forked from ungleich-public/cdist
Implemented Nico's suggestions
Parameterized {jailbase,jaildir} Replaced all usages of /usr/jail with $jaildir Explicitly fail if $os isn't FreeBSD Removed $__type/files/ as it is pointless to have now Updated man page
This commit is contained in:
parent
131889b454
commit
14e851341a
10 changed files with 75 additions and 24 deletions
|
@ -18,20 +18,26 @@
|
|||
# along with cdist. If not, see <http://www.gnu.org/licenses/>.
|
||||
#
|
||||
#
|
||||
# See if the jailbase.tgz or /usr/jail/base dir exists
|
||||
# See if the jailbase.tgz or $jaildir/base dir exists
|
||||
#
|
||||
|
||||
# Debug
|
||||
#exec >&2
|
||||
#set -x
|
||||
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
|
||||
name="base:jailbase.tgz"
|
||||
out=""
|
||||
|
||||
save_IFS="$IFS"
|
||||
IFS=":"
|
||||
for cur in $name; do
|
||||
if [ -e "/usr/jail/$cur" ]; then
|
||||
if [ -e "${jaildir}/$cur" ]; then
|
||||
out="${out}:${cur}"
|
||||
fi
|
||||
done
|
||||
|
|
|
@ -31,7 +31,13 @@ else
|
|||
name=$__object_id
|
||||
fi
|
||||
|
||||
[ -d "/usr/jail/$name" ] && echo "EXISTS" || echo "NOTEXIST"
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
|
||||
[ -d "${jaildir}/$name" ] && echo "EXISTS" || echo "NOTEXIST"
|
||||
|
||||
#set +x
|
||||
|
||||
|
|
|
@ -31,7 +31,15 @@ else
|
|||
name="$__object_id"
|
||||
fi
|
||||
|
||||
jls_output="$(jls | grep "[ ^I]\/usr\/jail\/${name}\$")" || true
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
# backslash-escaped $jaildir
|
||||
sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
|
||||
|
||||
jls_output="$(jls | grep "[ ^I]${sjaildir}\/${name}\$")" || true
|
||||
|
||||
if [ -n "${jls_output}" ]; then
|
||||
echo "STARTED"
|
||||
|
|
|
@ -1 +0,0 @@
|
|||
Create a tarball jailbase.tgz in this directory containing the base filesystem for a jail.
|
|
@ -22,13 +22,18 @@
|
|||
# virtual machines.
|
||||
#
|
||||
|
||||
#FIXME: /usr/jail should never be hardcoded in this type
|
||||
#FIXME: jailbase.tgz should not be hardcoded in this file
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
|
||||
jailbase="/usr/jail/jailbase.tgz"
|
||||
jailbase="$(cat "$__object/parameter/jailbase")"
|
||||
|
||||
remotebase="${jaildir}/jailbase.tgz"
|
||||
basepresent="$(cat "$__object/explorer/basepresent")"
|
||||
|
||||
if [ "$basepresent" = "NONE" ]; then
|
||||
echo "$__remote_copy" "$__type/files/jailbase.tgz" "$__target_host:${jailbase}"
|
||||
echo "$__remote_copy" "${jailbase}" "$__target_host:${remotebase}"
|
||||
fi
|
||||
|
||||
|
|
|
@ -90,7 +90,12 @@ if [ -f "$__object/parameter/onboot" ]; then
|
|||
onboot="$(cat "$__object/parameter/onboot")"
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
|
||||
present="$(cat "$__object/explorer/present")"
|
||||
status="$(cat "$__object/explorer/status")"
|
||||
|
||||
|
@ -135,9 +140,9 @@ deleteJail() {
|
|||
fi
|
||||
EOF
|
||||
# Remove the jail's rw mountpoints
|
||||
echo "rm -rf \"/usr/jail/rw/${name}\""
|
||||
echo "rm -rf \"${jailbase}/rw/${name}\""
|
||||
# Remove the jail directory
|
||||
echo "rm -rf \"/usr/jail/${name}\""
|
||||
echo "rm -rf \"${jailbase}/${name}\""
|
||||
# Remove the jail's fstab
|
||||
echo "rm -f \"/etc/fstab.${name}\""
|
||||
# Remove jail_$name_* lines from rc.conf
|
||||
|
@ -207,12 +212,12 @@ EOF
|
|||
# Create the ro+rw mountpoint entries in fstab
|
||||
cat <<EOF
|
||||
cat >/etc/fstab.${name} <<END
