From 68f4aecddfa3810dcd5a6218f0e4978701fc6e29 Mon Sep 17 00:00:00 2001 From: tschettervictor Date: Thu, 1 May 2025 17:39:50 -0600 Subject: [PATCH] finish refactor of line spacing --- usr/local/share/bastille/bootstrap.sh | 25 +++---- usr/local/share/bastille/clone.sh | 36 ++++++++-- usr/local/share/bastille/cmd.sh | 4 +- usr/local/share/bastille/config.sh | 2 +- usr/local/share/bastille/console.sh | 14 ++-- usr/local/share/bastille/convert.sh | 56 ++++++++-------- usr/local/share/bastille/cp.sh | 8 ++- usr/local/share/bastille/create.sh | 31 +++++---- usr/local/share/bastille/destroy.sh | 19 ++++-- usr/local/share/bastille/edit.sh | 4 +- usr/local/share/bastille/etcupdate.sh | 22 +++---- usr/local/share/bastille/export.sh | 40 ++++++------ usr/local/share/bastille/htop.sh | 6 +- usr/local/share/bastille/import.sh | 94 +++++++++++++-------------- usr/local/share/bastille/jcp.sh | 14 ++-- usr/local/share/bastille/limits.sh | 6 +- usr/local/share/bastille/list.sh | 4 +- usr/local/share/bastille/mount.sh | 6 +- usr/local/share/bastille/network.sh | 79 ++++++++++++---------- usr/local/share/bastille/pkg.sh | 12 ++-- usr/local/share/bastille/rcp.sh | 8 ++- usr/local/share/bastille/rdr.sh | 38 +++++------ usr/local/share/bastille/rename.sh | 23 +++++-- usr/local/share/bastille/restart.sh | 4 +- usr/local/share/bastille/service.sh | 9 +-- usr/local/share/bastille/setup.sh | 9 ++- usr/local/share/bastille/start.sh | 10 +-- usr/local/share/bastille/stop.sh | 2 +- usr/local/share/bastille/sysrc.sh | 3 +- usr/local/share/bastille/tags.sh | 5 +- usr/local/share/bastille/template.sh | 34 +++++----- usr/local/share/bastille/top.sh | 2 +- usr/local/share/bastille/umount.sh | 9 +-- usr/local/share/bastille/update.sh | 29 ++++----- usr/local/share/bastille/upgrade.sh | 23 ++++--- usr/local/share/bastille/verify.sh | 22 ++++--- usr/local/share/bastille/zfs.sh | 6 +- 37 files changed, 399 insertions(+), 319 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 9ab72ca4..8556421a 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -226,7 +226,7 @@ bootstrap_release() { touch "${bastille_releasesdir}/${RELEASE}/root/.hushlogin" touch "${bastille_releasesdir}/${RELEASE}/usr/share/skel/dot.hushlogin" else - error_exit "Failed to extract ${_archive}.txz." + error_exit "[ERROR]: Failed to extract ${_archive}.txz." fi else ## get the manifest for dist files checksum validation @@ -289,7 +289,7 @@ bootstrap_release() { touch "${bastille_releasesdir}/${RELEASE}/root/.hushlogin" touch "${bastille_releasesdir}/${RELEASE}/usr/share/skel/dot.hushlogin" else - error_exit "Failed to extract ${_archive}.txz." + error_exit "[ERROR]: Failed to extract ${_archive}.txz." fi fi fi @@ -319,22 +319,22 @@ debootstrap_release() { read answer case "${answer}" in [Nn][Oo]|[Nn]|"") - error_exit "Exiting." + error_exit "Cancelled, Exiting." ;; [Yy][Ee][Ss]|[Yy]) # Skip already loaded known modules. if ! kldstat -m ${_req_kmod} >/dev/null 2>&1; then - info "Loading kernel module: ${_req_kmod}" + info "\nLoading kernel module: ${_req_kmod}" kldload -v ${_req_kmod} fi - info "Persisting module: ${_req_kmod}" + info "\nPersisting module: ${_req_kmod}" sysrc -f /boot/loader.conf ${_req_kmod}_load=YES ;; esac else # If already set in /boot/loader.conf, check and try to load the module. if ! kldstat -m ${_req_kmod} >/dev/null 2>&1; then - info "Loading kernel module: ${_req_kmod}" + info "\nLoading kernel module: ${_req_kmod}" kldload -v ${_req_kmod} fi fi @@ -343,10 +343,11 @@ debootstrap_release() { # Mandatory Linux modules/rc. for _lin_kmod in ${linuxarc_mods}; do if ! kldstat -n ${_lin_kmod} >/dev/null 2>&1; then - info "Loading kernel module: ${_lin_kmod}" + info "\nLoading kernel module: ${_lin_kmod}" kldload -v ${_lin_kmod} fi done + if [ ! "$(sysrc -qn linux_enable)" = "YES" ] && \ [ ! "$(sysrc -f /etc/rc.conf.local -qn linux_enable)" = "YES" ]; then sysrc linux_enable=YES @@ -357,7 +358,7 @@ debootstrap_release() { read answer case $answer in [Nn][Oo]|[Nn]|"") - error_exit "Exiting. You need to install debootstap before boostrapping a Linux jail." + error_exit "[ERROR]: debootstrap is required for boostrapping a Linux jail." ;; [Yy][Ee][Ss]|[Yy]) pkg install -y debootstrap @@ -368,6 +369,7 @@ debootstrap_release() { # Fetch the Linux flavor info "\nFetching ${PLATFORM_OS} distfiles..." if ! debootstrap --foreign --arch=${ARCH_BOOTSTRAP} --no-check-gpg ${LINUX_FLAVOR} "${bastille_releasesdir}"/${DIR_BOOTSTRAP}; then + ## perform cleanup only for stale/empty directories on failure if checkyesno bastille_zfs_enable; then if [ -n "${bastille_zfs_zpool}" ]; then @@ -376,6 +378,7 @@ debootstrap_release() { fi fi fi + if [ -d "${bastille_releasesdir}/${DIR_BOOTSTRAP}" ]; then if [ ! "$(ls -A "${bastille_releasesdir}/${DIR_BOOTSTRAP}")" ]; then rm -rf "${bastille_releasesdir:?}/${DIR_BOOTSTRAP}" @@ -463,7 +466,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_exit "Unknown Option: \"${1}\"" + error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; *) break @@ -491,7 +494,7 @@ if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; the esac fi -# Validate ZFS parameters. +# Validate ZFS parameters if checkyesno bastille_zfs_enable; then ## check for the ZFS pool and bastille prefix if [ -z "${bastille_zfs_zpool}" ]; then @@ -525,7 +528,7 @@ if [ -n "${OPTION}" ] && [ "${OPTION}" != "${HW_MACHINE}" ] && [ "${OPTION}" != HW_MACHINE="i386" HW_MACHINE_ARCH="i386" else - error_exit "Unsupported architecture." + error_exit "[ERROR]: Unsupported architecture." fi fi diff --git a/usr/local/share/bastille/clone.sh b/usr/local/share/bastille/clone.sh index 1542cdcf..39b52733 100644 --- a/usr/local/share/bastille/clone.sh +++ b/usr/local/share/bastille/clone.sh @@ -76,7 +76,7 @@ while [ "$#" -gt 0 ]; do a) AUTO=1 ;; l) LIVE=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift @@ -104,7 +104,7 @@ set_target_single "${TARGET}" ## don't allow for dots(.) in container names if echo "${NEWNAME}" | grep -q "[.]"; then - error_exit "Container names may not contain a dot(.)!" + error_exit "[ERROR]: Jail names may not contain a dot(.)