matthijs/cdist
1
0
Fork 0
forked from ungleich-public/cdist
Code Issues Pull requests Projects Releases Wiki Activity

Implemented Nico's suggestions

Browse source 
Parameterized {jailbase,jaildir}
Replaced all usages of /usr/jail with $jaildir
Explicitly fail if $os isn't FreeBSD
Removed $__type/files/ as it is pointless to have now
Updated man page
This commit is contained in:
Jake Guffey 2012-04-27 11:45:34 -04:00
commit 14e851341a
10 changed files with 75 additions and 24 deletions
Download patch file Download diff file Expand all files Collapse all files

10
conf/type/__jail/explorer/basepresent
View file

@ -18,20 +18,26 @@
# along with cdist. If not, see <http://www.gnu.org/licenses/>. # along with cdist. If not, see <http://www.gnu.org/licenses/>.
# #
# #
# See if the jailbase.tgz or /usr/jail/base dir exists # See if the jailbase.tgz or $jaildir/base dir exists
# #
# Debug # Debug
#exec >&2 #exec >&2
#set -x #set -x
if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail"
fi
name="base:jailbase.tgz" name="base:jailbase.tgz"
out="" out=""
save_IFS="$IFS" save_IFS="$IFS"
IFS=":" IFS=":"
for cur in $name; do for cur in $name; do
if [ -e "/usr/jail/$cur" ]; then if [ -e "${jaildir}/$cur" ]; then
out="${out}:${cur}" out="${out}:${cur}"
fi fi
done done

8
conf/type/__jail/explorer/present
View file

@ -31,7 +31,13 @@ else
name=$__object_id name=$__object_id
fi fi
[ -d "/usr/jail/$name" ] && echo "EXISTS" || echo "NOTEXIST" if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail"
fi
[ -d "${jaildir}/$name" ] && echo "EXISTS" || echo "NOTEXIST"
#set +x #set +x

10
conf/type/__jail/explorer/status
View file

@ -31,7 +31,15 @@ else
name="$__object_id" name="$__object_id"
fi fi
jls_output="$(jls | grep "[ ^I]\/usr\/jail\/${name}\$")" || true if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail"
fi
# backslash-escaped $jaildir
sjaildir="$(echo ${jaildir} | sed 's#/#\\/#g')"
jls_output="$(jls | grep "[ ^I]${sjaildir}\/${name}\$")" || true
if [ -n "${jls_output}" ]; then if [ -n "${jls_output}" ]; then
echo "STARTED" echo "STARTED"

1
conf/type/__jail/files/jailbase
View file

@ -1 +0,0 @@
Create a tarball jailbase.tgz in this directory containing the base filesystem for a jail.

13
conf/type/__jail/gencode-local
View file

@ -22,13 +22,18 @@
# virtual machines. # virtual machines.
# #
#FIXME: /usr/jail should never be hardcoded in this type if [ -f "$__object/parameter/jaildir" ]; then
#FIXME: jailbase.tgz should not be hardcoded in this file jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail"
fi
jailbase="/usr/jail/jailbase.tgz" jailbase="$(cat "$__object/parameter/jailbase")"
remotebase="${jaildir}/jailbase.tgz"
basepresent="$(cat "$__object/explorer/basepresent")" basepresent="$(cat "$__object/explorer/basepresent")"
if [ "$basepresent" = "NONE" ]; then if [ "$basepresent" = "NONE" ]; then
echo "$__remote_copy" "$__type/files/jailbase.tgz" "$__target_host:${jailbase}" echo "$__remote_copy" "${jailbase}" "$__target_host:${remotebase}"
fi fi

