Xigmanas/xigmanas-bastille-extension
1
0
Fork 0
Code Pull Requests Actions Packages Releases Activity

Re-add Linux jails, WebGUI fixes and improvements

Browse Source 
Re-add Linux jail feature, overall WebGUI fixes and improvements.
This commit is contained in:
JRGTH
2025-09-13 06:00:28 -04:00
parent c041aa4711
commit 65585053cf
15 changed files with 516 additions and 304 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG
View File

@@ -3,6 +3,7 @@
====================== ======================
Version Description Version Description
1.2.00......Re-add Linux jail feature, WebGUI fixes and overall improvements.
1.1.53......Code changes, handle osrelease parameter update in bastille-init. 1.1.53......Code changes, handle osrelease parameter update in bastille-init.
1.1.52......Re-add Thin jail release change and code improvements. 1.1.52......Re-add Thin jail release change and code improvements.
1.1.51......Code update/improvements, update jail config/util pages and bastille-init. 1.1.51......Code update/improvements, update jail config/util pages and bastille-init.

2
LICENSE
View File

@@ -1,5 +1,5 @@
--------------------------------------------------------- ---------------------------------------------------------
Copyright (c) 2019, José Rivera Copyright (c) 2019-2025, Jose Rivera
All rights reserved. All rights reserved.
Redistribution and use in source and binary forms, with or without Redistribution and use in source and binary forms, with or without