!" fi validate_ip() { @@ -114,11 +114,16 @@ validate_ip() { ip6=$(echo "${IP}" | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$))') if [ -n "${ip6}" ]; then + info "\nValid: (${ip6})." IP6_MODE="new" + elif { [ "${IP}" = "0.0.0.0" ] || [ "${IP}" = "DHCP" ]; } && [ "$(bastille config ${TARGET} get vnet)" = "enabled" ]; then + info "\nValid: (${IP})." + else + local IFS if echo "${IP}" | grep -Eq '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$'; then TEST_IP=$(echo "${IP}" | cut -d / -f1) @@ -129,11 +134,13 @@ validate_ip() { error_exit "Invalid: (${TEST_IP})" fi done + if ifconfig | grep -qwF "${TEST_IP}"; then warn "\nWarning: IP address already in use (${TEST_IP})." else info "\nValid: (${IP})." fi + else error_exit "Invalid: (${IP})." fi @@ -223,6 +230,7 @@ update_jailconf_vnet() { if echo ${_if} | grep -Eoq 'epair[0-9]+'; then for _num in $(seq 0 "${_bastille_if_num_range}"); do if ! echo "${_bastille_if_list}" | grep -oqswx "${_num}"; then + # Generate new epair name if [ "$(echo -n "e${_num}a_${NEWNAME}" | awk '{print length}')" -lt 16 ]; then local _new_host_epair="e${_num}a_${NEWNAME}" @@ -231,6 +239,7 @@ update_jailconf_vnet() { local _new_host_epair="epair${_num}a" local _new_jail_epair="epair${_num}b" fi + # Get epair name from TARGET if grep -Eoq "e[0-9]+a_${TARGET}" "${_jail_conf}"; then _target_host_epair="$(grep -Eo -m 1 "e[0-9]+a_${TARGET}" "${_jail_conf}")" @@ -239,18 +248,22 @@ update_jailconf_vnet() { _target_host_epair="${_if}a" _target_jail_epair="${_if}b" fi + # Replace host epair name in jail.conf sed -i '' "s|up name ${_target_host_epair}|up name ${_new_host_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} ether|${_new_host_epair} ether|g" "${_jail_conf}" sed -i '' "s|deletem ${_target_host_epair}|deletem ${_new_host_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} destroy|${_new_host_epair} destroy|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} description|${_new_host_epair} description|g" "${_jail_conf}" + # Replace jail epair name in jail.conf sed -i '' "s|= ${_target_jail_epair};|= ${_new_jail_epair};|g" "${_jail_conf}" sed -i '' "s|up name ${_target_jail_epair}|up name ${_new_jail_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_jail_epair} ether|${_new_jail_epair} ether|g" "${_jail_conf}" + # Replace epair name in jail.conf sed -i '' "s|${_if}|epair${_num}|g" "${_jail_conf}" + # If jail had a static MAC, generate one for clone if grep -q ether ${_jail_conf}; then local external_interface="$(grep "epair${_num}a" ${_jail_conf} | grep -o '[^ ]* addm' | awk '{print $1}')" @@ -258,8 +271,10 @@ update_jailconf_vnet() { sed -i '' "s|${_new_host_epair} ether.*:.*:.*:.*:.*:.*a\";|${_new_host_epair} ether ${macaddr}a\";|" "${_jail_conf}" sed -i '' "s|${_new_jail_epair} ether.*:.*:.*:.*:.*:.*b\";|${_new_jail_epair} ether ${macaddr}b\";|" "${_jail_conf}" fi + # Replace epair description sed -i '' "/${_new_host_epair}/ s|vnet host interface for Bastille jail ${TARGET}|vnet host interface for Bastille jail ${NEWNAME}|g" "${_jail_conf}" + # Update /etc/rc.conf local _jail_vnet="$(grep ${_target_jail_epair} "${_rc_conf}" | grep -Eo -m 1 "vnet[0-9]+")" local _jail_vnet_vlan="$(grep "vlans_${_jail_vnet}" "${_rc_conf}" | sed 's/.*=//g')" @@ -288,17 +303,21 @@ update_jailconf_vnet() { break fi done + # Update VNET (non-bridged) config elif echo ${_if} | grep -Eoq 'e[0-9]+b_bastille[0-9]+'; then + # Update VNET config _if="$(echo ${_if} | grep -Eo 'bastille[0-9]+')" for _num in $(seq 0 "${_bastille_if_num_range}"); do if ! echo "${_bastille_if_list}" | grep -oqswx "${_num}"; then + # Update jail.conf epair name local _jail_if="bastille${_num}" local _jail_vnet="$(grep ${_if} "${_rc_conf}" | grep -Eo -m 1 "vnet[0-9]+")" local _jail_vnet_vlan="$(grep "vlans_${_jail_vnet}" "${_rc_conf}" | sed 's/.*=//g')" sed -i '' "s|${_if}|${_jail_if}|g" "${_jail_conf}" + # If jail had a static MAC, generate one for clone if grep ether ${_jail_conf} | grep -qoc ${_jail_if}; then local external_interface="$(grep ${_jail_if} ${_jail_conf} | grep -o 'addm.*' | awk '{print $3}' | sed 's/["|;]//g')" @@ -307,6 +326,7 @@ update_jailconf_vnet() { sed -i '' "s|${_jail_if} ether.*:.*:.*:.*:.*:.*b\";|${_jail_if} ether ${macaddr}b\";|" "${_jail_conf}" fi sed -i '' "/${_jail_if}/ s|vnet host interface for Bastille jail ${TARGET}|vnet host interface for Bastille jail ${NEWNAME}|g" "${_jail_conf}" + # Update /etc/rc.conf sed -i '' "s|ifconfig_e0b_${_if}_name|ifconfig_e0b_${_jail_if}_name|" "${_rc_conf}" if grep "vnet0" "${_rc_conf}" | grep -q ${_jail_if}; then @@ -332,23 +352,27 @@ update_jailconf_vnet() { fi break fi - done + done + # Update netgraph VNET (non-bridged) config elif echo ${_if} | grep -Eoq 'ng[0-9]+_bastille[0-9]+'; then _if="$(echo ${_if} | grep -Eo 'bastille[0-9]+')" for _num in $(seq 0 "${_bastille_if_num_range}"); do if ! echo "${_bastille_if_list}" | grep -oqswx "${_num}"; then + # Update jail.conf epair name local _jail_if="bastille${_num}" local _jail_vnet="$(grep ${_if} "${_rc_conf}" | grep -Eo -m 1 "vnet[0-9]+")" local _jail_vnet_vlan="$(grep "vlans_${_jail_vnet}" "${_rc_conf}" | sed 's/.*=//g')" sed -i '' "s|${_if}|${_jail_if}|g" "${_jail_conf}" + # If jail had a static MAC, generate one for clone if grep ether ${_jail_conf} | grep -qoc ${_jail_if}; then local external_interface="$(grep ${_jail_if} ${_jail_conf} | grep -o 'jng bridge.*' | awk '{print $4}' | sed 's/["|;]//g')" generate_static_mac "${NEWNAME}" "${external_interface}" sed -i '' "s|${_jail_if} ether.*:.*:.*:.*:.*:.*a\";|${_jail_if} ether ${macaddr}a\";|" "${_jail_conf}" fi + # Update /etc/rc.conf sed -i '' "s|ifconfig_ng0_${_if}_name|ifconfig_ng0_${_jail_if}_name|" "${_rc_conf}" if grep "vnet0" "${_rc_conf}" | grep -q ${_jail_if}; then @@ -388,7 +412,7 @@ clone_jail() { # Validate jail state if [ "${LIVE}" -eq 1 ]; then if ! check_target_is_running "${TARGET}"; then - error_exit "[-l|--live] can only be used with a running jail." + error_exit "[ERROR]: [-l|--live] can only be used with a running jail." fi elif ! check_target_is_stopped "${TARGET}"; then if [ "${AUTO}" -eq 1 ]; then @@ -436,7 +460,7 @@ clone_jail() { fi else - error_exit "${NEWNAME} already exists." + error_exit "[ERROR]: ${NEWNAME} already exists." fi # Generate jail configuration files @@ -445,7 +469,7 @@ clone_jail() { # Display exit status if [ "$?" -ne 0 ]; then - error_exit "An error has occurred while attempting to clone '${TARGET}'." + error_exit "[ERROR]: An error has occurred while attempting to clone '${TARGET}'." else info "\nCloned '${TARGET}' to '${NEWNAME}' successfully." fi diff --git a/usr/local/share/bastille/cmd.sh b/usr/local/share/bastille/cmd.sh index ed010724..1dc69d91 100644 --- a/usr/local/share/bastille/cmd.sh +++ b/usr/local/share/bastille/cmd.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -91,7 +91,7 @@ set_target "${TARGET}" for _jail in ${JAILS}; do - # Validate jail state before continuing + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else diff --git a/usr/local/share/bastille/config.sh b/usr/local/share/bastille/config.sh index abc54c66..de1019b9 100644 --- a/usr/local/share/bastille/config.sh +++ b/usr/local/share/bastille/config.