fix logic for rc.conf + bastille.conf ZFS check

usr/local/share/bastille/bootstrap.sh

@@ -45,7 +45,7 @@ esac
 bastille_root_check
 
 #Validate if ZFS is enabled in rc.conf and bastille.conf.
-if [ "$(sysrc -n zfs_enable)" = "YES" ] && checkyesno bastille_zfs_enable; then
+if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; then
     warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
     read answer
     case $answer in
@@ -474,9 +474,9 @@ if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" !=
 fi
 
 ## allow override bootstrap URLs via environment variables
-[ -n "${BASTILLE_URL_FREEBSD}" ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
+[ -n ${BASTILLE_URL_FREEBSD} ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
-[ -n "${BASTILLE_URL_HARDENEDBSD}" ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
+[ -n ${BASTILLE_URL_HARDENEDBSD} ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
-[ -n "${BASTILLE_URL_MIDNIGHTBSD}" ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
+[ -n ${BASTILLE_URL_MIDNIGHTBSD} ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
 
 ## Filter sane release names
 case "${1}" in

usr/local/share/bastille/setup.sh

@@ -57,19 +57,6 @@ configure_vnet() {
 
     info "Bringing up new interface: bastille1"
     service netif cloneup
-
-    if [ ! -f /etc/devfs.rules ]; then
-        info "Creating bastille_vnet devfs.rules"
-        cat << EOF > /etc/devfs.rules
-[bastille_vnet=13]
-add include \$devfsrules_hide_all
-add include \$devfsrules_unhide_basic
-add include \$devfsrules_unhide_login
-add include \$devfsrules_jail
-add include \$devfsrules_jail_vnet
-add path 'bpf*' unhide
-EOF
-    fi
 }
 
 # Configure pf firewall