475
bastille-init
View File

@@ -9,7 +9,7 @@
# Debug script # Debug script
#set -x #set -x
# Copyright (c) 2019-2024, José Rivera (joserprg@gmail.com). # Copyright (c) 2019-2025, Jose Rivera (joserprg@gmail.com).
# All rights reserved. # All rights reserved.
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
@@ -43,14 +43,11 @@ PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
CWDIR=$(dirname $(realpath $0)) CWDIR=$(dirname $(realpath $0))
# Global variables. # Global variables.
CWDIR_TRIM=""
BASTILLE_ZFS_ZPOOL_MOUNTPOINT=""
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM=""
REQUIRED_UPDATE=""
PLATFORM=$(uname -m) PLATFORM=$(uname -m)
PRODUCT=$(uname -i) PRODUCT=$(uname -i)
PRDVERSION=$(uname -r | cut -d '-' -f1 | tr -d '.') PRDVERSION=$(uname -r | cut -d '-' -f1 | tr -d '.')
HOSTVERSION=$(freebsd-version | cut -d '-' -f1) HOSTVERSION=$(freebsd-version | cut -d '-' -f1)
BASTILLE_DIR=$(echo "${CWDIR}" | grep -o '[^/]*$')
PRDPLATFORM=$(cat /etc/platform) PRDPLATFORM=$(cat /etc/platform)
PRDPRODUCT=$(cat /etc/prd.name) PRDPRODUCT=$(cat /etc/prd.name)
SCRIPTNAME=$(basename $0) SCRIPTNAME=$(basename $0)
@@ -58,6 +55,7 @@ CONFIG="/cf/conf/config.xml"
PRDNAME="Bastille" PRDNAME="Bastille"
APPNAME="bastille" APPNAME="bastille"
EXTLOGFILE="${CWDIR}/log/bastille_ext.log" EXTLOGFILE="${CWDIR}/log/bastille_ext.log"
EXTLOCKFILE="/tmp/bastille_ext.lock"
FULLAPPNAME="${APPNAME}-dist" FULLAPPNAME="${APPNAME}-dist"
WWWPATH="/usr/local/www" WWWPATH="/usr/local/www"
PKGCACHE="/var/cache/pkg" PKGCACHE="/var/cache/pkg"
@@ -82,27 +80,42 @@ BASTILLE_VERSION="https://raw.githubusercontent.com/BastilleBSD/${APPNAME}/${BRA
GITURL="https://github.com/JRGTH/xigmanas-${APPNAME}-extension/archive/${BRANCH}.zip" GITURL="https://github.com/JRGTH/xigmanas-${APPNAME}-extension/archive/${BRANCH}.zip"
VERFILE="https://raw.githubusercontent.com/JRGTH/xigmanas-${APPNAME}-extension/${BRANCH}/version" VERFILE="https://raw.githubusercontent.com/JRGTH/xigmanas-${APPNAME}-extension/${BRANCH}/version"
URL_FREEBSD="http://ftp.freebsd.org/pub/FreeBSD/releases/" URL_FREEBSD="http://ftp.freebsd.org/pub/FreeBSD/releases/"
URL_FREEBSD_OLD="https://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/"
URL_HARDENEDBSD="https://installers.hardenedbsd.org/pub/" URL_HARDENEDBSD="https://installers.hardenedbsd.org/pub/"
URL_MIDNIGHTBSD="https://www.midnightbsd.org/ftp/MidnightBSD/releases/" URL_MIDNIGHTBSD="https://www.midnightbsd.org/ftp/MidnightBSD/releases/"
OPT="${1}" OPT="${1}"
ARG="${2}"
# Bastille required # Load bastille configuration file.
if [ -f "${BASTILLECONF}" ]; then if [ -f "${BASTILLECONF}" ]; then
. /${BASTILLECONF} . /${BASTILLECONF}
if [ "${bastille_zfs_enable}" = "YES" -o "${bastille_zfs_enable}" = "yes" ]; then else
if [ -n "${bastille_zfs_prefix}" ] && [ -n "${bastille_zfs_zpool}" ]; then . /${INSTALLPATH}/${BASTILLECONF}
# Always enforce ZFS activation below "/mnt/" from the extension. fi
if echo "${CWDIR}" | grep -q '/mnt/'; then
CWDIR_TRIM=$(echo "${CWDIR}" | sed "s|/mnt/||;s|/${bastille_zfs_prefix}||")
fi
BASTILLE_ZFS_ZPOOL_MOUNTPOINT=$(zfs get -H -o value mountpoint "${bastille_zfs_zpool}") # Unset variables.
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM="" REQUIRED_UPDATE=
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | grep -q '/mnt/'; then CWDIR_TRIM=
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM=$(echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | sed "s|/mnt/||;s|/${bastille_zfs_prefix}||") BASTILLE_ZFS_PREFIX_TRIM=
fi BASTILLE_ZFS_ZPOOL_MOUNTPOINT=
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM=
# Get extension ZFS config info.
if [ "${bastille_zfs_enable}" = "YES" ] || [ "${bastille_zfs_enable}" = "yes" ]; then
if [ -n "${bastille_zfs_prefix}" ] && [ -n "${bastille_zfs_zpool}" ]; then
# Always enforce ZFS activation below "/mnt/" from the extension.
if echo "${CWDIR}" | grep -q '/mnt/'; then
CWDIR_TRIM=$(echo "${CWDIR}" | sed "s|/mnt/||;s|/${bastille_zfs_prefix}||")
fi fi
BASTILLE_ZFS_ZPOOL_MOUNTPOINT=$(zfs get -H -o value mountpoint "${bastille_zfs_zpool}" 2>/dev/null)
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | grep -q '/mnt/'; then
BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM=$(echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT}" | sed "s|/mnt/||;s|/${bastille_zfs_prefix}||")
fi
BASTILLE_ZFS_PREFIX_TRIM=$(echo "${bastille_zfs_prefix}" | sed "s|/${BASTILLE_DIR}||")
fi fi
# Check bastille ZFS config match on disk ZFS config.
BASTILLE_CONFIG_DISK=$(zfs list -H "${bastille_prefix}" 2>/dev/null | awk '{print $1}')
BASTILLE_CONFIG_FILE=$(echo "${bastille_zfs_zpool}/${bastille_zfs_prefix}")
fi fi
error_notify() error_notify()
@@ -117,7 +130,7 @@ runtime_config()
{ {
# Run-time configuration and checks. # Run-time configuration and checks.
if [ -f "${INSTALLPATH}/${BASTILLECONF}" ]; then if [ -f "${INSTALLPATH}/${BASTILLECONF}" ]; then
if ! sysrc -f ${BASTILLECONF} -qn bastille_prefix | grep -q "${CWDIR}"; then if ! sysrc -f ${BASTILLECONF} -qc bastille_prefix="${CWDIR}"; then
sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_prefix="${CWDIR}" >/dev/null 2>&1 sysrc -f ${INSTALLPATH}/${BASTILLECONF} bastille_prefix="${CWDIR}" >/dev/null 2>&1
fi fi
fi fi
@@ -404,19 +417,11 @@ sys_symlinkdir()
ln -fhs ${INSTALLPATH}${USRLOCAL}/etc/${APPNAME} ${USRLOCAL}/etc/${APPNAME} ln -fhs ${INSTALLPATH}${USRLOCAL}/etc/${APPNAME} ${USRLOCAL}/etc/${APPNAME}
fi fi
# Link bastille config file. if [ -f "${BASTILLECONF_EXT}" ]; then
#if [ -f "${INSTALLPATH}${USRLOCAL}/etc/${APPNAME}/${APPNAME}.conf.sample" ]; then if [ ! -f "${INSTALLPATH}${USRLOCAL}/etc/${APPNAME}/${APPNAME}.conf" ]; then
# cd ${INSTALLPATH}${USRLOCAL}/etc/${APPNAME} cp ${BASTILLECONF_EXT} ${INSTALLPATH}${USRLOCAL}/etc/${APPNAME}/${APPNAME}.conf
# if [ ! -f "${APPNAME}.conf" ]; then
# cp ${APPNAME}.conf.sample ${APPNAME}.conf
# fi
#else
if [ -f "${BASTILLECONF_EXT}" ]; then
if [ ! -f "${INSTALLPATH}${USRLOCAL}/etc/${APPNAME}/${APPNAME}.conf" ]; then
cp ${BASTILLECONF_EXT} ${INSTALLPATH}${USRLOCAL}/etc/${APPNAME}/${APPNAME}.conf
fi
fi fi
#fi fi
# Copy bastille shared. # Copy bastille shared.
if [ -d "${INSTALLPATH}${USRLOCAL}/share/${APPNAME}" ]; then if [ -d "${INSTALLPATH}${USRLOCAL}/share/${APPNAME}" ]; then
@@ -515,16 +520,14 @@ postinit_cmd()
touch ${CWDIR}/postinit || error_notify "Error: A problem has occurred while creating the postinit file." touch ${CWDIR}/postinit || error_notify "Error: A problem has occurred while creating the postinit file."
chmod +x ${CWDIR}/postinit chmod +x ${CWDIR}/postinit
if [ "${PRDVERSION}" -ge "110" ]; then if [ "${PRDVERSION}" -ge "110" ]; then
# Generate php script for start/stop commands. # Generate php script only for start command for extension version 1.2 and later.
cat << EOF > ${CWDIR}/postinit cat << EOF > ${CWDIR}/postinit
<?php <?php
require_once("config.inc"); require_once("config.inc");
require_once("functions.inc"); require_once("functions.inc");
\$cmd = dirname(__FILE__)."/${SCRIPTNAME}"; \$cmd = dirname(__FILE__)."/${SCRIPTNAME}";
\$cmd2 = dirname(__FILE__)."/${SCRIPTNAME} -p";
\$name = "${PRDNAME} Extension"; \$name = "${PRDNAME} Extension";
\$comment = "Start ${PRDNAME} Container Manager"; \$comment = "Start ${PRDNAME} Container Manager";
\$comment2 = "Stop ${PRDNAME} Container Manager";
\$rc = &array_make_branch(\$config,'rc','param'); \$rc = &array_make_branch(\$config,'rc','param');
if(false === array_search_ex(\$cmd,\$rc,'cmd')): if(false === array_search_ex(\$cmd,\$rc,'cmd')):
\$rc_param = []; \$rc_param = [];
@@ -538,20 +541,6 @@ if(false === array_search_ex(\$cmd,\$rc,'cmd')):
write_config(); write_config();
endif; endif;
unset(\$rc); unset(\$rc);
\$rc = &array_make_branch(\$config,'rc','param');
if(false === array_search_ex(\$cmd2,\$rc,'cmd2')):
\$rc_param = [];
\$rc_param['uuid'] = uuid();
\$rc_param['name'] = \$name;
\$rc_param['value'] = \$cmd2;
\$rc_param['comment'] = \$comment2;
\$rc_param['typeid'] = '3';
\$rc_param['enable'] = true;
\$rc[] = \$rc_param;
write_config();
endif;
unset(\$rc);
?> ?>
EOF EOF
fi fi
@@ -616,6 +605,8 @@ gui_enable()
else else
error_notify "Error: Extension gui files not found." error_notify "Error: Extension gui files not found."
fi fi
exit 0
} }
gui_disable() gui_disable()
@@ -639,13 +630,15 @@ gui_disable()
rm -r ${WWWPATH}/ext rm -r ${WWWPATH}/ext
fi fi
fi fi
exit 0
} }
jail_update() jail_update()
{ {
# Workaround since XigmaNAS does not ship with freebsd-update command. # Workaround since XigmaNAS does not ship with freebsd-update command.
if [ "${PRDPRODUCT}" = "XigmaNAS" -o "${PRDPRODUCT}" = "NAS4Free" ]; then if [ "${PRDPRODUCT}" = "XigmaNAS" ] || [ "${PRDPRODUCT}" = "NAS4Free" ]; then
if [ ! -d "${FREEBSD_UPDATE}" ]; then if [ ! -d "${FREEBSD_UPDATE}" ]; then
echo "Not supported on ${PRDPRODUCT} platform." echo "Not supported on ${PRDPRODUCT} platform."
exit 1 exit 1
@@ -834,7 +827,7 @@ thickjail_upgrade()
{ {
# Workaround since XigmaNAS does not ship with freebsd-update command. # Workaround since XigmaNAS does not ship with freebsd-update command.
if [ "${PRDPRODUCT}" = "XigmaNAS" -o "${PRDPRODUCT}" = "NAS4Free" ]; then if [ "${PRDPRODUCT}" = "XigmaNAS" ] || [ "${PRDPRODUCT}" = "NAS4Free" ]; then
if [ ! -d "${FREEBSD_UPDATE}" ]; then if [ ! -d "${FREEBSD_UPDATE}" ]; then
echo "Not supported on ${PRDPRODUCT} platform." echo "Not supported on ${PRDPRODUCT} platform."
exit 1 exit 1
@@ -891,7 +884,7 @@ thickjail_install()
{ {
# Workaround since XigmaNAS does not ship with freebsd-update command. # Workaround since XigmaNAS does not ship with freebsd-update command.
if [ "${PRDPRODUCT}" = "XigmaNAS" -o "${PRDPRODUCT}" = "NAS4Free" ]; then if [ "${PRDPRODUCT}" = "XigmaNAS" ] || [ "${PRDPRODUCT}" = "NAS4Free" ]; then
if [ ! -d "${FREEBSD_UPDATE}" ]; then if [ ! -d "${FREEBSD_UPDATE}" ]; then
echo "Not supported on ${PRDPRODUCT} platform." echo "Not supported on ${PRDPRODUCT} platform."
exit 1 exit 1
@@ -937,12 +930,7 @@ zfs_activate()
# Check if ZFS is already configured. # Check if ZFS is already configured.
# Always enforce ZFS activation below "/mnt/" from the extension. # Always enforce ZFS activation below "/mnt/" from the extension.
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM}" | grep -qw "${CWDIR_TRIM}$"; then if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM}" | grep -qw "${CWDIR_TRIM}$"; then
if zfs list "${bastille_zfs_zpool}/${bastille_zfs_prefix}" > /dev/null 2>&1; then
BASTILLE_DIR=$(echo "${CWDIR}" | grep -o '[^/]*$')
if [ "${bastille_zfs_prefix}" != "${BASTILLE_DIR}" ]; then
error_notify "Invalid ZFS configuration."
fi
if zfs list "${bastille_zfs_zpool}/${BASTILLE_DIR}" > /dev/null 2>&1; then
echo "Bastille ZFS is already configured." echo "Bastille ZFS is already configured."
sysrc -f ${CWDIR}${EXTCONF} ZFS_ACTIVATED="YES" >/dev/null 2>&1 sysrc -f ${CWDIR}${EXTCONF} ZFS_ACTIVATED="YES" >/dev/null 2>&1
exit 0 exit 0
@@ -958,23 +946,26 @@ zfs_activate()
echo "Enabling ZFS on ${PRDNAME} Extension..." echo "Enabling ZFS on ${PRDNAME} Extension..."
# Confirm before conversion. # Confirm before conversion.
while : while :; do
do read -p "Do you really want to enable ZFS for ${PRDNAME} Extension? [y/N]:" _yn
read -p "Do you really wish to enable ZFS for ${PRDNAME} Extension? [y/N]:" yn case ${_yn} in
case ${yn} in [Yy])
[Yy]) break;; break
[Nn]) exit 0;; ;;
esac [Nn])
done exit 0
;;
esac
done
echo "Proceeding..." echo "Proceeding..."
if [ "${bastille_zfs_enable}" = "YES" ]; then if [ "${bastille_zfs_enable}" = "YES" ]; then
if [ ! -z "${bastille_zfs_zpool}" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
if zfs list "${bastille_zfs_zpool}" > /dev/null 2>&1; then if zfs list "${bastille_zfs_zpool}" > /dev/null 2>&1; then
if ! zfs list "${bastille_zfs_zpool}/${BASTILLE_DIR}" > /dev/null 2>&1; then if ! zfs list "${bastille_zfs_zpool}/${bastille_zfs_prefix}" > /dev/null 2>&1; then
echo "Renaming existing '${BASTILLE_DIR}' directory" echo "Renaming existing '${BASTILLE_DIR}' directory..."
mv ${CWDIR} ${CWDIR}.old mv ${CWDIR} ${CWDIR}.old
echo "Creating a new ZFS dataset for '${BASTILLE_DIR}'" echo "Creating a new ZFS dataset for '${BASTILLE_DIR}'..."
zfs create ${bastille_zfs_options} ${bastille_zfs_zpool}/${bastille_zfs_prefix} zfs create ${bastille_zfs_options} ${bastille_zfs_zpool}/${bastille_zfs_prefix}
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
MSG="Failed to enable ZFS, reverting changes." MSG="Failed to enable ZFS, reverting changes."
@@ -990,7 +981,7 @@ zfs_activate()
echo "Bastille ZFS is already configured." echo "Bastille ZFS is already configured."
fi fi
else else
error_notify "ERROR: ${bastille_zfs_zpool} is not a ZFS pool/dataset." error_notify "ERROR: ${bastille_zfs_zpool} is not a ZFS pool."
fi fi
else else
error_notify "Bastille ZPOOL is not set." error_notify "Bastille ZPOOL is not set."
@@ -1021,11 +1012,40 @@ pkg_upgrade()
reset_install() reset_install()
{ {
# Confirm for addon config reset.
while :; do
read -p "Do you really want to proceed with the ${PRDNAME} Extension config reset? [y/N]:" _yn
case ${_yn} in
[Yy])
break
;;
[Nn])
exit 0
;;
esac
done
echo "Proceeding..."
# Check for running jails before config reset.
for _jail in $(bastille list jail); do
if jls -j ${_jail} >/dev/null 2>&1; then
echo "Looks like there are running bastille jails, aborting."
exit 1
fi
done
# Reset the extension environment. # Reset the extension environment.
echo "Removing extension files..." echo "Removing extension files..."
if [ -f "${CWDIR}/conf/bastille_config" ]; then if [ -f "${CWDIR}/conf/bastille_config" ]; then
rm -rf ${CWDIR}/conf/bastille_config echo "Backup current extension config file."
if [ -f "${CWDIR}/conf/bastille_config.old" ]; then
# Remove previous backup file.
rm -f ${CWDIR}/conf/bastille_config.old
fi
mv -vf ${CWDIR}/conf/bastille_config ${CWDIR}/conf/bastille_config.old
fi fi
if [ -d "${CWDIR}/${FULLAPPNAME}" ]; then if [ -d "${CWDIR}/${FULLAPPNAME}" ]; then
rm -rf ${CWDIR}/${FULLAPPNAME} rm -rf ${CWDIR}/${FULLAPPNAME}
fi fi
@@ -1036,56 +1056,68 @@ reset_install()
rm -f ${CWDIR}/version rm -f ${CWDIR}/version
fi fi
sleep 3
# Set default config. # Set default config.
sysrc -f ${CWDIR}${EXTCONF} GUI_ENABLE=YES INSTALL_DIR=${CWDIR} >/dev/null 2>&1 touch ${CWDIR}/conf/bastille_config
sysrc -f ${CWDIR}${EXTCONF} GUI_ENABLE="YES" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} INSTALL_DIR="${CWDIR}" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} BASTILLE_CONFIG="${CWDIR}/${FULLAPPNAME}${BASTILLECONF}" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} BACKUP_DIR="${CWDIR}/backups" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="NO" >/dev/null 2>&1
echo "" echo ""
echo "*************************************************************************************************************" echo "*************************************************************************************************************"
echo "* The configuration was reset, please go to [Extensions > Bastille > Configuration] to configure bastille. *" echo "* The configuration was reset, please go to [Extensions > Bastille > Configuration] to configure bastille. *"
echo "* Alternatively you can edit the '/usr/local/etc/bastille/bastille.conf' file manually. *" echo "* Alternatively you can edit the 'addon/bastille-dist/usr/local/etc/bastille/bastille.conf' file manually. *"
echo "*************************************************************************************************************" echo "*************************************************************************************************************"
echo "" echo ""
echo "Notice: If Linux Jail support was enabled, please execute the below command to re-enable it:" echo "Notice: If Linux Jail support was enabled, please execute the below command to manually re-enable it:"
echo "==> sysrc -f ${CWDIR}${EXTCONF} LINUX_COMPAT_SUPPORT=\"YES\"" echo "==> sysrc -f ${CWDIR}${EXTCONF} LINUX_COMPAT_SUPPORT=\"YES\""
echo "" echo ""
# Tell Bastille Extension that config was reset.
touch ${CWDIR}/conf/config_reset.lock
} }
remove_addon() remove_addon()
{ {
# Confirm for addon removal. # Confirm for addon removal.
while : while :; do