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_notify "Unknown Option: \"${1}\"" + error_notify "[ERROR]: Unknown Option: \"${1}\"" usage ;; *) diff --git a/usr/local/share/bastille/console.sh b/usr/local/share/bastille/console.sh index 5b9e5c1a..d90be987 100644 --- a/usr/local/share/bastille/console.sh +++ b/usr/local/share/bastille/console.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in x) enable_debug ;; a) AUTO=1 ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -112,15 +112,17 @@ check_fib() { local _jail="${1}" fib=$(grep 'exec.fib' "${bastille_jailsdir}/${_jail}/jail.conf" | awk '{print $3}' | sed 's/\;//g') - if [ -n "${fib}" ]; then - _setfib="setfib -F ${fib}" - else - _setfib="" - fi + + if [ -n "${fib}" ]; then + _setfib="setfib -F ${fib}" + else + _setfib="" + fi } for _jail in ${JAILS}; do + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else diff --git a/usr/local/share/bastille/convert.sh b/usr/local/share/bastille/convert.sh index 53ad80b2..5a1bf641 100644 --- a/usr/local/share/bastille/convert.sh +++ b/usr/local/share/bastille/convert.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -82,7 +82,7 @@ CONVERT_RELEASE="${2}" bastille_root_check set_target_single "${TARGET}" -# Validate jail state before continuing +# Validate jail state check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then bastille stop "${TARGET}" else @@ -91,17 +91,15 @@ else error_exit "Use [-a|--auto] to auto-stop the jail." fi -info "\n[${TARGET}]:" - validate_release_name() { local _name=${1} local _sanity="$(echo "${_name}" | tr -c -d 'a-zA-Z0-9-_')" if [ -n "$(echo "${_sanity}" | awk "/^[-_].*$/" )" ]; then - error_exit "Release names may not begin with (-|_) characters!" + error_exit "[ERROR]: Release names may not begin with (-|_) characters!" elif [ "${_name}" != "${_sanity}" ]; then - error_exit "Release names may not contain special characters!" + error_exit "[ERROR]: Release names may not contain special characters!" fi } @@ -111,7 +109,7 @@ convert_jail_to_release() { _jailname="${1}" _release="${2}" - echo "Creating ${_release} from ${_jailname}..." + info "\nAttempting to create '${_release}' from '${_jailname}'..." if checkyesno bastille_zfs_enable; then if [ -n "${bastille_zfs_zpool}" ]; then @@ -144,7 +142,7 @@ convert_jail_to_release() { zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/releases/${_release}" error_exit "Failed to create release. Please retry!" else - info "Created ${_release} from ${_jailname}" + info "\nCreated '${_release}' from '${_jailname}'\n" fi else ## copy all files for thick jails @@ -152,9 +150,9 @@ convert_jail_to_release() { if [ "$?" -ne 0 ]; then ## notify and clean stale files/directories bastille destroy -af "${NAME}" - error_exit "Failed to create release. Please retry!" + error_exit "[ERROR]: Failed to create release. Please retry!" else - info "Created ${_release} from ${_jailname}\n" + info "\nCreated '${_release}' from '${_jailname}'\n" fi fi } @@ -171,7 +169,7 @@ convert_symlinks() { done # Copy new files to destination jail - echo "Copying required base files to container..." + info "\nCopying required base files to container..." for _link in ${SYMLINKS}; do if [ ! -d "${_link}" ]; then if [ -d "${bastille_releasesdir}/${RELEASE}/${_link}" ]; then @@ -190,13 +188,13 @@ convert_symlinks() { fi done else - error_exit "Release must be bootstrapped first. See 'bastille bootstrap'." + error_exit "[ERROR]: Release must be bootstrapped first. See 'bastille bootstrap'." fi } revert_convert() { # Revert the conversion on first cp error - error_notify "A problem has occurred while copying the files. Reverting changes..." + error_notify "[ERROR]: A problem has occurred while copying the files. Reverting changes..." for _link in ${SYMLINKS}; do if [ -d "${_link}" ]; then chflags -R noschg "${bastille_jailsdir}/${TARGET}/root/${_link}" @@ -214,10 +212,13 @@ revert_convert() { } start_convert() { + # Attempt container conversion and handle some errors DATE=$(date) + if [ -d "${bastille_jailsdir}/${TARGET}" ]; then - info "Converting '${TARGET}' into a thickjail. This may take a while..." + + info "\nConverting '${TARGET}' into a thickjail. This may take a while..." # Set some variables RELEASE=$(grep -w "${bastille_releasesdir}/.* ${bastille_jailsdir}/${TARGET}/root/.bastille" ${bastille_jailsdir}/${TARGET}/fstab | sed "s|${bastille_releasesdir}/||;s| .*||") @@ -235,18 +236,18 @@ start_convert() { sed -i '' -E "s|${FSTABMOD}|# Converted from thin to thick container on ${DATE}|g" "${bastille_jailsdir}/${TARGET}/fstab" if [ -n "${HASPORTS}" ]; then sed -i '' -E "s|${HASPORTS}|# Ports copied from base to container on ${DATE}|g" "${bastille_jailsdir}/${TARGET}/fstab" - info "Copying ports to container..." + info "\nCopying ports to container..." cp -a "${bastille_releasesdir}/${RELEASE}/usr/ports" "${bastille_jailsdir}/${TARGET}/root/usr" fi mv "${bastille_jailsdir}/${TARGET}/root/.bastille" "${bastille_jailsdir}/${TARGET}/root/.bastille.old" - info "Conversion of '${TARGET}' completed successfully!\n" + info "\nConversion of '${TARGET}' completed successfully!\n" exit 0 else - error_exit "Can't determine release version. See 'bastille bootstrap'." + error_exit "[ERROR]: Can't determine release version. See 'bastille bootstrap'." fi else - error_exit "${TARGET} not found. See 'bastille create'." + error_exit "[ERROR]: ${TARGET} not found. See 'bastille create'." fi } @@ -256,32 +257,35 @@ if [ "$#" -eq 1 ]; then # Check if jail is a thin jail if [ ! -d "${bastille_jailsdir}/${TARGET}/root/.bastille" ]; then - error_exit "${TARGET} is not a thin container." + error_exit "[ERROR]: ${TARGET} is not a thin container." elif ! grep -qw ".bastille" "${bastille_jailsdir}/${TARGET}/fstab"; then - error_exit "${TARGET} is not a thin container." + error_exit "[ERROR]: ${TARGET} is not a thin container." fi # Make sure the user agree with the conversion # Be interactive here since this cannot be easily undone while :; do - error_notify "Warning: container conversion from thin to thick can't be undone!" + warn "\n[WARNING]: Jail conversion from thin to thick can't be undone!