ruben/ezjail
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Sanity checks added

Browse Source
This commit is contained in:
erdgeist 2006-03-16 01:00:41 +00:00
parent ac7c4c9c42
commit e45dc1f809
1 changed files with 24 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
ezjail-img.sh
View File

@ -28,6 +28,16 @@ ezjail_fdescfs_enable=${ezjail_fdescfs_enable:-"YES"}
# define our bail out shortcut # define our bail out shortcut
exerr () { echo -e "$*"; exit 1; } exerr () { echo -e "$*"; exit 1; }
# define detach strategy for image jails
detach () {
# unmount and detach memory disc
if [ "${newjail_device}" ]; then
umount ${newjail_root}
mdconfig -d -u ${newjail_device}
fi
return 0
}
# check for command # check for command
[ "$1" ] || exerr "Usage: `basename -- $0` [create] {params}" [ "$1" ] || exerr "Usage: `basename -- $0` [create] {params}"
@ -42,6 +52,7 @@ create)
newjail_softlink= newjail_softlink=
newjail_imagesize= newjail_imagesize=
newjail_cryptimage= newjail_cryptimage=
newjail_device=
newjail_fill="YES" newjail_fill="YES"
set -- ${args} set -- ${args}
@ -112,23 +123,24 @@ create)
# if image is wanted, check, whether the img-file already is present # if image is wanted, check, whether the img-file already is present
if [ "${newjail_imagesize}" ]; then if [ "${newjail_imagesize}" ]; then
newjail_image=${newjail_root%/}; while [ "${newjail_image}" -a -z "${newjail_image%%*/" ]; do newjail_image=${newjail_image%/}; done newjail_image=${newjail_root%/}; while [ "${newjail_image}" -a -z "${newjail_image%%*/}" ]; do newjail_image=${newjail_image%/}; done
[ -z "${newjail_image}" ] && exerr Could not determine image file name, something is wrong with the jail root: ${newjail_root}. [ -z "${newjail_image}" ] && exerr "Error: Could not determine image file name, something is wrong with the jail root: ${newjail_root}."
newjail_image=${newjail_image}.img newjail_image=${newjail_image}.img
[ -e "${newjail_image}" ] && exerr "Error: a file exists at the location ${newjail_image}, preventing our own image file to be created. [ -e "${newjail_image}" ] && exerr "Error: a file exists at the location ${newjail_image}, preventing our own image file to be created."
touch "${newjail_image}" touch "${newjail_image}"
dd if=/dev/random of="${newjail_image}" bs=${newjail_imagesize} count=1 || exerr Could not (or not fully) create the image file. You might want to check (and possibly remove) the file "${newjail_image}". The image size provided was ${newjail_imagesize}. dd if=/dev/random of="${newjail_image}" bs="${newjail_imagesize}" count=1 || exerr "Error: Could not (or not fully) create the image file. You might want to check (and possibly remove) the file ${newjail_image}. The image size provided was ${newjail_imagesize}."
newjail_device=/dev/`mdconfig -a -t vnode -f ${newjail_image}` newjail_device=`mdconfig -a -t vnode -f ${newjail_image}`
newfs ${newjail_device} newfs /dev/${newjail_device}
mount ${newjail_device} ${newjail_root} mkdir -p ${newjail_root}
mount /dev/${newjail_device} ${newjail_root}
fi fi
# now take a copy of our template jail # now take a copy of our template jail
if [ "${newjail_fill}" = "YES" ]; then if [ "${newjail_fill}" = "YES" ]; then
mkdir -p ${newjail_root} && cd ${ezjail_jailtemplate} && \ mkdir -p ${newjail_root} && cd ${ezjail_jailtemplate} && \
find * | cpio -p -v ${newjail_root} > /dev/null find * | cpio -p -v ${newjail_root} > /dev/null
[ $? = 0 ] || exerr "Error: Could not copy template jail." [ $? != 0 ] || detach() || exerr "Error: Could not copy template jail."
fi fi
# if a soft link is necessary, create it now # if a soft link is necessary, create it now
@ -151,7 +163,7 @@ create)
echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} echo export jail_${newjail_nname}_procfs_enable=\"${ezjail_procfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname} echo export jail_${newjail_nname}_fdescfs_enable=\"${ezjail_fdescfs_enable}\" >> ${ezjail_jailcfgs}/${newjail_nname}
[ "${newjail_imagesize}" ] && \ [ "${newjail_imagesize}" ] && \
echo export jail_${newjail_nname}_image=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname} echo export jail_${newjail_nname}_image=\"${newjail_image}\" >> ${ezjail_jailcfgs}/${newjail_nname}
[ "${newjail_cryptimage}" ] && \ [ "${newjail_cryptimage}" ] && \
echo export jail_${newjail_nname}_cryptimage=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname} echo export jail_${newjail_nname}_cryptimage=\"YES\" >> ${ezjail_jailcfgs}/${newjail_nname}
@ -168,6 +180,8 @@ create)
echo "Note: Shell scripts installed, flavourizing on jails first startup." echo "Note: Shell scripts installed, flavourizing on jails first startup."
fi fi
fi fi
detach()
# #
# For user convenience some scenarios commonly causing headaches are checked # For user convenience some scenarios commonly causing headaches are checked
@ -183,7 +197,7 @@ create)
[ $? = 0 ] && echo -e "Warning: Some services already seem to be listening on IP ${newjail_ip}\n This may cause some confusion, here they are:\n${newjail_listener}" [ $? = 0 ] && echo -e "Warning: Some services already seem to be listening on IP ${newjail_ip}\n This may cause some confusion, here they are:\n${newjail_listener}"
newjail_listener=`sockstat -4 -l | grep \*:[[:digit:]]` newjail_listener=`sockstat -4 -l | grep \*:[[:digit:]]`
[ $? = 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${newjail_ip})\n This may cause some confusion, here they are:\n${$ [ $? = 0 ] && echo -e "Warning: Some services already seem to be listening on all IP, (including ${newjail_ip})\n This may cause some confusion, here they are:\n${newjail_listener}"
IFS=${TIFS} IFS=${TIFS}
;; ;;