Fix superfluous asteriks in multiplication

Makefile

@@ -3,20 +3,20 @@
 # want / as your install location, DO set PREFIX before invoking this Makefile
 
 PREFIX?=/usr/local
+DST=	${DESTDIR}${PREFIX}
 
 all:
 
 install:
-	mkdir -p ${PREFIX}/etc/ezjail/ ${PREFIX}/man/man5/ ${PREFIX}/man/man7 ${PREFIX}/man/man8 ${PREFIX}/etc/rc.d/ ${PREFIX}/bin/ ${PREFIX}/share/examples/ezjail ${PREFIX}/share/zsh/site-functions
+	mkdir -p ${DST}/etc/ezjail/ ${DST}/man/man5/ ${DST}/man/man7 ${DST}/man/man8 ${DST}/etc/rc.d/ ${DST}/bin/ ${DST}/share/examples/ezjail ${DST}/share/zsh/site-functions
-	cp -p ezjail.conf.sample ${PREFIX}/etc/
+	cp -R examples/example ${DST}/share/examples/ezjail/
-	cp -R -p examples/example ${PREFIX}/share/examples/ezjail/
+	cp -R examples/nullmailer-example ${DST}/share/examples/ezjail/
-	cp -R -p examples/nullmailer-example ${PREFIX}/share/examples/ezjail/
+	cp -R share/zsh/site-functions/ ${DST}/share/zsh/site-functions/
-	cp -R -p share/zsh/site-functions/ ${PREFIX}/share/zsh/site-functions/
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.conf.sample > ${DST}/etc/ezjail.conf.sample
-	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.sh > ${PREFIX}/etc/rc.d/ezjail
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail.sh > ${DST}/etc/rc.d/ezjail
-	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail-admin > ${PREFIX}/bin/ezjail-admin
+	sed s:EZJAIL_PREFIX:${PREFIX}: ezjail-admin > ${DST}/bin/ezjail-admin
-	sed s:EZJAIL_PREFIX:${PREFIX}: man8/ezjail-admin.8 > ${PREFIX}/man/man8/ezjail-admin.8
+	sed s:EZJAIL_PREFIX:${PREFIX}: man8/ezjail-admin.8 > ${DST}/man/man8/ezjail-admin.8
-	sed s:EZJAIL_PREFIX:${PREFIX}: man5/ezjail.conf.5 > ${PREFIX}/man/man5/ezjail.conf.5
+	sed s:EZJAIL_PREFIX:${PREFIX}: man5/ezjail.conf.5 > ${DST}/man/man5/ezjail.conf.5
-	sed s:EZJAIL_PREFIX:${PREFIX}: man7/ezjail.7 > ${PREFIX}/man/man7/ezjail.7
+	sed s:EZJAIL_PREFIX:${PREFIX}: man7/ezjail.7 > ${DST}/man/man7/ezjail.7
-	chmod 755 ${PREFIX}/etc/rc.d/ezjail ${PREFIX}/bin/ezjail-admin
+	chmod 755 ${DST}/etc/rc.d/ezjail ${DST}/bin/ezjail-admin
-	chown -R root:wheel ${PREFIX}/man/man8/ezjail-admin.8 ${PREFIX}/man/man5/ezjail.conf.5 ${PREFIX}/man/man7/ezjail.7 ${PREFIX}/share/examples/ezjail/
+	chmod 0440 ${DST}/share/examples/ezjail/example/usr/local/etc/sudoers
-	chmod 0440 ${PREFIX}/share/examples/ezjail/example/usr/local/etc/sudoers

examples/example/etc/rc.d/ezjail.flavour.example

@@ -54,7 +54,7 @@ flavour_setup() {
 # Install all packages previously put to /pkg
 # Remove package files afterwards
 
-[ -d /pkg ] && PACKAGESITE=file:// pkg_add -r /pkg/*
+[ -d /pkg ] && cd /pkg && pkg_add /pkg/*
 rm -rf /pkg
 
 # Postinstall

ezjail-admin

@@ -8,6 +8,7 @@ ezjail_etc="${ezjail_prefix}/etc"
 ezjail_share="${ezjail_prefix}/share/ezjail"
 ezjail_examples="${ezjail_prefix}/share/examples/ezjail"
 ezjail_jailcfgs="${ezjail_etc}/ezjail"
+ezjail_snap_date_format="%Y%m%d%H%M"
 
 # read user config
 [ -f "${ezjail_etc}/ezjail.conf" ] && . "${ezjail_etc}/ezjail.conf"
@@ -32,8 +33,6 @@ ezjail_jailcfgs="${ezjail_etc}/ezjail"
 : ${ezjail_exec_start="/bin/sh /etc/rc"}
 
 : ${ezjail_use_zfs="NO"}
-: ${ezjail_jailzfs=""}
-: ${ezjail_zfs_properties=""}
 
 ezjail_dirlist="bin boot lib libexec rescue sbin usr/bin usr/include usr/lib usr/libdata usr/libexec usr/sbin usr/src usr/share"
 ezjail_basesystem="base"
@@ -42,7 +41,7 @@ ezjail_basesystem="base"
 case `uname -p` in amd64) ezjail_dirlist="${ezjail_dirlist} usr/lib32"; ezjail_basesystem="${ezjail_basesystem} lib32";; esac
 
 # Synopsis messages
-ezjail_usage_ezjailadmin="${ezjail_admin} v3.3\nUsage: ${ezjail_admin} [archive|config|console|create|delete|install|list|restore|update] {params}"
+ezjail_usage_ezjailadmin="${ezjail_admin} v3.4.2\nUsage: ${ezjail_admin} [archive|config|console|create|delete|freeze|install|list|restore|snapshot|troubleshoot|update] {params}"
 ezjail_usage_install="Usage: ${ezjail_admin} install [-mMpPsS] [-h host] [-r release]"
 ezjail_usage_create="Usage: ${ezjail_admin} create [-xbi] [-f flavour] [-r jailroot] [-s size] [-c bde|eli|zfs] [-C args] [-a archive] [-z parentzfs] jailname jailip"
 ezjail_usage_delete="Usage: ${ezjail_admin} delete [-wf] jailname"
@@ -51,6 +50,8 @@ ezjail_usage_config="Usage: ${ezjail_admin} config [-r run|norun] [-n newname] [
 ezjail_usage_console="Usage: ${ezjail_admin} console [-f] [-e command] jailname"
 ezjail_usage_archive="Usage: ${ezjail_admin} archive [-Af] [-a archive] [-d archivedir] jailname [jailname...]"
 ezjail_usage_restore="Usage: ${ezjail_admin} restore [-f] [-d archivedir] (archive|jailname)..."
+ezjail_usage_freeze="Usage: ${ezjail_admin} freeze jailname newflavour"
+ezjail_usage_troubleshoot="Usage: ${ezjail_admin} troubleshoot [jailname...]"
 ezjail_usage_list="Usage: ${ezjail_admin} list"
 
