add osrelease to jail.conf for new jails

Merge pull request #630 from brendans-bits/readme-upgrading
Added note on updating bastille.conf when upgrading
2023-11-19 14:37:31 -07:00 · 2023-11-14 10:17:22 -07:00 · 2023-11-13 20:00:41 +11:00 · 2023-11-10 11:32:50 -07:00 · 2023-11-10 08:09:51 -10:00 · 2023-11-01 10:14:05 -07:00
10 changed files with 36 additions and 12 deletions
--- a/README.md
+++ b/README.md
@@ -33,6 +33,19 @@ sysrc bastille_enable=YES
 sysrc bastille_list="azkaban alcatraz" # (optional whitelist of jails to start at boot; default: ALL)
 ```

+Upgrading from a previous version
+---------------------------------
+When upgrading from a previous version of bastille (e.g. 0.10.20230714 to 
+0.10.20231013) you will need to update your bastille.conf
+
+```shell
+cd /usr/local/etc/bastille
+vimdiff bastille.conf bastille.conf.sample
+```
+
+Merge the lines that are present in the new bastille.conf.sample into
+your bastille.conf
+
 Basic Usage
 -----------
 ```shell
--- a/docs/chapters/subcommands/create.rst
+++ b/docs/chapters/subcommands/create.rst
@@ -22,6 +22,15 @@ bootstrapped release and a private (rfc1918) IP address.
 This command will create a 11.3-RELEASE container assigning the 10.17.89.10 ip
 address to the new system.

+.. code-block:: shell
+
+   ishmael ~ # bastille create alcatraz 13.2-RELEASE 10.17.89.113/24
+
+
+The above code will create a jail with a /24 mask.  At the time of this documentation you 
+can only use CIDR notation, and not use a netmask 255.255.255.0 to accomplish this.
+
+
 I recommend using private (rfc1918) ip address ranges for your container.  These
 ranges include:

--- a/usr/local/share/bastille/bootstrap.sh
+++ b/usr/local/share/bastille/bootstrap.sh
@@ -489,9 +489,9 @@ case "${1}" in
    PLATFORM_OS="FreeBSD"
    validate_release_url
    ;;
-*-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-RC3|*-rc3|*-RC4|*-rc4|*-RC5|*-rc5|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+*-RELEASE|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
    ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-5]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]')
+    NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]')
    UPSTREAM_URL="${bastille_url_freebsd}${HW_MACHINE}/${HW_MACHINE_ARCH}/${NAME_VERIFY}"
    PLATFORM_OS="FreeBSD"
    validate_release_url
--- a/usr/local/share/bastille/clone.sh
+++ b/usr/local/share/bastille/clone.sh
@@ -136,7 +136,7 @@ update_fstab() {
    # Update fstab to use the new name
    FSTAB_CONFIG="${bastille_jailsdir}/${NEWNAME}/fstab"
    if [ -f "${FSTAB_CONFIG}" ]; then
-        FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-5]|-BETA[1-5]|-CURRENT)|([0-9]{1,2}(-stable-build-[0-9]{1,3}|-stable-LAST))|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)' "${FSTAB_CONFIG}" | uniq)
+        FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9]|-CURRENT)|([0-9]{1,2}(-stable-build-[0-9]{1,3}|-stable-LAST))|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)' "${FSTAB_CONFIG}" | uniq)
        FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET}/root/.bastille" "${FSTAB_CONFIG}")
        FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${NEWNAME}/root/.bastille nullfs ro 0 0"
        if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/create.sh
+++ b/usr/local/share/bastille/create.sh
@@ -178,6 +178,7 @@ ${NAME} {
  mount.fstab = ${bastille_jail_fstab};
  path = ${bastille_jail_path};
  securelevel = 2;
+  osrelease = ${RELEASE};

  interface = ${bastille_jail_conf_interface};
  ${IP4_DEFINITION}
@@ -225,6 +226,7 @@ ${NAME} {
  mount.fstab = ${bastille_jail_fstab};
  path = ${bastille_jail_path};
  securelevel = 2;
+  osrelease = ${RELEASE};

 ${NETBLOCK}
 }
@@ -499,7 +501,7 @@ create_jail() {
    if [ -n "${VNET_JAIL}" ]; then
        if [ -n "${bastille_template_vnet}" ]; then
            ## rename interface to generic vnet0
-            uniq_epair=$(grep vnet.interface "${bastille_jailsdir}/${NAME}/jail.conf" | awk '{print $3}' | sed 's/;//')
+            uniq_epair=$(grep vnet.interface "${bastille_jailsdir}/${NAME}/jail.conf" | awk '{print $3}' | sed 's/;//; s/-/_/g')

