/bastille/bastille.conf
usage() { usage() {
error_exit "Usage: bastille convert TARGET." error_exit "Usage: bastille convert TARGET"
} }
# Handle special-case commands first. # Handle special-case commands first.
@@ -42,13 +42,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 1 ] || [ $# -lt 1 ]; then if [ $# -ne 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
convert_symlinks() { convert_symlinks() {
# Work with the symlinks, revert on first cp error # Work with the symlinks, revert on first cp error
if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then
@@ -131,11 +128,6 @@ start_convert() {
fi fi
} }
# Check if container is running
if [ -n "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "${TARGET} is running. See 'bastille stop'."
fi
# Check if is a thin container # Check if is a thin container
if [ ! -d "${bastille_jailsdir}/${TARGET}/root/.bastille" ]; then if [ ! -d "${bastille_jailsdir}/${TARGET}/root/.bastille" ]; then
error_exit "${TARGET} is not a thin container." error_exit "${TARGET} is not a thin container."

14
usr/local/share/bastille/cp.sh
View File

@@ -42,20 +42,12 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 3 ] || [ $# -lt 3 ]; then if [ $# -ne 2 ]; then
usage usage
fi fi
TARGET="${1}" CPSOURCE="${1}"
CPSOURCE="${2}" CPDEST="${2}"
CPDEST="${3}"
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
bastille_jail_path="$(jls -j "${_jail}" path)" bastille_jail_path="$(jls -j "${_jail}" path)"

16
usr/local/share/bastille/edit.sh
View File

@@ -42,26 +42,16 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 2 ] || [ $# -lt 1 ]; then if [ $# -gt 1 ]; then
usage usage
fi elif [ $# -eq 1 ]; then
TARGET_FILENAME="${1}"
TARGET="${1}"
if [ $# == 2 ]; then
TARGET_FILENAME="${2}"
fi fi
if [ -z "${EDITOR}" ]; then if [ -z "${EDITOR}" ]; then
EDITOR=vi EDITOR=vi
fi fi
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(bastille list jails)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(bastille list jails | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
if [ -n "${TARGET_FILENAME}" ]; then if [ -n "${TARGET_FILENAME}" ]; then
"${EDITOR}" "${bastille_jailsdir}/${_jail}/${TARGET_FILENAME}" "${EDITOR}" "${bastille_jailsdir}/${_jail}/${TARGET_FILENAME}"