do read -p "Do you want to proceed with the ${FULLAPPNAME} removal? [y/N]:" _yn
read -p "Do you wish to proceed with the ${FULLAPPNAME} removal? [y/N]:" yn case ${_yn} in
case ${yn} in [Yy]) break
[Yy]) break;; ;;
[Nn]) exit 0;; [Nn]) exit 0
esac ;;
done esac
done
echo "Proceeding..." echo "Proceeding..."
# Check for working platform and remove symlinks. # Check and disable extension unionfs in case it is enabled.
if [ "${PRDPLATFORM}" = "x64-embedded" ] || [ "${PRDPLATFORM}" = "x64-full" ]; then ${CWDIR}/unionfs.sh unionfs_off
if [ -d "${USRLOCAL}/share/licenses/${APPNAME}-*" ]; then
rm -rf ${USRLOCAL}/share/licenses/${APPNAME}-* # Check and remove extension files/symlinks.
fi if [ -d "${USRLOCAL}/share/licenses/${APPNAME}-*" ]; then
if [ -d $"{USRLOCAL}/share/locale-bastille" ]; then rm -rf ${USRLOCAL}/share/licenses/${APPNAME}-*
rm -rf ${USRLOCAL}/share/locale-bastille fi
fi if [ -d "${USRLOCAL}/share/locale-bastille" ]; then
if [ -f "${USRLOCAL}/etc/rc.d/${APPNAME}" ]; then rm -rf ${USRLOCAL}/share/locale-bastille
rm -f ${USRLOCAL}/etc/rc.d/${APPNAME} fi
fi if [ -f "${USRLOCAL}/etc/rc.d/${APPNAME}" ]; then
if [ -f "${USRLOCAL}/etc/${APPNAME}.conf" ]; then rm -f ${USRLOCAL}/etc/rc.d/${APPNAME}
rm -f ${USRLOCAL}/etc/${APPNAME}.conf fi
fi if [ -f "${USRLOCAL}/etc/${APPNAME}" ]; then
if [ -f "${BASTILLEPATH}/${APPNAME}" ]; then rm -f ${USRLOCAL}/etc/${APPNAME}
rm -f ${BASTILLEPATH}/${APPNAME} fi
fi if [ -f "${BASTILLEPATH}/${APPNAME}" ]; then
if [ -f "${USRLOCAL}/sbin/${APPNAME}-init" ]; then rm -f ${BASTILLEPATH}/${APPNAME}
rm -rf ${USRLOCAL}/sbin/${APPNAME}-init fi
fi if [ -f "${BASTILLEPATH}/${APPNAME}-init" ]; then
if [ -d "${VARLOG}/${APPNAME}" ]; then rm -rf ${BASTILLEPATH}/${APPNAME}-init
rm -rf ${VARLOG}/${APPNAME} fi
fi if [ -d "${VARLOG}/${APPNAME}" ]; then
rm -rf ${VARLOG}/${APPNAME}
fi fi
# Remove extension and GUI components. # Remove extension and GUI components.
@@ -1112,21 +1144,22 @@ remove_addon()
# Remove addon related files and folders only- # Remove addon related files and folders only-
# to protect any user-created custom files- # to protect any user-created custom files-
# as well as for the containers dirs/files. # as well as for the containers dirs/files.
FILES="conf download freebsd-update gui locale-bastille log bastille-dist LICENSE README.md postinit CHANGELOG version bastille-init" FILES="bastille-dist conf download freebsd-update gui locale-bastille log system CHANGELOG LICENSE README.md bastille-init postinit unionfs.sh version"
for FILE in ${FILES}; do for FILE in ${FILES}; do
if [ -f "${CWDIR}/${FILE}" ] || [ -d "${CWDIR}/${FILE}" ]; then if [ -f "${CWDIR}/${FILE}" ] || [ -d "${CWDIR}/${FILE}" ]; then
rm -rf ${CWDIR}/${FILE} rm -rf ${CWDIR}/${FILE}
fi fi
done done
BIN_FILES="/usr/local/bin/ar /usr/local/bin/jib /usr/sbin/setfib /usr/bin/sum /usr/bin/diff3 /usr/bin/makewhatis" # Remove this files since they are not part of the base.
BIN_FILES="/usr/bin/ar /usr/local/bin/jib /usr/sbin/setfib /usr/bin/sum /usr/bin/diff3 /usr/bin/makewhatis"
for FILE in ${BIN_FILES}; do for FILE in ${BIN_FILES}; do
if [ -f "${FILE}" ]; then if [ -f "${FILE}" ]; then
rm -rf ${FILE} rm -rf ${FILE}
fi fi
done done
# Don't remove this files on 13.x versions since they are part of the base. # Don't remove this files on 13.x and later versions since they are part of the base.
if [ "$(freebsd-version | cut -d '.' -f1)" -le 12 ]; then if [ "$(freebsd-version | cut -d '.' -f1)" -le 12 ]; then
PF_FILES="/sbin/pfctl /sbin/pfilctl /sbin/pflogd /etc/pf.os" PF_FILES="/sbin/pfctl /sbin/pfilctl /sbin/pflogd /etc/pf.os"
for FILE in ${PF_FILES}; do for FILE in ${PF_FILES}; do
@@ -1159,31 +1192,27 @@ get_versions()
ext_start() ext_start()
{ {
if sysrc -f ${CWDIR}${EXTCONF} -qn LINUX_COMPAT_SUPPORT | grep -q "YES"; then if sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
${CWDIR}/unionfs.sh load_kmods ${CWDIR}/unionfs.sh load_kmods
${CWDIR}/unionfs.sh unionfs_on
fi fi
# Start bastille jails. # Start bastille jails.
if [ -d "${CWDIR}/jails" ]; then if [ -d "${CWDIR}/jails" ]; then
JAIL_LIST=$(bastille list jail) # Required for embedded platforms due late startup.
# This loop is for backward compatibility only.
for jail in ${JAIL_LIST}; do
if grep -qw "${jail}_AUTO_START=\"YES\"" ${CWDIR}${EXTCONF}; then
if ! jls | sed "1 d" | awk '{print $3}' | grep -qw ${jail}; then
bastille start ${jail}
fi
fi
done
# Required for embedded platforms.
if [ "${PRDPLATFORM}" = "x64-embedded" ]; then if [ "${PRDPLATFORM}" = "x64-embedded" ]; then
if sysrc -qc bastille_enable=YES; then if sysrc -qc bastille_enable=YES; then
service bastille start if [ ! -f "${EXTLOCKFILE}" ]; then
service bastille start
fi
fi fi
fi fi
fi fi
# Create extension lock file after boot.
if [ ! -f "${EXTLOCKFILE}" ]; then
touch ${EXTLOCKFILE}
fi
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
MSG="script has been started successfully!" MSG="script has been started successfully!"
logger -t ${SCRIPTNAME} ${MSG} logger -t ${SCRIPTNAME} ${MSG}
@@ -1195,12 +1224,37 @@ ext_start()
fi fi
} }
zfs_support_enabled()
{
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="YES" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} ZFS_ACTIVATED="YES" >/dev/null 2>&1
}
zfs_support_error()
{
echo "WARNING: Invalid ZFS configuration."
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="ERR" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} -x ZFS_ACTIVATED >/dev/null 2>&1
}
zfs_support_avail()
{
echo "WARNING: ZFS support available but not enabled."
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="AVA" >/dev/null 2>&1
}
zfs_support_disabled()
{
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="NO" >/dev/null 2>&1
sysrc -f ${CWDIR}${EXTCONF} -x ZFS_ACTIVATED >/dev/null 2>&1
}
rc_params() rc_params()
{ {
# Bastille required parameters. # Bastille required parameters.
# Set bastille prefix. # Set bastille prefix.
if ! sysrc -f ${BASTILLECONF} -qn bastille_prefix | grep -q "${CWDIR}"; then if ! sysrc -f ${BASTILLECONF} -qc bastille_prefix="${CWDIR}"; then
sysrc -f ${BASTILLECONF} bastille_prefix="${CWDIR}" >/dev/null 2>&1 sysrc -f ${BASTILLECONF} bastille_prefix="${CWDIR}" >/dev/null 2>&1
fi fi
@@ -1216,13 +1270,13 @@ rc_params()
fi fi
# Set bastille.conf location. # Set bastille.conf location.
if ! sysrc -f ${CWDIR}${EXTCONF} -n BASTILLE_CONFIG 2>/dev/null | grep -q "${CWDIR}/${FULLAPPNAME}${BASTILLECONF}"; then if ! sysrc -f ${CWDIR}${EXTCONF} -qc BASTILLE_CONFIG="${CWDIR}/${FULLAPPNAME}${BASTILLECONF}"; then
sysrc -f ${CWDIR}${EXTCONF} BASTILLE_CONFIG="${CWDIR}/${FULLAPPNAME}${BASTILLECONF}" >/dev/null 2>&1 sysrc -f ${CWDIR}${EXTCONF} BASTILLE_CONFIG="${CWDIR}/${FULLAPPNAME}${BASTILLECONF}" >/dev/null 2>&1
fi fi
# Default first network interface. # Default first network interface.
ACTIVE_NETIF=$(ifconfig | grep "UP,BROADCAST" | awk -F":" '{print $1}' | sed 1q) ACTIVE_NETIF=$(ifconfig | grep "UP,BROADCAST" | awk -F":" '{print $1}' | sed 1q)
if ! sysrc -f ${BASTILLECONF} -qn bastille_network_shared | grep -q "${ACTIVE_NETIF}" >/dev/null 2>&1; then if ! sysrc -f ${BASTILLECONF} -qc bastille_network_shared="${ACTIVE_NETIF}" >/dev/null 2>&1; then
#echo "" >> ${BASTILLECONF} && echo "## default network interface" >> ${BASTILLECONF} #echo "" >> ${BASTILLECONF} && echo "## default network interface" >> ${BASTILLECONF}
sysrc -f ${BASTILLECONF} bastille_network_shared="${ACTIVE_NETIF}" >/dev/null 2>&1 sysrc -f ${BASTILLECONF} bastille_network_shared="${ACTIVE_NETIF}" >/dev/null 2>&1
else else
@@ -1233,33 +1287,64 @@ rc_params()
fi fi
fi fi
# Do't start containers by default. # Check if extension config was reset.
#if ! sysrc -qn bastille_enable >/dev/null 2>&1; then if [ -f "${CWDIR}/conf/config_reset.lock" ]; then
# sysrc bastille_enable="NO" >/dev/null 2>&1 zfs_support_error
#fi echo "WARNING: ${PRDNAME} Extension config was reset."
rm ${CWDIR}/conf/config_reset.lock
fi
# Check if sane ZFS is enabled in this setup. # Check for sane ZFS parameters in this setup.
if [ "${bastille_zfs_enable}" = "YES" ]; then if [ "${bastille_zfs_enable}" = "YES" ]; then
if [ -n "${bastille_zfs_zpool}" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
if zfs list "${bastille_zfs_zpool}" > /dev/null 2>&1; then if zfs list "${bastille_zfs_zpool}" >/dev/null 2>&1; then
BASTILLE_DIR=$(echo ${CWDIR} | grep -o '[^/]*$')
if zfs list "${bastille_zfs_zpool}/${BASTILLE_DIR}" > /dev/null 2>&1; then # Check bastille ZFS config match on disk ZFS config if activation is already enabled in the config file.
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="YES" >/dev/null 2>&1 if sysrc -f ${CWDIR}${EXTCONF} -qc ZFS_SUPPORT=YES && sysrc -f ${CWDIR}${EXTCONF} -qc ZFS_ACTIVATED=YES; then
else if [ "${BASTILLE_CONFIG_DISK}" != "${BASTILLE_CONFIG_FILE}" ]; then
if echo "${BASTILLE_ZFS_ZPOOL_MOUNTPOINT_TRIM}" | grep -qw "${CWDIR_TRIM}$"; then zfs_support_error
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="AVA" >/dev/null 2>&1 exit 1
else else
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="ERR" >/dev/null 2>&1 # Check and don't allow child datasets in bastille_zfs_zpool.
if echo "${bastille_zfs_zpool}" | grep -q '\/'; then
zfs_support_error
exit 1
fi
fi fi
fi fi
# Perform some checks against on-disk and file configurations.
if zfs list "${bastille_zfs_zpool}/${BASTILLE_ZFS_PREFIX_TRIM}/${BASTILLE_DIR}" >/dev/null 2>&1; then
# Looks like ZFS support is already configured, then set parameters.
zfs_support_enabled
elif zfs list "${bastille_zfs_zpool}" >/dev/null 2>&1 && \
[ "${bastille_zfs_prefix}" = "${BASTILLE_ZFS_PREFIX_TRIM}/${BASTILLE_DIR}" ]; then
# Looks like ZFS support is available for activation.
zfs_support_avail
elif zfs list "${bastille_zfs_zpool}/${BASTILLE_DIR}" >/dev/null 2>&1; then
zfs_support_enabled
elif zfs list "${bastille_zfs_zpool}" >/dev/null 2>&1 && \
[ "${BASTILLE_ZFS_PREFIX_TRIM}" = "${BASTILLE_DIR}" ]; then
# Looks like ZFS support is available for activation.
zfs_support_avail
elif zfs list "${bastille_zfs_zpool}/${BASTILLE_DIR}" >/dev/null 2>&1; then
zfs_support_enabled
else
zfs_support_error
fi
else else
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="ERR" >/dev/null 2>&1 zfs_support_error
fi fi
else else
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="ERR" >/dev/null 2>&1 zfs_support_error
fi fi
else else
sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="NO" >/dev/null 2>&1 # Check for orphaned configuration and/or config reset.
if zfs list -H "${CWDIR}" >/dev/null 2>&1; then
zfs_support_error
else
zfs_support_disabled
fi
fi fi
# Enable bastille in /etc/rc.conf # Enable bastille in /etc/rc.conf
@@ -1347,9 +1432,7 @@ bastille_stop()
{ {
# Stop all bastille containers. # Stop all bastille containers.
echo "${PRDNAME} Extension: Stopping all containers..." echo "${PRDNAME} Extension: Stopping all containers..."
if ! sysrc -qc bastille_enable=YES; then bastille stop ALL
bastille stop ALL
fi
if [ $? -eq 0 ]; then if [ $? -eq 0 ]; then
exit 0 exit 0
else else
@@ -1389,21 +1472,19 @@ bastille_init()
gui_start gui_start
rc_params rc_params
ext_start ext_start
} }
linux_compat() linux_compat_enable()
{ {
# Feature temporarily disabled. # Experimental feature.
echo "This feature is temporarily disabled due incompatibility with later ${PRDPRODUCT} releases."
exit 1
if ping -c1 -t5 freebsd.org > /dev/null; then if ping -c1 -t5 freebsd.org > /dev/null; then
# Manually enable Linux compatibility(Experimental). # Manually enable Linux compatibility(Experimental).
if ! sysrc -f ${CWDIR}${EXTCONF} -qn LINUX_COMPAT_SUPPORT | grep -q "YES"; then if ! sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
${CWDIR}/unionfs.sh fetch_pkg && ${CWDIR}/unionfs.sh load_kmods && ${CWDIR}/unionfs.sh unionfs_on && sysrc -f ${CWDIR}${EXTCONF} LINUX_COMPAT_SUPPORT="YES" >/dev/null 2>&1 echo "Enabling Linux compatibility support..."
#${CWDIR}/unionfs.sh fetch_pkg && ${CWDIR}/unionfs.sh load_kmods && ${CWDIR}/unionfs.sh unionfs_on && sysrc -f ${CWDIR}${EXTCONF} LINUX_COMPAT_SUPPORT="YES" >/dev/null 2>&1
${CWDIR}/unionfs.sh fetch_debootstrap && ${CWDIR}/unionfs.sh load_kmods && sysrc -f ${CWDIR}${EXTCONF} LINUX_COMPAT_SUPPORT="YES" >/dev/null 2>&1
else else
echo "Already enabled." echo "Linux compatibility already enabled."
fi fi
exit 0 exit 0
else else
@@ -1412,13 +1493,80 @@ linux_compat()
fi fi
} }
bootstrap_dist()
{
# Workaround since XigmaNAS does not ship with debootstrap command.
if sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
# List of tested/working Linux distributions on FreeBSD 14.x.
LINUX_FLAVORS="ubuntu-bionic ubuntu-focal ubuntu-jammy"
if [ -n "${LINUX_DIST}" ]; then
for _linux_flavor in ${LINUX_FLAVORS}; do
if [ "${LINUX_DIST}" = "${_linux_flavor}" ]; then
LINUX_FLAVOR="${_linux_flavor}"
break
fi
done
fi
if [ -z "${LINUX_FLAVOR}" ]; then
echo "Available Linux flavors:"
echo "${LINUX_FLAVORS}"
exit 1
fi
# Enable debootstrap environment.
${CWDIR}/unionfs.sh unionfs_on
# Bootstrap Linux flavor using bastille.
bastille bootstrap ${_linux_flavor}
# Disable debootstrap environment.
${CWDIR}/unionfs.sh unionfs_off
else
echo "Linux compatibility disabled."
exit 1
fi
exit 0
}
update_debootstrap()
{
# Update debootstrap and dependencies.
if sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
${CWDIR}/unionfs.sh update_debootstrap
else
echo "Linux compatibility disabled."
exit 1
fi
exit 0
}
linux_compat_disable() linux_compat_disable()
{ {
if sysrc -f ${CWDIR}${EXTCONF} -qn LINUX_COMPAT_SUPPORT | grep -q "YES"; then if sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
echo "Disabling Linux jail compatibility support..." echo "Disabling Linux compatibility support..."
sysrc -f ${CWDIR}${EXTCONF} -x LINUX_COMPAT_SUPPORT sysrc -f ${CWDIR}${EXTCONF} -x LINUX_COMPAT_SUPPORT
echo "Done!, server reboot is recommended." ${CWDIR}/unionfs.sh unionfs_off
${CWDIR}/unionfs.sh unload_kmods
if [ -d "${CWDIR}/system/usr" ]; then
echo "Removing debootstrap environment..."
rm -rf ${CWDIR}/system/usr
if [ -d "${CWDIR}/system/var" ]; then
rm -rf ${CWDIR}/system/var
fi
fi
echo "Done!, please reboot server now."
else
echo "Linux compatibility disabled."
exit 1
fi fi
exit 0 exit 0
} }
@@ -1495,7 +1643,14 @@ clean|--clean)
exit 0 exit 0
;; ;;
linux_compat) linux_compat)
linux_compat linux_compat_enable
;;
bootstrap)
LINUX_DIST="${ARG}"
bootstrap_dist
;;
update_debootstrap)
update_debootstrap
;; ;;
linux_compat_disable) linux_compat_disable)
linux_compat_disable linux_compat_disable
@@ -1505,7 +1660,7 @@ bastillebsd_update)
;; ;;
esac esac
while getopts ":ospruxUvgtZh" option; do while getopts "ospruxUvgtZh" option; do
case ${option} in case ${option} in
[h]) echo "Usage: ${SCRIPTNAME} -[option] | [container] | [path]"; [h]) echo "Usage: ${SCRIPTNAME} -[option] | [container] | [path]";
echo "Options:" echo "Options:"
@@ -1539,6 +1694,8 @@ while getopts ":ospruxUvgtZh" option; do
echo "" echo ""
echo "Support:" echo "Support:"
echo "To update BastilleBSD core files only to the latest patches and fixes, please execute: \"${SCRIPTNAME} bastillebsd_update\"" echo "To update BastilleBSD core files only to the latest patches and fixes, please execute: \"${SCRIPTNAME} bastillebsd_update\""
echo "To bootstrap a Linux distribution please execute: \"${SCRIPTNAME} bootstrap linux_flavor\""
echo "To update debootstrap package and dependencies please execute: \"${SCRIPTNAME} update_debootstrap\""
echo ""; exit 0;; echo ""; exit 0;;
[o]) OBI_INSTALL="ON";; # To prevent nested PHP-CGI call for installation with OBI. [o]) OBI_INSTALL="ON";; # To prevent nested PHP-CGI call for installation with OBI.
[s]) bastille_start;; [s]) bastille_start;;
@@ -1548,8 +1705,8 @@ while getopts ":ospruxUvgtZh" option; do
[x]) reset_install;; [x]) reset_install;;
[U]) remove_addon;; [U]) remove_addon;;
[v]) get_versions;; [v]) get_versions;;
[g]) gui_enable; exit 0 ;; # For enable the addon gui. [g]) gui_enable;; # Enable the addon gui.
[t]) gui_disable; exit 0 ;; # For disable the addon gui. [t]) gui_disable;; # Disable the addon gui.
[Z]) zfs_activate;; [Z]) zfs_activate;;
#[L]) linux_compat;; #[L]) linux_compat;;
[?]) echo "Invalid option, -h for usage."; exit 1;; [?]) echo "Invalid option, -h for usage."; exit 1;;