            _gateway=''
            _gateway6=''
@@ -719,9 +721,9 @@ if [ -z "${EMPTY_JAIL}" ]; then
        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
        validate_release
        ;;
-    *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+    *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
        ## check for FreeBSD releases name
-        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-2]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
+        NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
        validate_release
        ;;
    *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
--- a/usr/local/share/bastille/destroy.sh
+++ b/usr/local/share/bastille/destroy.sh
@@ -219,9 +219,9 @@ case "${TARGET}" in
    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
    destroy_rel
    ;;
-*-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC1|*-rc1|*-RC2|*-rc2|*-RC3|*-rc3|*-RC4|*-rc4|*-RC5|*-rc5|*-BETA1|*-BETA2|*-BETA3|*-BETA4|*-BETA5)
+*-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9])
    ## check for FreeBSD releases name
-    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-5]|-BETA[1-5])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
+    NAME_VERIFY=$(echo "${TARGET}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g')
    destroy_rel
    ;;
 *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST)
--- a/usr/local/share/bastille/import.sh
+++ b/usr/local/share/bastille/import.sh
@@ -164,7 +164,7 @@ update_fstab() {
    # Update fstab .bastille mountpoint on thin containers only
    # Set some variables
    FSTAB_CONFIG="${bastille_jailsdir}/${TARGET_TRIM}/fstab"
-    FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-2])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
+    FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
    FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET_TRIM}/root/.bastille" "${FSTAB_CONFIG}")
    FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille nullfs ro 0 0"
    if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/rename.sh
+++ b/usr/local/share/bastille/rename.sh
@@ -83,7 +83,7 @@ update_fstab() {
    if [ -f "${FSTAB_CONFIG}" ]; then
        # Skip if fstab is empty, e.g newly created thick or clone jails
        if [ -s "${FSTAB_CONFIG}" ]; then
-            FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-2])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
+            FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RC[1-9])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}")
            FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET}/root/.bastille" "${FSTAB_CONFIG}")
            FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${NEWNAME}/root/.bastille nullfs ro 0 0"
            if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then
--- a/usr/local/share/bastille/setup.sh
+++ b/usr/local/share/bastille/setup.sh
@@ -93,7 +93,7 @@ fi

 # Configure ZFS
 configure_zfs() {
-    if [ ! "$(kldstat -q -m zfs)" ]; then
+    if [ ! "$(kldstat -m zfs)" ]; then
        info "ZFS module not loaded; skipping..."
    else
        ## attempt to determine bastille_zroot from `zpool list`
--- a/usr/local/share/bastille/verify.sh
+++ b/usr/local/share/bastille/verify.sh
@@ -157,7 +157,7 @@ fi
 bastille_root_check

 case "$1" in
-*-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2)
+*-RELEASE|*-release|*-RC[1-9]|*-rc[1-9])
    RELEASE=$1
    verify_release
    ;;
Author	SHA1	Message	Date
Christer Edwards	ace7bdce2f	add osrelease to jail.conf for new jails	2023-11-19 14:37:31 -07:00
Christer Edwards	9e71332876	Merge pull request #630 from brendans-bits/readme-upgrading Added note on updating bastille.conf when upgrading	2023-11-14 10:17:22 -07:00
Brendan	2b6eb3c9f4	Added note on updating bastille.conf when upgrading	2023-11-13 20:00:41 +11:00
Christer Edwards	8c04f1d110	Merge pull request #628 from smortex/relax-beta-rc-validation Relax validation of -BETA / -RC releases	2023-11-10 11:32:50 -07:00
Romain Tartière	157125c4af	Relax validation of -BETA / -RC releases Accross the code, release names are checked against some variation of -BETAx / -RCx which are inconsistent in the range of accepted values for `x`. As a consequence, some commands cannot be successfuly run while they are valid, e.g. `bastille create test 14.0-RC4 10.0.0.2` is rejected because only `-RC1` and `-RC2` are accepted as a RC release name. Find out these lists of specific BETA and RC patterns and adjust them to allow any one-digit value at the end. We generaly do up to 4 BETA / RC releases, so a one digit limit is probably enough for the time being.	2023-11-10 08:09:51 -10:00
Barry McCormick	b7d741b5cd	Merge pull request #615 from BastilleBSD/issue-399 CIDR documentation on create command	2023-11-01 10:14:05 -07:00
Barry McCormick	1e849d41af	resolving to use /24 in docs	2023-11-01 10:13:01 -07:00
Barry McCormick	df00a7939e	Merge pull request #623 from adriel-tech/patch-1 fix configure_zfs() to properly return status of zfs module.	2023-11-01 08:38:17 -07:00
Barry McCormick	49f6402a00	Merge pull request #624 from majsterkoo/vnet_rename_fix Fix generated interface name in rc.conf for vnet jail	2023-10-30 16:01:19 -07:00
Michal Procházka	cf928f1237	Fix generated interface name in rc.conf for vnet jail	2023-10-30 20:39:58 +01:00
adriel-tech	11367238ec	Update setup.sh Removed -q from kldstat in function configure_zfs(). on FreeBSD 14 (maybe earlier) this causes kldstat to return in such a way that BastilleBSD assumes zfs is not loaded.	2023-10-29 15:16:39 -07:00
Barry McCormick	78c77b7e26	Merge pull request #622 from BastilleBSD/updatejail Updatejail	2023-10-26 19:00:25 -07:00
Barry McCormick	0a93940442	CIDR documentation on create command	2023-10-20 21:51:20 -07:00