fix for recent EOL support patch

Merge pull request #638 from BastilleBSD/create_matrix
support combining options for bastille create
2023-11-25 17:06:05 -07:00 · 2023-11-24 16:42:40 -07:00 · 2023-11-24 16:41:25 -07:00 · 2023-11-24 16:28:31 -07:00 · 2023-11-24 16:04:21 -07:00 · 2023-11-24 15:20:15 -07:00
17 changed files with 173 additions and 51 deletions
--- a/.readthedocs.yaml
+++ b/.readthedocs.yaml
@@ -3,5 +3,7 @@ version: 2
 sphinx:
  configuration: docs/conf.py
-python:
+build:
-  version: 3.11
+  os: "ubuntu-22.04"
  tools:
    python: "3.11"
--- a/README.md
+++ b/README.md
@@ -30,9 +30,22 @@ make install
 **enable at boot**
 ```shell
 sysrc bastille_enable=YES
-sysrc bastille_list="azkaban alcatraz" # (optional whitelist of jails to start at boot; default: ALL)
+sysrc bastille_rcorder=YES
 ```
 Upgrading from a previous version
 ---------------------------------
 When upgrading from a previous version of bastille (e.g. 0.10.20230714 to 
 0.10.20231013) you will need to update your bastille.conf
 ```shell
 cd /usr/local/etc/bastille
 diff -u bastille.conf bastille.conf.sample
 ```
 Merge the lines that are present in the new bastille.conf.sample into
 your bastille.conf
 Basic Usage
 -----------
 ```shell
@@ -62,6 +75,7 @@ Available Commands:
  mount       Mount a volume inside the targeted container(s).
  pkg         Manipulate binary packages within targeted container(s). See pkg(8).
  rdr         Redirect host port to container port.
  rcp         reverse cp(1) files from a single container to the host.
  rename      Rename a container.
  restart     Restart a running container.
  service     Manage services within targeted container(s).
@@ -118,7 +132,7 @@ Example (create, start, console)
 This example creates, starts and consoles into the container.
 ```shell
-ishmael ~ # bastille create alcatraz 13.2-RELEASE 10.17.89.10
+ishmael ~ # bastille create alcatraz 14.0-RELEASE 10.17.89.10/24
 ```
 ```shell
@@ -130,7 +144,7 @@ alcatraz: created
 ```shell
 ishmael ~ # bastille console alcatraz
 [alcatraz]:
-FreeBSD 13.2-RELEASE-p4 GENERIC
+FreeBSD 14.0-RELEASE GENERIC
 Welcome to FreeBSD!
--- a/docs/chapters/installation.rst
+++ b/docs/chapters/installation.rst
@@ -4,7 +4,7 @@ Bastille is available in the official FreeBSD ports tree at
 `sysutils/bastille`. Binary packages available in `quarterly` and `latest`
 repositories.
-Current version is `0.10.20231013`.
+Current version is `0.10.20231125`.
 To install from the FreeBSD package repository:
@@ -19,6 +19,7 @@ PKG
  pkg install bastille
  sysrc bastille_enable=YES
  sysrc bastille_rcorder=YES
 To install from source (don't worry, no compiling):
@@ -30,6 +31,7 @@ ports
  make -C /usr/ports/sysutils/bastille install clean
  sysrc bastille_enable=YES
  sysrc bastille_rcorder=YES
 GIT
@@ -41,6 +43,7 @@ GIT
  cd bastille
  make install
  sysrc bastille_enable=YES
  sysrc bastille_rcorder=YES
 This method will install the latest files from GitHub directly onto your
 system. It is verbose about the files it installs (for later removal), and also
--- a/docs/chapters/networking.rst
+++ b/docs/chapters/networking.rst
@@ -128,6 +128,11 @@ host system:
  ## /etc/devfs.rules (NOT .conf)
  [bastille_vnet=13]
  add include $devfsrules_hide_all
  add include $devfsrules_unhide_basic
  add include $devfsrules_unhide_login
  add include $devfsrules_jail
  add include $devfsrules_jail_vnet
  add path 'bpf*' unhide
 Lastly, you may want to consider these three `sysctl` values:
@@ -155,8 +160,6 @@ Below is the definition of what these three parameters are used for and mean:
 				    interface, set to 0	to disable it.