46
gui/bastille_manager-lib.inc
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager-lib.inc bastille_manager-lib.inc
Copyright (c) 2019-2020 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Redistribution and use in source and binary forms, with or without Redistribution and use in source and binary forms, with or without
@@ -70,15 +70,17 @@ $linux_compat_support = exec("/usr/bin/grep 'LINUX_COMPAT_SUPPORT=' $configfile
$jail_settings = "settings.conf"; $jail_settings = "settings.conf";
// Ensure the root directory is configured. // Ensure the root directory is configured.
if ($rootfolder == "") if ($rootfolder == ""):
$input_errors[] = gtext("Extension installed with fault"); $input_errors[] = gtext("Extension installed with fault");
else { else:
// Initialize locales. // Initialize locales.
$textdomain = "/usr/local/share/locale"; $textdomain = "/usr/local/share/locale";
$textdomain_bastille = "/usr/local/share/locale-bastille"; $textdomain_bastille = "/usr/local/share/locale-bastille";
if (!is_link($textdomain_bastille)) { mwexec("ln -s {$rootfolder}/locale-bastille {$textdomain_bastille}", true); } if (!is_link($textdomain_bastille)):
mwexec("ln -s {$rootfolder}/locale-bastille {$textdomain_bastille}", true);
endif;
bindtextdomain("xigmanas", $textdomain_bastille); bindtextdomain("xigmanas", $textdomain_bastille);
} endif;
if (is_file("{$rootfolder}/postinit")) unlink("{$rootfolder}/postinit"); if (is_file("{$rootfolder}/postinit")) unlink("{$rootfolder}/postinit");
// Check releases dir. // Check releases dir.
@@ -90,18 +92,17 @@ function is_dir_empty($reldir) {
// Get bastille version // Get bastille version
function get_version_bastille() { function get_version_bastille() {
global $tarballversion, $prdname; global $tarballversion, $prdname;
if (is_file("{$tarballversion}")) { if (is_file("{$tarballversion}")):
// For some reason bastille bin version value isn't double quoted anymore so we can't use the old delimiter. // For some reason bastille bin version value isn't double quoted anymore so we can't use the old delimiter.
// we will keep the old line for reference. // we will keep the old line for reference.
//exec("/usr/bin/grep 'BASTILLE_VERSION=' {$tarballversion} | cut -d'\"' -f2", $result); //exec("/usr/bin/grep 'BASTILLE_VERSION=' {$tarballversion} | cut -d'\"' -f2", $result);
exec("/usr/bin/grep 'BASTILLE_VERSION=' {$tarballversion} | cut -d'=' -f2", $result); exec("/usr/bin/grep 'BASTILLE_VERSION=' {$tarballversion} | cut -d'=' -f2", $result);
return ($result[0] ?? ''); return ($result[0] ?? '');
} else:
else {
exec("/usr/local/bin/{$prdname} version | awk 'NR==1'", $result); exec("/usr/local/bin/{$prdname} version | awk 'NR==1'", $result);
return ($result[0] ?? ''); return ($result[0] ?? '');
} endif;
} }
// Initial install banner // Initial install banner
@@ -148,7 +149,9 @@ function get_state_zfs() {
function get_all_release_list() { function get_all_release_list() {
global $rootfolder; global $rootfolder;
global $g; global $g;
exec("/bin/echo; /bin/ls {$rootfolder}/releases 2>/dev/null | /usr/bin/tr -s ' ' '\n'",$relinfo); // Don't show Linux base releases under create jail page for now.
#exec("/bin/echo; /bin/ls {$rootfolder}/releases 2>/dev/null | /usr/bin/tr -s ' ' '\n'",$relinfo);
exec("/bin/echo; /bin/ls {$rootfolder}/releases | grep RELEASE 2>/dev/null | /usr/bin/tr -s ' ' '\n'",$relinfo);
array_shift($relinfo); array_shift($relinfo);
$rellist = []; $rellist = [];
foreach($relinfo as $rel): foreach($relinfo as $rel):
@@ -223,6 +226,7 @@ function get_jail_infos() {
if (!$r['id']): if (!$r['id']):
$r['id'] = "-"; $r['id'] = "-";
endif; endif;
// Set the IP address on the running jails using bastille list command instead. // Set the IP address on the running jails using bastille list command instead.
//$r['ip'] = exec("/usr/bin/grep -w 'ip4.addr' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'"); //$r['ip'] = exec("/usr/bin/grep -w 'ip4.addr' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'");
$r['ip'] = exec("/usr/local/bin/bastille list {$item} | awk '{print $7}' | sed 1d"); $r['ip'] = exec("/usr/local/bin/bastille list {$item} | awk '{print $7}' | sed 1d");
@@ -236,11 +240,18 @@ function get_jail_infos() {
if (!$r['ip']): if (!$r['ip']):
$r['ip'] = "-"; $r['ip'] = "-";
endif; endif;
// Display release. // Display release.
$r['rel'] = exec("/usr/sbin/jexec {$item} freebsd-version 2>/dev/null"); $r['rel'] = exec("/usr/sbin/jexec {$item} freebsd-version 2>/dev/null");
if (!$r['rel']): if (!$r['rel']):
$r['rel'] = exec("/usr/sbin/jexec {$item} uname -o 2>/dev/null"); if(is_file("{$jail_dir}/{$item}/root/etc/os-release")):
elseif (!$r['rel']): $r['rel'] = exec("/bin/cat {$jail_dir}/{$item}/root/etc/os-release | grep 'PRETTY_NAME=' | tr -d 'PRETTY_NAME=\"'");
else:
$r['rel'] = exec("/usr/sbin/jexec {$item} uname -o 2>/dev/null");
endif;
endif;
// We can't get release version info or jail stopped.
if (!$r['rel']):
$r['rel'] = "-"; $r['rel'] = "-";
endif; endif;
@@ -269,16 +280,18 @@ function get_jail_infos() {
if (!$r['path']): if (!$r['path']):
$r['path'] = "-"; $r['path'] = "-";
endif; endif;
// Display auto-start settings. // Display auto-start settings.
//$jail_autostart = exec("/usr/bin/grep -w {$item}_AUTO_START $configfile | cut -d'=' -f2 | tr -d '\"'"); //$jail_autostart = exec("/usr/bin/grep -w {$item}_AUTO_START $configfile | cut -d'=' -f2 | tr -d '\"'");
$jail_autostart = exec("/usr/bin/grep -w boot {$jail_dir}/{$item}/settings.conf | cut -d'=' -f2 | tr -d '\"'"); $jail_autostart = exec("/usr/bin/grep -w boot {$jail_dir}/{$item}/settings.conf | cut -d'=' -f2 | tr -d '\"'");
if ($jail_autostart == 'on') { if ($jail_autostart == 'on'):
$r['boot'] = $img_path['ena']; $r['boot'] = $img_path['ena'];
} elseif ($jail_autostart == 'off') { elseif ($jail_autostart == 'off'):
$r['boot'] = $img_path['dis']; $r['boot'] = $img_path['dis'];
} else { else:
$r['boot'] = $img_path['dis']; $r['boot'] = $img_path['dis'];
} endif;
// Display running status icons. // Display running status icons.
$jail_running = exec("/usr/sbin/jls name | /usr/bin/awk '/^{$item}\$/'"); $jail_running = exec("/usr/sbin/jls name | /usr/bin/awk '/^{$item}\$/'");
if ($jail_running): if ($jail_running):
@@ -286,6 +299,7 @@ function get_jail_infos() {
else: else:
$r['stat'] = $img_path['dis']; $r['stat'] = $img_path['dis'];
endif; endif;
// Display custom template icons if available. // Display custom template icons if available.
$template_icon = "{$jail_dir}/{$item}/plugin_icon.png"; $template_icon = "{$jail_dir}/{$item}/plugin_icon.png";
if(file_exists($template_icon)): if(file_exists($template_icon)):