\n" # shellcheck disable=SC2162 # shellcheck disable=SC3045 read -p "Do you really wish to convert '${TARGET}' into a thick container? [y/N]:" yn case ${yn} in - [Yy]) start_convert;; - [Nn]) exit 0;; + [Yy]) start_convert;; + [Nn]) exit 0;; esac done + elif [ "$#" -eq 2 ]; then + # Check if jail is a thick jail if [ -d "${bastille_jailsdir}/${TARGET}/root/.bastille" ]; then - error_exit "${TARGET} is not a thick jail." + error_exit "[ERROR]: ${TARGET} is not a thick jail." elif grep -qw ".bastille" "${bastille_jailsdir}/${TARGET}/fstab"; then - error_exit "${TARGET} is not a thick jail." + error_exit "[ERROR]: ${TARGET} is not a thick jail." fi + validate_release_name "${CONVERT_RELEASE}" convert_jail_to_release "${TARGET}" "${CONVERT_RELEASE}" else usage -fi +fi \ No newline at end of file diff --git a/usr/local/share/bastille/cp.sh b/usr/local/share/bastille/cp.sh index 3e87d447..2853ea07 100644 --- a/usr/local/share/bastille/cp.sh +++ b/usr/local/share/bastille/cp.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in q) OPTION="-a" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -95,7 +95,9 @@ for _jail in ${JAILS}; do jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${JAIL_PATH} | sed 's#//#/#g')" if ! cp "${OPTION}" "${host_path}" "${jail_path}"; then - error_continue "CP failed: ${host_path} -> ${jail_path}" + error_continue "[ERROR]: CP failed: ${host_path} -> ${jail_path}" fi -done \ No newline at end of file +done + +echo \ No newline at end of file diff --git a/usr/local/share/bastille/create.sh b/usr/local/share/bastille/create.sh index d61ed30d..f43c5afb 100644 --- a/usr/local/share/bastille/create.sh +++ b/usr/local/share/bastille/create.sh @@ -65,11 +65,11 @@ validate_name() { local NAME_SANITY="$(echo "${NAME_VERIFY}" | tr -c -d 'a-zA-Z0-9-_')" if [ -n "$(echo "${NAME_SANITY}" | awk "/^[-_].*$/" )" ]; then - error_exit "Container names may not begin with (-|_) characters!" + error_exit "[ERROR]: Jail names may not begin with (-|_) characters!" elif [ "${NAME_VERIFY}" != "${NAME_SANITY}" ]; then - error_exit "Container names may not contain special characters!" + error_exit "[ERROR]: Jail names may not contain special characters!" elif echo "${NAME_VERIFY}" | grep -qE '^[0-9]+$'; then - error_exit "Container names may not contain only digits." + error_exit "[ERROR]: Jail names may not contain only digits." fi } @@ -79,11 +79,16 @@ validate_ip() { _ip6=$(echo "${_ip}" | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$)|SLAAC)') if [ -n "${_ip6}" ]; then + info "\nValid: (${_ip6})." + ipx_addr="ip6.addr" + else if [ "${_ip}" = "inherit" ] || [ "${_ip}" = "ip_hostname" ] || [ "${_ip}" = "DHCP" ] || [ "${_ip}" = "SYNCDHCP" ]; then + info "\nValid: (${_ip})." + else local IFS if echo "${_ip}" | grep -Eq '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$'; then @@ -177,7 +182,7 @@ validate_netif() { if echo "${LIST_INTERFACES} VNET" | grep -qwo "${INTERFACE}"; then info "\nValid: (${INTERFACE})." else - error_exit "Invalid: (${INTERFACE})." + error_exit "[ERROR]: Invalid: (${INTERFACE})." fi } @@ -446,7 +451,7 @@ create_jail() { if ! cp -a "${bastille_releasesdir}/${RELEASE}/${files}" "${bastille_jail_path}/${files}"; then ## notify and clean stale files/directories bastille destroy -af "${NAME}" - error_exit "Failed to copy release files. Please retry create!" + error_exit "[ERROR]: Failed to copy release files. Please retry create!" fi fi done @@ -466,9 +471,10 @@ create_jail() { # Check and apply required settings. post_create_jail elif [ -n "${THICK_JAIL}" ]; then - info "\nCreating a thickjail. This may take a while...\n" - ## perform release base replication + info "\nCreating a thickjail. This may take a while..." + + ## perform release base replication ## sane bastille zfs options ZFS_OPTIONS=$(echo ${bastille_zfs_options} | sed 's/-o//g') ## send without -R if encryption is enabled @@ -500,7 +506,7 @@ create_jail() { if [ "$?" -ne 0 ]; then ## notify and clean stale files/directories bastille destroy -af "${NAME}" - error_exit "Failed release base replication. Please retry create!" + error_exit "[ERROR]: Failed release base replication. Please retry create!" fi fi else @@ -588,7 +594,7 @@ create_jail() { if [ -z "${EMPTY_JAIL}" ]; then if ! check_target_is_running "${NAME}"; then bastille destroy -af "${NAME}" - error_exit "[${NAME}]: Failed to create jail..." + error_exit "[ERROR]: Failed to create jail: ${NAME}" fi fi @@ -601,6 +607,7 @@ create_jail() { _gateway6='' _ifconfig_inet='' _ifconfig_inet6='' + if echo "${IP}" | grep -qE '(0[.]0[.]0[.]0|DHCP)'; then # Enable DHCP if requested _ifconfig_inet=SYNCDHCP @@ -659,7 +666,7 @@ create_jail() { fi ## Using templating function to fetch necessary packges @hackacad elif [ -n "${LINUX_JAIL}" ]; then - info "Fetching packages..." + info "\nFetching packages..." jexec -l "${NAME}" /bin/bash -c "DEBIAN_FRONTEND=noninteractive rm /var/cache/apt/archives/rsyslog*.deb" jexec -l "${NAME}" /bin/bash -c "DEBIAN_FRONTEND=noninteractive dpkg --force-depends --force-confdef --force-confold -i /var/cache/apt/archives/*.deb" jexec -l "${NAME}" /bin/bash -c "DEBIAN_FRONTEND=noninteractive dpkg --force-depends --force-confdef --force-confold -i /var/cache/apt/archives/*.deb" @@ -786,7 +793,7 @@ while [ $# -gt 0 ]; do T) THICK_JAIL=1 ;; V) VNET_JAIL=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -804,7 +811,7 @@ if [ -n "${EMPTY_JAIL}" ]; then fi elif [ -n "${LINUX_JAIL}" ]; then if [ -n "${EMPTY_JAIL}" ] || [ -n "${VNET_JAIL}" ] || [ -n "${THICK_JAIL}" ] || [ -n "${CLONE_JAIL}" ]; then - error_exit "Error: Linux jail option can't be used with other options." + error_exit "[ERROR]: Linux jail option can't be used with other options." fi elif [ -n "${CLONE_JAIL}" ] && [ -n "${THICK_JAIL}" ]; then error_exit "[ERROR]: Clonejail and Thickjail can't be used together." diff --git a/usr/local/share/bastille/destroy.sh b/usr/local/share/bastille/destroy.sh index ff8d3ef3..bb73ddd5 100644 --- a/usr/local/share/bastille/destroy.sh +++ b/usr/local/share/bastille/destroy.sh @@ -73,7 +73,7 @@ destroy_jail() { mount_points="$(mount | cut -d ' ' -f 3 | grep ${bastille_jail_base}/root/)" if [ -n "${mount_points}" ]; then - error_notify "Failed to destroy jail: ${_jail}" + error_notify "[ERROR]: Failed to destroy jail: ${_jail}" error_continue "Jail has mounted filesystems:\n$mount_points" fi @@ -139,10 +139,13 @@ destroy_rel() { ## check if this release have containers child BASE_HASCHILD="0" if [ -d "${bastille_jailsdir}" ]; then + JAIL_LIST=$(ls "${bastille_jailsdir}" | sed "s/\n//g") + for _jail in ${JAIL_LIST}; do + if grep -qwo "${TARGET}" "${bastille_jailsdir}/${_jail}/fstab" 2>/dev/null; then - error_notify "Notice: (${_jail}) depends on ${TARGET} base." + error_notify "[ERROR]: (${_jail}) depends on ${TARGET} base." BASE_HASCHILD="1" elif checkyesno bastille_zfs_enable; then if [ -n "${bastille_zfs_zpool}" ]; then @@ -154,7 +157,7 @@ destroy_rel() { CLONE_JAIL=$(zfs list -H -o clones "${_snap_clone}" | tr ',' '\n') CLONE_CHECK="${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${_jail}/root" if