 **Regarding Routes**
 Bastille will attempt to auto-detect the default route from the host system and
--- a/docs/chapters/subcommands/bootstrap.rst
+++ b/docs/chapters/subcommands/bootstrap.rst
@@ -27,7 +27,7 @@ release version as the argument.
 .. code-block:: shell
-  ishmael ~ # bastille bootstrap 12.4-RELEASE [update]
+  ishmael ~ # bastille bootstrap 14.0-RELEASE [update]
  ishmael ~ # bastille bootstrap 13.2-RELEASE [update]
 To `bootstrap` a HardenedBSD release, run the bootstrap sub-command with the
@@ -43,6 +43,21 @@ download the requested release. For each requested release, `bootstrap` will
 download the base.txz. These files are verified (sha256 via MANIFEST file)
 before they are extracted for use.
 EOL Releases
 ------------
 It is sometimes necessary to run end-of-life releases for testing or legacy
 application support. Dy default Bastille will only install supported releases
 but you can bootstrap EOL / unsupported releases with a simple trick.
 .. code-block:: shell
   ishmael ~ # export BASTILLE_URL_FREEBSD=http://ftp-archive.freebsd.org/pub/FreeBSD-Archive/old-releases/
   ishmael ~ # bastille bootstrap 11.2-RELEASE
 By overriding the BASTILLE_URL_FREEBSD variable you can now bootstrap archived
 releases from the FTP archive.
 Tips
 ----
--- a/docs/chapters/subcommands/create.rst
+++ b/docs/chapters/subcommands/create.rst
@@ -22,6 +22,15 @@ bootstrapped release and a private (rfc1918) IP address.
 This command will create a 11.3-RELEASE container assigning the 10.17.89.10 ip
 address to the new system.
 .. code-block:: shell
   ishmael ~ # bastille create alcatraz 13.2-RELEASE 10.17.89.113/24
 The above code will create a jail with a /24 mask.  At the time of this documentation you 
 can only use CIDR notation, and not use a netmask 255.255.255.0 to accomplish this.
 I recommend using private (rfc1918) ip address ranges for your container.  These
 ranges include:
--- a/docs/conf.py
+++ b/docs/conf.py
@@ -12,9 +12,9 @@ copyright = '2018-2023, Christer Edwards'
 author = 'Christer Edwards'
 # The short X.Y version
-version = '0.10.20231013'
+version = '0.10.20231125'
 # The full version, including alpha/beta/rc tags
-release = '0.10.20231013-beta'
+release = '0.10.20231125-beta'
 # -- General configuration ---------------------------------------------------
@@ -26,10 +26,10 @@ templates_path = ['_templates']
 source_suffix = ['.rst', '.md']
-from recommonmark.parser import CommonMarkParser
+#from recommonmark.parser import CommonMarkParser
-source_parsers = {
+#source_parsers = {
-    '.md': CommonMarkParser,
+#    '.md': CommonMarkParser,
-}
+#}
 master_doc = 'index'
 language = None
--- a/usr/local/bin/bastille
+++ b/usr/local/bin/bastille
@@ -62,7 +62,7 @@ bastille_perms_check() {
 bastille_perms_check
 ## version
-BASTILLE_VERSION="0.10.20231013"
+BASTILLE_VERSION="0.10.20231125"
 usage() {
    cat << EOF
--- a/usr/local/etc/rc.d/bastille
+++ b/usr/local/etc/rc.d/bastille
@@ -8,10 +8,19 @@
 # Add the following to /etc/rc.conf[.local] to enable this service
 #
-# bastille_enable (bool):          Set to NO by default.
+# bastille_enable (bool): Set to "NO" by default.
-#               Set it to YES to enable bastille.
+#               Set it to "YES" to enable bastille.
-# bastille_list (string):        Set to "ALL" by default.
+# bastille_conf (bool):   Set to "/usr/local/etc/bastille/bastille.conf" by default.
-#               Space separated list of jails to start.
+#               Path to bastile.conf file. Used if bastille_rcorder="YES".