18
gui/bastille_manager_add.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_add.php bastille_manager_add.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).
@@ -59,6 +59,12 @@ if(!get_all_release_list()):
$prerequisites_ok = false; $prerequisites_ok = false;
endif; endif;
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
if($_POST): if($_POST):
global $jail_dir; global $jail_dir;
global $configfile; global $configfile;
@@ -69,6 +75,12 @@ if($_POST):
exit; exit;
endif; endif;
if(isset($_POST['Create']) && $_POST['Create']): if(isset($_POST['Create']) && $_POST['Create']):
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Abort jail creation if invalid ZFS configuration.
$input_errors[] = gtext("Cannot create jail with an invalid ZFS configuration.");
else:
$jname = $pconfig['jailname']; $jname = $pconfig['jailname'];
$ipaddr = $pconfig['ipaddress']; $ipaddr = $pconfig['ipaddress'];
$release = $pconfig['release']; $release = $pconfig['release'];
@@ -142,6 +154,8 @@ if($_POST):
$errormsg .= gtext(" <<< Failed to create container."); $errormsg .= gtext(" <<< Failed to create container.");
endif; endif;
endif; endif;
endif;
endif; endif;
endif; endif;
@@ -316,7 +330,7 @@ $document->render();
endif; endif;
html_checkbox2('emptyjail',gettext('Create an empty container'),!empty($pconfig['emptyjail']) ? true : false,gettext('This are ideal for custom builds, experimenting with unsupported RELEASES or Linux jails.'),'',false,false,'emptyjail_change()'); html_checkbox2('emptyjail',gettext('Create an empty container'),!empty($pconfig['emptyjail']) ? true : false,gettext('This are ideal for custom builds, experimenting with unsupported RELEASES or Linux jails.'),'',false,false,'emptyjail_change()');
if($linux_compat_support == "YES"): if($linux_compat_support == "YES"):
html_checkbox2('linuxjail',gettext('Create a Linux container'),!empty($pconfig['linuxjail']) ? true : false,gettext('This will create a Linux container, this is highly experimental and for testing purposes.'),'',false,false,'linuxjail_change()'); //html_checkbox2('linuxjail',gettext('Create a Linux container'),!empty($pconfig['linuxjail']) ? true : false,gettext('This will create a Linux container, this is highly experimental and for testing purposes.'),'',false,false,'linuxjail_change()');
endif; endif;
endif; endif;
//html_checkbox2('nowstart',gettext('Start after creation'),!empty($pconfig['nowstart']) ? true : false,gettext('Start the container after creation(May be overridden by later bastille releases).'),'',false); //html_checkbox2('nowstart',gettext('Start after creation'),!empty($pconfig['nowstart']) ? true : false,gettext('Start the container after creation(May be overridden by later bastille releases).'),'',false);