21
conf/type/__jail/gencode-remote
View file

@ -90,7 +90,12 @@ if [ -f "$__object/parameter/onboot" ]; then
onboot="$(cat "$__object/parameter/onboot")" onboot="$(cat "$__object/parameter/onboot")"
fi fi
if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail" jaildir="/usr/jail"
fi
present="$(cat "$__object/explorer/present")" present="$(cat "$__object/explorer/present")"
status="$(cat "$__object/explorer/status")" status="$(cat "$__object/explorer/status")"
@ -135,9 +140,9 @@ deleteJail() {
fi fi
EOF EOF
# Remove the jail's rw mountpoints # Remove the jail's rw mountpoints
echo "rm -rf \"/usr/jail/rw/${name}\"" echo "rm -rf \"${jailbase}/rw/${name}\""
# Remove the jail directory # Remove the jail directory
echo "rm -rf \"/usr/jail/${name}\"" echo "rm -rf \"${jailbase}/${name}\""
# Remove the jail's fstab # Remove the jail's fstab
echo "rm -f \"/etc/fstab.${name}\"" echo "rm -f \"/etc/fstab.${name}\""
# Remove jail_$name_* lines from rc.conf # Remove jail_$name_* lines from rc.conf
@ -207,12 +212,12 @@ EOF
# Create the ro+rw mountpoint entries in fstab # Create the ro+rw mountpoint entries in fstab
cat <<EOF cat <<EOF
cat >/etc/fstab.${name} <<END cat >/etc/fstab.${name} <<END
/usr/jail/base /usr/jail/${name} nullfs ro 0 0 ${jailbase}/base ${jailbase}/${name} nullfs ro 0 0
/usr/jail/rw/${name}/etc /usr/jail/${name}/etc nullfs rw 0 0 ${jailbase}/rw/${name}/etc ${jailbase}/${name}/etc nullfs rw 0 0
/usr/jail/rw/${name}/local /usr/jail/${name}/usr/local nullfs rw 0 0 ${jailbase}/rw/${name}/local ${jailbase}/${name}/usr/local nullfs rw 0 0
/usr/jail/rw/${name}/var /usr/jail/${name}/var nullfs rw 0 0 ${jailbase}/rw/${name}/var ${jailbase}/${name}/var nullfs rw 0 0
/usr/jail/rw/${name}/home /usr/jail/${name}/usr/home nullfs rw 0 0 ${jailbase}/rw/${name}/home ${jailbase}/${name}/usr/home nullfs rw 0 0
/usr/jail/rw/${name}/root /usr/jail/${name}/root nullfs rw 0 0 ${jailbase}/rw/${name}/root ${jailbase}/${name}/root nullfs rw 0 0
END END
EOF EOF

19
conf/type/__jail/man.text
View file

@ -18,6 +18,9 @@ REQUIRED PARAMETERS
state:: state::
Either "present" or "absent." Either "present" or "absent."
jailbase::
The location of the .tgz archive containing the base fs for your jails.
OPTIONAL PARAMETERS OPTIONAL PARAMETERS
------------------- -------------------
@ -51,6 +54,10 @@ onboot::
Whether to add the jail to rc.conf's jail_list variable. Must be either Whether to add the jail to rc.conf's jail_list variable. Must be either
"true" or "false." Defaults to false. "true" or "false." Defaults to false.
jaildir::
The location on the remote server to use for hosting jail filesystems.
Defaults to /usr/jail.
CAVEATS CAVEATS
------- -------
@ -65,24 +72,26 @@ EXAMPLES
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------
# Create a jail called www # Create a jail called www
__jail www --state present --ip "192.168.1.2" __jail www --state present --ip "192.168.1.2" --jailbase /my/jail/base.tgz
# Remove the jail called www # Remove the jail called www
__jail www --state absent __jail www --state absent --jailbase /my/jail/base.tgz
# Ensure that the jail called www is started # Ensure that the jail called www is started
__jail www --state present --started true \ __jail www --state present --started true \
--ip "192.168.1.2 netmask 255.255.255.0" --ip "192.168.1.2 netmask 255.255.255.0" \
--jailbase /my/jail/base.tgz
# Use the name variable explicitly # Use the name variable explicitly
__jail thisjail --state present --name www \ __jail thisjail --state present --name www \
--ip "192.168.1.2" --ip "192.168.1.2" \
--jailbase /my/jail/base.tgz
# Go nuts # Go nuts
__jail lotsofoptions --state present --name testjail --started true \ __jail lotsofoptions --state present --name testjail --started true \
--ip "192.168.1.100 netmask 255.255.255.0" \ --ip "192.168.1.100 netmask 255.255.255.0" \
--hostname "testjail.example.com" --interface "em0" \ --hostname "testjail.example.com" --interface "em0" \
--onboot yes --onboot yes --jailbase /my/jail/base.tgz --jaildir /jails
-------------------------------------------------------------------------------- --------------------------------------------------------------------------------

11
conf/type/__jail/manifest
View file

@ -26,7 +26,18 @@
#exec >&2 #exec >&2
#set -x #set -x
# Can only be used on FreeBSD
os="$(cat "$__global/explorer/os")"
if [ ! "$os" = "freebsd" ]; then
echo "__jail can only be used on FreeBSD targets!" >&2
exit 1
fi
if [ -f "$__object/parameter/jaildir" ]; then
jaildir="$(cat "$__object/parameter/name")"
else
jaildir="/usr/jail" jaildir="/usr/jail"
fi
__directory ${jaildir} --parents yes __directory ${jaildir} --parents yes

1
conf/type/__jail/parameter/optional
View file

@ -6,3 +6,4 @@ interface
devfs-enable devfs-enable
devfs-ruleset devfs-ruleset
onboot onboot
jaildir

1
conf/type/__jail/parameter/required
View file

@ -1 +1,2 @@
state state
jailbase