 # bastille_list (string): Set to "ALL" by default.
 #               Space separated list of jails to start or "ALL" to start all
 #               jails.
 # bastille_rcorder (bool):       Set to "NO" by default.
 #               Set it to "YES" to start all jails in order, defined by
 #               rcorder(8). It starts all jails, except jails with "KEYWORD:
 #               nostart" in jail.conf. Value of bastille_list is ignored in this
 #               case, requires correct path to bastile.conf in bastille_conf
 #               var.
 #
 . /etc/rc.subr
@@ -19,24 +28,36 @@
 name=bastille
 rcvar=${name}_enable
-: ${bastille_enable:=NO}
+: ${bastille_enable:="NO"}
 : ${bastille_conf:="/usr/local/etc/bastille/bastille.conf"}
 : ${bastille_list:="ALL"}
 : ${bastille_rcorder:="NO"}
 command=/usr/local/bin/${name}
 start_cmd="bastille_start"
 stop_cmd="bastille_stop"
 restart_cmd="bastille_stop && bastille_start"
 rcordered_list() {
    local _jailsdir
    _jailsdir=$(. $bastille_conf; echo $bastille_jailsdir)
    bastille_ordered_list=$(rcorder -s nostart ${_jailsdir}/*/jail.conf | xargs dirname | xargs basename | tr "\n" " ")
 }
 bastille_start()
 {
    if [ -z "${bastille_list}" ]; then
        echo "bastille_list is undefined"
        return 1
    fi
    local _jail
-    for _jail in ${bastille_list}; do
+    if checkyesno bastille_rcorder; then
        rcordered_list
    elif [ -z "${bastille_list}" ]; then
        echo "bastille_list is undefined"
        return 1
    else
        bastille_ordered_list=${bastille_list}
    fi
    for _jail in ${bastille_ordered_list}; do
        echo "Starting Bastille Container: ${_jail}"
        ${command} start ${_jail}
    done
@@ -44,16 +65,20 @@ bastille_start()
 bastille_stop()
 {
-    if [ -z "${bastille_list}" ]; then
+    local _jail _revlist
    if checkyesno bastille_rcorder; then
        rcordered_list
    elif [ -z "${bastille_list}" ]; then
        echo "bastille_list is undefined"
        return 1
    else
        bastille_ordered_list=${bastille_list}
    fi
    local _jail
    ## reverse order of list for shutdown ## fixes #389
-    bastille_revlist=$(echo "${bastille_list}" | awk '{ for (i=NF; i>1; i--) printf("%s ",$i); print $1; }')
+    _revlist=$(echo "${bastille_ordered_list}" | awk '{ for (i=NF; i>1; i--) printf("%s ",$i); print $1; }')
-    for _jail in ${bastille_revlist}; do
+    for _jail in ${_revlist}; do
        echo "Stopping Bastille Container: ${_jail}"
        ${command} stop ${_jail}
    done
--- a/usr/local/share/bastille/bootstrap.sh
+++ b/usr/local/share/bastille/bootstrap.sh
@@ -473,6 +473,11 @@ if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" !=
    fi
 fi
 ## allow override bootstrap URLs via environment variables
 [ -n "${BASTILLE_URL_FREEBSD}" ] && bastille_url_freebsd="${BASTILLE_URL_FREEBSD}"
 [ -n "${BASTILLE_URL_HARDENEDBSD}" ] && bastille_url_hardenedbsd="${BASTILLE_URL_HARDENEDBSD}"
 [ -n "${BASTILLE_URL_MIDNIGHTBSD}" ] && bastille_url_midnightbsd="${BASTILLE_URL_MIDNIGHTBSD}"
 ## Filter sane release names
 case "${1}" in
 2.[0-9]*)
@@ -489,9 +494,9 @@ case "${1}" in
    PLATFORM_OS="FreeBSD"
    validate_release_url
    ;;
-*-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-RC3|*-rc3|*-RC4|*-rc4|*-RC5|*-rc5|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+*-RELEASE|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
    ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-5]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]')
+    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([0-9]{1,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
    UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
    PLATFORM_OS="FreeBSD"
    validate_release_url