8
gui/bastille_manager_config.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_config.php bastille_manager_config.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Copyright (c) 2018 Andreas Schmidhuber Copyright (c) 2018 Andreas Schmidhuber
@@ -64,6 +64,12 @@ if(!initial_install_banner()):
$prerequisites_ok = false; $prerequisites_ok = false;
endif; endif;
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
function htmlInput($name, $title, $value="", $size=80) { function htmlInput($name, $title, $value="", $size=80) {
$result = "<input name='{$name}' size='{$size}' title='{$title}' placeholder='{$title}' value='{$value}' />"; $result = "<input name='{$name}' size='{$size}' title='{$title}' placeholder='{$title}' value='{$value}' />";
return $result; return $result;

2
gui/bastille_manager_editor.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_editor.php bastille_manager_editor.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).

33
gui/bastille_manager_gui.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_gui.php bastille_manager_gui.php
Copyright (c) 2019-2020 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).
@@ -53,11 +53,13 @@ $gt_record_mod = gtext('Utilities');
$gt_selection_start = gtext('Start Selected'); $gt_selection_start = gtext('Start Selected');
$gt_selection_stop = gtext('Stop Selected'); $gt_selection_stop = gtext('Stop Selected');
$gt_selection_restart = gtext('Restart Selected'); $gt_selection_restart = gtext('Restart Selected');
$gt_selection_autoboot = gtext('Auto-boot Selected');
$gt_record_conf = gtext('Jail Configuration'); $gt_record_conf = gtext('Jail Configuration');
$gt_record_inf = gtext('Information'); $gt_record_inf = gtext('Information');
$gt_selection_start_confirm = gtext('Do you really want to start selected jail(s)?'); $gt_selection_start_confirm = gtext('Do you really want to start selected jail(s)?');
$gt_selection_stop_confirm = gtext('Do you want to stop the selected jail(s)?'); $gt_selection_stop_confirm = gtext('Do you want to stop the selected jail(s)?');
$gt_selection_restart_confirm = gtext('Do you want to restart the selected jail(s)?'); $gt_selection_restart_confirm = gtext('Do you want to restart the selected jail(s)?');
$gt_selection_autoboot_confirm = gtext('Do you want to set auto-boot on selected jail(s)?');
$img_path = [ $img_path = [
'add' => 'images/add.png', 'add' => 'images/add.png',
'mod' => 'images/edit.png', 'mod' => 'images/edit.png',
@@ -90,6 +92,12 @@ if(!initial_install_banner()):
$prerequisites_ok = false; $prerequisites_ok = false;
endif; endif;
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
if($_POST): if($_POST):
if(isset($_POST['apply']) && $_POST['apply']): if(isset($_POST['apply']) && $_POST['apply']):
$ret = array('output' => [], 'retval' => 0); $ret = array('output' => [], 'retval' => 0);
@@ -159,6 +167,24 @@ if($_POST):
endif; endif;
endforeach; endforeach;
endif; endif;
if(isset($_POST['autoboot_selected_jail']) && $_POST['autoboot_selected_jail']):
$checkbox_member_array = isset($_POST[$checkbox_member_name]) ? $_POST[$checkbox_member_name] : [];
foreach($checkbox_member_array as $checkbox_member_record):
if(false !== ($index = array_search_ex($checkbox_member_record, $sphere_array, 'jailname'))):
if(!isset($sphere_array[$index]['protected'])):
$cmd = ("/usr/local/bin/bastille config {$checkbox_member_record} set boot on");
$return_val = mwexec($cmd);
if($return_val == 0):
//$savemsg .= gtext("Jail(s) restarted successfully.");
header($sphere_header);
else:
$errormsg .= gtext("Failed to restart jail(s).");
endif;
endif;
endif;
endforeach;
endif;
endif; endif;
$pgtitle = [gtext("Extensions"), gtext('Bastille')]; $pgtitle = [gtext("Extensions"), gtext('Bastille')];
@@ -177,6 +203,9 @@ $(window).on("load", function() {
$("#restart_selected_jail").click(function () { $("#restart_selected_jail").click(function () {
return confirm('<?=$gt_selection_restart_confirm;?>'); return confirm('<?=$gt_selection_restart_confirm;?>');
}); });
$("#autoboot_selected_jail").click(function () {
return confirm('<?=$gt_selection_restart_confirm;?>');
});
// Disable action buttons. // Disable action buttons.
disableactionbuttons(true); disableactionbuttons(true);
@@ -192,6 +221,7 @@ function disableactionbuttons(ab_disable) {
$("#start_selected_jail").prop("disabled", ab_disable); $("#start_selected_jail").prop("disabled", ab_disable);
$("#stop_selected_jail").prop("disabled", ab_disable); $("#stop_selected_jail").prop("disabled", ab_disable);
$("#restart_selected_jail").prop("disabled", ab_disable); $("#restart_selected_jail").prop("disabled", ab_disable);
$("#autoboot_selected_jail").prop("disabled", ab_disable);
} }
function controlactionbuttons(ego, triggerbyname) { function controlactionbuttons(ego, triggerbyname) {
@@ -362,6 +392,7 @@ $document->render();
<input name="start_selected_jail" id="start_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_start;?>"/> <input name="start_selected_jail" id="start_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_start;?>"/>
<input name="stop_selected_jail" id="stop_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_stop;?>"/> <input name="stop_selected_jail" id="stop_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_stop;?>"/>
<input name="restart_selected_jail" id="restart_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_restart;?>"/> <input name="restart_selected_jail" id="restart_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_restart;?>"/>
<input name="autoboot_selected_jail" id="autoboot_selected_jail" type="submit" class="formbtn" value="<?=$gt_selection_autoboot;?>"/>
</div> </div>
<?php <?php
include 'formend.inc'; include 'formend.inc';