|
||||
/usr/jail/base /usr/jail/${name} nullfs ro 0 0
|
||||
/usr/jail/rw/${name}/etc /usr/jail/${name}/etc nullfs rw 0 0
|
||||
/usr/jail/rw/${name}/local /usr/jail/${name}/usr/local nullfs rw 0 0
|
||||
/usr/jail/rw/${name}/var /usr/jail/${name}/var nullfs rw 0 0
|
||||
/usr/jail/rw/${name}/home /usr/jail/${name}/usr/home nullfs rw 0 0
|
||||
/usr/jail/rw/${name}/root /usr/jail/${name}/root nullfs rw 0 0
|
||||
${jailbase}/base ${jailbase}/${name} nullfs ro 0 0
|
||||
${jailbase}/rw/${name}/etc ${jailbase}/${name}/etc nullfs rw 0 0
|
||||
${jailbase}/rw/${name}/local ${jailbase}/${name}/usr/local nullfs rw 0 0
|
||||
${jailbase}/rw/${name}/var ${jailbase}/${name}/var nullfs rw 0 0
|
||||
${jailbase}/rw/${name}/home ${jailbase}/${name}/usr/home nullfs rw 0 0
|
||||
${jailbase}/rw/${name}/root ${jailbase}/${name}/root nullfs rw 0 0
|
||||
END
|
||||
EOF
|
||||
|
||||
|
|
|
@ -18,6 +18,9 @@ REQUIRED PARAMETERS
|
|||
state::
|
||||
Either "present" or "absent."
|
||||
|
||||
jailbase::
|
||||
The location of the .tgz archive containing the base fs for your jails.
|
||||
|
||||
|
||||
OPTIONAL PARAMETERS
|
||||
-------------------
|
||||
|
@ -51,6 +54,10 @@ onboot::
|
|||
Whether to add the jail to rc.conf's jail_list variable. Must be either
|
||||
"true" or "false." Defaults to false.
|
||||
|
||||
jaildir::
|
||||
The location on the remote server to use for hosting jail filesystems.
|
||||
Defaults to /usr/jail.
|
||||
|
||||
|
||||
CAVEATS
|
||||
-------
|
||||
|
@ -65,24 +72,26 @@ EXAMPLES
|
|||
|
||||
--------------------------------------------------------------------------------
|
||||
# Create a jail called www
|
||||
__jail www --state present --ip "192.168.1.2"
|
||||
__jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
|
||||
|
||||
# Remove the jail called www
|
||||
__jail www --state absent
|
||||
__jail www --state absent --jailbase /my/jail/base.tgz
|
||||
|
||||
# Ensure that the jail called www is started
|
||||
__jail www --state present --started true \
|
||||
--ip "192.168.1.2 netmask 255.255.255.0"
|
||||
--ip "192.168.1.2 netmask 255.255.255.0" \
|
||||
--jailbase /my/jail/base.tgz
|
||||
|
||||
# Use the name variable explicitly
|
||||
__jail thisjail --state present --name www \
|
||||
--ip "192.168.1.2"
|
||||
--ip "192.168.1.2" \
|
||||
--jailbase /my/jail/base.tgz
|
||||
|
||||
# Go nuts
|
||||
__jail lotsofoptions --state present --name testjail --started true \
|
||||
--ip "192.168.1.100 netmask 255.255.255.0" \
|
||||
--hostname "testjail.example.com" --interface "em0" \
|
||||
--onboot yes
|
||||
--onboot yes --jailbase /my/jail/base.tgz --jaildir /jails
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
|
||||
|
|
|
@ -26,7 +26,18 @@
|
|||
#exec >&2
|
||||
#set -x
|
||||
|
||||
# Can only be used on FreeBSD
|
||||
os="$(cat "$__global/explorer/os")"
|
||||
if [ ! "$os" = "freebsd" ]; then
|
||||
echo "__jail can only be used on FreeBSD targets!" >&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
if [ -f "$__object/parameter/jaildir" ]; then
|
||||
jaildir="$(cat "$__object/parameter/name")"
|
||||
else
|
||||
jaildir="/usr/jail"
|
||||
fi
|
||||
|
||||
__directory ${jaildir} --parents yes
|
||||
|
||||
|
|
|
@ -6,3 +6,4 @@ interface
|
|||
devfs-enable
|
||||
devfs-ruleset
|
||||
onboot
|
||||
jaildir
|
||||
|
|
|
@ -1 +1,2 @@
|
|||
state
|
||||
jailbase
|
||||
|
|
Loading…
Reference in a new issue