Compare commits
16 Commits
create_mat
...
0.10.20231
| Author | SHA1 | Date | |
|---|---|---|---|
|
3a4ebc63bb | ||
|
c627b1f7fa | ||
|
|
bce28bf89a | ||
|
|
dd60e7f175 | ||
|
|
32d67aea40 | ||
|
|
b30a7484bb | ||
|
|
86cb374732 | ||
|
|
622c926917 | ||
|
|
b05493bc8e | ||
|
|
620ad465d6 | ||
|
|
c2b17f346d | ||
|
|
d0ff97057e | ||
|
|
c8b3fb3bc1 | ||
|
|
51f9003016 | ||
|
|
2de0766b54 | ||
|
a38403b028 |
@@ -8,10 +8,19 @@
|
||||
|
||||
# Add the following to /etc/rc.conf[.local] to enable this service
|
||||
#
|
||||
# bastille_enable (bool): Set to NO by default.
|
||||
# Set it to YES to enable bastille.
|
||||
# bastille_list (string): Set to "ALL" by default.
|
||||
# Space separated list of jails to start.
|
||||
# bastille_enable (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to enable bastille.
|
||||
# bastille_conf (bool): Set to "/usr/local/etc/bastille/bastille.conf" by default.
|
||||
# Path to bastile.conf file. Used if bastille_rcorder="YES".
|
||||
# bastille_list (string): Set to "ALL" by default.
|
||||
# Space separated list of jails to start or "ALL" to start all
|
||||
# jails.
|
||||
# bastille_rcorder (bool): Set to "NO" by default.
|
||||
# Set it to "YES" to start all jails in order, defined by
|
||||
# rcorder(8). It starts all jails, except jails with "KEYWORD:
|
||||
# nostart" in jail.conf. Value of bastille_list is ignored in this
|
||||
# case, requires correct path to bastile.conf in bastille_conf
|
||||
# var.
|
||||
#
|
||||
|
||||
. /etc/rc.subr
|
||||
@@ -19,24 +28,36 @@
|
||||
name=bastille
|
||||
rcvar=${name}_enable
|
||||
|
||||
: ${bastille_enable:=NO}
|
||||
: ${bastille_enable:="NO"}
|
||||
: ${bastille_conf:="/usr/local/etc/bastille/bastille.conf"}
|
||||
: ${bastille_list:="ALL"}
|
||||
: ${bastille_rcorder:="NO"}
|
||||
|
||||
command=/usr/local/bin/${name}
|
||||
start_cmd="bastille_start"
|
||||
stop_cmd="bastille_stop"
|
||||
restart_cmd="bastille_stop && bastille_start"
|
||||
|
||||
rcordered_list() {
|
||||
local _jailsdir
|
||||
_jailsdir=$(. $bastille_conf; echo $bastille_jailsdir)
|
||||
bastille_ordered_list=$(rcorder -s nostart ${_jailsdir}/*/jail.conf | xargs dirname | xargs basename | tr "\n" " ")
|
||||
}
|
||||
|
||||
bastille_start()
|
||||
{
|
||||
if [ -z "${bastille_list}" ]; then
|
||||
echo "bastille_list is undefined"
|
||||
return 1
|
||||
fi
|
||||
|
||||
local _jail
|
||||
|
||||
for _jail in ${bastille_list}; do
|
||||
if checkyesno bastille_rcorder; then
|
||||
rcordered_list
|
||||
elif [ -z "${bastille_list}" ]; then
|
||||
echo "bastille_list is undefined"
|
||||
return 1
|
||||
else
|
||||
bastille_ordered_list=${bastille_list}
|
||||
fi
|
||||
|
||||
for _jail in ${bastille_ordered_list}; do
|
||||
echo "Starting Bastille Container: ${_jail}"
|
||||
${command} start ${_jail}
|
||||
done
|
||||
@@ -44,16 +65,20 @@ bastille_start()
|
||||
|
||||
bastille_stop()
|
||||
{
|
||||
if [ -z "${bastille_list}" ]; then
|
||||
local _jail _revlist
|
||||
|
||||
if checkyesno bastille_rcorder; then
|
||||
rcordered_list
|
||||
elif [ -z "${bastille_list}" ]; then
|
||||
echo "bastille_list is undefined"
|
||||
return 1
|
||||
else
|
||||
bastille_ordered_list=${bastille_list}
|
||||
fi
|
||||
|
||||
local _jail
|
||||
|
||||
## reverse order of list for shutdown ## fixes #389
|
||||
bastille_revlist=$(echo "${bastille_list}" | awk '{ for (i=NF; i>1; i--) printf("%s ",$i); print $1; }')
|
||||
for _jail in ${bastille_revlist}; do
|
||||
_revlist=$(echo "${bastille_ordered_list}" | awk '{ for (i=NF; i>1; i--) printf("%s ",$i); print $1; }')
|
||||
for _jail in ${_revlist}; do
|
||||
echo "Stopping Bastille Container: ${_jail}"
|
||||
${command} stop ${_jail}
|
||||
done
|
||||
|
||||
@@ -45,7 +45,7 @@ esac
|
||||
bastille_root_check
|
||||
|
||||
#Validate if ZFS is enabled in rc.conf and bastille.conf.
