Allow running bastille and subcomands with help flags as regular user

usr/local/bin/bastille

@@ -32,17 +32,6 @@ PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
 
 . /usr/local/share/bastille/common.sh
 
-## root check first.
-bastille_root_check() {
-    if [ "$(id -u)" -ne 0 ]; then
-        ## permission denied
-        error_notify "Bastille: Permission Denied"
-        error_exit "root / sudo / doas required"
-    fi
-}
-
-bastille_root_check
-
 ## check for config existance
 bastille_conf_check() {
     if [ ! -r "/usr/local/etc/bastille/bastille.conf" ]; then

usr/local/share/bastille/bootstrap.sh

@@ -42,6 +42,8 @@ help|-h|--help)
     ;;
 esac
 
+bastille_root_check
+
 #Validate if ZFS is enabled in rc.conf and bastille.conf.
 if [ "$(sysrc -n zfs_enable)" = "YES" ] && [ ! "${bastille_zfs_enable}" = "YES" ]; then
     warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"

usr/local/share/bastille/clone.sh

@@ -46,6 +46,8 @@ if [ $# -ne 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 NEWNAME="${1}"
 IP="${2}"
 

usr/local/share/bastille/cmd.sh

@@ -46,6 +46,8 @@ if [ $# -eq 0 ]; then
     usage
 fi
 
+bastille_root_check
+
 COUNT=0
 RETURN=0
 

usr/local/share/bastille/common.sh

@@ -33,6 +33,14 @@ COLOR_GREEN=
 COLOR_YELLOW=
 COLOR_RESET=
 
+bastille_root_check() {
+    if [ "$(id -u)" -ne 0 ]; then
+        ## permission denied
+        error_notify "Bastille: Permission Denied"
+        error_exit "root / sudo / doas required"
+    fi
+}
+
 enable_color() {
     . /usr/local/share/bastille/colors.pre.sh
 }

usr/local/share/bastille/config.sh

@@ -55,6 +55,8 @@ if [ $# -eq 1 ] || [ $# -gt 3 ]; then
     usage
 fi
 
+bastille_root_check
+
 ACTION=$1
 shift
 

usr/local/share/bastille/console.sh

@@ -46,6 +46,8 @@ if [ $# -gt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 USER="${1}"
 
 validate_user() {

usr/local/share/bastille/convert.sh

@@ -46,6 +46,8 @@ if [ $# -ne 0 ]; then
     usage
 fi
 
+bastille_root_check
+
 convert_symlinks() {
     # Work with the symlinks, revert on first cp error
     if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then

usr/local/share/bastille/cp.sh

@@ -54,6 +54,8 @@ if [ $# -ne 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 case "${OPTION}" in
     -q|--quiet)
         OPTION="-a"

usr/local/share/bastille/create.sh

@@ -588,6 +588,8 @@ help|-h|--help)
     ;;
 esac
 
+bastille_root_check
+
 if echo "$3" | grep '@'; then
     BASTILLE_JAIL_IP=$(echo "$3" | awk -F@ '{print $2}')
     BASTILLE_JAIL_INTERFACES=$( echo "$3" | awk -F@ '{print $1}')

usr/local/share/bastille/destroy.sh

@@ -210,6 +210,8 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 ## check what should we clean
 case "${TARGET}" in
 *-CURRENT|*-CURRENT-I386|*-CURRENT-i386|*-current)

usr/local/share/bastille/edit.sh

@@ -48,6 +48,8 @@ elif [ $# -eq 1 ]; then
     TARGET_FILENAME="${1}"
 fi
 
+bastille_root_check
+
 if [ -z "${EDITOR}" ]; then
     EDITOR=vi
 fi

usr/local/share/bastille/export.sh

@@ -71,6 +71,8 @@ if [ $# -gt 5 ] || [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 zfs_enable_check() {
     # Temporarily disable ZFS so we can create a standard backup archive
     if [ "${bastille_zfs_enable}" = "YES" ]; then

usr/local/share/bastille/htop.sh

@@ -46,6 +46,8 @@ if [ $# -ne 0 ]; then
     usage
 fi
 
+bastille_root_check
+
 for _jail in ${JAILS}; do
     bastille_jail_path=$(/usr/sbin/jls -j "${_jail}" path)
     if [ ! -x "${bastille_jail_path}/usr/local/bin/htop" ]; then

usr/local/share/bastille/import.sh

@@ -59,6 +59,8 @@ if [ $# -gt 3 ] || [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 TARGET="${1}"
 OPT_FORCE=
 USER_IMPORT=

usr/local/share/bastille/limits.sh

@@ -55,6 +55,8 @@ if [ $# -ne 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 OPTION="${1}"
 VALUE="${2}"
 

usr/local/share/bastille/list.sh

@@ -35,6 +35,12 @@ usage() {
     error_exit "Usage: bastille list [-j|-a] [release [-p]|template|(jail|container)|log|limit|(import|export|backup)]"
 }
 