 ################################
@@ -144,6 +145,7 @@ start_stop_jail_by_script () {
   shift
   for ezjail; do
     fetchjailinfo ${ezjail}
+    case ${ezjail_config} in *.norun) continue;; esac
     [ ${ezjail_success_check} "${ezjail_id}" ] || exerr "Error: Could not ${ezjail_action} $@.\n  You need to ${ezjail_action} it by hand."
   done
 }
@@ -182,6 +184,7 @@ writejailinfo () {
   echo export jail_${ezjail_safename}_parentzfs=\"${ezjail_parentzfs}\"
   echo export jail_${ezjail_safename}_parameters=\"${ezjail_parameters}\"
   echo export jail_${ezjail_safename}_post_start_script=\"${ezjail_post_start_script}\"
+  echo export jail_${ezjail_safename}_retention_policy=\"${ezjail_retention_policy}\"
 
   ) > "${ezjail_destconf}"
 
@@ -232,9 +235,10 @@ fetchjailinfo () {
   eval ezjail_parentzfs=\"\$jail_${ezjail_safename}_parentzfs\"
   eval ezjail_parameters=\"\$jail_${ezjail_safename}_parameters\"
   eval ezjail_post_start_script=\"\$jail_${ezjail_safename}_post_start_script\"
+  eval ezjail_retention_policy=\"\$jail_${ezjail_safename}_retention_policy\"
 
   # Pre ezjail-3.3-jails do not have this set
-  : ${ezjail_parentzfs=${ezjail_jailzfs}}
+  : ${ezjail_parentzfs:=${ezjail_jailzfs}}
 
   ezjail_softlink=${ezjail_jaildir}/`basename -- "${ezjail_rootdir}"`
   ezjail_devicelink="${ezjail_rootdir}.device"
@@ -260,7 +264,7 @@ fetchjailinfo () {
   fi
 
   [ -f "/var/run/jail_${ezjail_safename}.id" ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return
-  jls | grep -q -E "^ +${ezjail_id} " || unset ezjail_id
+  jls | grep -q -E "^ *${ezjail_id} " || unset ezjail_id
 }
 
 # fill the base jail - this function is used by install and update
@@ -271,7 +275,7 @@ ezjail_splitworld() {
   if [ "${ezjail_use_zfs}" = "YES" ]; then
     ensure_jailzfs
     /sbin/zfs create ${ezjail_jailzfs}/basejail
-    /sbin/zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"`
+    /sbin/zfs snapshot ${ezjail_jailzfs}/basejail@`date +"%C%y%m%d_%H:%M:%S"`
   fi
 
   # Remove schg flags from old basejail binaries. The flags
@@ -307,6 +311,7 @@ ezjail_splitworld() {
   # /etc/make.conf.
   if [ -f "${ezjail_examples}/example/etc/make.conf" -a ! -f "${ezjail_jailtemplate}/etc/make.conf" ]; then
     cp -p "${ezjail_examples}/example/etc/make.conf" "${ezjail_jailtemplate}/etc/"
+    mkdir -p ${ezjail_jailtemplate}/var/ports/packages ${ezjail_jailtemplate}/var/ports/distfiles
     echo "Note: a non-standard /etc/make.conf was copied to the template jail in order to get the ports collection running inside jails."
   fi
 
@@ -432,7 +437,7 @@ ensure_jailzfs() {
   _zfs_status=`/sbin/zfs list -H -o name ${ezjail_jailzfs} 2> /dev/null`
   [ "${_zfs_status}" = "${ezjail_jailzfs}" ] && return
 
-  # if a directoy already exists in that place, make sure it is empty, else bump user
+  # if a directory already exists in that place, make sure it is empty, else bump user
   [ -d "${ezjail_jaildir}" -a -n "`ls -A ${ezjail_jaildir}`" ] && exerr "Error: Can not create zfs at ${ezjail_jaildir}.\n  There is a non-empty directory in the way."
 
   # create all parent file systems if necessary
@@ -443,6 +448,81 @@ ensure_jailzfs() {
   /sbin/zfs create -o mountpoint=${ezjail_jaildir} ${ezjail_zfs_properties} ${ezjail_jailzfs}
 }
 
+# implement snapshot retentions
+filteroldsnapshots() {
+  local win repeat bottom in_window snap_id snap_del snap_first first_round_done max_diff
+  bottom=`date +%s`
+
+  unset snap_del first_round_done
+  snap_id=0
+  for win in ${ezjail_retention_policy}; do
+    # split repeat count from window chunk
+    case ${win} in *x*) repeat=${win%x*}; win=${win#*x};; *) repeat=1;; KEEP) return;; esac
+
+    # check for correct value
+    case ${win} in [0-9]);; [0-9]*[0-9mhdwy]);; *) echo "Unknown window length declaration ${win}"; return ;; esac
+
+    # values default to minutes
+    case ${win} in *h) m=60;; *d) m=1440;; *w) m=10080;; *y) m=525600;; *) m=1;; esac
+    win=$((${win%[mhdwy]}*m*60))
+
+    # innerloop $repeats over windows
+    while [ $(( repeat-=1 )) -ge 0 ]; do
+      # Shift bottom of window
+      bottom=$(( ${bottom} - ${win} ))
+      unset snap_first
+
+      # now loop over parameters
+      in_window=YES; while [ "${in_window}" ]; do
+
+        # When snap_id is required, pop one if possible
+        if [ "${snap_id}" -eq 0 -a $# -gt 0 ]; then
+          snap_id=`date -j -f ${ezjail_snap_date_format} $1 +%s`
+          shift
+        fi
+
+        # is next snapshot before this window? test next window
+        if [ ${snap_id} -lt ${bottom} ]; then
+          [ "${first_round_done}" ] || echo /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+          [ "${first_round_done}" ] || /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+
+          # we remembered the first snapshot in window
+          # only keep it, if it is newer than the oldest by more than half the window size
+          if [ "${snap_first}" -a "${snap_del}" -a $(( snap_del - snap_first )) -lt $(( win / 2 )) ]; then
+             echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_first} +${ezjail_snap_date_format}`
+             /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_first} +${ezjail_snap_date_format}`
+          fi
+
+          # Zero marks end of snaps list
+          [ "${snap_id}" -eq 0 ] && return
+
+          unset snap_del in_window
+        else
+          if [ "${snap_del}" ]; then
+            if [ "${snap_first}" ]; then
+              echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+              /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+            else
+              snap_first="${snap_del}"
+            fi
+          fi
+          snap_del="${snap_id}"
+          snap_id=0
+        fi
+        first_round_done="YES"
+
+      done
+    done
+  done
+
+  # if out of windows, default to delete the remainder of snaps
+  for snap_del in ${snap_id} $*; do
+    echo /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+    /sbin/zfs destroy -r ${ezjail_zfs}@ez-autosnap-`date -j -f %s ${snap_del} +${ezjail_snap_date_format}`
+  done
+
+}
+
 #############################
 # End of function definitions
 # "
@@ -455,7 +535,7 @@ case "$1" in
 create)
   # Clean variables, prevent pollution
   unset ezjail_rootdir ezjail_flavours ezjail_softlink ezjail_image ezjail_imagetype ezjail_imageparams ezjail_imagesize ezjail_parentzfs ezjail_device ezjail_devicelink ezjail_config ezjail_attachparams ezjail_exists ezjail_attachblocking ezjail_forceblocking ezjail_sourcedevice ezjail_rootdirempty ezjail_fromarchive ezjail_fromarchive_config
-  shift; while getopts :f:r:s:xbic:C:a:A:z: arg; do case ${arg} in
+  shift; while getopts :f:r:s:xbkic:C:a:A:z: arg; do case ${arg} in
     x) ezjail_exists="YES";;
     r) ezjail_rootdir=${OPTARG};;
     f) ezjail_flavours=${OPTARG};;
@@ -468,6 +548,7 @@ create)
     s) ezjail_imagesize=${OPTARG};;
     z) ezjail_imagetype="zfs";
        ezjail_parentzfs=${OPTARG};;
+    k) ezjail_keepsnapshot="YES";; # undocumented
     ?) exerr ${ezjail_usage_create};;
   esac; done; shift $(( ${OPTIND} - 1 ))
 