|
||||
if [ "$(sysrc -n zfs_enable)" = "YES" ] && [ ! "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; then
|
||||
warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
|
||||
read answer
|
||||
case $answer in
|
||||
@@ -57,7 +57,7 @@ if [ "$(sysrc -n zfs_enable)" = "YES" ] && [ ! "${bastille_zfs_enable}" = "YES"
|
||||
fi
|
||||
|
||||
# Validate ZFS parameters.
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
## check for the ZFS pool and bastille prefix
|
||||
if [ -z "${bastille_zfs_zpool}" ]; then
|
||||
error_exit "ERROR: Missing ZFS parameters. See bastille_zfs_zpool."
|
||||
@@ -102,7 +102,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_prefix}
|
||||
if [ ! -d "${bastille_prefix}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ];then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_prefix}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}"
|
||||
fi
|
||||
@@ -114,7 +114,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_backupsdir}
|
||||
if [ ! -d "${bastille_backupsdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ];then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_backupsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/backups"
|
||||
fi
|
||||
@@ -126,7 +126,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_cachedir}
|
||||
if [ ! -d "${bastille_cachedir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_cachedir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/cache"
|
||||
# Don't create unused/stale cache/RELEASE directory on Linux jails creation.
|
||||
@@ -145,7 +145,7 @@ bootstrap_directories() {
|
||||
elif [ ! -d "${bastille_cachedir}/${RELEASE}" ]; then
|
||||
# Don't create unused/stale cache/RELEASE directory on Linux jails creation.
|
||||
if [ -z "${NOCACHEDIR}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_cachedir}/${RELEASE}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/cache/${RELEASE}"
|
||||
fi
|
||||
@@ -157,7 +157,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_jailsdir}
|
||||
if [ ! -d "${bastille_jailsdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_jailsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails"
|
||||
fi
|
||||
@@ -168,7 +168,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_logsdir}
|
||||
if [ ! -d "${bastille_logsdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_logsdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/logs"
|
||||
fi
|
||||
@@ -179,7 +179,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_templatesdir}
|
||||
if [ ! -d "${bastille_templatesdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_templatesdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/templates"
|
||||
fi
|
||||
@@ -190,7 +190,7 @@ bootstrap_directories() {
|
||||
|
||||
## ${bastille_releasesdir}
|
||||
if [ ! -d "${bastille_releasesdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_releasesdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases"
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_releasesdir}/${RELEASE}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases/${RELEASE}"
|
||||
@@ -201,7 +201,7 @@ bootstrap_directories() {
|
||||
|
||||
## create subsequent releases/XX.X-RELEASE datasets
|
||||
elif [ ! -d "${bastille_releasesdir}/${RELEASE}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_releasesdir}/${RELEASE}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases/${RELEASE}"
|
||||
fi
|
||||
@@ -249,7 +249,7 @@ bootstrap_release() {
|
||||
|
||||
if [ "${FETCH_VALIDATION}" -ne "0" ]; then
|
||||
## perform cleanup only for stale/empty directories on failure
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ ! "$(ls -A "${bastille_cachedir}/${RELEASE}")" ]; then
|
||||
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/cache/${RELEASE}"
|
||||
@@ -383,7 +383,7 @@ debootstrap_release() {
|
||||
info "Bootstrapping ${PLATFORM_OS} distfiles..."
