Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-22 10:10:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

add/remove rctl limits on container start/stop

Browse Source
This commit is contained in:
Christer Edwards
2020-01-26 10:08:42 -07:00
parent 8b9760b0a5
commit 02d0e94ef6
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
usr/local/share/bastille/start.sh
View File

@@ -67,6 +67,13 @@ for _jail in ${JAILS}; do
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail} jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail}
## add rctl limits
if [ -s "${bastille_jailsdir}/${_jail}/rctl.conf" ]; then
while read _limits; do
rctl -a "${_limits}"
done < "${bastille_jailsdir}/${_jail}/rctl.conf"
fi
## add ip4.addr to firewall table:jails ## add ip4.addr to firewall table:jails
if [ ! -z "${bastille_jail_loopback}" ]; then if [ ! -z "${bastille_jail_loopback}" ]; then
pfctl -q -t jails -T add $(jls -j ${_jail} ip4.addr) pfctl -q -t jails -T add $(jls -j ${_jail} ip4.addr)

7
usr/local/share/bastille/stop.sh
View File

@@ -69,6 +69,13 @@ for _jail in ${JAILS}; do
pfctl -q -t jails -T delete $(jls -j ${_jail} ip4.addr) pfctl -q -t jails -T delete $(jls -j ${_jail} ip4.addr)
fi fi
## remove rctl limits
if [ -s "${bastille_jailsdir}/${_jail}/rctl.conf" ]; then
while read _limits; do
rctl -r "${_limits}"
done < "${bastille_jailsdir}/${_jail}/rctl.conf"
fi
## stop container ## stop container
echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}" echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -r ${_jail} jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -r ${_jail}