8
gui/bastille_manager_info.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_info.php bastille_manager_info.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).
@@ -39,6 +39,12 @@ require_once 'auth.inc';
require_once 'guiconfig.inc'; require_once 'guiconfig.inc';
require_once("bastille_manager-lib.inc"); require_once("bastille_manager-lib.inc");
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
function jls_get_jail_list(string $entity_name = NULL) { function jls_get_jail_list(string $entity_name = NULL) {
if(isset($entity_name)): if(isset($entity_name)):
$cmd = "/usr/sbin/jls -v -j $entity_name 2>&1"; $cmd = "/usr/sbin/jls -v -j $entity_name 2>&1";

8
gui/bastille_manager_jconf.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_jconf.inc bastille_manager_jconf.inc
Copyright (c) 2020 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Redistribution and use in source and binary forms, with or without Redistribution and use in source and binary forms, with or without
@@ -34,6 +34,12 @@ require_once 'auth.inc';
require_once 'guiconfig.inc'; require_once 'guiconfig.inc';
require_once("bastille_manager-lib.inc"); require_once("bastille_manager-lib.inc");
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
if (isset($_GET['uuid'])) if (isset($_GET['uuid']))
$uuid = $_GET['uuid']; $uuid = $_GET['uuid'];
if (isset($_POST['uuid'])) if (isset($_POST['uuid']))

12
gui/bastille_manager_maintenance.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_maintenance.php bastille_manager_maintenance.php
Copyright (c) 2019-2020 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Copyright (c) 2016 Andreas Schmidhuber Copyright (c) 2016 Andreas Schmidhuber
@@ -54,6 +54,12 @@ if(!initial_install_banner()):
$prerequisites_ok = false; $prerequisites_ok = false;
endif; endif;
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
// For legacy product versions. // For legacy product versions.
$legacy_check = mwexec("/bin/cat /etc/prd.version | cut -d'.' -f1 | /usr/bin/grep '10'", true); $legacy_check = mwexec("/bin/cat /etc/prd.version | cut -d'.' -f1 | /usr/bin/grep '10'", true);
if ($legacy_check == 0) { if ($legacy_check == 0) {
@@ -120,8 +126,8 @@ if ($_POST) {
$uninstall_cmd = "echo 'y' | /usr/local/sbin/bastille-init -U"; $uninstall_cmd = "echo 'y' | /usr/local/sbin/bastille-init -U";
mwexec($uninstall_cmd, true); mwexec($uninstall_cmd, true);
if (is_link("/usr/local/share/{$prdname}")) mwexec("rm /usr/local/share/{$prdname}", true); if (is_link("/usr/local/share/{$prdname}")) mwexec("rm /usr/local/share/{$prdname}", true);
if (is_link("/var/cache/pkg")) mwexec("rm /var/cache/pkg", true); //if (is_link("/var/cache/pkg")) mwexec("rm /var/cache/pkg", true);
if (is_link("/var/db/pkg")) mwexec("rm /var/db/pkg && mkdir /var/db/pkg", true); //if (is_link("/var/db/pkg")) mwexec("rm /var/db/pkg && mkdir /var/db/pkg", true);
// Remove start postinit cmd in later product versions. // Remove start postinit cmd in later product versions.
if (is_array($config['rc']) && is_array($config['rc']['param'])) { if (is_array($config['rc']) && is_array($config['rc']['param'])) {

67
gui/bastille_manager_tarballs.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_tarballs.php bastille_manager_tarballs.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).
@@ -67,6 +67,13 @@ function get_rel_list() {
endif; endif;
return $result; return $result;
} }
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
$rel_list = get_rel_list(); $rel_list = get_rel_list();
$sphere_array = $rel_list; $sphere_array = $rel_list;
@@ -76,26 +83,17 @@ if ($linux_compat_support == "YES"):
'14.2-RELEASE' => gettext('14.2-RELEASE'), '14.2-RELEASE' => gettext('14.2-RELEASE'),
'14.1-RELEASE' => gettext('14.1-RELEASE'), '14.1-RELEASE' => gettext('14.1-RELEASE'),
'14.0-RELEASE' => gettext('14.0-RELEASE'), '14.0-RELEASE' => gettext('14.0-RELEASE'),
'13.5-RELEASE' => gettext('13.4-RELEASE'),
'13.4-RELEASE' => gettext('13.4-RELEASE'), '13.4-RELEASE' => gettext('13.4-RELEASE'),
'13.3-RELEASE' => gettext('13.3-RELEASE'), // Linux base release bootstrap is allowed from command-line.
'13.2-RELEASE' => gettext('13.2-RELEASE'), //'ubuntu-jammy' => gettext('Ubuntu-noble'),
'13.1-RELEASE' => gettext('13.1-RELEASE'), //'ubuntu-jammy' => gettext('Ubuntu-Jammy'),
'13.0-RELEASE' => gettext('13.0-RELEASE'), //'ubuntu-focal' => gettext('Ubuntu-Focal'),
'12.4-RELEASE' => gettext('12.4-RELEASE'), //'ubuntu-bionic' => gettext('Ubuntu-Bionic'),
'12.3-RELEASE' => gettext('12.3-RELEASE'), //'debian-bookworm' => gettext('Debian-Bookworm'),
'12.2-RELEASE' => gettext('12.2-RELEASE'), //'debian-bullseye' => gettext('Debian-Bullseye'),
'12.1-RELEASE' => gettext('12.1-RELEASE'), //'debian-buster' => gettext('Debian-Buster'),
'12.0-RELEASE' => gettext('12.0-RELEASE'), //'debian-stretch' => gettext('Debian-Stretch'),
'11.4-RELEASE' => gettext('11.4-RELEASE'),
'11.3-RELEASE' => gettext('11.3-RELEASE'),
'11.2-RELEASE' => gettext('11.2-RELEASE'),
'ubuntu-jammy' => gettext('Ubuntu-Jammy'),
'ubuntu-focal' => gettext('Ubuntu-Focal'),
'ubuntu-bionic' => gettext('Ubuntu-Bionic'),
'debian-bookworm' => gettext('Debian-Bookworm'),
'debian-bullseye' => gettext('Debian-Bullseye'),
'debian-buster' => gettext('Debian-Buster'),
//'debian-stretch' => gettext('Debian-Stretch'), -> Obsolete, removed from bastille boostrap.
]; ];
else: else:
$a_action = [ $a_action = [
@@ -103,19 +101,8 @@ else:
'14.2-RELEASE' => gettext('14.2-RELEASE'), '14.2-RELEASE' => gettext('14.2-RELEASE'),
'14.1-RELEASE' => gettext('14.1-RELEASE'), '14.1-RELEASE' => gettext('14.1-RELEASE'),
'14.0-RELEASE' => gettext('14.0-RELEASE'), '14.0-RELEASE' => gettext('14.0-RELEASE'),
'13.5-RELEASE' => gettext('13.4-RELEASE'),
'13.4-RELEASE' => gettext('13.4-RELEASE'), '13.4-RELEASE' => gettext('13.4-RELEASE'),
'13.3-RELEASE' => gettext('13.3-RELEASE'),
'13.2-RELEASE' => gettext('13.2-RELEASE'),
'13.1-RELEASE' => gettext('13.1-RELEASE'),
'13.0-RELEASE' => gettext('13.0-RELEASE'),
'12.4-RELEASE' => gettext('12.4-RELEASE'),
'12.3-RELEASE' => gettext('12.3-RELEASE'),
'12.2-RELEASE' => gettext('12.2-RELEASE'),
'12.1-RELEASE' => gettext('12.1-RELEASE'),
'12.0-RELEASE' => gettext('12.0-RELEASE'),
'11.4-RELEASE' => gettext('11.4-RELEASE'),
'11.3-RELEASE' => gettext('11.3-RELEASE'),
'11.2-RELEASE' => gettext('11.2-RELEASE'),
]; ];
endif; endif;
@@ -137,6 +124,7 @@ if($_POST):
$check_release = ("{$rootfolder}/releases/{$get_release}"); $check_release = ("{$rootfolder}/releases/{$get_release}");
$cmd = sprintf('/bin/echo "Y" | /usr/local/bin/bastille bootstrap %1$s > %2$s',$get_release,$logevent); $cmd = sprintf('/bin/echo "Y" | /usr/local/bin/bastille bootstrap %1$s > %2$s',$get_release,$logevent);
$base_mandatory = "base"; $base_mandatory = "base";
$zfs_status = get_state_zfs();
//unset($lib32,$ports,$src); //unset($lib32,$ports,$src);
if (isset($_POST['lib32'])): if (isset($_POST['lib32'])):
@@ -150,12 +138,12 @@ if($_POST):
endif; endif;
$opt_tarballs = "$lib32 $ports $src"; $opt_tarballs = "$lib32 $ports $src";
// FreeBSD base release check. // Download a FreeBSD base release.
//if(file_exists($check_release)): if ($_POST['Download']):
// $savemsg .= sprintf(gtext('%s base appears to be already extracted.'),$get_release); if($zfs_status == "Invalid ZFS configuration"):
//else: // Abort bootstrap if invalid ZFS configuration.
// Download a FreeBSD base release. $input_errors[] = gtext("Cannot bootstrap with an invalid ZFS configuration.");
if ($_POST['Download']): else:
$savemsg = ""; $savemsg = "";
$errormsg = ""; $errormsg = "";
if ($opt_tarballs): if ($opt_tarballs):
@@ -179,8 +167,9 @@ if($_POST):
else: else:
$errormsg .= sprintf(gtext('%s Failed to download and/or extract release base.'),$get_release); $errormsg .= sprintf(gtext('%s Failed to download and/or extract release base.'),$get_release);
endif; endif;
endif; endif;
//endif; endif;
endif; endif;
if (isset($_POST['Destroy']) && $_POST['Destroy']): if (isset($_POST['Destroy']) && $_POST['Destroy']):