61
usr/local/share/bastille/export.sh
View File

@@ -42,50 +42,43 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 1 ] || [ $# -lt 1 ]; then if [ $# -ne 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
jail_export() jail_export()
{ {
# Attempt to export the container # Attempt to export the container
DATE=$(date +%F-%H%M%S) DATE=$(date +%F-%H%M%S)
if [ -d "${bastille_jailsdir}/${TARGET}" ]; then if [ "${bastille_zfs_enable}" = "YES" ]; then
if [ "${bastille_zfs_enable}" = "YES" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
if [ -n "${bastille_zfs_zpool}" ]; then FILE_EXT="xz"
FILE_EXT="xz" echo -e "${COLOR_GREEN}Exporting '${TARGET}' to a compressed .${FILE_EXT} archive.${COLOR_RESET}"
echo -e "${COLOR_GREEN}Exporting '${TARGET}' to a compressed .${FILE_EXT} archive.${COLOR_RESET}" echo -e "${COLOR_GREEN}Sending zfs data stream...${COLOR_RESET}"
echo -e "${COLOR_GREEN}Sending zfs data stream...${COLOR_RESET}" # Take a recursive temporary snapshot
# Take a recursive temporary snapshot zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}"
zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}"
# Export the container recursively and cleanup temporary snapshots # Export the container recursively and cleanup temporary snapshots
zfs send -R "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}" | \ zfs send -R "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}" | \
xz ${bastille_compress_xz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}" xz ${bastille_compress_xz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}"
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}/root@bastille_export_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}/root@bastille_export_${DATE}"
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_export_${DATE}"
fi
else
# Create standard backup archive
FILE_EXT="txz"
echo -e "${COLOR_GREEN}Exporting '${TARGET}' to a compressed .${FILE_EXT} archive...${COLOR_RESET}"
cd "${bastille_jailsdir}" && tar -cf - "${TARGET}" | xz ${bastille_compress_xz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}"
fi
if [ "$?" -ne 0 ]; then
error_exit "Failed to export '${TARGET}' container."
else
# Generate container checksum file
cd "${bastille_backupsdir}"
sha256 -q "${TARGET}_${DATE}.${FILE_EXT}" > "${TARGET}_${DATE}.sha256"
echo -e "${COLOR_GREEN}Exported '${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}' successfully.${COLOR_RESET}"
exit 0
fi fi
else else
error_exit "Container '${TARGET}' does not exist." # Create standard backup archive
FILE_EXT="txz"
echo -e "${COLOR_GREEN}Exporting '${TARGET}' to a compressed .${FILE_EXT} archive...${COLOR_RESET}"
cd "${bastille_jailsdir}" && tar -cf - "${TARGET}" | xz ${bastille_compress_xz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}"
fi
if [ "$?" -ne 0 ]; then
error_exit "Failed to export '${TARGET}' container."
else
# Generate container checksum file
cd "${bastille_backupsdir}"
sha256 -q "${TARGET}_${DATE}.${FILE_EXT}" > "${TARGET}_${DATE}.sha256"
echo -e "${COLOR_GREEN}Exported '${bastille_backupsdir}/${TARGET}_${DATE}.${FILE_EXT}' successfully.${COLOR_RESET}"
exit 0
fi fi
} }

12
usr/local/share/bastille/htop.sh
View File

@@ -42,20 +42,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 1 ] || [ $# -lt 1 ]; then if [ $# -ne 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
bastille_jail_path=$(jls -j "${_jail}" path) bastille_jail_path=$(jls -j "${_jail}" path)
if [ ! -x "${bastille_jail_path}/usr/local/bin/htop" ]; then if [ ! -x "${bastille_jail_path}/usr/local/bin/htop" ]; then

16
usr/local/share/bastille/limits.sh
View File

@@ -51,22 +51,12 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -lt 3 ]; then if [ $# -ne 2 ]; then
usage usage
fi fi
TARGET="${1}" OPTION="${1}"
OPTION="${2}" VALUE="${2}"
VALUE="${3}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"

13
usr/local/share/bastille/mount.sh
View File

@@ -44,18 +44,7 @@ esac
if [ $# -lt 2 ]; then if [ $# -lt 2 ]; then
usage usage
fi elif [ $# -eq 2 ]; then
TARGET=$1
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
else
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
if [ $# -eq 2 ]; then
_fstab="$@ nullfs ro 0 0" _fstab="$@ nullfs ro 0 0"
else else
_fstab="$@" _fstab="$@"

12
usr/local/share/bastille/pkg.sh
View File

@@ -41,20 +41,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -lt 2 ]; then if [ $# -lt 1 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jexec -l "${_jail}" /usr/sbin/pkg "$@" jexec -l "${_jail}" /usr/sbin/pkg "$@"

