forked from ungleich-public/cdist
Created initial createJail function. Script still can't delete jails yet.
This commit is contained in:
parent
37d72a08ea
commit
18c0e947aa
1 changed files with 94 additions and 1 deletions
|
@ -76,7 +76,7 @@ fi
|
||||||
|
|
||||||
# devfs_ruleset being defined without devfs_enable being true
|
# devfs_ruleset being defined without devfs_enable being true
|
||||||
# is pointless. Treat this as an error.
|
# is pointless. Treat this as an error.
|
||||||
if [ -n "$devfsrules" -a "$devfsenable" = "false" ]; then
|
if [ -n "$devfsruleset" -a "$devfsenable" = "false" ]; then
|
||||||
exec >&2
|
exec >&2
|
||||||
echo "Can't have --devfs-ruleset defined without --devfs-enable true."
|
echo "Can't have --devfs-ruleset defined without --devfs-enable true."
|
||||||
exit 1
|
exit 1
|
||||||
|
@ -109,9 +109,102 @@ startJail() {
|
||||||
}
|
}
|
||||||
|
|
||||||
deleteJail() {
|
deleteJail() {
|
||||||
|
# If the jail's mountpoints are mounted, unmount them
|
||||||
|
# Remove the jail's rw mountpoints
|
||||||
|
# Remove the jail's ro mountpoint
|
||||||
|
# Remove the jail directory
|
||||||
|
# If the jail's devfs rules are custom (!="jailrules"), remove them
|
||||||
|
# Remove jail_$name_* lines from rc.conf
|
||||||
|
# Remove " $name " from jail_list if it's there
|
||||||
}
|
}
|
||||||
|
|
||||||
createJail() {
|
createJail() {
|
||||||
|
# Create the jail directory
|
||||||
|
echo <<-EOF
|
||||||
|
mkdir -p ${jaildir}/${name}
|
||||||
|
if [ ! -d "${jaildir}/base" ]; then
|
||||||
|
mkdir "${jaildir}/base"
|
||||||
|
tar -xzf "${jaildir}/jailbase.tgz" -C "${jaildir}/base"
|
||||||
|
if [ ! -d "${jaildir}/base/usr/local" ]; then
|
||||||
|
mkdir -p "${jaildir}/base/usr/local"
|
||||||
|
fi
|
||||||
|
if [ ! -d "${jaildir}/base/usr/home" ]; then
|
||||||
|
mkdir -p "${jaildir}/base/usr/home"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
if [ ! -d "${jaildir}/rw" ]; then
|
||||||
|
mkdir "${jaildir}/rw"
|
||||||
|
fi
|
||||||
|
mkdir -p "${jaildir}/rw/${name}/etc"
|
||||||
|
cp -r ${jaildir}/base/etc/* "${jaildir}/rw/${name}/etc/"
|
||||||
|
mkdir "${jaildir}/rw/${name}/local"
|
||||||
|
mkdir "${jaildir}/rw/${name}/db"
|
||||||
|
if [ -d "${jaildir}/base/var/db" ]; then
|
||||||
|
cp -r ${jaildir}/base/var/db/* "${jaildir}/rw/${name}/db/"
|
||||||
|
fi
|
||||||
|
mkdir "${jaildir}/rw/${name}/home"
|
||||||
|
if [ -d "${jaildir}/base/usr/home" ]; then
|
||||||
|
cp -r ${jaildir}/base/usr/home/* "${jaildir}/rw/${name}/home/"
|
||||||
|
fi
|
||||||
|
mkdir "${jaildir}/rw/${name}/tmp"
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Create the ro+rw mountpoint entries in fstab
|
||||||
|
echo <<-EOF
|
||||||
|
echo >/etc/fstab.${name} <<-END
|
||||||
|
/usr/jail/base /usr/jail/${name} nullfs ro 0 0
|
||||||
|
/usr/jail/rw/${name}/etc /usr/jail/${name}/etc nullfs rw 0 0
|
||||||
|
/usr/jail/rw/${name}/local /usr/jail/${name}/usr/local nullfs rw 0 0
|
||||||
|
/usr/jail/rw/${name}/db /usr/jail/${name}/var/db nullfs rw 0 0
|
||||||
|
/usr/jail/rw/${name}/home /usr/jail/${name}/usr/home nullfs rw 0 0
|
||||||
|
/usr/jail/rw/${name}/tmp /usr/jail/${name}/var/tmp nullfs rw 0 0
|
||||||
|
END
|
||||||
|
EOF
|
||||||
|
|
||||||
|
# Add the jail_$name_* lines to rc.conf
|
||||||
|
echo <<-EOF
|
||||||
|
echo >>/etc/rc.conf <<-END
|
||||||
|
jail_${name}_rootdir="${jaildir}/${name}"
|
||||||
|
jail_${name}_hostname="${hostname}"
|
||||||
|
jail_${name}_ip="${ip}"
|
||||||
|
jail_${name}_devfs_enable="${devfsenable}"
|
||||||
|
jail_${name}_mount_enable="YES"
|
||||||
|
jail_${name}_fstab="/etc/fstab.$name"
|
||||||
|
END
|
||||||
|
EOF
|
||||||
|
|
||||||
|
if [ -n "$interface" ]; then
|
||||||
|
echo <<-EOF
|
||||||
|
echo >>/etc/rc.conf <<-END
|
||||||
|
jail_${name}_interface="${interface}"
|
||||||
|
END
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [ "$devfsenable" = "true" ]; then
|
||||||
|
echo <<-EOF
|
||||||
|
echo >>/etc/rc.conf <<-END
|
||||||
|
jail_${name}_devfs_ruleset="$devfsruleset"
|
||||||
|
END
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Add $name to jail_list if $onboot=true
|
||||||
|
if [ "$onboot" = "true" ]; then
|
||||||
|
echo <<-EOF
|
||||||
|
eval $(grep '^jail_list=' /etc/rc.conf)
|
||||||
|
jail_list="${jail_list} ${name}"
|
||||||
|
sed -i "s/^jail_list=\".*\"/jail_list=\"${jail_list}\"/" /etc/rc.conf
|
||||||
|
unset jail_list
|
||||||
|
EOF
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Add the normal entries into the jail's rc.conf
|
||||||
|
echo "echo hostname=\"${hostname}\"" >>"${jaildir}/rw/${name}/etc/rc.conf"
|
||||||
|
echo 'echo sendmail_enable=\"NONE\"' >>"${jaildir}/rw/${name}/etc/rc.conf"
|
||||||
|
echo 'echo syslogd_enable=\"YES\"' >>"${jaildir}/rw/${name}/etc/rc.conf"
|
||||||
|
echo 'echo syslogd_flags=\"-ss\"' >>"${jaildir}/rw/${name}/etc/rc.conf"
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
if [ "$present" = "EXISTS" ]; then # The jail currently exists
|
if [ "$present" = "EXISTS" ]; then # The jail currently exists
|
||||||
|
|
Loading…
Reference in a new issue