--- a/usr/local/share/bastille/clone.sh
+++ b/usr/local/share/bastille/clone.sh
@@ -136,7 +136,7 @@ update_fstab() {
    # Update fstab to use the new name
    FSTAB_CONFIG="${bastille_jailsdir}/${NEWNAME}/fstab"
    if [ -f "${FSTAB_CONFIG}" ]; then
-        FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-5]|-BETA[1-5]|-CURRENT)|([0-9]{1,2}(-stable-build-[0-9]{1,3}|-stable-LAST))|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)' "${FSTAB_CONFIG}" | uniq)
+        FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9]|-CURRENT)|([0-9]{1,2}(-stable-build-[0-9]{1,3}|-stable-LAST))|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)' "${FSTAB_CONFIG}" | uniq)
        FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET}/root/.bastille" "${FSTAB_CONFIG}")
        FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${NEWNAME}/root/.bastille nullfs ro 0 0"
        if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/create.sh
+++ b/usr/local/share/bastille/create.sh
@@ -178,6 +178,7 @@ ${NAME} {
  mount.fstab = ${bastille_jail_fstab};
  path = ${bastille_jail_path};
  securelevel = 2;
  osrelease = ${RELEASE};
  interface = ${bastille_jail_conf_interface};
  ${IP4_DEFINITION}
@@ -225,6 +226,7 @@ ${NAME} {
  mount.fstab = ${bastille_jail_fstab};
  path = ${bastille_jail_path};
  securelevel = 2;
  osrelease = ${RELEASE};
 ${NETBLOCK}
 }
@@ -499,7 +501,7 @@ create_jail() {
    if [ -n "${VNET_JAIL}" ]; then
        if [ -n "${bastille_template_vnet}" ]; then
            ## rename interface to generic vnet0
-            uniq_epair=$(grep vnet.interface "${bastille_jailsdir}/${NAME}/jail.conf" | awk '{print $3}' | sed 's/;//')
+            uniq_epair=$(grep vnet.interface "${bastille_jailsdir}/${NAME}/jail.conf" | awk '{print $3}' | sed 's/;//; s/-/_/g')
            _gateway=''
            _gateway6=''
@@ -605,36 +607,80 @@ LINUX_JAIL=""
 # Handle and parse options
 while [ $# -gt 0 ]; do
    case "${1}" in
-        -E|--empty|empty)
+        -E|--empty)
            EMPTY_JAIL="1"
            shift
            ;;
-        -L|--linux|linux)
+        -L|--linux)
            LINUX_JAIL="1"
            shift
            ;;
-        -T|--thick|thick)
+        -T|--thick)
            THICK_JAIL="1"
            shift
            ;;
-        -V|--vnet|vnet)
+        -V|--vnet)
            VNET_JAIL="1"
            shift
            ;;
-        -B|--bridge|bridge)
+        -B|--bridge)
            VNET_JAIL="1"
            VNET_JAIL_BRIDGE="1"
            shift
            ;;
-        -C|--clone|clone)
+        -C|--clone)
            CLONE_JAIL="1"
            shift
            ;;
        -CV|-VC|--clone-vnet)
            CLONE_JAIL="1"
            VNET_JAIL="1"
            shift
            ;;
        -CB|-BC|--clone-bridge)
            CLONE_JAIL="1"
            VNET_JAIL="1"
            VNET_JAIL_BRIDGE="1"
            shift
            ;;
        -TV|-VT|--thick-vnet)
            THICK_JAIL="1"
            VNET_JAIL="1"
            shift
            ;;
        -TB|-BT|--thick-bridge)
            THICK_JAIL="1"
            VNET_JAIL="1"
            VNET_JAIL_BRIDGE="1"
            shift
            ;;
        -EB|-BE|--empty-bridge)
            EMPTY_JAIL="1"
            VNET_JAIL="1"
            VNET_JAIL_BRIDGE="1"
            shift
            ;;
        -EV|-VE|--empty-vnet)
            EMPTY_JAIL="1"
            VNET_JAIL="1"
            shift
            ;;
        -LV|-VL|--linux-vnet)
            LINUX_JAIL="1"
            VNET_JAIL="1"
            shift
            ;;
        -LB|-BL|--linux-bridge)
            LINUX_JAIL="1"
            VNET_JAIL="1"
            VNET_JAIL_BRIDGE="1"
            shift
            ;;
        -*|--*)
            error_notify "Unknown Option."