@@ -665,10 +746,10 @@ create)
     # now take a copy of our template jail
     if [ "${ezjail_imagetype}" = "zfs" -a "${ezjail_use_zfs}" = "YES" ]; then
       # create ZFS filesystem first when using ZFS
-      /sbin/zfs snapshot ${ezjail_jailzfs}/newjail@_createnewjailtmp
+      /sbin/zfs snapshot ${ezjail_jailzfs}/newjail@_vanilla_newjail_
-      /sbin/zfs send ${ezjail_jailzfs}/newjail@_createnewjailtmp | zfs receive -F ${ezjail_parentzfs}/${ezjail_hostname}
+      /sbin/zfs send ${ezjail_jailzfs}/newjail@_vanilla_newjail_ | zfs receive -F ${ezjail_parentzfs}/${ezjail_hostname}
-      /sbin/zfs destroy ${ezjail_parentzfs}/${ezjail_hostname}@_createnewjailtmp
+      [ -z "${ezjail_keepsnapshot}" ] && /sbin/zfs destroy ${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_
-      /sbin/zfs destroy ${ezjail_jailzfs}/newjail@_createnewjailtmp
+      /sbin/zfs destroy ${ezjail_jailzfs}/newjail@_vanilla_newjail_
     else
       mkdir -p "${ezjail_rootdir}" && cd "${ezjail_jailtemplate}" && find . | cpio -p -v "${ezjail_rootdir}" > /dev/null
     fi
@@ -844,7 +925,14 @@ delete)
      [ "${ezjail_image}" ] && rm -f "${ezjail_image}" "${ezjail_image%.img}.device"
     ;;
     zfs)
-      /sbin/zfs destroy -r ${ezjail_parentzfs}/${ezjail_hostname}
+      if ! /sbin/zfs destroy -r ${ezjail_parentzfs}/${ezjail_hostname}; then
+        [ "${ezjail_forcestop}" ] || exerr "Error: Could not destroy file system ${ezjail_parentzfs}/${ezjail_hostname} for jail ${ezjail_name}."
+        echo "Warning: Could not destroy file system ${ezjail_parentzfs}/${ezjail_hostname} for jail ${ezjail_name}."
+        echo "  Sleeping 5 seconds before retrying forcefully."
+        sleep 5
+        /sbin/zfs destroy -rf ${ezjail_parentzfs}/${ezjail_hostname} || exerr "Error: Failed to destroy file system."
+        echo "Success."
+      fi
     ;;
     *)
       chflags -R noschg "${ezjail_rootdir}"
@@ -916,8 +1004,12 @@ setup|update)
 
     # If ran from cron be kind to freebsds update servers and sleep first
     [ -z "$TERM" -o "$TERM" = "dumb" ] && ezjail_urgency="cron" || ezjail_urgency="fetch"
-    [ "${ezjail_use_zfs}" = "YES" ] && zfs snapshot ${ezjail_jailzfs}/basejail@`date -v -7d +"%C%y%m%d_%H:%M:%S"`
+    if [ "${ezjail_use_zfs}" = "YES" ]; then
-    freebsd-update -b ${ezjail_jailbase} ${ezjail_urgency} install
+        zfs snapshot ${ezjail_jailzfs}/basejail@`date +"%C%y%m%d_%H:%M:%S"`
+        zfs snapshot ${ezjail_jailzfs}/newjail@`date +"%C%y%m%d_%H:%M:%S"`
+    fi
+    env PAGER=/bin/cat freebsd-update -b ${ezjail_jailbase} ${ezjail_urgency} install
+    env PAGER=/bin/cat freebsd-update -b ${ezjail_jailtemplate} ${ezjail_urgency} install
   elif [ "${ezjail_installaction}" = "freebsd-upgrade" ]; then
     [ -d "${ezjail_jailbase}" ] || exerr "Error: base jail does not exist.\n  You cannot update a base jail until it is created.\n  Please run '${ezjail_admin} update' or '${ezjail_admin} install' first."
 
@@ -928,12 +1020,14 @@ setup|update)
 
     # Make the host systems os version our target version
     # Users can override this by setting the UNAME_r environment variable
-    ezjail_osversion_target="`uname -r`"
+    ezjail_osversion_target="`uname -r | sed -E 's,-p[0-9]+,,' | sed -E 's,-SECURITY,-RELEASE,'`" 
 
     # Finally run freebsd-update to upgrade our basejail
-    env UNAME_r="${ezjail_osversion_source}" freebsd-update -b ${ezjail_jailbase} -r ${ezjail_osversion_target} upgrade
+    for DESTDIR in ${ezjail_jailbase} ${ezjail_jailtemplate}; do
-    while [ $? -eq 0 ]; do
+      env UNAME_r="${ezjail_osversion_source}" PAGER=/bin/cat freebsd-update -b ${DESTDIR} -r ${ezjail_osversion_target} upgrade
-        env UNAME_r="${ezjail_osversion_source}" freebsd-update -b ${ezjail_jailbase} -r ${ezjail_osversion_target} install
+      while [ $? -eq 0 ]; do
+        env UNAME_r="${ezjail_osversion_source}" PAGER=/bin/cat freebsd-update -b ${DESTDIR} -r ${ezjail_osversion_target} install
+      done
     done
 
     # Here we should write the file with the new osversion in case of success
@@ -1007,6 +1101,7 @@ install)
     # ftp servers normally wont provide non-RELEASE-builds
     if [ "${ezjail_proto}" != "file" ]; then
       case ${ezjail_release} in *-STABLE) ezjail_release="${ezjail_release%-STABLE}-RELEASE";; esac
+      case ${ezjail_release} in *-RELEASE-p*) ezjail_release=${ezjail_release%-p*};; esac
       if [ "${ezjail_release%-RELEASE}" = "${ezjail_release}" ]; then
         echo "Your system is ${ezjail_release}. Normally FTP-servers don't provide non-RELEASE-builds."
         [ ${ezjail_release_major} -ge 9 ] && ezjail_installarch="${ezjail_installplatform}/${ezjail_installarch}"
@@ -1055,8 +1150,12 @@ install)
       # The easy case means, that a local distribution directory has been specified.
 
       if [ ${ezjail_release_major} -ge 9 ]; then
-        [ -r "${ezjail_disturi}/${pkg}.txz" ] || exerr "Error: Can not access package file ${ezjail_disturi}/${pkg}.txz"
+        if [ -r "${ezjail_disturi}/${pkg}.txz" ]; then
-        xzdec ${ezjail_disturi}/${pkg}.txz | tar --unlink -xpJf - -C ${DESTDIR}
+          xzdec ${ezjail_disturi}/${pkg}.txz | tar --unlink -xpJf - -C ${DESTDIR}
+        else
+          [ ${pkg} = "lib32" ] || exerr "Error: Can not access package file ${ezjail_disturi}/${pkg}.txz"
+          echo "Warning: Can not access package file ${ezjail_disturi}/${pkg}.txz, ignored for auto added lib32."
+        fi
       else
         ezjail_makeabsolute ezjail_disturi
         cd "${ezjail_disturi}/${pkg}" || exerr "Error: Could not cd to ${ezjail_disturi}/${pkg}."
@@ -1105,8 +1204,11 @@ install)
     fi
   done
 
