BastilleBSD/bastille
2
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

Feature add, create empty jail and minor maintenance

Browse Source
This commit is contained in:
Jose
2020-04-18 18:02:11 -04:00
parent 268008b967
commit a98032e912
1 changed files with 231 additions and 200 deletions
Download Patch File Download Diff File Expand all files Collapse all files
usr/local/share/bastille/create.sh
+37 -6
View File
@@ -104,6 +104,17 @@ validate_release() {
fi fi
} }
generate_minimal_conf() {
cat << EOF > "${bastille_jail_conf}"
${NAME} {
host.hostname = ${NAME};
mount.fstab = ${bastille_jail_fstab};
path = ${bastille_jail_path};
}
EOF
touch "${bastille_jail_fstab}"
}
generate_jail_conf() { generate_jail_conf() {
cat << EOF > "${bastille_jail_conf}" cat << EOF > "${bastille_jail_conf}"
${NAME} { ${NAME} {
@@ -187,10 +198,11 @@ create_jail() {
fi fi
fi fi
else else
mkdir -p "${bastille_jailsdir}/${NAME}" mkdir -p "${bastille_jailsdir}/${NAME}/root"
fi fi
fi fi
if [ -z "${EMPTY_JAIL}" ]; then
if [ ! -d "${bastille_jail_base}" ]; then if [ ! -d "${bastille_jail_base}" ]; then
mkdir -p "${bastille_jail_base}" mkdir -p "${bastille_jail_base}"
fi fi
@@ -357,6 +369,10 @@ create_jail() {
## TZ: configurable (default: Etc/UTC) ## TZ: configurable (default: Etc/UTC)
ln -s "/usr/share/zoneinfo/${bastille_tzdata}" etc/localtime ln -s "/usr/share/zoneinfo/${bastille_tzdata}" etc/localtime
else
## Generate minimal configuration for empty jail
generate_minimal_conf
fi
} }
# Handle special-case commands first. # Handle special-case commands first.
@@ -372,6 +388,7 @@ if echo "$3" | grep '@'; then
fi fi
## reset this options ## reset this options
EMPTY_JAIL=""
THICK_JAIL="" THICK_JAIL=""
VNET_JAIL="" VNET_JAIL=""
@@ -384,6 +401,10 @@ if [ "${1}" = "-T" -o "${1}" = "--thick" -o "${1}" = "thick" ] && \
else else
## handle single options ## handle single options
case "${1}" in case "${1}" in
-E|--empty|empty)
shift
EMPTY_JAIL="1"
;;
-T|--thick|thick) -T|--thick|thick)
shift shift
THICK_JAIL="1" THICK_JAIL="1"
@@ -404,9 +425,15 @@ RELEASE="$2"
IP="$3" IP="$3"
INTERFACE="$4" INTERFACE="$4"
if [ -n "${EMPTY_JAIL}" ]; then
if [ $# -ne 1 ]; then
usage
fi
else
if [ $# -gt 4 ] || [ $# -lt 3 ]; then if [ $# -gt 4 ] || [ $# -lt 3 ]; then
usage usage
fi fi
fi
## don't allow for dots(.) in container names ## don't allow for dots(.) in container names
if echo "${NAME}" | grep -q "[.]"; then if echo "${NAME}" | grep -q "[.]"; then
@@ -414,6 +441,7 @@ if echo "${NAME}" | grep -q "[.]"; then
exit 1 exit 1
fi fi
if [ -z "${EMPTY_JAIL}" ]; then
## verify release ## verify release
case "${RELEASE}" in case "${RELEASE}" in
*-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2) *-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2)
@@ -464,11 +492,6 @@ if [ ! -d "${bastille_releasesdir}/${RELEASE}" ]; then
exit 1 exit 1
fi fi
## check if a running jail matches name or already exist
if [ -n "${NAME}" ]; then
running_jail
fi
## check if ip address is valid ## check if ip address is valid
if [ -n "${IP}" ]; then if [ -n "${IP}" ]; then
validate_ip validate_ip
@@ -483,5 +506,13 @@ if [ -n "${INTERFACE}" ]; then
else else
validate_netconf validate_netconf
fi fi
else
echo -e "${COLOR_GREEN}Creating empty jail: ${NAME}.${COLOR_RESET}"
fi
## check if a running jail matches name or already exist
if [ -n "${NAME}" ]; then
running_jail
fi
create_jail "${NAME}" "${RELEASE}" "${IP}" "${INTERFACE}" create_jail "${NAME}" "${RELEASE}" "${IP}" "${INTERFACE}"