ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Flag jails that would interrupt boot process as attachblocking. Skip or choose them deliberately in ezjail.sh

Browse Source
This commit is contained in:
erdgeist 2006-05-04 18:49:52 +00:00
parent 63ad46a478
commit 89a8a70f02
2 changed files with 30 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
ezjail-admin
View File

@ -148,8 +148,7 @@ case "$1" in
######################## ezjail-admin CREATE ######################## ######################## ezjail-admin CREATE ########################
create) create)
# Clean variables, prevent polution # Clean variables, prevent polution
unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_passphraseurl ezjail_exists unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams ezjail_passphraseurl ezjail_exists ezjail_attachblocking
shift; while getopts :f:r:s:xic:u:C: arg; do case ${arg} in shift; while getopts :f:r:s:xic:u:C: arg; do case ${arg} in
x) ezjail_exists="YES";; x) ezjail_exists="YES";;
r) ezjail_rootdir="${OPTARG}";; r) ezjail_rootdir="${OPTARG}";;
@ -253,13 +252,14 @@ create)
# And attach device # And attach device
ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}` ezjail_imagedevice=`mdconfig -a -t vnode -f ${ezjail_image}`
[ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')" [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')"
case "${ezjail_imagetype}" in case "${ezjail_imagetype}" in
bde|eli) bde|eli)
# parse imageparams, generate attachparams # parse imageparams, generate attachparams
ezjail_attachblocking="YES"
if [ -n "${ezjail_imageparams}" ]; then if [ -n "${ezjail_imageparams}" ]; then
ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh ` ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh `
[ 0 -eq $? ] || exerr "processing of ezjail_imageparams failed" [ 5 -eq $? ] && exerr "processing of ezjail_imageparams failed"
[ 3 -eq $? ] && unset ezjail_attachblocking
fi fi
case "${ezjail_imagetype}" in case "${ezjail_imagetype}" in
bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}" bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}"
@ -267,13 +267,14 @@ create)
eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}" eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}"
attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";; attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";;
esac esac
echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)" [ -n "${ezjail_attachblocking}" ] && echo "Initialising crypto device. Enter a new passphrase twice... "
( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image." ( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image."
echo "Attaching crypto device. Enter the passphrase... (if necessary)" [ -n "${ezjail_attachblocking}" ] && echo "Attaching crypto device. Enter the passphrase... "
( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image." ( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image."
ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype} ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype}
;; ;;
simple) simple)
ezjail_device=${ezjail_imagedevice} ezjail_device=${ezjail_imagedevice}
;; ;;
@ -324,6 +325,7 @@ create)
echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_attachblocking=\"${ezjail_attachblocking}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_passphraseurl=\"${ezjail_passphraseurl}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_passphraseurl=\"${ezjail_passphraseurl}\" >> ${ezjail_config}
# Final steps for flavour installation # Final steps for flavour installation
@ -570,18 +572,20 @@ config)
############################################################################## ##############################################################################
# ezjail_imageparams HACK starts here # ezjail_imageparams HACK starts here
# #
# #
_parse_geli_attach_args_) _parse_geli_attach_args_)
# create geli(8) attach arguments from geli(8) init arguments: # create geli(8) attach arguments from geli(8) init arguments:
# -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present, # -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present,
# everything else is dicarded # everything else is dicarded
# exit values: 2->NO_ERROR, 3->NO_ERROR,PASSWORD_SET, 5->PARSER_ERROR
_exit=2
shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in
b|v|a|i|l|s);; # ignore these b|v|a|i|l|s);; # ignore these
P) echo -n "-p ";; P) echo -n "-p "; _exit=3 ;;
K) echo -n "-k '$OPTARG' ";; K) echo -n "-k '$OPTARG' ";;
?) exit 11;; ?) exit 5;;
esac; done esac; done
exit 0 exit ${_exit}
;; ;;
_parse_gbde_attach_args_) _parse_gbde_attach_args_)
# create gbde(8) attach arguments from gbde(8) init arguments: # create gbde(8) attach arguments from gbde(8) init arguments:
@ -589,18 +593,21 @@ _parse_gbde_attach_args_)
# -K keyfile becomes -k keyfile if present # -K keyfile becomes -k keyfile if present
# -P passphrase becomes -p passphrase if present # -P passphrase becomes -p passphrase if present
# everything else is discarded # everything else is discarded
# exit values: 2->NO_ERROR, 3->NO_ERROR+PASSWORD_SET, 5->PARSER_ERROR
_exit=2
shift; while getopts :iK:f:L:P: arg; do case ${arg} in shift; while getopts :iK:f:L:P: arg; do case ${arg} in
i|f);; # ignore these i|f);; # ignore these
P) echo -n "-p '$OPTARG' ";; P) echo -n "-p '$OPTARG' "; _exit=3;;
K) echo -n "-k '$OPTARG' ";; K) echo -n "-k '$OPTARG' ";;
L) echo -n "-l '$OPTARG' ";; L) echo -n "-l '$OPTARG' ";;
?) exit 11;; ?) exit 5;;
esac; done esac; done
exit 0 exit ${_exit}
;; ;;
# #
# ezjail_imageparams HACK ends here (thank god) # ezjail_imageparams HACK ends here (thank god)
############################################################################## ##############################################################################
*) *)
exerr ${ezjail_usage_ezjail} exerr ${ezjail_usage_ezjail}
;; ;;

19
ezjail.sh
View File

@ -62,19 +62,16 @@ do_cmd()
eval ezjail_image=\"\$jail_${ezjail}_image\" eval ezjail_image=\"\$jail_${ezjail}_image\"
eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\" eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
eval ezjail_attachblocking=\"\$jail_${ezjail}_attachblocking\"
# Cannot auto mount crypto jails without interrupting boot process # Cannot auto mount blocking crypto jails without interrupting boot process
if [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" ]; then [ "${ezjail_fromrc}" = "YES" -a "${action}" = "start" && "${ezjail_attachblocking}" = "YES" ] && continue
case "${ezjail_imagetype}" in crypto|eli|bde) continue;; esac
fi
# Explicitely do only run crypto jails when *crypto is requested # Explicitely do only run blocking crypto jails when *crypto is requested
if [ "${action%crypto}" != "${action}" ]; then [ "${action%crypto}" != "${action}" -a -z "${ezjail_attachblocking}" ] && continue
case "${ezjail_imagetype}" in crypto|eli|bde) ;; *) continue;; esac
fi
# Try to attach (crypto) devices # Try to attach (crypto) devices
[ "${ezjail_image}" ] && attach_detach_pre [ -n "${ezjail_image}" ] && attach_detach_pre
ezjail_pass="${ezjail_pass} ${ezjail}" ezjail_pass="${ezjail_pass} ${ezjail}"
done done
@ -100,13 +97,13 @@ attach_detach_pre ()
# this is. In this case, the device to mount is # this is. In this case, the device to mount is
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
crypto|bde) crypto|bde)
echo "Attaching gbde device for image jail ${ezjail}..." echo "Attaching bde device for image jail ${ezjail}..."
echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh
# Device to mount is not md anymore # Device to mount is not md anymore
ezjail_device=${ezjail_device}.bde ezjail_device=${ezjail_device}.bde
;; ;;
eli) eli)
echo "Attaching gbde device for image jail ${ezjail}..." echo "Attaching eli device for image jail ${ezjail}..."
echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh
# Device to mount is not md anymore # Device to mount is not md anymore
ezjail_device=${ezjail_device}.eli ezjail_device=${ezjail_device}.eli