echo "${CLONE_JAIL}" | grep -qw "${CLONE_CHECK}"; then - error_notify "Notice: (${_jail}) depends on ${TARGET} base." + error_notify "[ERROR]: (${_jail}) depends on ${TARGET} base." BASE_HASCHILD="1" fi fi @@ -166,10 +169,10 @@ destroy_rel() { fi if [ ! -d "${bastille_rel_base}" ]; then - error_exit "Release base not found." + error_exit "[ERROR]: Release base not found." else if [ "${BASE_HASCHILD}" -eq "0" ]; then - echo "Deleting base..." + echo "Deleting release base..." if checkyesno bastille_zfs_enable; then if [ -n "${bastille_zfs_zpool}" ]; then if [ -n "${TARGET}" ]; then @@ -202,7 +205,7 @@ destroy_rel() { fi fi else - error_notify "Cannot destroy base with child containers." + error_notify "[ERROR]: Cannot destroy base with child containers." fi fi } @@ -239,7 +242,7 @@ while [ "$#" -gt 0 ]; do c) NO_CACHE=1 ;; f) FORCE=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -311,3 +314,5 @@ case "${TARGET}" in destroy_jail "${JAILS}" ;; esac + +echo \ No newline at end of file diff --git a/usr/local/share/bastille/edit.sh b/usr/local/share/bastille/edit.sh index 2c963db9..60a6ef4f 100644 --- a/usr/local/share/bastille/edit.sh +++ b/usr/local/share/bastille/edit.sh @@ -55,7 +55,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_notify "Unknown Option: \"${1}\"" + error_notify "[ERROR]: Unknown Option: \"${1}\"" usage ;; *) @@ -82,4 +82,4 @@ if [ -z "${EDITOR}" ]; then EDITOR=edit fi -"${EDITOR}" "${bastille_jailsdir}/${TARGET}/${TARGET_FILENAME}" +"${EDITOR}" "${bastille_jailsdir}/${TARGET}/${TARGET_FILENAME}" \ No newline at end of file diff --git a/usr/local/share/bastille/etcupdate.sh b/usr/local/share/bastille/etcupdate.sh index b224da69..a3cdbc7a 100644 --- a/usr/local/share/bastille/etcupdate.sh +++ b/usr/local/share/bastille/etcupdate.sh @@ -52,7 +52,7 @@ bootstrap_etc_release() { sysrc -f /usr/local/etc/bastille/bastille.conf bastille_bootstrap_archives=src if ! bastille bootstrap "${_release}" > /dev/null; then sysrc -f /usr/local/etc/bastille/bastille.conf bastille_bootstrap_archives="${_current}" - error_exit "Failed to bootstrap etcupdate: ${_release}" + error_exit "[ERROR]: Failed to bootstrap etcupdate: ${_release}" else sysrc -f /usr/local/etc/bastille/bastille.conf bastille_bootstrap_archives="${_current}" fi @@ -64,22 +64,22 @@ bootstrap_etc_tarball() { local _release="${1}" if [ ! -f ${bastille_cachedir}/${_release}.tbz2 ]; then - echo "Building tarball, please wait..." + info "\nBuilding tarball, please wait..." if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then - error_exit "Failed to build etcupdate tarball \"${_release}.tbz2\"" + error_exit "[ERROR]: Failed to build etcupdate tarball \"${_release}.tbz2\"" else - info "Etcupdate bootstrap complete: ${_release}" + info "\nEtcupdate bootstrap complete: ${_release}" fi elif [ -f ${bastille_cachedir}/${_release}.tbz2 ] && [ "${FORCE}" -eq 1 ]; then rm -f "${bastille_cachedir}/${_release}.tbz2" - echo "Building tarball, please wait..." + info "\nBuilding tarball, please wait..." if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then error_exit "[ERROR]: Failed to build etcupdate tarball: ${_release}.tbz2" else - info "Etcupdate bootstrap complete: ${_release}" + info "\nEtcupdate bootstrap complete: ${_release}" fi else - info "Etcupdate release has already been prepared for application: ${_release}" + info "\nEtcupdate release has already been prepared for application: ${_release}" fi } @@ -113,7 +113,7 @@ update_jail_etc() { local _release="${2}" if [ ! -f ${bastille_cachedir}/${_release}.tbz2 ]; then - error_exit "Error: Please run \"bastille etcupdate bootstrap RELEASE\" first." + error_exit "[ERROR]: Please run 'bastille etcupdate bootstrap RELEASE' first." fi if [ "${DRY_RUN}" -eq 1 ]; then echo "Running: etcupdate update --dry-run" @@ -173,7 +173,7 @@ while [ "$#" -gt 0 ]; do usage else RELEASE="${2}" - info "Attempting to bootstrap etcupdate release: ${RELEASE}..." + info "\nAttempting to bootstrap etcupdate release: ${RELEASE}..." bootstrap_etc_release "${RELEASE}" bootstrap_etc_tarball "${RELEASE}" shift "$#" @@ -206,11 +206,11 @@ while [ "$#" -gt 0 ]; do fi ;; *) - error_exit "Unknown action: \"${ACTION}\"" + error_exit "[ERROR]: Unknown action: \"${ACTION}\"" ;; esac ;; esac done -echo +echo \ No newline at end of file diff --git a/usr/local/share/bastille/export.sh b/usr/local/share/bastille/export.sh index 6026de06..34bbeb9b 100644 --- a/usr/local/share/bastille/export.sh +++ b/usr/local/share/bastille/export.sh @@ -119,7 +119,7 @@ if [ -n "${bastille_export_options}" ]; then -v|--verbose) OPT_ZSEND="-Rv" shift;; - -*) error_notify "Unknown Option: \"${1}\"" + -*) error_notify "[ERROR]: Unknown Option: \"${1}\"" usage;; esac done @@ -170,7 +170,7 @@ else shift ;; -*) - error_notify "Unknown Option: \"${1}\"" + error_notify "[ERROR]: Unknown Option: \"${1}\"" usage ;; *) @@ -198,11 +198,11 @@ info "\n[${_jail}]:" # Validate for combined options if [ "${COMP_OPTION}" -gt "1" ]; then - error_exit "Error: Only one compression format can be used during export." + error_exit "[ERROR]: Only one compression format can be used during export." fi if { [ -n "${TXZ_EXPORT}" ] || [ -n "${TGZ_EXPORT}" ]; } && [ -n "${SAFE_EXPORT}" ]; then - error_exit "Error: Simple archive modes with safe ZFS export can't be used together." + error_exit "[ERROR]: Simple archive modes with safe ZFS export can't be used together." fi if ! checkyesno bastille_zfs_enable; then @@ -211,7 +211,7 @@ if ! checkyesno bastille_zfs_enable; then [ -n "${RAW_EXPORT}" ] || [ -n "${SAFE_EXPORT}" ] || [ "${OPT_ZSEND}" = "-Rv" ]; then - error_exit "Options --xz, --gz, --raw, --safe, and --verbose are valid for ZFS configured systems only." + error_exit "[ERROR]: Options --xz, --gz, --raw, --safe, and --verbose are valid for ZFS configured systems only." fi fi @@ -228,7 +228,7 @@ if [ -n "${DIR_EXPORT}" ]; then # Set the user defined export directory bastille_backupsdir="${DIR_EXPORT}" else - error_exit "Error: Path not found." + error_exit "[ERROR]: Path not found." fi fi @@ -243,7 +243,7 @@ fi create_zfs_snap() { # Take a recursive temporary snapshot if [ -z "${USER_EXPORT}" ]; then - echo "Creating temporary ZFS snapshot for export..." + info "\nCreating temporary ZFS snapshot for export..." fi zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_${TARGET}_${DATE}" } @@ -279,7 +279,7 @@ export_check() { EXPORT_INFO="to a compressed ${FILE_EXT} ${EXPORT_TYPE}" fi - echo "${EXPORT_AS} '${TARGET}' ${EXPORT_INFO}..." + info "\n${EXPORT_AS} '${TARGET}' ${EXPORT_INFO}..." fi # Safely stop and snapshot the jail @@ -293,7 +293,7 @@ export_check() { if checkyesno bastille_zfs_enable; then if [ -z "${USER_EXPORT}" ]; then - echo "Sending ZFS data stream..." + info "\nSending ZFS data stream..." fi fi } @@ -336,7 +336,7 @@ jail_export() { # Quietly export the container recursively, user must redirect standard output if ! zfs send ${OPT_ZSEND} "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_${TARGET}_${DATE}"; then clean_zfs_snap - error_notify "\nError: An export option is required, see 'bastille export, otherwise the user must redirect to standard output." + error_exit "[ERROR]: An export option is required, see 'bastille export, otherwise the user must redirect to standard output." fi fi fi @@ -345,28 +345,28 @@ jail_export() { FILE_EXT=".tgz" # Create standard tgz backup archive - echo "Exporting '${TARGET}' to a compressed ${FILE_EXT} archive..." + info "\nExporting '${TARGET}' to a compressed ${FILE_EXT} archive..." cd "${bastille_jailsdir}" && tar -cf - "${TARGET}" | gzip ${bastille_compress_gz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}${FILE_EXT}" elif [ -n "${TXZ_EXPORT}" ]; then FILE_EXT=".txz" # Create standard txz backup archive - echo "Exporting '${TARGET}' to a compressed ${FILE_EXT} archive..." + info "\nExporting '${TARGET}' to a compressed ${FILE_EXT} archive..." cd "${bastille_jailsdir}" && tar -cf - "${TARGET}" | xz ${bastille_compress_xz_options} > "${bastille_backupsdir}/${TARGET}_${DATE}${FILE_EXT}" else - error_exit "Error: export option required" + error_exit "[ERROR]: export option required" fi fi # shellcheck disable=SC2181 if [ "$?" -ne 0 ]; then - error_exit "Failed to export '${TARGET}' container." + error_exit "[ERROR]: Failed to export '${TARGET}' container." else if [ -z "${USER_EXPORT}" ]; then # Generate container checksum file cd "${bastille_backupsdir}" || error_exit "Failed to change directory." sha256 -q "${TARGET}_${DATE}${FILE_EXT}" > "${TARGET}_${DATE}.sha256" - echo "Exported '${bastille_backupsdir}/${TARGET}_${DATE}${FILE_EXT}' successfully." + info "\nExported '${bastille_backupsdir}/${TARGET}_${DATE}${FILE_EXT}' successfully." fi exit 0 fi @@ -374,21 +374,23 @@ jail_export() { # Check if backups directory/dataset exist if [ ! -d "${bastille_backupsdir}" ]; then - error_exit "Backups directory/dataset does not exist. See 'bastille bootstrap'." + error_exit "[ERROR]: Backups directory/dataset does not exist. See 'bastille bootstrap'." fi if [ -n "${TARGET}" ]; then if [ ! -d "${bastille_jailsdir}/${TARGET}" ]; then - error_exit "[${TARGET}]: Not found." + error_exit "[ERROR]: Jail not found: ${TARGET}" fi # Check if is a ZFS system if ! checkyesno bastille_zfs_enable; then # Check if container is running and ask for stop in non ZFS systems if [ -n "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then - error_exit "${TARGET} is running. See 'bastille stop'." + error_exit "[ERROR]: ${TARGET} is running. See 'bastille stop'." fi fi jail_export -fi \ No newline at end of file +fi + +echo \ No newline at end of file diff --git a/usr/local/share/bastille/htop.sh b/usr/local/share/bastille/htop.sh index 748f270c..8626468a 100644 --- a/usr/local/share/bastille/htop.sh +++ b/usr/local/share/bastille/htop.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift @@ -96,7 +96,7 @@ fi info "\n[${TARGET}]:" if [ ! -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then - error_notify "htop not found on ${TARGET}." + error_exit "[ERROR]: htop not found on ${TARGET}." elif [ -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then jexec -l ${TARGET} /usr/local/bin/htop -fi +fi \ No newline at end of file diff --git a/usr/local/share/bastille/import.sh b/usr/local/share/bastille/import.sh index 90a290dd..cf9abda3 100644 --- a/usr/local/share/bastille/import.sh +++ b/usr/local/share/bastille/import.sh @@ -84,7 +84,7 @@ while [ "$#" -gt 0 ]; do M) OPT_STATIC_MAC=1 ;; v) OPT_ZRECV="-u -v" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -117,20 +117,20 @@ validate_archive() { # Skip validation for unsupported archive if [ -f "${bastille_backupsdir}/${TARGET}" ]; then if [ -f "${bastille_backupsdir}/${FILE_TRIM}.sha256" ]; then - echo "Validating file: ${TARGET}..." + info "\nValidating file: ${TARGET}..." SHA256_DIST=$(cat "${bastille_backupsdir}/${FILE_TRIM}.sha256") SHA256_FILE=$(sha256 -q "${bastille_backupsdir}/${TARGET}") if [ "${SHA256_FILE}" != "${SHA256_DIST}" ]; then - error_exit "Failed validation for ${TARGET}." + error_exit "[ERROR]: Failed validation for ${TARGET}." else - echo "File validation successful!" + info "\nFile validation successful!" fi else # Check if user opt to force import if [ "${OPT_FORCE}" -eq 1 ]; then - warn "Warning: Skipping archive validation!" + warn "[WARNING]: Skipping archive validation!" else - error_exit "Checksum file not found. See 'bastille import [option(s)] FILE'." + error_exit "[ERROR]: Checksum file not found. See 'bastille import [option(s)] FILE'." fi fi fi @@ -141,7 +141,7 @@ update_zfsmount() { OLD_ZFS_MOUNTPOINT=$(zfs get -H mountpoint "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}/root" | awk '{print $3}') NEW_ZFS_MOUNTPOINT="${bastille_jailsdir}/${TARGET_TRIM}/root" if [ "${NEW_ZFS_MOUNTPOINT}" != "${OLD_ZFS_MOUNTPOINT}" ]; then - echo "Updating ZFS mountpoint..." + info "\nUpdating ZFS mountpoint..." zfs set mountpoint="${bastille_jailsdir}/${TARGET_TRIM}/root" "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}/root" fi @@ -155,11 +155,13 @@ update_zfsmount() { } update_jailconf() { + # Update jail.conf paths JAIL_CONFIG="${bastille_jailsdir}/${TARGET_TRIM}/jail.conf" + if [ -f "${JAIL_CONFIG}" ]; then if ! grep -qw "path = ${bastille_jailsdir}/${TARGET_TRIM}/root;" "${JAIL_CONFIG}"; then - echo "Updating jail.conf..." + info "\nUpdating jail.conf..." sed -i '' "s|exec.consolelog.*=.*;|exec.consolelog = ${bastille_logsdir}/${TARGET_TRIM}_console.log;|" "${JAIL_CONFIG}" sed -i '' "s|path.*=.*;|path = ${bastille_jailsdir}/${TARGET_TRIM}/root;|" "${JAIL_CONFIG}" sed -i '' "s|mount.fstab.*=.*;|mount.fstab = ${bastille_jailsdir}/${TARGET_TRIM}/fstab;|" "${JAIL_CONFIG}" @@ -173,16 +175,18 @@ update_jailconf() { } update_fstab_import() { + # Update fstab .bastille mountpoint on thin containers only # Set some variables FSTAB_CONFIG="${bastille_jailsdir}/${TARGET_TRIM}/fstab" FSTAB_RELEASE=$(grep -owE '([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9])|([0-9]{1,2}-stable-build-[0-9]{1,3})|(current-build)-([0-9]{1,3})|(current-BUILD-LATEST)|([0-9]{1,2}-stable-BUILD-LATEST)|(current-BUILD-LATEST)' "${FSTAB_CONFIG}") FSTAB_CURRENT=$(grep -w ".*/releases/.