ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

attaching and detaching image jails now works.

Browse Source
This commit is contained in:
erdgeist 2006-05-09 02:00:04 +00:00
parent 7df9c70879
commit 6cdc848308
2 changed files with 48 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
ezjail-admin
View File

@ -49,7 +49,7 @@ exerr () { echo -e "$*" >&2 ; exit 1; }
# define detach strategy for image jails # define detach strategy for image jails
detach_images () { detach_images () {
# unmount and detach memory disc # unmount and detach memory disc
if [ "${ezjail_imagedevice}" ]; then if [ -n "${ezjail_imagedevice}" ]; then
umount ${ezjail_rootdir} > /dev/null umount ${ezjail_rootdir} > /dev/null
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;; bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;;
@ -67,7 +67,7 @@ fetchjailinfo () {
ezjail_name=$1 ezjail_name=$1
# Clean variables, prevent polution # Clean variables, prevent polution
unset ezjail_config ezjail_running ezjail_hostname ezjail_rootdir ezjail_image ezjail_imagetype ezjail_ip ezjail_id unset ezjail_config ezjail_running ezjail_hostname ezjail_rootdir ezjail_image ezjail_imagetype ezjail_ip ezjail_id ezjail_attached ezjail_device
ezjail_safename=`echo -n "${ezjail_name}" | tr -c [:alnum:] _` ezjail_safename=`echo -n "${ezjail_name}" | tr -c [:alnum:] _`
@ -87,6 +87,13 @@ fetchjailinfo () {
eval ezjail_passphraseurl=\"\$jail_${ezjail_safename}_passphraseurl\" eval ezjail_passphraseurl=\"\$jail_${ezjail_safename}_passphraseurl\"
ezjail_softlink=${ezjail_jaildir}/`basename -- ${ezjail_rootdir}` ezjail_softlink=${ezjail_jaildir}/`basename -- ${ezjail_rootdir}`
if [ -n "${ezjail_image}" -a -L "${ezjail_rootdir}.device" ]; then
# Fetch destination of soft link
ezjail_device=`stat -f "%Y" ${ezjail_rootdir}.device`
[ -e "${ezjail_device}" ] && ezjail_attached="YES"
fi
[ -f /var/run/jail_${ezjail_safename}.id ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return [ -f /var/run/jail_${ezjail_safename}.id ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return
jls | grep -q -E "^ +${ezjail_id} " || unset ezjail_id jls | grep -q -E "^ +${ezjail_id} " || unset ezjail_id
} }
@ -390,10 +397,13 @@ delete)
fetchjailinfo $1 fetchjailinfo $1
# check for existence of jail in our records # check for existence of jail in our records
[ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}." [ -n "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
# if jail is still running, refuse to go any further # if jail is still running, refuse to go any further
[ "${ezjail_id}" ] && exerr "Error: Jail appears to be still running, stop it first." [ -n "${ezjail_id}" ] && exerr "Error: Jail appears to be still running, stop it first."
# if jail is attached, refuse to go any further
[ -n "${ezjail_attached}" ] && exerr "Error: Jail image file ${ezjail_image} is attached as ${ezjail_device}. '`basename -- $0` config -i detach' it first."
# now we know everything we need to let the jail be gone remove entry # now we know everything we need to let the jail be gone remove entry
# from ezjail resource structure, delete fstab.JAILNAME # from ezjail resource structure, delete fstab.JAILNAME
@ -420,7 +430,11 @@ list)
for ezjail in ${ezjail_list}; do for ezjail in ${ezjail_list}; do
fetchjailinfo ${ezjail%.norun} fetchjailinfo ${ezjail%.norun}
case ${ezjail_imagetype} in simple) ezjail_state="I";; bde) ezjail_state="B";; eli) ezjail_state="E";; *) ezjail_state="D";; esac case ${ezjail_imagetype} in simple) ezjail_state="I";; bde) ezjail_state="B";; eli) ezjail_state="E";; *) ezjail_state="D";; esac
[ "${ezjail_id}" ] && ezjail_state=${ezjail_state}R || ezjail_state=${ezjail_state}S if [ "${ezjail_id}" ]; then
ezjail_state=${ezjail_state}R
else
[ -n "${ezjail_attached}" ] && ezjail_state=${ezjail_state}A || ezjail_state=${ezjail_state}S
fi
[ "${ezjail_safename}" != "${ezjail}" ] && ezjail_state=${ezjail_state}N [ "${ezjail_safename}" != "${ezjail}" ] && ezjail_state=${ezjail_state}N
printf "%-3s %-5s %-15s %-28s %s\\n" "${ezjail_state}" "${ezjail_id:-N/A}" "${ezjail_ip}" "${ezjail_hostname}" "${ezjail_rootdir}" printf "%-3s %-5s %-15s %-28s %s\\n" "${ezjail_state}" "${ezjail_id:-N/A}" "${ezjail_ip}" "${ezjail_hostname}" "${ezjail_rootdir}"