|
||||
if ! debootstrap --foreign --arch=${ARCH_BOOTSTRAP} --no-check-gpg ${LINUX_FLAVOR} "${bastille_releasesdir}"/${DIR_BOOTSTRAP}; then
|
||||
## perform cleanup only for stale/empty directories on failure
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ ! "$(ls -A "${bastille_releasesdir}/${DIR_BOOTSTRAP}")" ]; then
|
||||
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases/${DIR_BOOTSTRAP}"
|
||||
@@ -414,7 +414,7 @@ bootstrap_template() {
|
||||
|
||||
## ${bastille_templatesdir}
|
||||
if [ ! -d "${bastille_templatesdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
zfs create ${bastille_zfs_options} -o mountpoint="${bastille_templatesdir}" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/templates"
|
||||
fi
|
||||
@@ -474,9 +474,9 @@ if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" !=
|
||||
fi
|
||||
|
||||
## allow override bootstrap URLs via environment variables
|
||||
[ -n ${BASTILLE_URL_FREEBSD} ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
|
||||
[ -n ${BASTILLE_URL_HARDENEDBSD} ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
|
||||
[ -n ${BASTILLE_URL_MIDNIGHTBSD} ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
|
||||
[ -n "${BASTILLE_URL_FREEBSD}" ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
|
||||
[ -n "${BASTILLE_URL_HARDENEDBSD}" ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
|
||||
[ -n "${BASTILLE_URL_MIDNIGHTBSD}" ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
|
||||
|
||||
## Filter sane release names
|
||||
case "${1}" in
|
||||
|
||||
@@ -154,7 +154,7 @@ clone_jail() {
|
||||
# Attempt container clone
|
||||
info "Attempting to clone '${TARGET}' to ${NEWNAME}..."
|
||||
if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
# Replicate the existing container
|
||||
DATE=$(date +%F-%H%M%S)
|
||||
|
||||
@@ -117,3 +117,24 @@ EOF
|
||||
EOF
|
||||
fi
|
||||
}
|
||||
|
||||
checkyesno() {
|
||||
## copied from /etc/rc.subr -- cedwards (20231125)
|
||||
## issue #368 (lowercase values should be parsed)
|
||||
## now used for all bastille_zfs_enable=YES|NO tests
|
||||
## example: if checkyesno bastille_zfs_enable; then ...
|
||||
## returns 0 for enabled; returns 1 for disabled
|
||||
eval _value=\$${1}
|
||||
case $_value in
|
||||
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
|
||||
return 0
|
||||
;;
|
||||
[Nn][Oo]|[Ff][Aa][Ll][Ss][Ee]|[Oo][Ff][Ff]|0)
|
||||
return 1
|
||||
;;
|
||||
*)
|
||||
warn "\$${1} is not set properly - see rc.conf(5)."
|
||||
return 1
|
||||
;;
|
||||
esac
|
||||
}
|
||||
|
||||
@@ -281,7 +281,7 @@ create_jail() {
|
||||
bastille_jail_resolv_conf="${bastille_jailsdir}/${NAME}/root/etc/resolv.conf" ## file
|
||||
|
||||
if [ ! -d "${bastille_jailsdir}/${NAME}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
## create required zfs datasets, mountpoint inherited from system
|
||||
if [ -z "${CLONE_JAIL}" ]; then
|
||||
@@ -388,7 +388,7 @@ create_jail() {
|
||||
fi
|
||||
done
|
||||
else
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ -n "${CLONE_JAIL}" ]; then
|
||||
info "Creating a clonejail...\n"
|
||||
|
||||
@@ -55,7 +55,7 @@ destroy_jail() {
|
||||
|
||||
if [ -d "${bastille_jail_base}" ]; then
|
||||
info "Deleting Jail: ${TARGET}."
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ -n "${TARGET}" ]; then
|
||||
OPTIONS="-r"
|
||||
@@ -118,7 +118,7 @@ destroy_rel() {
|
||||
if grep -qwo "${TARGET}" "${bastille_jailsdir}/${_jail}/fstab" 2>/dev/null; then
|
||||
error_notify "Notice: (${_jail}) depends on ${TARGET} base."
|
||||
BASE_HASCHILD="1"
|
||||
elif [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
elif checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
## check if this release have child clones
|
||||
if zfs list -H -t snapshot -r "${bastille_rel_base}" > /dev/null 2>&1; then
|
||||
@@ -144,7 +144,7 @@ destroy_rel() {
|
||||
else
|
||||
if [ "${BASE_HASCHILD}" -eq "0" ]; then
|
||||
info "Deleting base: ${TARGET}"
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ -n "${TARGET}" ]; then
|
||||
OPTIONS="-r"
|
||||
|
||||
@@ -75,7 +75,7 @@ bastille_root_check
|
||||
|
||||
zfs_enable_check() {
|
||||
# Temporarily disable ZFS so we can create a standard backup archive
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
bastille_zfs_enable="NO"
|
||||
fi
|
||||
}
|
||||
@@ -212,7 +212,7 @@ if [ -n "${TXZ_EXPORT}" -o -n "${TGZ_EXPORT}" ] && [ -n "${SAFE_EXPORT}" ]; then
|
||||
error_exit "Error: Simple archive modes with safe ZFS export can't be used together."