+if [ "$1" = help -o "$1" = "-h" -o "$1" = "--help" ]; then
+    usage
+fi
+
+bastille_root_check
+
 if [ $# -eq 0 ]; then
    /usr/sbin/jls -N
 fi
@@ -47,9 +53,6 @@ fi
 if [ $# -gt 0 ]; then
     # Handle special-case commands first.
     case "$1" in
-    help|-h|--help)
-        usage
-        ;;
     all|-a|--all)
         if [ -d "${bastille_jailsdir}" ]; then
             DEFAULT_VALUE="-"

usr/local/share/bastille/mount.sh

@@ -50,6 +50,8 @@ else
     _fstab="$@"
 fi
 
+bastille_root_check
+
 ## assign needed variables
 _hostpath=$(echo "${_fstab}" | awk '{print $1}')
 _jailpath=$(echo "${_fstab}" | awk '{print $2}')

usr/local/share/bastille/pkg.sh

@@ -45,6 +45,8 @@ if [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 errors=0
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/rdr.sh

@@ -46,6 +46,8 @@ if [ $# -lt 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 TARGET="${1}"
 JAIL_NAME=""
 JAIL_IP=""

usr/local/share/bastille/rename.sh

@@ -56,6 +56,8 @@ if [ $# -ne 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 NEWNAME="${1}"
 
 update_jailconf() {

usr/local/share/bastille/service.sh

@@ -45,6 +45,8 @@ if [ $# -lt 1 -o $# -gt 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 for _jail in ${JAILS}; do
     info "[${_jail}]:"
     jexec -l "${_jail}" /usr/sbin/service "$@"

usr/local/share/bastille/start.sh

@@ -46,6 +46,8 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 TARGET="${1}"
 shift
 

usr/local/share/bastille/stop.sh

@@ -46,6 +46,8 @@ if [ $# -ne 0 ]; then
     usage
 fi
 
+bastille_root_check
+
 for _jail in ${JAILS}; do
     ## test if running
     if [ "$(/usr/sbin/jls name | awk "/^${_jail}$/")" ]; then

usr/local/share/bastille/sysrc.sh

@@ -45,6 +45,8 @@ if [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 for _jail in ${JAILS}; do
     info "[${_jail}]:"
     jexec -l "${_jail}" /usr/sbin/sysrc "$@"

usr/local/share/bastille/tags.sh

@@ -54,6 +54,8 @@ if [ $# -lt 1 -o $# -gt 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 ACTION="${1}"
 TAGS="${2}"
 

usr/local/share/bastille/template.sh

@@ -116,6 +116,8 @@ if [ $# -lt 1 ]; then
     bastille_usage
 fi
 
+bastille_root_check
+
 ## global variables
 TEMPLATE="${1}"
 bastille_template=${bastille_templatesdir}/${TEMPLATE}

usr/local/share/bastille/top.sh

@@ -45,6 +45,8 @@ if [ $# -ne 0 ]; then
     usage
 fi
 
+bastille_root_check
+
 for _jail in ${JAILS}; do
     info "[${_jail}]:"
     jexec -l "${_jail}" /usr/bin/top

usr/local/share/bastille/umount.sh

@@ -46,6 +46,8 @@ if [ $# -ne 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 MOUNT_PATH=$1
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/update.sh

@@ -46,6 +46,8 @@ if [ $# -gt 2 ] || [ $# -lt 1 ]; then
     usage
 fi
 
+bastille_root_check
+
 TARGET="${1}"
 OPTION="${2}"
 

usr/local/share/bastille/upgrade.sh

@@ -46,6 +46,8 @@ if [ $# -gt 3 ] || [ $# -lt 2 ]; then
     usage
 fi
 
+bastille_root_check
+
 TARGET="$1"
 NEWRELEASE="$2"
 OPTION="$3"

usr/local/share/bastille/verify.sh

@@ -154,6 +154,8 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
     bastille_usage
 fi
 
+bastille_root_check
+
 case "$1" in
 *-RELEASE|*-release|*-RC1|*-rc1|*-RC2|*-rc2)
     RELEASE=$1

usr/local/share/bastille/zfs.sh

@@ -82,6 +82,8 @@ help|-h|--help)
     ;;
 esac
 
+bastille_root_check
+
 ## check ZFS enabled
 if [ ! "${bastille_zfs_enable}" = "YES" ]; then
     error_exit "ZFS not enabled."