-  # Split basejail and newjail
+  # Update to current patch level, split basejail and newjail
-  [ "${ezjail_basesystem}" ] && ezjail_splitworld
+  if [ "${ezjail_basesystem}" ]; then
+    env PAGER=/bin/cat freebsd-update -b "${DESTDIR}" fetch install
+    ezjail_splitworld
+  fi
 
   # Fill ports, if requested
   [ "${ezjail_installports}" ] && ezjail_updateports
@@ -1158,7 +1260,81 @@ console)
 
   exec ${_setfib} jexec ${ezjail_id} ${ezjail_default_execute}
   ;;
-######################## ezjail-admin ARCHIVE ########################
+######################## ezjail-admin FREEZE ########################
+freeze)
+  shift
+  [ $# -eq 2 ] || exerr ${ezjail_usage_freeze}
+
+  ezjail="$1"
+  ezjail_flavour="$2"
+
+  fetchjailinfo ${ezjail}
+
+  # Check for existence of jail in our records
+  [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+  # Check if jail is of zfs type
+  [ ${ezjail_imagetype} = "zfs" ] || exerr "Error: Can only freeze zfs based jails into a flavour.\n  ${ezjail_name} is not a zfs jail."
+
+  # Check if jail has been snapshotted at create time
+  /sbin/zfs list -H "${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_" >/dev/null 2>/dev/null
+  [ $? -eq 0 ] || exerr "Error: Jail ${ezjail_name} did not keep a snapshot when it was first created.\n  Use ezjail-admin create with the -k option to keep a snapshot to diff."
+
+  # For now we will not overwrite an existing flavour
+  [ -e "${ezjail_flavours_dir}/${ezjail_flavour}" ] && exerr "Error: A flavour already exists at ${ezjail_flavours_dir}/${ezjail_flavour}."
+
+  # Create the new frozen flavour's dir
+  mkdir -p "${ezjail_flavours_dir}/${ezjail_flavour}"
+
+  # Work relative to jails rootdir
+  cd "${ezjail_rootdir}"
+
+  # Now list all files that have been added or modified
+  # TODO: This assumes no files have been deleted from when the jail was initially created. Safe assumption for now.
+  # TODO: This assumes no files have been renamed from when the jail was initially created. Not so sure.
+  /sbin/zfs diff -H "${ezjail_parentzfs}/${ezjail_hostname}@_vanilla_newjail_" "${ezjail_parentzfs}/${ezjail_hostname}" | \
+    grep -E "^[M+]" | cut -f 2 | sed -E s:"^${ezjail_rootdir}/?":: | cpio -d -m -p -v "${ezjail_flavours_dir}/${ezjail_flavour}"
+
+;;
+######################## ezjail-admin SNAPSHOT ########################
+snapshot)
+  shift
+  if [ $# -eq 0 ]; then
+    cd ${ezjail_jailcfgs} && ezjail_list=`ls -A`
+  else
+    ezjail_list=$*
+  fi
+
+  for ezjail in ${ezjail_list}; do
+    fetchjailinfo ${ezjail%.norun}
+
+    # Check for existence of jail in our records
+    [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+    # Snapshots only work with zfs jails
+    [ "${ezjail_imagetype}" = "zfs" -o -n "${ezjail_zfs_datasets}" ] || continue
+
+    [ "${ezjail_imagetype}" = "zfs" ] && ezjail_zfs_datasets="${ezjail_parentzfs}/${ezjail_hostname} ${ezjail_zfs_datasets}"
+
+    # Use global retention policy, if none set
+    : ${ezjail_retention_policy:=${ezjail_default_retention_policy}}
+
+    for ezjail_zfs in ${ezjail_zfs_datasets}; do
+      check_for_zfs_exist ${ezjail_zfs} || continue
+      zfs_retention_policy=`/sbin/zfs get -H -o value ezjail:autosnap_retention ${ezjail_zfs}`
+      [ "${zfs_retention_policy}" = "-" ] || ezjail_retention_policy="${zfs_retention_policy}"
+      if [ -z "${ezjail_retention_policy}" ]; then
+        /sbin/zfs snapshot -r ${ezjail_zfs}@ez-autosnap-`date +${ezjail_snap_date_format}`
+      else
+        snap_list=`/sbin/zfs list -H -t snapshot -o name -S creation -r ${ezjail_zfs} | \
+          grep ^${ezjail_zfs}@ez-autosnap- | cut -d '@' -f 2 | cut -d '-' -f 3`
+        filteroldsnapshots ${snap_list}
+      fi
+    done
+
+  done
+;;
+ ######################## ezjail-admin ARCHIVE ########################
 archive)
   # Clean variables, prevent pollution
   unset ezjail_archive ezjail_archive_tag ezjail_force ezjail_archivealljails ezjail_addfiles
@@ -1175,7 +1351,7 @@ archive)
   [ $# -lt 1 -a -z "${ezjail_archivealljails}" ] && exerr ${ezjail_usage_archive}
 
   # Ensure that archive directory is there
-  [ "${ezjail_archive}" = "-" ] || mkdir -p "${ezjail_archivedir}" || exerr "Error: Can not create archive directory ${ezjail_archivedir}."
+  [ "${ezjail_archive}" = "-" ] || mkdir -p "${ezjail_archivedir}" || exerr "Error: Can not create archive directory ${ezjail_archivedir}."
 
   # Will not backup more than one jail per archive
   [ "${ezjail_archive}" -a "${ezjail_archivealljails}" ] && exerr "Error: Must not specify an archive location for multiple archives.\n  Can not archive multiple jails into one archive."
@@ -1208,7 +1384,7 @@ archive)
     if [ "${ezjail_imagetype}" -a "${ezjail_imagetype}" != "zfs" -a -z "${ezjail_attached}" ]; then
       if [ "${ezjail_attachblocking}" ]; then
         echo "Warning: Jail ${ezjail_name} is an image jail and can not be attached automatically."
-        echo "         Use '${ezjail_admin} config -i attach ${ezjail_name}' to attach it first."
+        echo "  Use '${ezjail_admin} config -i attach ${ezjail_name}' to attach it first."
         continue
       fi
       mount_images
@@ -1258,7 +1434,7 @@ archive)
     [ "${ezjail_imagesize}" ] && detach_images keep
 
     # An error on a jail not running is bad
-    [ ${ezjail_paxresult} -eq 0 -o "${ezjail_force}" ] || echo "Warning: Archiving jail ${ezjail_name} was not completely successful.\n  Please refer to the output above for problems the archiving tool encountered.\n  You may ignore reports concerning setting access and modification times.\n  You might want to check and remove ${ezjail_archive}."
+    [ ${ezjail_paxresult} -eq 0 -o "${ezjail_force}" ] || echo -n "Warning: Archiving jail ${ezjail_name} was not completely successful.\n  Please refer to the output above for problems the archiving tool encountered.\n  You may ignore reports concerning setting access and modification times.\n  You might want to check and remove ${ezjail_archive}."
 
