ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Radical change of what an ezjail flavour is. The old way got me stuck.

Browse Source
This commit is contained in:
erdgeist 2006-02-09 00:44:49 +00:00
parent ea7235c93e
commit c270955ae0
3 changed files with 60 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

78
examples/example/ezjail.flavour
View File

@ -1,29 +1,61 @@
#!/bin/sh
#
# ezjail flavour example # ezjail flavour example
# refer to ezjail-admin(1) for more information
#
# ezjails jail init script tries to create the following users. Format is
# as follows:
#
# username:uid:group[,group,..]:gid[,gid,..]:comment:cryptpw:[-]homedir:shell
#
# Note: Since ' ' (space) does not survive shell expansion, still often is
# useful in the comment field, '=' will be converted to ' '.
#
# Note: Always use ''' (single ticks) to provide variables containing '$'s
#
# Example:
#
# ezjail_flavour_users='::heroes:1003:::: \
# admin::wheel::Admin=User:$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91:/home/admin:/bin/sh \
# pgsql:1002:pgsql:1002:Post=Gres::-/usr/local/psql:/bin/nologin'
# Files or directories that should not belong to root:wheel will be # Hide
# chowned -R according to the following variable ######
# #
# Format is as follows: # Prevent this script from being called over and over
# if something fails.
rm -f /etc/rc.d/ezjail-config.sh /ezjail.flavour
# Groups
#########
# #
# user:group:file[:file...] # You will probably start with some groups your users
# should be in
# pw groupadd -q -n coders # -g 1004
# pw groupadd -q -n sales # -g 1005
# Users
########
# #
# Example: # You might want to add some users.
# The password is to be provided in the encrypted form
# as found in /etc/master.passwd
# refer to pw(8) for more information
# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
# pw useradd -n admin -u 1001 -s /bin/sh -m -d$ /home/admin -G wheel -c 'Admin User' -H 0
# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
# pw useradd -n saag -u 1002 -s /bin/sh -m -d$ /home/saag -G coders -c 'Mutton Saag' -H 0
# echo -n '$1$p75bbfK.$Kz3dwkoVlgZrfLZdAXQt91' |\
# pw useradd -n mac -u 1002 -s /bin/sh -m -d$ /home/mac -G sales -c 'Big Mac' -H 0
# Files
########
# #
# ezjail_flavour_files='admin:wheel:/home/admin/' # You can now give files to users just created
# chown -R admin:coders /usr/local/cvsroot
# chown -R admin:sales /usr/local/nfs/sales
# Packages
###########
#
# Install all packages previously put to /pkg
[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
rm -rf /pkg
# Postinstall
#################
#
# Your own stuff here, for example set login shells
# that were only installed just before
# chpass -s /usr/local/bin/bash admin
# pkg_add -r pico
# cd /usr/ports/sysutils/screen && make install

5
ezjail-admin
View File

@ -130,9 +130,12 @@ create)
cd ${ezjail_flavours}/${newjail_flavour} cd ${ezjail_flavours}/${newjail_flavour}
find * | cpio -p -v ${newjail_root} > /dev/null find * | cpio -p -v ${newjail_root} > /dev/null
install -o root -g wheel -m 0755 ${ezjail_share}/ezjail-config.sh ${newjail_root}/etc/rc.d/ezjail-config.sh if [ -f ${ezjail_share}/ezjail.flavour ]; then
ln -s /ezjail.flavour ${newjail_root}/etc/rc.d/ezjail-config.sh
chmod 0700 ${newjail_root}/etc/rc.d/ezjail-config.sh
echo "Note: Shell scripts installed, flavourizing on jails first startup." echo "Note: Shell scripts installed, flavourizing on jails first startup."
fi fi
fi
# For user convenience, some scenarios commonly causing # For user convenience, some scenarios commonly causing
# headaches are checked # headaches are checked

48
ezjail-config.sh
View File

@ -1,48 +0,0 @@
#!/bin/sh
set -o noglob
if [ -f /ezjail.flavour ]; then
. /ezjail.flavour
# we do need to install only once delete here to avoid errors
# in this script to prevent jail startup forever
rm -f /ezjail.flavour
fi
# set defaults
ezjail_flavour_users=${ezjail_flavour_users:-""}
ezjail_flavour_files=${ezjail_flavour_files:-""}
# try to create users, variables named after pw useradd params
for user in ${ezjail_flavour_users}; do
TIFS=${IFS}; IFS=:; set -- ${user}; IFS=${TIFS}
if [ $# -eq 8 ]; then
u=${2:+-u$2}; G=$3; gs=$4; c=${5:+-c$5}; p=${6:-*}; d=${7#-}; m=${7%%[!-]*}; s=${8:+-s$8};
# ensure all groups
gc=1; for n in `echo -n ${G} | tr , ' '`; do
g=`echo -n ${gs} | cut -d , -f ${gc}`
pw groupadd -q -n ${n} ${g:+-g${g}}
gc=$((1+${gc}))
done
# create user
[ $1 ] && echo ${p} | pw useradd -n $1 ${u} ${s} ${m:+-m} ${d:+-d${d}} ${G:+-G${G}} "`echo -n ${c} | tr = ' '`" -H 0
fi
done
set +o noglob
# chmod all files not belonging to root
for file in ${ezjail_flavour_files}; do
TIFS=${IFS}; IFS=:; set -- ${file}; IFS=${TIFS}
[ $# -gt 2 ] && owner="$1:$2" && shift 2 && chown -R ${owner} $*
done
# install packages
[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
# source post install script
[ -d /ezjail.postinstall ] && . /ezjail.postinstall
# Get rid off ourself
rm -rf /pkg /etc/rc.d/ezjail-config.sh /ezjail.postinstall