80
usr/local/share/bastille/rename.sh
View File

@@ -32,7 +32,7 @@
. /usr/local/etc/bastille/bastille.conf . /usr/local/etc/bastille/bastille.conf
usage() { usage() {
error_exit "Usage: bastille rename [TARGET] [NEW_NAME]" error_exit "Usage: bastille rename TARGET NEW_NAME"
} }
validate_name() { validate_name() {
@@ -50,13 +50,11 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 2 ] || [ $# -lt 2 ]; then if [ $# -ne 1 ]; then
usage usage
fi fi
TARGET="${1}" NEWNAME="${1}"
NEWNAME="${2}"
shift
update_jailconf() { update_jailconf() {
# Update jail.conf # Update jail.conf
@@ -90,43 +88,39 @@ update_fstab() {
change_name() { change_name() {
# Attempt container name change # Attempt container name change
if [ -d "${bastille_jailsdir}/${TARGET}" ]; then echo -e "${COLOR_GREEN}Attempting to rename '${TARGET}' to ${NEWNAME}...${COLOR_RESET}"
echo -e "${COLOR_GREEN}Attempting to rename '${TARGET}' to ${NEWNAME}...${COLOR_RESET}" if [ "${bastille_zfs_enable}" = "YES" ]; then
if [ "${bastille_zfs_enable}" = "YES" ]; then if [ -n "${bastille_zfs_zpool}" ] && [ -n "${bastille_zfs_prefix}" ]; then
if [ -n "${bastille_zfs_zpool}" ] && [ -n "${bastille_zfs_prefix}" ]; then # Check and rename container ZFS dataset accordingly
# Check and rename container ZFS dataset accordingly # Perform additional checks in case of non-zfs existing containers
# Perform additional checks in case of non-zfs existing containers if zfs list | grep -qw "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}"; then
if zfs list | grep -qw "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}"; then if ! zfs rename -f "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}"; then
if ! zfs rename -f "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}"; then error_exit "Can't rename '${TARGET}' dataset."
error_exit "Can't rename '${TARGET}' dataset."
fi
else
# Check and rename container directory instead
if ! zfs list | grep -qw "jails/${TARGET}$"; then
mv "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi
fi
fi
else
# Check if container is a zfs/dataset before rename attempt
# Perform additional checks in case of bastille.conf miss-configuration
if zfs list | grep -qw "jails/${TARGET}$"; then
ZFS_DATASET_ORIGIN=$(zfs list | grep -w "jails/${TARGET}$" | awk '{print $1}')
ZFS_DATASET_TARGET=$(echo "${ZFS_DATASET_ORIGIN}" | sed "s|\/${TARGET}||")
if [ -n "${ZFS_DATASET_ORIGIN}" ] && [ -n "${ZFS_DATASET_TARGET}" ]; then
if ! zfs rename -f "${ZFS_DATASET_ORIGIN}" "${ZFS_DATASET_TARGET}/${NEWNAME}"; then
error_exit "Can't rename '${TARGET}' dataset."
fi
else
error_exit "Can't determine the zfs origin path of '${TARGET}'."
fi fi
else else
# Just rename the jail directory # Check and rename container directory instead
mv "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}" if ! zfs list | grep -qw "jails/${TARGET}$"; then
mv "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi
fi fi
fi fi
else else
error_exit "${TARGET} not found. See 'bastille bootstrap'." # Check if container is a zfs/dataset before rename attempt
# Perform additional checks in case of bastille.conf miss-configuration
if zfs list | grep -qw "jails/${TARGET}$"; then
ZFS_DATASET_ORIGIN=$(zfs list | grep -w "jails/${TARGET}$" | awk '{print $1}')
ZFS_DATASET_TARGET=$(echo "${ZFS_DATASET_ORIGIN}" | sed "s|\/${TARGET}||")
if [ -n "${ZFS_DATASET_ORIGIN}" ] && [ -n "${ZFS_DATASET_TARGET}" ]; then
if ! zfs rename -f "${ZFS_DATASET_ORIGIN}" "${ZFS_DATASET_TARGET}/${NEWNAME}"; then
error_exit "Can't rename '${TARGET}' dataset."
fi
else
error_exit "Can't determine the zfs origin path of '${TARGET}'."
fi
else
# Just rename the jail directory
mv "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi
fi fi
# Update jail configuration files accordingly # Update jail configuration files accordingly
@@ -141,16 +135,14 @@ change_name() {
fi fi
} }
## check if a running jail matches name or already exist
if [ "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "Warning: ${TARGET} is running."
elif [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
error_exit "Jail: ${NEWNAME} already exists."
fi
## validate jail name ## validate jail name
if [ -n "${NEWNAME}" ]; then if [ -n "${NEWNAME}" ]; then
validate_name validate_name
fi fi
## check if a jail already exists with the new name
if [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
error_exit "Jail: ${NEWNAME} already exists."
fi
change_name change_name