     # When archiving a running jail, some errors might occur
     [ ${ezjail_paxresult} -eq 0 ] || echo "Warning: Archiving jail ${ezjail_name} was not completely successful. For a running jail this is not unusual."
@@ -1330,7 +1506,7 @@ restore)
     ezjail_config=`mktemp /tmp/ezjail.prop.XXXXXXXX`
     [ $? -ne 0 ] && exerr "Error: Can't create temporary file."
     pax -rzn -s:${ezjail_nameprop}:${ezjail_config}: -f ${ezjail_fromarchive} ${ezjail_nameprop}
-    fetchjailinfo ${ezjail_safename} ${ezjail_config}
+    fetchjailinfo ${ezjail_safename:-${ezjail_nameprop_safename}} ${ezjail_config}
 
     # Now all parameters are here, invoke ezjail-admin create
     [ "${ezjail_rootdir}" -a "${ezjail_ips}" -a "${ezjail_hostname}" ] || exerr "Error: Archive does not contain a valid ezjail properties file.\n  Some jails properties are missing."
@@ -1460,6 +1636,7 @@ config)
   case "${ezjail_setrunnable}" in
     run)   [ "${ezjail_config}" = "${ezjail_config%.norun}" ] || mv "${ezjail_config}" "${ezjail_config%.norun}";;
     norun) [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && mv "${ezjail_config}" "${ezjail_config}.norun";;
+    test)  [ "${ezjail_config}" = "${ezjail_config%.norun}" ] && echo "Jail ${ezjail_name} is runnable" || echo "Jail ${ezjail_name} is not runnable";;
   esac
 
   [ "${ezjail_imageaction}" -a -z "${ezjail_image}" ] && exerr "Error: Jail ${ezjail_name} not an image jail."
@@ -1496,6 +1673,30 @@ config)
       ;;
     esac
   ;;
+######################## ezjail-admin TROUBLESHOOT ########################
+troubleshoot)
+
+  # XXX TOOD:
+  # Start with some simple tests, check for basejail
+  # Check if we are ourself jailed
+  # Check if all IPv4 addresses are either configured already or in
+  #   interface config line
+  # Check for duplicate non unique IPv4 addresses
+  # Check if all necessary file systems for zfs jails are mounted
+  # For zfs jails check, if zpool is full
+  # Check if all mount points inside the jails are there
+
+  shift
+  [ $# -gt 0 ] && cd ${ezjail_jailcfgs} && set - `ls -A`
+
+  for ezjail; do
+    fetchjailinfo ${ezjail%.norun}
+
+    # Check for existence of jail in our records
+    [ "${ezjail_config}" ] || exerr "Error: Nothing known about jail ${ezjail_name}."
+
+  done
+  ;;
 *)
   exerr "${ezjail_usage_ezjailadmin}"
   ;;

ezjail.conf.sample

@@ -55,8 +55,17 @@
 # ezjail_use_zfs_for_jails="YES"
 
 # The name of the ZFS ezjail should create jails on, it will be mounted at the ezjail_jaildir
-
 # ezjail_jailzfs="tank/ezjail"
+
 # ADVANCED, be very careful!
 # ezjail_zfs_properties="-o compression=lzjb -o atime=off"
 # ezjail_zfs_jail_properties="-o dedup=on"
+
+# For auto snapshots this is the default policy to keep old snapshots. In each window there
+# will be guaranteed to be one or two snapshots only
+# If this variable is not set, no snapshots will be removed by ezjail-admin snapshot
+
+# Example policy for a database jail with rollbackable snapshots starting with four snapshots
+# in the last hour and up to an annual snapshot for 1000 years. Beware of the load caused by
+# destroying snapshots.
+# ezjail_default_retention_policy="4x15m 3x1h 2x2h 4h 12h 6x1d 7x1w 11x4w 1000x1y"

ezjail.sh

@@ -89,7 +89,7 @@ do_cmd()
     # Cannot auto mount blocking jails without interrupting boot process
     [ "${ezjail_fromrc}" -a "${action}" = "start" -a "${ezjail_blocking}" ] && echo -n " ...skipping blocking jail ${ezjail}" && continue
 
-    # Explicitely do only run blocking crypto jails when *crypto is requested
+    # Explicitly do only run blocking crypto jails when *crypto is requested
     [ "${action%crypto}" = "${action}" -o "${ezjail_blocking}" ] || continue
 
     # Try to attach (crypto) devices
@@ -105,7 +105,7 @@ do_cmd()
 
   # Configure settings that need to be done after the jail has been started
   if [ "${action%crypto}" = "start" -o "${action}" = "restart" ]; then
-    for ezjail in ${ezjail_list}; do
+    for ezjail in ${ezjail_pass}; do
       ezjail_safename=`echo -n "${ezjail}" | tr -c '[:alnum:]' _`
       # Get the JID of the jail
       [ -f "/var/run/jail_${ezjail_safename}.id" ] && ezjail_id=`cat /var/run/jail_${ezjail_safename}.id` || return

man5/ezjail.conf.5

@@ -1,4 +1,4 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL.CONF 5 USD
 .Os FreeBSD
 .Sh NAME
@@ -94,7 +94,7 @@ Controls whether
 .Pa /etc/fstab. Ar hostname
 should be executed at jail startup time.
 .br
-Default: 
+Default:
 .Em YES .
 .It ezjail_devfs_enable (bool)
 Controls whether newly created jails are given a working
@@ -157,7 +157,7 @@ Default:
 .It ezjail_imagetype (one of simple, bde, eli, zfs)
 Type of jail to create when creating a jail with the
 .Fl i
-flag without specifying the type explicitely.
+flag without specifying the type explicitly.
 .br
 Default:
 .Em simple
@@ -165,7 +165,7 @@ Default:
 .Sh ZFS OPTIONS
 .Bl -tag -width option
 .It ezjail_use_zfs (bool)
-Set to YES, if ezjail should manage basejail and newjail in a seperate
+Set to YES, if ezjail should manage basejail and newjail in a separate
 ZFS-datasets.
 .br
 Default:
@@ -184,7 +184,7 @@ Default:
 The name of the parent ZFS-dataset which ezjail will use to create
 jails on. It will be mounted in
 .Em ezjail_jaildir .
-Setting this will automaticly enable ezjail managing jails in seperate
+Setting this will automatically enable ezjail managing jails in separate
 ZFS-datasets.
 .br
 Default:
@@ -196,6 +196,15 @@ for details. ADVANCED, be very careful!
 .br
 Default:
 .Em none .
+.It ezjail_default_retention_policy (str)
+Policy for the
+.Cm ezjail-admin snapshot
+subcommand to keep older snapshots. See
+.Xr ezjail-admin 1
+for details.
+.br
+Default:
+.Em none .
 .El
 .Sh FILES
 EZJAIL_PREFIX/etc/ezjail.conf

