ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

simple jails are now initialised from /dev/zero

Browse Source
This commit is contained in:
erdgeist 2006-05-15 20:15:18 +00:00
parent 43f3679ff5
commit 26564f8758
1 changed files with 7 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
ezjail-admin
View File

@ -162,7 +162,7 @@ case "$1" in
######################## ezjail-admin CREATE ######################## ######################## ezjail-admin CREATE ########################
create) create)
# Clean variables, prevent polution # Clean variables, prevent polution
unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking ezjail_sourcedevice
shift; while getopts :f:r:s:xbic:C: arg; do case ${arg} in shift; while getopts :f:r:s:xbic:C: arg; do case ${arg} in
x) ezjail_exists="YES";; x) ezjail_exists="YES";;
r) ezjail_rootdir="${OPTARG}";; r) ezjail_rootdir="${OPTARG}";;
@ -250,6 +250,10 @@ create)
# Location of our image file # Location of our image file
ezjail_image=${ezjail_image}.img ezjail_image=${ezjail_image}.img
# Prepare crypto jail so that an attacker cannot guess which blocks
# have been written
case ${ezjail_imagetype} in crypto|bde|eli) ezjail_sourcedevice=/dev/random;; simple) ezjail_sourcedevice=/dev/zero;; esac
# If NOT exist, create image # If NOT exist, create image
if [ -z "${ezjail_exists}" ]; then if [ -z "${ezjail_exists}" ]; then
[ -e "${ezjail_image}" ] && exerr "Error: a file exists at the location ${ezjail_image}, preventing our own image file to be created." [ -e "${ezjail_image}" ] && exerr "Error: a file exists at the location ${ezjail_image}, preventing our own image file to be created."
@ -257,10 +261,10 @@ create)
# Now create jail disc image # Now create jail disc image
touch "${ezjail_image}" touch "${ezjail_image}"
if [ "${ezjail_imageblockcount}" -gt 0 ]; then if [ "${ezjail_imageblockcount}" -gt 0 ]; then
dd if=/dev/random of="${ezjail_image}" bs=1m count=${ezjail_imageblockcount} || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}." dd if=${ezjail_sourcedevice} of="${ezjail_image}" bs=1m count=${ezjail_imageblockcount} || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}."
fi fi
if [ "${ezjail_imagerestbytes}" -gt 0 ]; then if [ "${ezjail_imagerestbytes}" -gt 0 ]; then
( dd if=/dev/random bs=${ezjail_imagerestbytes} count=1 >> "${ezjail_image}" ) || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}." ( dd if=${ezjail_sourcedevice} bs=${ezjail_imagerestbytes} count=1 >> "${ezjail_image}" ) || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${ezjail_image}. The image size provided was ${ezjail_imagesize}."
fi fi
# And attach device # And attach device