13
usr/local/share/bastille/service.sh
View File

@@ -41,21 +41,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -lt 2 ]; then if [ $# -ne 2 ]; then
usage usage
fi fi
TARGET=$1
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jexec -l "${_jail}" /usr/sbin/service "$@" jexec -l "${_jail}" /usr/sbin/service "$@"

18
usr/local/share/bastille/stop.sh
View File

@@ -42,26 +42,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 1 ] || [ $# -lt 1 ]; then if [ $# -ne 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
## check if exist or not running
if [ ! -d "${bastille_jailsdir}/${TARGET}" ]; then
error_exit "[${TARGET}]: Not found."
elif [ ! "$(jls name | awk "/^${TARGET}$/")" ]; then
error_exit "[${TARGET}]: Not started."
fi
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
## test if running ## test if running
if [ "$(jls name | awk "/^${_jail}$/")" ]; then if [ "$(jls name | awk "/^${_jail}$/")" ]; then

13
usr/local/share/bastille/sysrc.sh
View File

@@ -41,21 +41,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -lt 2 ]; then if [ $# -lt 1 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jexec -l "${_jail}" /usr/sbin/sysrc "$@" jexec -l "${_jail}" /usr/sbin/sysrc "$@"

13
usr/local/share/bastille/template.sh
View File

@@ -42,22 +42,11 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 2 ] || [ $# -lt 2 ]; then if [ $# -ne 1 ]; then
bastille_usage bastille_usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
TEMPLATE="${1}" TEMPLATE="${1}"
shift
case ${TEMPLATE} in case ${TEMPLATE} in
http?://github.com/*/*|http?://gitlab.com/*/*) http?://github.com/*/*|http?://gitlab.com/*/*)

13
usr/local/share/bastille/top.sh
View File

@@ -41,21 +41,10 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -gt 1 ] || [ $# -lt 1 ]; then if [ $# -ne 0 ]; then
usage usage
fi fi
TARGET="${1}"
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jexec -l "${_jail}" /usr/bin/top jexec -l "${_jail}" /usr/bin/top

12
usr/local/share/bastille/umount.sh
View File

@@ -42,21 +42,11 @@ help|-h|--help)
;; ;;
esac esac
if [ $# -ne 2 ]; then if [ $# -ne 1 ]; then
usage usage
fi fi
TARGET=$1
shift
MOUNT_PATH=$1 MOUNT_PATH=$1
shift
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
else
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"

23
usr/local/share/bastille/zfs.sh
View File

@@ -84,34 +84,21 @@ if [ -z "${bastille_zfs_zpool}" ]; then
error_exit "ZFS zpool not defined." error_exit "ZFS zpool not defined."
fi fi
if [ $# -lt 2 ]; then if [ $# -lt 1 ]; then
usage usage
fi fi
TARGET="${1}" case "$1" in
if [ "${TARGET}" = 'ALL' ]; then
JAILS=$(jls name)
fi
if [ "${TARGET}" != 'ALL' ]; then
JAILS=$(jls name | awk "/^${TARGET}$/")
fi
case "$2" in
set) set)
ATTRIBUTE=$3 ATTRIBUTE=$2
JAILS=${JAILS}
zfs_set_value zfs_set_value
;; ;;
get) get)
ATTRIBUTE=$3 ATTRIBUTE=$2
JAILS=${JAILS}
zfs_get_value zfs_get_value
;; ;;
snap|snapshot) snap|snapshot)
TAG=$3 TAG=$2
JAILS=${JAILS}
zfs_snapshot zfs_snapshot
;; ;;
df|usage) df|usage)