man7/ezjail.7

@@ -1,4 +1,4 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL 7 USD
 .Os
 .Sh NAME
@@ -130,12 +130,7 @@ There are two advantages to image jails. The amount of disk space
 allocated to the jail is limited, while normal jails have no bound on
 the amount of disk space they use. On the other hand, the space
 dedicated to the jail is no longer available to the host, even if the
-jail doesn't use all its allocated space. In addition, image jails
+jail doesn't use all its allocated space.
-contain a full copy of the basejail. This makes them portable between
-hosts running the same FreeBSD version as the image was created with.
-Of course, the jail now needs to be updated independently from all
-other jails, and there is no longer any sharing of common files
-between the jails.
 .Pp
 Image jails may also be encrypted using
 .Xr bde 4
@@ -150,7 +145,7 @@ filesystem. See
 .Sx Jail Creation Examples
 for details.
 .Pp
-Also, ezjail can be configured to install its basejail and the accompaning
+Also, ezjail can be configured to install its basejail and the accompanying
 template for all new jails into its own filesystem. Set the
 .Dq Li $ezjail_use_zfs
 variable in your
@@ -226,7 +221,7 @@ that specifies whether the filesystems in
 are carried out. Set by ezjail to
 .Dq Li YES ,
 set to
-.Qd Li NO
+.Dq Li NO
 at your own risk.
 .It jail_JAILNAME_devfs_enable
 A boolean specifying whether to mount a
@@ -267,7 +262,7 @@ The parameters to pass to the tool used to decrypt file-based,
 encrypted jails. Initialized from the
 .Fl C
 option when creating such a jail, or the empty string.
-.Ir ezjail_JAILNAME_attachblocking
+.It ezjail_JAILNAME_attachblocking
 .Dq Li YES
 if the jail requires interaction with the administrator when starting
 (typically, encrypted jails that needs a password to be decrypted).
@@ -332,7 +327,7 @@ addition, the jail is configured so that on its first boot, the file
 .Pa ezjail.flavour
 is executed.
 .Pp
-As part of the install sub-command, the flavour base directory 
+As part of the install sub-command, the flavour base directory
 was created as
 .Pa /usr/jails/flavours
 and populated with an single flavour named
@@ -353,7 +348,7 @@ configuration, creating classes of jails for development or testing
 favourite web development framework), pre-creating local users, and so
 on.
 .Ss Updating the Base Jail
-We already mentionned how easy it is to update jails, since only one
+We already mentioned how easy it is to update jails, since only one
 copy needs to be updated. Ezjail only handles updating the base
 system; updating the ports is left to the administrator (but see
 .Dq Li ports-mgmt/jailaudit
@@ -366,7 +361,7 @@ binary packages. If a base jail already exists, the
 command installs the world in a temporary directory before moving it
 to the basejail, thus leaving intact all installed libraries. After
 making sure all software running in the jails is linked with the new
-librairies, you may want to remove the old library versions. It is
+libraries, you may want to remove the old library versions. It is
 often a good idea to update the jails when a new kernel is installed
 in the host, using the same sources.
 .Ss Starting Jails
@@ -414,6 +409,37 @@ rc.d/ezjail can be used to start and stop jails by prepending
 Refer to
 .Xr rc 8
 for details.
+.Ss Snapshots and retention policies
+Jails residing in their own zfs and their corresponding zfs data sets can be
+automatically snapshot by the
+.Cm ezjail-admin snapshot
+subcommand. Taking snapshots of all jails before a major update is considered
+best practise. However, when taking snapshots regularly, the amount of disc
+space used can be considerable.
+.Pp
+Therefore ezjail allows you to set retention policies that describe how many
+of your snapshots you want to keep for one or all jails or a particular zfs. See
+the description of the snapshot command in
+.Xr ezjail-admin 5
+for details.
+.Pp
+A retention policy consists of one or multiple windows for which ezjail guarantees
+to keep at least one and at most two snapshots. A simple example:
+.D1 $ezjail_default_retention_policy="1d 2w 1y"
+will ensure ONE snapshot for the last day, for the last two weeks before that day and
+then for one snapshot in the year before the two-week window. Valid multipliers are
+(m)inutes, (h)ours, (d)ays, (w)eeks and (y)ears.
+.Pp
+Windows can be repeated by prepending them with a number and the letter x:
+.D1 $ezjail_test_com_retention_policy="24x1h 6x1d 3x1w 11x4w KEEP"
+will set the retention policy for jail test.com to keep hourly snapshots for one
+day, then daily snapshots for the rest of the week, weekly snapshots for the rest of
+the month, monthly snapshots for the rest of the year.
+.Pp
+The magic keyword KEEP at the end of the list will make ezjail not delete snapshots
+older than the oldest window. It is your responsibility to keep the list in an order
+that makes keeping snapshots possible, i.e. not placing one-hour-windows after
+one-year-windows.
 .Ss Remarks & Tips
 Jails can be either accessed from the network, for instance by using
 .Xr ssh 1 ,
@@ -438,7 +464,7 @@ knobs for allowing a jail to access raw sockets, see the
 man page for details.
 .Pp
 Once your jail has network access, then all your normal application
-install functions are availabe, right from the jails console. In
+install functions are available, right from the jails console. In
 particular, if the ports collection was installed, it can be used as
 if from the host system. A modified
 .Pa make.conf
@@ -463,7 +489,7 @@ in
 .Pa rc.conf .
 It is possible to set this variable to
 .Dq Li NO
-if the administrator wants to temporarily ezjail, or if she doesn't
+if the administrator wants to temporarily disable ezjail, or if she doesn't
 want the jails to be automatically started on boot.
 .Pp
 The ezjail system may be reset to a pristine state by removing all its
@@ -498,7 +524,7 @@ will be asked for the release to install. Neither the man pages nor
 the source nor the ports tree are installed. Note that the FreeBSD FTP
 server is sometimes so busy the download times out. Use the
 .Fl h Ar host
-option to specify a less loaded server, or the 
+option to specify a less loaded server, or the
 .Dq Li $ezjail_ftphost
 option in
 .Xr ezjail.conf 8 .
@@ -554,7 +580,7 @@ macdef getdir
 mreget $i/*
 .Ed
 .Pp
-Then issue this command on the command line. If the FTP download 
+Then issue this command on the command line. If the FTP download
 times out re-issue the FTP command again to resume where it left off.
 .Bd -literal -offset indent
 mkdir /usr/8.0-RELEASE
@@ -623,7 +649,7 @@ Create a new jail, placing it in directory
 instead of deriving the directory name of the jail from its host name.
 The jail will be created with the flavour
 .Ar example .
-This jail will be given two IP addressses; this is possible only since
+This jail will be given two IP addresses; this is possible only since
 FreeBSD 7.2.
 .It Nm Cm create Fl i Fl s Ar 600M sandbox2 10.0.10.4
 This creates a new file-based jail having a file size of 600 megabytes
@@ -671,7 +697,7 @@ address 10.0.10.6 as an alias on the device em1 before starting the jail.
 Interesting additional tools include:
 .Dq Li ports-mgmt/jailaudit .
 .Sh AUTHOR
-.An Dirk Engling 
+.An Dirk Engling
 .Aq erdgeist@erdgeist.org .
 .Pp
 The man page is based on a draft by
@@ -679,4 +705,4 @@ The man page is based on a draft by
 .Aq joeb1@a1poweruser.com
 and was rewritten by
 .An Frederic Perrin
-.Aq frederic.perrin@resel.fr .
+.Aq frederic.perrin@resel.fr .