            usage
            ;;
-       *)
+        *)
            break
            ;;
    esac
@@ -719,9 +765,9 @@ if [ -z "${EMPTY_JAIL}" ]; then
        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
        validate_release
        ;;
-    *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+    *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
        ## check for FreeBSD releases name
-        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-2]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
        validate_release
        ;;
    *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
--- a/usr/local/share/bastille/destroy.sh
+++ b/usr/local/share/bastille/destroy.sh
@@ -219,9 +219,9 @@ case "${TARGET}" in
    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
    destroy_rel
    ;;
-*-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-RC3|*-rc3|*-RC4|*-rc4|*-RC5|*-rc5|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+*-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
    ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-5]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
+    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
    destroy_rel
    ;;
 *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
--- a/usr/local/share/bastille/import.sh
+++ b/usr/local/share/bastille/import.sh
@@ -164,7 +164,7 @@ update_fstab() {
    # Update fstab .bastille mountpoint on thin containers only
    # Set some variables
    FSTAB_CONFIG="${bastille_jailsdir}/${TARGET_TRIM}/fstab"
-    FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-2])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
+    FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
    FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET_TRIM}/root/.bastille" "${FSTAB_CONFIG}")
    FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille nullfs ro 0 0"
    if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/rename.sh
+++ b/usr/local/share/bastille/rename.sh
@@ -83,7 +83,7 @@ update_fstab() {
    if [ -f "${FSTAB_CONFIG}" ]; then
        # Skip if fstab is empty, e.g newly created thick or clone jails
        if [ -s "${FSTAB_CONFIG}" ]; then
-            FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-2])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
+            FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-9])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
            FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET}/root/.bastille" "${FSTAB_CONFIG}")
            FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${NEWNAME}/root/.bastille nullfs ro 0 0"
            if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/setup.sh
+++ b/usr/local/share/bastille/setup.sh
@@ -93,7 +93,7 @@ fi
 # Configure ZFS
 configure_zfs() {
-    if [ ! "$(kldstat -q -m zfs)" ]; then
+    if [ ! "$(kldstat -m zfs)" ]; then
        info "ZFS module not loaded; skipping..."
    else
        ## attempt to determine bastille_zroot from `zpool list`
--- a/usr/local/share/bastille/verify.sh
+++ b/usr/local/share/bastille/verify.sh
@@ -157,7 +157,7 @@ fi
 bastille_root_check
 case "$1" in
-*-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2)
+*-RELEASE|*-release|*-RC[1-9]|*-rc[1-9])
    RELEASE=$1
    verify_release
    ;;
Author	SHA1	Message	Date
Christer Edwards	b30a7484bb	fix for recent EOL support patch	2023-11-25 17:06:05 -07:00
Christer Edwards	b05493bc8e	Merge pull request #638 from BastilleBSD/create_matrix support combining options for bastille create	2023-11-24 16:42:40 -07:00
Christer Edwards	97a0e692d9	standardize options in create matrix	2023-11-24 16:41:25 -07:00
Christer Edwards	3df39078bf	support combining options for bastille create	2023-11-24 16:28:31 -07:00
Christer Edwards	620ad465d6	Merge pull request #637 from BastilleBSD/20231125_prep update documentation for 14.0-RELEASE	2023-11-24 16:04:21 -07:00
Christer Edwards	d44c85637e	update documentation for 14.0-RELEASE	2023-11-24 15:20:15 -07:00