|
||||
fi
|
||||
|
||||
if [ -z "${bastille_zfs_enable}" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${GZIP_EXPORT}" -o -n "${RAW_EXPORT}" -o -n "${SAFE_EXPORT}" -o "${OPT_ZSEND}" = "-Rv" ]; then
|
||||
error_exit "Options --gz, --raw, --safe, --verbose are valid for ZFS configured systems only."
|
||||
fi
|
||||
@@ -294,7 +294,7 @@ export_check() {
|
||||
create_zfs_snap
|
||||
fi
|
||||
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -z "${USER_EXPORT}" ]; then
|
||||
info "Sending ZFS data stream..."
|
||||
fi
|
||||
@@ -304,7 +304,7 @@ export_check() {
|
||||
jail_export() {
|
||||
# Attempt to export the container
|
||||
DATE=$(date +%F-%H%M%S)
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ -n "${RAW_EXPORT}" ]; then
|
||||
FILE_EXT=""
|
||||
@@ -384,7 +384,7 @@ if [ -n "${TARGET}" ]; then
|
||||
fi
|
||||
|
||||
# Check if is a ZFS system
|
||||
if [ "${bastille_zfs_enable}" != "YES" ]; then
|
||||
if ! checkyesno bastille_zfs_enable; then
|
||||
# Check if container is running and ask for stop in non ZFS systems
|
||||
if [ -n "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then
|
||||
error_exit "${TARGET} is running. See 'bastille stop'."
|
||||
|
||||
@@ -410,7 +410,7 @@ jail_import() {
|
||||
FILE_TRIM=$(echo "${TARGET}" | sed 's/\.xz//g;s/\.gz//g;s/\.tgz//g;s/\.txz//g;s/\.zip//g;s/\.tar\.gz//g;s/\.tar//g')
|
||||
FILE_EXT=$(echo "${TARGET}" | sed "s/${FILE_TRIM}//g")
|
||||
if [ -d "${bastille_jailsdir}" ]; then
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ]; then
|
||||
if [ "${FILE_EXT}" = ".xz" ]; then
|
||||
validate_archive
|
||||
|
||||
@@ -105,7 +105,7 @@ update_fstab() {
|
||||
change_name() {
|
||||
# Attempt container name change
|
||||
info "Attempting to rename '${TARGET}' to ${NEWNAME}..."
|
||||
if [ "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if checkyesno bastille_zfs_enable; then
|
||||
if [ -n "${bastille_zfs_zpool}" ] && [ -n "${bastille_zfs_prefix}" ]; then
|
||||
# Check and rename container ZFS dataset accordingly
|
||||
# Perform additional checks in case of non-ZFS existing containers
|
||||
|
||||
@@ -57,6 +57,19 @@ configure_vnet() {
|
||||
|
||||
info "Bringing up new interface: bastille1"
|
||||
service netif cloneup
|
||||
|
||||
if [ ! -f /etc/devfs.rules ]; then
|
||||
info "Creating bastille_vnet devfs.rules"
|
||||
cat << EOF > /etc/devfs.rules
|
||||
[bastille_vnet=13]
|
||||
add include \$devfsrules_hide_all
|
||||
add include \$devfsrules_unhide_basic
|
||||
add include \$devfsrules_unhide_login
|
||||
add include \$devfsrules_jail
|
||||
add include \$devfsrules_jail_vnet
|
||||
add path 'bpf*' unhide
|
||||
EOF
|
||||
fi
|
||||
}
|
||||
|
||||
# Configure pf firewall
|
||||
|
||||
@@ -85,7 +85,7 @@ esac
|
||||
bastille_root_check
|
||||
|
||||
## check ZFS enabled
|
||||
if [ ! "${bastille_zfs_enable}" = "YES" ]; then
|
||||
if ! checkyesno bastille_zfs_enable; then
|
||||
error_exit "ZFS not enabled."
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user