man8/ezjail-admin.8

@@ -1,9 +1,9 @@
-.Dd January 15, 2011
+.Dd December 5, 2013
 .Dt EZJAIL-ADMIN 8 USD
 .Os FreeBSD
 .Sh NAME
 .Nm ezjail-admin
-.Nd Administrate ezjail environment 
+.Nd Administrate ezjail environment
 .Sh SYNOPSIS
 .Nm Cm install
 .Op Fl mMpPsS
@@ -28,10 +28,10 @@
 .Nm
 .Cm list
 .Nm
-.Cm start | stop | restart | cryptostart Ar jailname...
+.Cm start | stop | restart | startcrypto | stopcrypto Ar jailname...
 .Nm
 .Cm config
-.Op Fl r Ar run | norun
+.Op Fl r Ar run | norun | test
 .Op Fl n Ar newname
 .Op Fl i Ar attach | detach | fsck
 .Op Fl z Ar newdataset
@@ -54,6 +54,9 @@
 .Op Fl d Ar archivedir
 .Ar archive | jailname...
 .Nm
+.Cm snapshot
+.Ar [jailname...]
+.Nm
 .Cm update
 .Op Fl s Ar sourcetree | sourceosversion
 .Op Fl p
@@ -112,7 +115,7 @@ utility to fetch and extract a FreeBSD ports tree from
 .Pa make.conf
 containing reasonable values to function in the jailed environment is added to
 the new jail template so all jails created from the new jail template will
-have a working ports environment. See the appendix 
+have a working ports environment. See the appendix
 .%B Using Portsnap
 in the
 .%B FreeBSD Handbook
@@ -127,9 +130,9 @@ default host
 is used. Variable:
 .Dq Li $ezjail_ftphost .
 .Pp
-It is possible to install from the 
+It is possible to install from the
 .Li disc1
-CDRom, or an extracted -RELEASE directory, by specifying the
+CD-ROM, or an extracted -RELEASE directory, by specifying the
 .Ar host
 argument as
 .Pa file://path/to/source .
@@ -146,7 +149,7 @@ see the
 sub-command for this.
 .El
 .Ss Nm Cm create
-Create a new jail inside ezjail's scope. It either copies the new jail 
+Create a new jail inside ezjail's scope. It either copies the new jail
 directory tree template or an ezjail archive directory tree to new jail root
 directory,
 .Pa /usr/jails/ Ns Ar jailname
@@ -154,7 +157,7 @@ by default. Jailname and IP address are mandatory parameters.
 .Pp
 When a new jail is created, a corresponding new
 .Pa /etc/fstab. Ns Ar jailname
-file is also created, with a 
+file is also created, with a
 .Xr nullfs 5
 mount giving access to the base jail from the new jail.
 .Pp
@@ -339,7 +342,7 @@ interactively enter a passphrase. The jail is then not automatically started
 at boot time.
 .El
 .Ss Nm Cm console
-Attach your console to the selected jail. You are logged in as root by 
+Attach your console to the selected jail. You are logged in as root by
 default.
 .Pp
 The following options are available:
@@ -351,7 +354,7 @@ Use
 .Ar command
 instead of the default
 .Dq /usr/bin/login -f root .
-loogin command. A one time change to use a different user can be
+login command. A one time change to use a different user can be
 accomplished by using
 .Fl e Qq Li /usr/bin/login -f user .
 Variable:
@@ -392,8 +395,7 @@ If present, the third letter,
 means that the jail is not automatically started.
 .Pp
 The following columns are the JID (when it is running), the IP addresses, the name and the full path directory name of the jail.
-.Ss Nm Cm start | restart | stop | startcrypto Op Ar jailname ...
+.Ss Nm Cm start | restart | stop | startcrypto | stopcrypto Op Ar jailname ...
-.Pp
 This is a shortcut to the
 .Xr rc 8
 .Cm ezjail
@@ -407,7 +409,7 @@ Note that, if ezjail is not enabled in
 .Xr rc.conf 5
 with
 .Dq Li ezjail_enable= Ns Qq Li YES ,
-nothing happens. 
+nothing happens.
 .Pp
 Since starting crypto image jails requires interaction with the administrator, they are not run at
 boot time. Use
@@ -419,8 +421,10 @@ the jail is restarted.
 .Pp
 The following options are available:
 .Bl -tag -width indent
-.It Fl r Cm run | norun
+.It Fl r Cm run | norun | test
 Set the jail to be automatically started or not on boot.
+.sp
+Note that the test parameter can be used to check if an ezjail exists, in this case the script will return with an exit code of zero and the runnable state on standard out. A non-zero exit code will be returned if the jail does not exist.
 .It Fl n Ar newname
 Rename the jail. Unless a custom root directory was given with the
 .Fl r
@@ -451,7 +455,6 @@ the selected jail as well as
 The
 .Pa /usr/jails/ Ns Ar jailname
 directory is not deleted.
-.Pp
 .Bl -tag -width indent
 .It Fl f
 Stop the jail before deleting it.
@@ -516,6 +519,30 @@ where it was archived. Be default,
 will refuse to restore an archive if the archived host system's hostname,
 its FreeBSD version or CPU architecture do not match the current host.
 .El
+.Ss Nm Cm snapshot [jailname...]
+Takes zfs snapshots of some or all (zfs) ezjails and their zfs datasets and
+optionally destroys older snapshots according to a configured retention
+policy.
+.Pp
+The zfs snapshots will be named @ez-autosnap- with the date appended in format
+“%Y%m%d%H%M”. List all auto snapshots with
+.Dq Li /sbin/zfs list -H -t snapshot | grep @ez-autosnap- .
+.Pp
+You can set (and override in that order) the retention policy globally in your
+.Dq Li $ezjail_default_retention_policy
+.Xr ezjail.conf 5
+variable, set them per jail in its config file with their
+.Dq Li $ezjail_retention_policy
+variable or set a User property with the name
+.Dq Li ezjail:autosnap_retention
+on the respective file systems.
+.Pp
+The policy is described by a pattern of space separated
+.Dq Li repeat x window
+entries with the algorithm guaranteeing at least one and at most two snapshots
+in each of the windows, if mathematically possible. See
+.Xr ezjail 7
+for details.
 .Ss Nm Cm update
 Updates ezjail's basejail, or in the
 .Fl b
@@ -528,7 +555,7 @@ Exactly one of the following operand must be specified:
 .It Fl b
 Build a world from source and install it as the (updated) basejail.
 .Dq make buildworld ; make installworld
-by default using the sources located at 
+by default using the sources located at
 .Pa /usr/src
 (but see the
 .Fl s
@@ -545,7 +572,7 @@ recommended to update the basejail along with the host system.
 .It Fl u
 Use
 .Xr freebsd-update 8
-to update the basejail. Note that as 
+to update the basejail. Note that as
 .Xr freebsd-update 8
 uses
 .Dq Li uname -r
@@ -560,7 +587,7 @@ you may pass freebsd-update's call to
 .Dq uname -r
 via the
 .Pa UNAME_r
-environment variable. Since there currently is no way of infering the
+environment variable. Since there currently is no way of inferring the
 osversion currently installed in the basejail, you need to remember the
 original osversion and pass it to this script using the
 .Fl s
@@ -620,7 +647,7 @@ filesystem is taken first.
 .Xr procfs 5 ,
 .Xr portsnap 8 .
 .Sh AUTHOR
-.An Dirk Engling 
+.An Dirk Engling
 .Aq erdgeist@erdgeist.org .
 .Pp
 The man page is based on a draft by
@@ -628,4 +655,4 @@ The man page is based on a draft by
 .Aq joeb1@a1poweruser.com
 and was rewritten by
 .An Frederic Perrin
-.Aq frederic.perrin@resel.fr .
+.Aq frederic.perrin@resel.fr .

