ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Crypto image init-attach args converter introduced.

Browse Source
This commit is contained in:
erdgeist 2006-05-03 16:01:41 +00:00
parent b5acbdb903
commit 96700dbb84
2 changed files with 65 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
ezjail-admin
View File

@ -43,7 +43,7 @@ detach_images () {
umount ${ezjail_rootdir} > /dev/null umount ${ezjail_rootdir} > /dev/null
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;; bde) gbde detach /dev/${ezjail_imagedevice} > /dev/null;;
eli) geil detach /dev/${ezjail_imagedevice} > /dev/null;; eli) geli detach /dev/${ezjail_imagedevice} > /dev/null;;
esac esac
mdconfig -d -u ${ezjail_imagedevice} > /dev/null mdconfig -d -u ${ezjail_imagedevice} > /dev/null
[ "$1" = "success" ] || rm -f ${ezjail_image} [ "$1" = "success" ] || rm -f ${ezjail_image}
@ -139,7 +139,7 @@ case "$1" in
######################## ezjail-admin CREATE ######################## ######################## ezjail-admin CREATE ########################
create) create)
# Clean variables, prevent polution # Clean variables, prevent polution
unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config unset ezjail_rootdir ezjail_flavour ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_device ezjail_config ezjail_attachparams
ezjail_fillme="YES" ezjail_fillme="YES"
shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in shift; while getopts :f:r:s:xic:C: arg; do case ${arg} in
@ -246,16 +246,24 @@ create)
[ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')" [ $? = 0 ] || detach_images || exerr "Error: Could not attach image device. (Command failed was 'mdconfig -a -t vnode -f ${ezjail_image}')"
case "${ezjail_imagetype}" in case "${ezjail_imagetype}" in
bde) bde|eli)
# Initialise crypto image # parse imageparams, generate attachparams
echo "Initialising crypto device. Enter a new passphrase twice..." if [ -n "${ezjail_imageparams}" ] ; then
gbde init /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not initialise crypto image." ezjail_attachparams=`echo $0 _parse_g${ezjail_imagetype}_attach_args_ ${ezjail_imageparams} | /bin/sh `
[ 0 -eq $? ] || exerr "processing of ezjail_imageparams failed"
fi
case "${ezjail_imagetype}" in
bde) init_cmd="gbde init /dev/${ezjail_imagedevice} ${ezjail_imageparams}"
attach_cmd="gbde attach /dev/${ezjail_imagedevice} ${ezjail_attachparams}";;
eli) init_cmd="geli init ${ezjail_imageparams} /dev/${ezjail_imagedevice}"
attach_cmd="geli attach ${ezjail_attachparams} /dev/${ezjail_imagedevice}";;
esac
echo "Initialising crypto device. Enter a new passphrase twice... (if necessary)"
( echo ${init_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not initialise crypto image."
echo "Attaching crypto device. Enter the passphrase..." echo "Attaching crypto device. Enter the passphrase... (if necessary)"
gbde attach /dev/${ezjail_imagedevice} || detach_images || exerr "Error: Could not attach crypto image." ( echo ${attach_cmd} | /bin/sh ) || detach_images || exerr "Error: Could not attach crypto image."
ezjail_device=${ezjail_imagedevice}.bde ezjail_device=${ezjail_imagedevice}.${ezjail_imagetype}
;;
eli)
;; ;;
simple) simple)
ezjail_device=${ezjail_imagedevice} ezjail_device=${ezjail_imagedevice}
@ -306,6 +314,7 @@ create)
echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_image=\"${ezjail_image}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config} echo export jail_${ezjail_safename}_imagetype=\"${ezjail_imagetype}\" >> ${ezjail_config}
echo export jail_${ezjail_safename}_attachparams=\"${ezjail_attachparams}\" >> ${ezjail_config}
# Final steps for flavour installation # Final steps for flavour installation
if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then if [ "${ezjail_fillme}" = "YES" -a "${ezjail_flavour}" ]; then
@ -545,6 +554,41 @@ config)
esac esac
;; ;;
##############################################################################
# ezjail_imageparams HACK starts here
#
#
_parse_geli_attach_args_)
# create geli(8) attach arguments from geli(8) init arguments:
# -P becomes -p if present, -K newkeyfile becomes -k newkeyfile if present,
# everything else is dicarded
shift; while getopts :bPva:i:K:l:s: arg; do case ${arg} in
b|v|a|i|l|s);; # ignore these
P) echo -n "-p ";;
K) echo -n "-k '$OPTARG' ";;
?) exit 11;;
esac; done
exit 0
;;
_parse_gbde_attach_args_)
# create gbde(8) attach arguments from gbde(8) init arguments:
# -L lockfile becomes -l lockfile if present
# -K keyfile becomes -k keyfile if present
# -P passphrase becomes -p passphrase if present
# everything else is discarded
shift; while getopts :iK:f:L:P: arg; do case ${arg} in
i|f);; # ignore these
P) echo -n "-p '$OPTARG' ";;
K) echo -n "-k '$OPTARG' ";;
L) echo -n "-l '$OPTARG' ";;
?) exit 11;;
esac; done
exit 0
;;
#
# ezjail_imageparams HACK ends here (thank god)
##############################################################################
*) *)
exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}" exerr "Usage: `basename -- $0` [config|create|delete|install|list|update] {params}"
;; ;;