Christer Edwards	c2b17f346d	Merge pull request #635 from BastilleBSD/readthedocs fix more readthedocs build info	2023-11-21 13:22:44 -07:00
Christer Edwards	94656350a1	fix more readthedocs build info	2023-11-21 13:20:16 -07:00
Christer Edwards	d0ff97057e	Merge pull request #634 from BastilleBSD/readthedocs fix readthedocs build info	2023-11-21 13:13:22 -07:00
Christer Edwards	dc6e755c2b	fix readthedocs build info	2023-11-21 13:12:21 -07:00
Christer Edwards	c8b3fb3bc1	Merge pull request #633 from BastilleBSD/eol_patch initial support & docs to bootstrap EOL releases	2023-11-20 16:21:31 -07:00
Christer Edwards	8906e491d0	initial support & docs to bootstrap EOL releases	2023-11-20 16:07:11 -07:00
Christer Edwards	51f9003016	Merge pull request #629 from dsh2dsh/rcordered rcorder(8)-ed startup script	2023-11-20 15:15:13 -07:00
Christer Edwards	2de0766b54	Merge pull request #632 from BastilleBSD/osrelease_patch add osrelease to jail.conf for new jails	2023-11-19 14:41:11 -07:00
Christer Edwards	ace7bdce2f	add osrelease to jail.conf for new jails	2023-11-19 14:37:31 -07:00
Christer Edwards	9e71332876	Merge pull request #630 from brendans-bits/readme-upgrading Added note on updating bastille.conf when upgrading	2023-11-14 10:17:22 -07:00
Brendan	2b6eb3c9f4	Added note on updating bastille.conf when upgrading	2023-11-13 20:00:41 +11:00
Denis Shaposhnikov	a38403b028	rcorder(8)-ed startup script With ```sh bastille_enable="YES" bastille_rcorder="YES" ``` in `/etc/rc.conf`, the script will the script will start all jails, except jails with "KEYWORD: nostart" in jail.conf. Example of `jail.conf` with `KEYWORD: nostart`: ``` jailname { ... } ``` `PROVIDE:` is optional. Actually all `rcorder(8)` labels are optional, but we can use it to build jail dependencies. For instance, if we have jail `db` and jails `alfa` and `zeta`, we can configure it so both jails require jail `db`: `alfa/jail.conf`: ``` alfa { ... } ``` `zeta/jail.conf`: ``` zeta { ... } ``` `db/jail.conf`: ``` db { ... } ``` With this configuration jail `db` will start first and stop last.	2023-11-11 19:35:56 +01:00
Christer Edwards	8c04f1d110	Merge pull request #628 from smortex/relax-beta-rc-validation Relax validation of -BETA / -RC releases	2023-11-10 11:32:50 -07:00
Romain Tartière	157125c4af	Relax validation of -BETA / -RC releases Accross the code, release names are checked against some variation of -BETAx / -RCx which are inconsistent in the range of accepted values for `x`. As a consequence, some commands cannot be successfuly run while they are valid, e.g. `bastille create test 14.0-RC4 10.0.0.2` is rejected because only `-RC1` and `-RC2` are accepted as a RC release name. Find out these lists of specific BETA and RC patterns and adjust them to allow any one-digit value at the end. We generaly do up to 4 BETA / RC releases, so a one digit limit is probably enough for the time being.	2023-11-10 08:09:51 -10:00
Barry McCormick	b7d741b5cd	Merge pull request #615 from BastilleBSD/issue-399 CIDR documentation on create command	2023-11-01 10:14:05 -07:00
Barry McCormick	1e849d41af	resolving to use /24 in docs	2023-11-01 10:13:01 -07:00
Barry McCormick	df00a7939e	Merge pull request #623 from adriel-tech/patch-1 fix configure_zfs() to properly return status of zfs module.	2023-11-01 08:38:17 -07:00
Barry McCormick	49f6402a00	Merge pull request #624 from majsterkoo/vnet_rename_fix Fix generated interface name in rc.conf for vnet jail	2023-10-30 16:01:19 -07:00
Michal Procházka	cf928f1237	Fix generated interface name in rc.conf for vnet jail	2023-10-30 20:39:58 +01:00
adriel-tech	11367238ec	Update setup.sh Removed -q from kldstat in function configure_zfs(). on FreeBSD 14 (maybe earlier) this causes kldstat to return in such a way that BastilleBSD assumes zfs is not loaded.	2023-10-29 15:16:39 -07:00
Barry McCormick	78c77b7e26	Merge pull request #622 from BastilleBSD/updatejail Updatejail	2023-10-26 19:00:25 -07:00
Barry McCormick	0a93940442	CIDR documentation on create command	2023-10-20 21:51:20 -07:00