share/zsh/site-functions/ezjail-admin

@@ -1,194 +0,0 @@
-#compdef ezjail-admin
-
-# zsh completion for ezjail -- http://erdgeist.org/arts/software/ezjail/
-# This file is under the Beerware license, like ezjail itself
-
-# Heavily based on http://zsh.sf.net/Guide/zshguide06.html#l177
-
-# Frédéric Perrin, April 2011.
-
-_ezjail () {
-    local cmd
-    if (( CURRENT > 2)); then
-    cmd=${words[2]}
-    # Set the context for the subcommand.
-    curcontext="${curcontext%:*:*}:ezjail-$cmd"
-    # Narrow the range of words we are looking at to exclude `ezjail-admin'
-    (( CURRENT-- ))
-    shift words
-    # Run the completion for the subcommand
-    (( $+functions[_ezjail_cmd_$cmd] )) && _ezjail_cmd_$cmd
-
-    else
-    _values : \
-        "archive[create a backup of one or several jails]" \
-        "config[manage specific jails]" \
-        "console[attach your console to a running jail]" \
-        "create[installs a new jail inside ezjail\'s scope]" \
-        "cryptostart[start the encrypted jails]" \
-        "delete[removes a jail from ezjail\'s config]" \
-        "install[create the basejail from binary packages]" \
-        "list[list all jails]" \
-        "restart[restart a running jail]" \
-        "restore[create new ezjails from archived versions]" \
-        "start[start a jail]" \
-        "stop[stop a running jail]" \
-        "update[create or update the basejail from source]"
-    fi   
-}
-
-_ezjail_cmd_archive () {
-    _arguments -s : \
-    "-d[destination directory]:destination dir:_files -/" \
-    "-a[archive name]:archive name:" \
-    "-f[archive the jail even if it is running]" \
-    - archiveall \
-        "-A[archive all jails]" \
-    - somejails \
-        "*:jail:_ezjail_mostly_stopped_jails"
-}
-
-_ezjail_cmd_config () {
-    _arguments -s : \
-    "-r[run the jail on host boot]:run:(run norun)" \
-    "-n[new jail name]:new name:" \
-    "-c[jail cpuset]:cpu list:" \
-    "-z[ZFS dataset to attach]:zfs dataset:" \
-    "-f[jail FIB number]:fib number:" \
-    "-i[operate on image]:imageaction:(attach detach fsck)" \
-    "*:jailname:_ezjail_jails"
-}
-
-_ezjail_cmd_console () {
-    _arguments -s : \
-    "-e[execute command in jail]:execute:" \
-    "-f[start the jail if it isn't running]" \
-    "*:jailname:_ezjail_mostly_running_jails"   
-}
-
-_ezjail_cmd_create () {
-    _arguments -s : \
-    "-f[flavour for the new jail]:flavour:_ezjail_flavours" \
-    "-x[jail exists, only update the config]" \
-    "-r[name of the root dir]:dir:" \
-    "-a[restore from archive]:archive:_files" \
-    "-A[restore config from archive]:configarchive:_files" \
-    "-c[image type]:imagetype:(bde eli zfs)" \
-    "-C[image parameters]:imageparams:" \
-    "-b[jail start will be synchronous]" \
-    "-i[file-based jail]" \
-    "-s[size of the jail]:jailsize:" \
-    ":jail name:" \
-    ":comma-separated IP addresses:"
-}
-
-_ezjail_cmd_cryptostart () {
-    _ezjail_stopped_jails
-}
-
-_ezjail_cmd_delete () {
-    _arguments -s : \
-    "-w[wipe the jail root]" \
-    "-f[proceed even if the jail is running]" \
-    "*:jail:_ezjail_mostly_stopped_jails"
-}
-
-_ezjail_cmd_install () {
-    _arguments : \
-    - newjail \
-        "-r[FreeBSD release]:release:(8.0-RELEASE 8-STABLE 9-STABLE)" \
-        "-h[host for fetching packages]:remote host:" \
-        "-m[include man pages]" \
-        "-s[include the /usr/src tree]" \
-        "-p[include the ports tree]" \
-    - pimpjail \
-        "-M[install man pages over an existing basejail]" \
-        "-S[install the /usr/src tree over an existing basejail]" \
-        "-P[install the ports tree over an existing basejail]" \
-}
-
-_ezjail_cmd_list () {}
-
-_ezjail_cmd_restart () {
-    _ezjail_running_jails
-}
-
-_ezjail_cmd_restore () {
-    _arguments -s : \
-    "-f[restore over an existing jail]" \
-    "-d[archive directory]:archivedir:_files -/" \
-    "*::_files" \
-    "*::_ezjail_jails"
-}
-
-_ezjail_cmd_start () {
-    _ezjail_stopped_jails
-}
-
-_ezjail_cmd_stop () {
-    _ezjail_running_jails
-}
-
-_ezjail_cmd_update () {
-    _arguments -s : \
-    "-p[also update the ports tree]" \
-    "-s[source tree]:source tree:_files -/" \
-    "-P[update only the ports tree]" \
-    "-b[perform a make buildworld]" \
-    "-i[perform only a make installworld]" \
-    "-u[use freebsd-update to update]" \
-    "-U[use freebsd-update to upgrade]"
-}
-
-_ezjail_flavours () {
-    local flavourdir
-    local etcjailconf="/usr/local/etc/ezjail.conf"
-    flavourdir=$( . $etcjailconf ; ezjail_flavours_dir=${ezjail_flavours_dir:-${ezjail_jaildir}/flavours}; echo $ezjail_flavours_dir )
-    _files -W $flavourdir
-}
-
-_ezjail_list_jails () {
-    local jailcfgs="/usr/local/etc/ezjail"
-    local state=$1
-    local ret=1
-    local j
-    # Those names have already been passed through "tr -c '[alnum]' _" by ezjail
-    for j in $jailcfgs/*(:t) ; do
-    case $state in
-    running) [[ -f /var/run/jail_${j}.id ]] && compadd $j && ret=0 ;;
-    stopped) [[ -f /var/run/jail_${j}.id ]] || compadd $j && ret=0 ;;
-    *)       compadd $j && ret=0 ;;
-    esac
-    done
-    return $ret
-}
-
-_ezjail_jails () {
-    _ezjail_list_jails all
-}
-
-_ezjail_running_jails () {
-    _ezjail_list_jails running
-}
-
-_ezjail_stopped_jails () {
-    _ezjail_list_jails stopped
-}
-
-# Some commands (console...) should be run with running jails,
-# unless -f is given, in which case we can operate on all jails
-_ezjail_mostly_running_jails () {
-    local wanted_jails=_ezjail_running_jails
-    (( ${words[(I)-*f]} )) && wanted_jails=_ezjail_jails
-    $wanted_jails
-}
-
-_ezjail_mostly_stopped_jails () {
-    local wanted_jails=_ezjail_stopped_jails
-    (( ${words[(I)-*f]} )) && wanted_jails=_ezjail_jails
-    $wanted_jails
-}
-
-_ezjail "$@"
-
-# -*- mode: shell-script -*-