13
ezjail.sh
View File

@ -60,6 +60,7 @@ do_cmd()
eval ezjail_root=\"\$jail_${ezjail}_rootdir\" eval ezjail_root=\"\$jail_${ezjail}_rootdir\"
eval ezjail_image=\"\$jail_${ezjail}_image\" eval ezjail_image=\"\$jail_${ezjail}_image\"
eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\" eval ezjail_imagetype=\"\$jail_${ezjail}_imagetype\"
eval ezjail_attachparams=\"\$jail_${ezjail}_attachparams\"
# Cannot auto mount crypto jails without interrupting boot process # Cannot auto mount crypto jails without interrupting boot process
[ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue [ "${ezjail_fromrc}" = "YES" -a "${ezjail_imagetype}" = "crypto" -a "${action}" = "start" ] && continue
@ -95,12 +96,15 @@ attach_detach_pre ()
case ${ezjail_imagetype} in case ${ezjail_imagetype} in
crypto|bde) crypto|bde)
echo "Attaching gbde device for image jail ${ezjail}..." echo "Attaching gbde device for image jail ${ezjail}..."
gbde attach /dev/${ezjail_device} echo gbde attach /dev/${ezjail_device} ${ezjail_attachparams} | /bin/sh
# Device to mount is not md anymore # Device to mount is not md anymore
ezjail_device=${ezjail_device}.bde ezjail_device=${ezjail_device}.bde
;; ;;
eli) eli)
echo "Attaching gbde device for image jail ${ezjail}..."
echo geli attach ${ezjail_attachparams} /dev/${ezjail_device} | /bin/sh
# Device to mount is not md anymore
ezjail_device=${ezjail_device}.eli
;; ;;
esac esac
@ -115,7 +119,10 @@ attach_detach_pre ()
ezjail_device=`stat -f "%Y" ${ezjail_root}.device` ezjail_device=`stat -f "%Y" ${ezjail_root}.device`
# Add this device to the list of devices to be unmounted # Add this device to the list of devices to be unmounted
ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" case ${ezjail_imagetype} in
crypto|bde) ezjail_mds="${ezjail_mds} ${ezjail_device%.bde}" ;;
eli) ezjail_mds="${ezjail_mds} ${ezjail_device%.eli}" ;;
esac
# Remove soft link (which acts as a lock) # Remove soft link (which acts as a lock)
rm -f ${ezjail_root}.device rm -f ${ezjail_root}.device