@ -550,7 +564,7 @@ config)
# Clean variables, prevent polution # Clean variables, prevent polution
unset ezjail_setrunnable ezjail_imageaction unset ezjail_setrunnable ezjail_imageaction
shift; while getopts :r: arg; do case ${arg} in shift; while getopts :r:i: arg; do case ${arg} in
i) ezjail_imageaction=${OPTARG};; i) ezjail_imageaction=${OPTARG};;
r) ezjail_setrunnable=${OPTARG};; r) ezjail_setrunnable=${OPTARG};;
?) exerr ${ezjail_usage_config};; ?) exerr ${ezjail_usage_config};;
@ -570,20 +584,15 @@ config)
case ${ezjail_setrunnable} in case ${ezjail_setrunnable} in
run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun};; run) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv ${ezjail_config} ${ezjail_config%.norun};;
norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun ;; norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv ${ezjail_config} ${ezjail_config}.norun ;;
*) echo "Warning: Unknow runnable option specified.";;
esac esac
[ -n "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail." [ -n "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail."
case ${ezjail_imageaction} in case "${ezjail_imageaction}" in
attach) attach)
# Check, if image already attached # Check, if image already attached
if [ -L "${ezjail_root}.device" ]; then [ -n "${ezjail_attached}" ] && exerr "Error: Jail image file ${ezjail_image} already attached as ${ezjail_device}."
# Fetch destination of soft link rm -f ${ezjail_rootdir}.device
ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
[ -b "${ezjail_device}" ] && exerr "Error: Jail image file ${ezjail_name} already attached as ${ezjail_device}."
rm -f ${ezjail_root}.device
fi
# Create a memory disc from jail image # Create a memory disc from jail image
ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` || exerr "Error: Could not attach memory disc." ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` || exerr "Error: Could not attach memory disc."
@ -600,7 +609,7 @@ config)
;; ;;
eli) eli)
echo "Attaching eli device for image jail ${ezjail}..." echo "Attaching eli device for image jail ${ezjail}..."
echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh echo geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice} | /bin/sh
[ $? -eq 0 ] || detach_images keep || exerr "Error: Attaching eli device failed." [ $? -eq 0 ] || detach_images keep || exerr "Error: Attaching eli device failed."
# Device to mount is not md anymore # Device to mount is not md anymore
ezjail_device=${ezjail_imagedevice}.eli ezjail_device=${ezjail_imagedevice}.eli
@ -609,18 +618,14 @@ config)
mount /dev/${ezjail_device} ${ezjail_rootdir} || detach_images keep || exerr "Error: Could not mount /dev/${ezjail_device} to ${ezjail_root}." mount /dev/${ezjail_device} ${ezjail_rootdir} || detach_images keep || exerr "Error: Could not mount /dev/${ezjail_device} to ${ezjail_root}."
# relink image device # relink image device
ln -s /dev/${ezjail_device} ${ezjail_root}.device ln -s /dev/${ezjail_device} ${ezjail_rootdir}.device
;; ;;
detach) detach)
# Check, if image really attached or running
[ -n "${ezjail_id}" ] && exerr "Error: Jail ${ezjail_name} still running. Can not detach." [ -n "${ezjail_id}" ] && exerr "Error: Jail ${ezjail_name} still running. Can not detach."
[ -n "${ezjail_attached}" ] || exerr "Error: Jail image file ${ezjail_name} is not attached."
# Check, if image really attached ezjail_device=${ezjail_device#/dev/}
if [ -L "${ezjail_root}.device" ]; then
# Fetch destination of soft link
ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
[ -b "${ezjail_device}" ] || exerr "Error: Jail image file ${ezjail_name} is not attached."
fi
# Add this device to the list of devices to be unmounted # Add this device to the list of devices to be unmounted
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
@ -633,9 +638,8 @@ config)
detach_images keep detach_images keep
# Remove soft link (which acts as a lock) # Remove soft link (which acts as a lock)
rm -f ${ezjail_root}.device rm -f ${ezjail_rootdir}.device
;; ;;
*) echo "Warning: Unknow image action specified.";;
esac esac
;; ;;