8
gui/bastille_manager_util.php
View File

@@ -2,7 +2,7 @@
/* /*
bastille_manager_util.php bastille_manager_util.php
Copyright (c) 2019 José Rivera (joserprg@gmail.com). Copyright (c) 2019-2025 Jose Rivera (joserprg@gmail.com).
All rights reserved. All rights reserved.
Portions of XigmaNAS® (https://www.xigmanas.com). Portions of XigmaNAS® (https://www.xigmanas.com).
@@ -39,6 +39,12 @@ require_once 'auth.inc';
require_once 'guiconfig.inc'; require_once 'guiconfig.inc';
require_once("bastille_manager-lib.inc"); require_once("bastille_manager-lib.inc");
$zfs_status = get_state_zfs();
if($zfs_status == "Invalid ZFS configuration"):
// Warning if invalid ZFS configuration.
$input_errors[] = gtext("WARNING: Invalid ZFS configuration detected.");
endif;
if(isset($_GET['uuid'])): if(isset($_GET['uuid'])):
$uuid = $_GET['uuid']; $uuid = $_GET['uuid'];
endif; endif;

130
unionfs.sh Executable file → Normal file
View File

@@ -10,7 +10,7 @@
# Debug script # Debug script
#set -x #set -x
# Copyright (c) 2019-2024, José Rivera (joserprg@gmail.com). # Copyright (c) 2019-2025, Jose Rivera (joserprg@gmail.com).
# All rights reserved. # All rights reserved.
# Redistribution and use in source and binary forms, with or without # Redistribution and use in source and binary forms, with or without
@@ -51,20 +51,8 @@ error_notify() {
# Log/notify message on error and exit. # Log/notify message on error and exit.
MSG="${*}" MSG="${*}"
logger -t "${SCRIPTNAME}" "${MSG}" logger -t "${SCRIPTNAME}" "${MSG}"
echo -e "${MSG}" >&2; exit 1 echo -e "${MSG}" >&2
} exit 1
platform_check()
{
# Check for working platform.
if [ "${PRDPLATFORM}" = "x64-embedded" ]; then
pkg_symlink
else
if [ -d "/var/cache/pkg" ]; then
echo "Cleaning the pkg cache."
pkg clean -y -a
fi
fi
} }
load_kmods() { load_kmods() {
@@ -79,7 +67,7 @@ load_kmods() {
# Skip already loaded known modules. # Skip already loaded known modules.
for _req_kmod in ${required_mods}; do for _req_kmod in ${required_mods}; do
if ! sysrc -f /boot/loader.conf -qn ${_req_kmod}_load=YES | grep -q "YES"; then if ! sysrc -f /boot/loader.conf -qc ${_req_kmod}_load=YES; then
sysrc -f /boot/loader.conf ${_req_kmod}_load=YES sysrc -f /boot/loader.conf ${_req_kmod}_load=YES
fi fi
if ! kldstat -m ${_req_kmod} >/dev/null 2>&1; then if ! kldstat -m ${_req_kmod} >/dev/null 2>&1; then
@@ -95,66 +83,45 @@ load_kmods() {
kldload -v ${_lin_kmod} kldload -v ${_lin_kmod}
fi fi
done done
if ! sysrc -qn linux_enable=YES | grep -q "YES"; then if ! sysrc -qc linux_enable=YES; then
sysrc linux_enable=YES sysrc linux_enable=YES
fi fi
} }
pkg_symlink() { unload_kmods() {
if ! sysrc -f ${CWDIR}${EXTCONF} -qn LINUX_COMPAT_SUPPORT | grep -q "YES"; then required_mods="fdescfs linprocfs linsysfs tmpfs"
echo "Creating pkg environment for embedded platforms." linuxarc_mods="linux linux64"
if [ -d "/var/cache/pkg" ]; then for _req_kmod in ${required_mods}; do
if [ ! -L "/var/cache/pkg" ]; then if sysrc -f /boot/loader.conf -qc ${_req_kmod}_load=YES; then
rm -R /var/cache/pkg echo "Unset kernel module: ${_req_kmod}"
mkdir -p ${CWDIR}/system/cache/pkg sysrc -f /boot/loader.conf -x ${_req_kmod}_load
ln -vFs ${CWDIR}/system/cache/pkg /var/cache/pkg
fi
else
mkdir -m 0755 -p /var/cache
mkdir -p ${CWDIR}/system/cache/pkg
ln -vFs ${CWDIR}/system/cache/pkg /var/cache/pkg
fi fi
done
if [ -d "/var/db/pkg" ]; then if sysrc -qc linux_enable=YES; then
if [ ! -L "/var/db/pkg" ]; then echo "Unset linux_enable"
rm -R /var/db/pkg sysrc -x linux_enable
mkdir -p ${CWDIR}/system/pkg/db
ln -vFs ${CWDIR}/system/pkg/db /var/db/pkg
fi
else
mkdir -p ${CWDIR}/system/pkg/db
ln -vFs ${CWDIR}/system/pkg/db /var/db/pkg
fi
fi fi
} }
fetch_pkg() { fetch_pkg() {
if ! sysrc -f ${CWDIR}${EXTCONF} -qn LINUX_COMPAT_SUPPORT | grep -q "YES"; then echo "Fetching required packages."
echo "Fetching required packages." # Fetch deboostrap and dependency packages.
pkg fetch -y -d -o ${CWDIR}/system/ debootstrap || error_notify "Error while fetching packages, exiting."
# Skip existing packages/ports bundled with XigmaNAS. extract_pkg
#PKGLIST="#bash #ca_root_nss debootstrap #gettext-runtime glib gmp gnugrep gnugpg gnutls #indexinfo libassuan #libedit #libffi libgcrypt libgpg-error #libiconv libidn2 libksba libtasn1 libunistring libxml2 mpdecimal nettle npth p11-kit #pcre perl5 pinentry pinentry-curses #python38 #readline #sqlite3 tpm-emulator #trousers ubuntu-keyring wget" }
PKGLIST="debootstrap glib gmp gnugrep gnupg gnutls libassuan libgcrypt libgpg-error libidn2 libksba libtasn1 libunistring libxml2 mpdecimal nettle npth p11-kit perl5 pinentry pinentry-curses tpm-emulator ubuntu-keyring wget"
for pkg in ${PKGLIST}; do fetch_debootstrap() {
pkg fetch -y "${pkg}" || error_notify "Error while fetching required [${pkg}] package, exiting." if ! sysrc -f ${CWDIR}${EXTCONF} -qc LINUX_COMPAT_SUPPORT=YES; then
done fetch_pkg
extract_pkg
fi fi
} }
extract_pkg() { extract_pkg() {
echo "Extracting required packages." echo "Extracting required packages."
FILELIST=$(find "${CWDIR}/system/All" -type f)
if [ "${PRDPLATFORM}" = "x64-embedded" ]; then
FILELIST=$(find "${CWDIR}/system/cache/pkg" -type f)
LINKLIST=$(find "${CWDIR}/system/cache/pkg" -type l)
else
FILELIST=$(find "/var/cache/pkg" -type f)
LINKLIST=$(find "/var/cache/pkg" -type l)
fi
for item in ${FILELIST}; do for item in ${FILELIST}; do
if [ -f "${item}" ]; then if [ -f "${item}" ]; then
@@ -163,59 +130,68 @@ extract_pkg() {
fi fi
done done
# Clean leftovers pkg symlinks if [ -d "${CWDIR}/system/All" ]; then
if [ "${PRDPLATFORM}" = "x64-embedded" ]; then rm -r ${CWDIR}/system/All
for item in ${LINKLIST}; do
if [ -L "${item}" ]; then
rm -rf ${item}
fi
done
else
echo "Cleaning the pkg cache."
pkg clean -y -a
fi fi
if [ ! -d "${CWDIR}/templates" ]; then if [ ! -d "${CWDIR}/templates" ]; then
mkdir -p ${CWDIR}/templates mkdir -p ${CWDIR}/templates
fi fi
if [ ! -d "${CWDIR}/system/var/run" ]; then
mkdir -p ${CWDIR}/system/var/run
fi
echo "Done."
} }
unionfs_on() { unionfs_on() {
if ! df | grep -q "${CWDIR}/system/usr/local"; then if ! df | grep -q "${CWDIR}/system/usr/local"; then
echo "Enabling UnionFS mount for ${CWDIR}/system/usr/local." echo "Enabling UnionFS for ${CWDIR}/system/usr/local."
mount_unionfs -o below ${CWDIR}/system/usr/local /usr/local mount_unionfs -o above ${CWDIR}/system/usr/local /usr/local
fi fi
if ! df | grep -q "${CWDIR}/system/var/run"; then if ! df | grep -q "${CWDIR}/system/var/run"; then
echo "Enabling UnionFS mount for ${CWDIR}/system/var/run." echo "Enabling UnionFS for ${CWDIR}/system/var/run."
mount_unionfs -o below ${CWDIR}/system/var/run /var/run mount_unionfs -o avobe ${CWDIR}/system/var/run /var/run
fi fi
} }
unionfs_off() { unionfs_off() {
if df | grep -q "${CWDIR}/system/usr/local"; then if df | grep -q "${CWDIR}/system/usr/local"; then
echo "Disabling UnionFS mounts for ${CWDIR}/system/usr/local." echo "Disabling UnionFS for ${CWDIR}/system/usr/local."
umount -f /usr/local umount -f /usr/local
fi fi
if df | grep -q "${CWDIR}/system/var/run"; then if df | grep -q "${CWDIR}/system/var/run"; then
echo "Disabling UnionFS mounts for ${CWDIR}/system/var/run." echo "Disabling UnionFS for ${CWDIR}/system/var/run."
umount -f /var/run umount -f /var/run
fi fi
} }
update_debootstrap() {
echo "Updating debootstrap..."
unionfs_off
fetch_pkg
}
case "${1}" in case "${1}" in
fetch_pkg) fetch_debootstrap)
platform_check fetch_debootstrap
fetch_pkg
;; ;;
load_kmods) load_kmods)
load_kmods load_kmods
;; ;;
unload_kmods)
unload_kmods
;;
unionfs_on) unionfs_on)
unionfs_on unionfs_on
;; ;;
unionfs_off) unionfs_off)
unionfs_off unionfs_off
;; ;;
update_debootstrap)
update_debootstrap
;;
esac esac

2
version
View File

@@ -1 +1 @@
1.1.53 1.2.00