From 9b859f84eda64c8c2125f22c72236b8557977ca3 Mon Sep 17 00:00:00 2001
From: Sven R <admin@hackacad.net>
Date: Mon, 23 Dec 2019 09:46:32 +0100
Subject: [PATCH 1/4] added all to Makefile

Signed-off-by: Sven R <admin@hackacad.net>
---
 Makefile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Makefile b/Makefile
index 43aba9d..72039bb 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,6 @@
+.PHONY: all
+all:
+	@echo "Nothing to be done. Please use make install or make uinstall"
 .PHONY: install
 install:
 	@echo "Installing Bastille"

From b16b39371789233548ad2cd140d76368b38825bc Mon Sep 17 00:00:00 2001
From: Sven R <admin@netzmacher.net>
Date: Mon, 23 Dec 2019 09:48:02 +0100
Subject: [PATCH 2/4] Update Makefile

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 72039bb..6e7aaec 100644
--- a/Makefile
+++ b/Makefile
@@ -1,6 +1,6 @@
 .PHONY: all
 all:
-	@echo "Nothing to be done. Please use make install or make uinstall"
+	@echo "Nothing to be done. Please use make install or make uninstall"
 .PHONY: install
 install:
 	@echo "Installing Bastille"

From 861953734f75240dfa0c84c93ab37e6a7c2ed433 Mon Sep 17 00:00:00 2001
From: Sven R <admin@hackacad.net>
Date: Mon, 23 Dec 2019 09:57:56 +0100
Subject: [PATCH 3/4] added chmod to Makefile

Signed-off-by: Sven R <admin@hackacad.net>
---
 Makefile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Makefile b/Makefile
index 72039bb..d40401c 100644
--- a/Makefile
+++ b/Makefile
@@ -6,6 +6,7 @@ install:
 	@echo "Installing Bastille"
 	@echo
 	@cp -av usr /
+	@chmod 0750 /usr/local/bastille
 	@echo
 	@echo "This method is for testing / development."
 

From bac677dc41cb5ecd960fef36bd346c83d4a6a6ce Mon Sep 17 00:00:00 2001
From: Sven R <admin@hackacad.net>
Date: Mon, 23 Dec 2019 10:54:09 +0100
Subject: [PATCH 4/4] added ressource limits

---
 usr/local/share/bastille/limits.sh | 74 ++++++++++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100755 usr/local/share/bastille/limits.sh

diff --git a/usr/local/share/bastille/limits.sh b/usr/local/share/bastille/limits.sh
new file mode 100755
index 0000000..ead1878
--- /dev/null
+++ b/usr/local/share/bastille/limits.sh
@@ -0,0 +1,74 @@
+#!/bin/sh
+# 
+# Copyright (c) 2018-2019, Christer Edwards <christer.edwards@gmail.com>
+# All rights reserved.
+# Ressource limits added by Sven R github.com/hackacad
+# 
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+# 
+# * Redistributions of source code must retain the above copyright notice, this
+#   list of conditions and the following disclaimer.
+# 
+# * Redistributions in binary form must reproduce the above copyright notice,
+#   this list of conditions and the following disclaimer in the documentation
+#   and/or other materials provided with the distribution.
+# 
+# * Neither the name of the copyright holder nor the names of its
+#   contributors may be used to endorse or promote products derived from
+#   this software without specific prior written permission.
+# 
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
+# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
+# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+. /usr/local/share/bastille/colors.pre.sh
+
+usage() {
+    echo -e "${COLOR_RED}Usage: bastille limits TARGET option value${COLOR_RESET}"
+    echo -e "Example: bastille limits JAILNAME memoryuse 1G"
+    exit 1
+}
+
+RACCT_ENABLE=$(sysctl -n kern.racct.enable)
+if [ "${RACCT_ENABLE}" != '1' ]; then
+    echo "Racct not enabled. Append 'kern.racct.enable=1' to /boot/loader.conf and reboot"
+fi
+
+# Handle special-case commands first.
+case "$1" in
+help|-h|--help)
+    usage
+    ;;
+esac
+
+if [ $# -lt 2 ]; then
+    usage
+fi
+
+TARGET="${1}"
+OPTION="${2}"
+VALUE="${3}"
+shift
+
+if [ "${TARGET}" = 'ALL' ]; then
+    JAILS=$(jls name)
+fi
+
+if [ "${TARGET}" != 'ALL' ]; then
+    JAILS=$(jls name | grep -w "${TARGET}")
+fi
+
+for _jail in ${JAILS}; do
+    echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
+    echo -e "${TYPE} ${VALUE}"
+     rctl -a jail:${_jail}:${OPTION}:deny=${VALUE}/jail
+    echo -e "${COLOR_RESET}"
+done