34
ezjail.sh
View File

@ -58,14 +58,14 @@ do_cmd()
# Read config file # Read config file
. ${ezjail_prefix}/etc/ezjail/${ezjail} . ${ezjail_prefix}/etc/ezjail/${ezjail}
eval ezjail_root=\"\$jail_${ezjail}_rootdir\" eval ezjail_rootdir=\"\$jail_${ezjail}_rootdir\"
eval ezjail_image=\"\$jail_${ezjail}_image\" eval ezjail_image=\"\$jail_${ezjail}_image\"
eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\" eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
eval ezjail_attachblocking=\"\$jail_${ezjail}_attachblocking\" eval ezjail_attachblocking=\"\$jail_${ezjail}_attachblocking\"
eval ezjail_forceblocking=\"\$jail_${ezjail}_forceblocking\" eval ezjail_forceblocking=\"\$jail_${ezjail}_forceblocking\"
[ ${ezjail_attachblocking} = "YES" -o ${ezjail_forceblocking} = "YES" ] && ezjail_blocking="YES" || unset ezjail_blocking [ "${ezjail_attachblocking}" = "YES" -o "${ezjail_forceblocking}" = "YES" ] && ezjail_blocking="YES" || unset ezjail_blocking
# Cannot auto mount blocking jails without interrupting boot process # Cannot auto mount blocking jails without interrupting boot process
[ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" -a "${ezjail_blocking}" = "YES" ] && continue [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" -a "${ezjail_blocking}" = "YES" ] && continue
@ -95,10 +95,10 @@ attach_detach_pre ()
# /etc/rc.d/jail does # /etc/rc.d/jail does
[ -e /var/run/jail_${ezjail}.id ] && return 1 [ -e /var/run/jail_${ezjail}.id ] && return 1
if [ -L "${ezjail_root}.device" ]; then if [ -L "${ezjail_rootdir}.device" ]; then
# Fetch destination of soft link # Fetch destination of soft link
ezjail_device=`stat -f "%Y" ${ezjail_root}.device` ezjail_device=`stat -f "%Y" ${ezjail_rootdir}.device`
[ -b "${ezjail_device}" ] && echo "Warning: Jail image file ${ezjail_name} already attached as ${ezjail_device}." && return 1 [ -e "${ezjail_device}" ] && echo "Jail image file ${ezjail} already attached as ${ezjail_device}. 'ezjail-admin config -i detach' it first." && return 1
fi fi
# Create a memory disc from jail image # Create a memory disc from jail image
@ -110,8 +110,8 @@ attach_detach_pre ()
crypto|bde) crypto|bde)
echo "Attaching bde device for image jail ${ezjail}..." echo "Attaching bde device for image jail ${ezjail}..."
echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh
if [ $? -eq 0 ]; then if [ $? -ne 0 ]; then
mdconfig -d -u ${ezjail_imagedevice} > /dev/null mdconfig -d -u ${ezjail_device} > /dev/null
echo "Error: Attaching bde device failed."; return 1 echo "Error: Attaching bde device failed."; return 1
fi fi
# Device to mount is not md anymore # Device to mount is not md anymore
@ -120,8 +120,8 @@ attach_detach_pre ()
eli) eli)
echo "Attaching eli device for image jail ${ezjail}..." echo "Attaching eli device for image jail ${ezjail}..."
echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh
if [ $? -eq 0 ]; then if [ $? -ne 0 ]; then
mdconfig -d -u ${ezjail_imagedevice} > /dev/null mdconfig -d -u ${ezjail_device} > /dev/null
echo "Error: Attaching eli device failed."; return 1 echo "Error: Attaching eli device failed."; return 1
fi fi
# Device to mount is not md anymore # Device to mount is not md anymore
@ -130,17 +130,21 @@ attach_detach_pre ()
esac esac
# Clean image # Clean image
fsck_ufs -F -p ${ezjail_device} fsck_ufs -F -p /dev/${ezjail_device}
# relink image device # relink image device
rm -f ${ezjail_root}.device rm -f ${ezjail_rootdir}.device
ln -s /dev/${ezjail_device} ${ezjail_root}.device ln -s /dev/${ezjail_device} ${ezjail_rootdir}.device
else else
# If jail is not running, do not unmount devices, this is the same check
# as /etc/rc.d/jail does
[ -e /var/run/jail_${ezjail}.id ] || return 1
# If soft link to device is not set, we cannot unmount # If soft link to device is not set, we cannot unmount
[ -e ${ezjail_root}.device ] || return [ -e ${ezjail_rootdir}.device ] || return
# Fetch destination of soft link # Fetch destination of soft link
ezjail_device=`stat -f "%Y" ${ezjail_root}.device` ezjail_device=`stat -f "%Y" ${ezjail_rootdir}.device`
# Add this device to the list of devices to be unmounted # Add this device to the list of devices to be unmounted
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
@ -149,7 +153,7 @@ attach_detach_pre ()
esac esac
# Remove soft link (which acts as a lock) # Remove soft link (which acts as a lock)
rm -f ${ezjail_root}.device rm -f ${ezjail_rootdir}.device
fi fi
} }