*/jails/${TARGET_TRIM}/root/.bastille" "${FSTAB_CONFIG}") FSTAB_NEWCONF="${bastille_releasesdir}/${FSTAB_RELEASE} ${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille nullfs ro 0 0" + if [ -n "${FSTAB_CURRENT}" ] && [ -n "${FSTAB_NEWCONF}" ]; then # If both variables are set, compare and update as needed if ! grep -qw "${bastille_releasesdir}/${FSTAB_RELEASE}.*${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille" "${FSTAB_CONFIG}"; then - echo "Updating fstab..." + info "\nUpdating fstab..." if [ -n "${RELEASE}" ]; then FSTAB_NEWCONF="${RELEASE}" fi @@ -192,9 +196,10 @@ update_fstab_import() { } generate_config() { + # Attempt to read previous config file and set required variables accordingly # If we can't get a valid interface, fallback to lo1 and warn user - echo "Generating jail.conf..." + info "\nGenerating jail.conf..." DEVFS_RULESET=4 if [ "${FILE_EXT}" = ".zip" ]; then @@ -369,7 +374,7 @@ EOF if [ -z "${CONFIG_RELEASE}" ]; then # Fallback to host version CONFIG_RELEASE=$(freebsd-version | sed 's/\-[pP].*//') - warn "Warning: ${CONFIG_RELEASE} was set by default!" + warn "[WARNING]: ${CONFIG_RELEASE} was set by default!" fi mkdir "${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille" echo "${bastille_releasesdir}/${CONFIG_RELEASE} ${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille nullfs ro 0 0" \ @@ -419,7 +424,7 @@ update_config() { if [ -z "${CONFIG_RELEASE}" ]; then # Fallback to host version CONFIG_RELEASE=$(freebsd-version | sed 's/\-[pP].*//') - warn "Warning: ${CONFIG_RELEASE} was set by default!" + warn "[WARNING]: ${CONFIG_RELEASE} was set by default!" fi mkdir "${bastille_jailsdir}/${TARGET_TRIM}/root/.bastille" @@ -451,7 +456,7 @@ vnet_requirements() { if [ -f "/usr/share/examples/jails/jib" ] && [ ! -f "/usr/local/bin/jib" ]; then install -m 0544 /usr/share/examples/jails/jib /usr/local/bin/jib else - warn "Warning: Unable to locate/install jib script required by VNET jails." + warn "[WARNING]: Unable to locate/install jib script required by VNET jails." fi fi elif [ "${bastille_network_vnet_type}" = "netgraph" ]; then @@ -459,7 +464,7 @@ vnet_requirements() { if [ -f "/usr/share/examples/jails/jng" ] && [ ! -f "/usr/local/bin/jng" ]; then install -m 0544 /usr/share/examples/jails/jng /usr/local/bin/jng else - warn "Warning: Unable to locate/install jng script required by VNET jails." + warn "[WARNING]: Unable to locate/install jng script required by VNET jails." fi fi fi @@ -477,16 +482,17 @@ config_netif() { } update_symlinks() { + # Work with the symlinks SYMLINKS="bin boot lib libexec rescue sbin usr/bin usr/include usr/lib usr/lib32 usr/libdata usr/libexec usr/ports usr/sbin usr/share usr/src" # Just warn user to bootstrap the release if missing if [ ! -d "${bastille_releasesdir}/${CONFIG_RELEASE}" ]; then - warn "Warning: ${CONFIG_RELEASE} must be bootstrapped. See 'bastille bootstrap'." + warn "[WARNING]: ${CONFIG_RELEASE} must be bootstrapped. See 'bastille bootstrap'." fi # Update old symlinks - echo "Updating symlinks..." + info "\nUpdating symlinks..." for _link in ${SYMLINKS}; do if [ -L "${_link}" ]; then ln -sf /.bastille/${_link} ${_link} @@ -495,7 +501,7 @@ update_symlinks() { ln -sfF /.bastille/${_link} ${_link} || EXIT_CODE=$? if [ "${EXIT_CODE:-0}" != "0" ]; then # Assume that the failure was due to the directory not being empty and explain the problem in friendlier terms - warn "Warning: directory ${_link} on imported jail was not empty and will not be updated by Bastille" + warn "[WARNING]: directory ${_link} on imported jail was not empty and will not be updated by Bastille" fi fi done @@ -503,7 +509,7 @@ update_symlinks() { create_zfs_datasets() { # Prepare the ZFS environment and restore from file - echo "Importing '${TARGET_TRIM}' from foreign compressed ${FILE_EXT} archive." + info "\nImporting '${TARGET_TRIM}' from foreign compressed ${FILE_EXT} archive." echo "Preparing ZFS environment..." # Create required ZFS datasets, mountpoint inherited from system @@ -515,7 +521,7 @@ remove_zfs_datasets() { # Perform cleanup on failure zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}/root" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}" - error_exit "Failed to extract files from '${TARGET}' archive." + error_exit "[ERROR]: Failed to extract files from '${TARGET}' archive." } jail_import() { @@ -528,7 +534,7 @@ jail_import() { if [ "${FILE_EXT}" = ".xz" ]; then validate_archive # Import from compressed xz on ZFS systems - echo "Importing '${TARGET_TRIM}' from compressed ${FILE_EXT} image." + info "\nImporting '${TARGET_TRIM}' from compressed ${FILE_EXT} image." echo "Receiving ZFS data stream..." xz ${bastille_decompress_xz_options} "${bastille_backupsdir}/${TARGET}" | \ zfs receive ${OPT_ZRECV} "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}" @@ -538,7 +544,7 @@ jail_import() { elif [ "${FILE_EXT}" = ".gz" ]; then validate_archive # Import from compressed xz on ZFS systems - echo "Importing '${TARGET_TRIM}' from compressed ${FILE_EXT} image." + info "\nImporting '${TARGET_TRIM}' from compressed ${FILE_EXT} image." echo "Receiving ZFS data stream..." gzip ${bastille_decompress_gz_options} "${bastille_backupsdir}/${TARGET}" | \ zfs receive ${OPT_ZRECV} "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}" @@ -552,7 +558,7 @@ jail_import() { create_zfs_datasets # Extract required files to the new datasets - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar --exclude='root' -Jxf "${bastille_backupsdir}/${TARGET}" --strip-components 1 -C "${bastille_jailsdir}/${TARGET_TRIM}" tar -Jxf "${bastille_backupsdir}/${TARGET}" --strip-components 2 -C "${bastille_jailsdir}/${TARGET_TRIM}/root" "${TARGET_TRIM}/root" if [ "$?" -ne 0 ]; then @@ -564,7 +570,7 @@ jail_import() { create_zfs_datasets # Extract required files to the new datasets - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar --exclude='root' -xf "${bastille_backupsdir}/${TARGET}" --strip-components 1 -C "${bastille_jailsdir}/${TARGET_TRIM}" tar -xf "${bastille_backupsdir}/${TARGET}" --strip-components 2 -C "${bastille_jailsdir}/${TARGET_TRIM}/root" "${TARGET_TRIM}/root" if [ "$?" -ne 0 ]; then @@ -573,7 +579,7 @@ jail_import() { elif [ "${FILE_EXT}" = ".zip" ]; then validate_archive # Attempt to import a foreign/iocage container - echo "Importing '${TARGET_TRIM}' from foreign compressed ${FILE_EXT} archive." + info "\nImporting '${TARGET_TRIM}' from foreign compressed ${FILE_EXT} archive." # Sane bastille ZFS options ZFS_OPTIONS=$(echo ${bastille_zfs_options} | sed 's/-o//g') @@ -607,7 +613,7 @@ jail_import() { create_zfs_datasets # Extract required files to the new datasets - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar --exclude='ezjail/' -xf "${bastille_backupsdir}/${TARGET}" -C "${bastille_jailsdir}/${TARGET_TRIM}" tar -xf "${bastille_backupsdir}/${TARGET}" --strip-components 1 -C "${bastille_jailsdir}/${TARGET_TRIM}/root" if [ "$?" -ne 0 ]; then @@ -622,7 +628,7 @@ jail_import() { workout_components # Extract required files to the new datasets - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar -xf "${bastille_backupsdir}/${TARGET}" --strip-components "${CONF_TRIM}" -C "${bastille_jailsdir}/${TARGET_TRIM}" "${JAIL_CONF}" tar -xf "${bastille_backupsdir}/${TARGET}" --strip-components "${DIRS_PLUS}" -C "${bastille_jailsdir}/${TARGET_TRIM}/root" "${JAIL_PATH}" if [ -f "${bastille_jailsdir}/${TARGET_TRIM}/${TARGET_TRIM}" ]; then @@ -639,7 +645,7 @@ jail_import() { validate_archive # Based on the file name, looks like we are importing a raw bastille image # Import from uncompressed image file - echo "Importing '${TARGET_TRIM}' from uncompressed image archive." + info "\nImporting '${TARGET_TRIM}' from uncompressed image archive." echo "Receiving ZFS data stream..." zfs receive ${OPT_ZRECV} "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET_TRIM}" < "${bastille_backupsdir}/${TARGET}" @@ -656,27 +662,27 @@ jail_import() { fi fi else - error_exit "Unknown archive format." + error_exit "[ERROR]: Unknown archive format." fi fi else # Import from standard supported archives on UFS systems if [ "${FILE_EXT}" = ".txz" ]; then - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar -Jxf "${bastille_backupsdir}/${TARGET}" -C "${bastille_jailsdir}" elif [ "${FILE_EXT}" = ".tgz" ]; then - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." tar -xf "${bastille_backupsdir}/${TARGET}" -C "${bastille_jailsdir}" elif [ "${FILE_EXT}" = ".tar.gz" ]; then # Attempt to import/configure foreign/ezjail container - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." mkdir "${bastille_jailsdir}/${TARGET_TRIM}" tar -xf "${bastille_backupsdir}/${TARGET}" -C "${bastille_jailsdir}/${TARGET_TRIM}" mv "${bastille_jailsdir}/${TARGET_TRIM}/ezjail" "${bastille_jailsdir}/${TARGET_TRIM}/root" generate_config elif [ "${FILE_EXT}" = ".tar" ]; then # Attempt to import/configure foreign/qjail container - echo "Extracting files from '${TARGET}' archive..." + info "\nExtracting files from '${TARGET}' archive..." mkdir -p "${bastille_jailsdir}/${TARGET_TRIM}/root" workout_components tar -xf "${bastille_backupsdir}/${TARGET}" --strip-components "${CONF_TRIM}" -C "${bastille_jailsdir}/${TARGET_TRIM}" "${JAIL_CONF}" @@ -686,24 +692,24 @@ jail_import() { fi update_config else - error_exit "Unsupported archive format." + error_exit "[ERROR]: Unsupported archive format." fi fi if [ "$?" -ne 0 ]; then - error_exit "Failed to import from '${TARGET}' archive." + error_exit "[ERROR]: Failed to import from '${TARGET}' archive." else # Update the jail.conf and fstab if required # This is required on foreign imports only update_jailconf update_fstab_import if [ -z "${USER_IMPORT}" ]; then - echo "Container '${TARGET_TRIM}' imported successfully." + info "\nJail: '${TARGET_TRIM}' imported successfully." fi exit 0 fi else - error_exit "Jails directory/dataset does not exist. See 'bastille bootstrap'." + error_exit "[ERROR]: Jails directory/dataset does not exist. See 'bastille bootstrap'." fi } @@ -716,7 +722,7 @@ fi # Check if backups directory/dataset exist if [ ! -d "${bastille_backupsdir}" ]; then - error_exit "Backups directory/dataset does not exist. See 'bastille bootstrap'." + error_exit "[ERROR]: Backups directory/dataset does not exist. See 'bastille bootstrap'." fi # Check if archive exist then trim archive name @@ -727,11 +733,11 @@ if [ -f "${bastille_backupsdir}/${TARGET}" ]; then TARGET_TRIM=$(echo "${TARGET}" | sed "s/_[0-9]*-[0-9]*-[0-9]*-[0-9]*.xz//;s/_[0-9]*-[0-9]*-[0-9]*-[0-9]*.gz//;s/_[0-9]*-[0-9]*-[0-9]*-[0-9]*.tgz//;s/_[0-9]*-[0-9]*-[0-9]*-[0-9]*.txz//;s/_[0-9]*-[0-9]*-[0-9]*.zip//;s/-[0-9]\{12\}.[0-9]\{2\}.tar.gz//;s/@[0-9]\{12\}.[0-9]\{2\}.tar//;s/_[0-9]*-[0-9]*-[0-9]*-[0-9]*//") fi else - error_exit "Unrecognized archive name." + error_exit "[ERROR]: Unrecognized archive name." fi else if echo "${TARGET}" | grep -q '_[0-9]\{4\}-[0-9]\{2\}-[0-9]\{2\}-[0-9]\{6\}.*$'; then - error_exit "Archive '${TARGET}' not found." + error_exit "[ERROR]: Archive '${TARGET}' not found." else # Assume user will import from standard input TARGET_TRIM=${TARGET} @@ -740,15 +746,9 @@ else fi # Check if a running jail matches name or already exist -if [ -n "$(/usr/sbin/jls name | awk "/^${TARGET_TRIM}$/")" ]; then - error_exit "A running jail matches name." -elif [ -n "${TARGET_TRIM}" ]; then - if [ -d "${bastille_jailsdir}/${TARGET_TRIM}" ]; then - error_exit "Container: ${TARGET_TRIM} already exists." - fi -fi +check_target_exists || error_exit "[ERROR]: Jail: ${TARGET_TRIM} already exists." if [ -n "${TARGET}" ]; then info "\nAttempting to import jail: ${TARGET}..." jail_import -fi +fi \ No newline at end of file diff --git a/usr/local/share/bastille/jcp.sh b/usr/local/share/bastille/jcp.sh index 82624d5f..fbc3e829 100644 --- a/usr/local/share/bastille/jcp.sh +++ b/usr/local/share/bastille/jcp.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in q) OPTION="-a" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -95,14 +95,16 @@ for _jail in ${DEST_TARGET}; do continue else - info "\n[${_jail}]:" - - source_path="$(echo ${bastille_jailsdir}/${SOURCE_TARGET}/root/${SOURCE_PATH} | sed 's#//#/#g')" + info "\n[${_jail}]:" + + source_path="$(echo ${bastille_jailsdir}/${SOURCE_TARGET}/root/${SOURCE_PATH} | sed 's#//#/#g')" dest_path="$(echo ${bastille_jailsdir}/${_jail}/root/${DEST_PATH} | sed 's#//#/#g')" if ! cp "${OPTION}" "${source_path}" "${dest_path}"; then - error_continue "JCP failed: ${source_path} -> ${dest_path}" + error_continue "[ERROR]: JCP failed: ${source_path} -> ${dest_path}" fi fi -done \ No newline at end of file +done + +echo \ No newline at end of file diff --git a/usr/local/share/bastille/limits.sh b/usr/local/share/bastille/limits.sh index d8fbb0a3..a2957f77 100644 --- a/usr/local/share/bastille/limits.sh +++ b/usr/local/share/bastille/limits.sh @@ -67,7 +67,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -95,7 +95,7 @@ fi RACCT_ENABLE="$(sysctl -n kern.racct.enable)" if [ "${RACCT_ENABLE}" != '1' ]; then - error_exit "Racct not enabled. Append 'kern.racct.enable=1' to /boot/loader.conf and reboot" + error_exit "[ERROR]: Racct not enabled. Append 'kern.racct.enable=1' to /boot/loader.conf and reboot" fi bastille_root_check @@ -185,7 +185,7 @@ for _jail in ${JAILS}; do rm -f "${bastille_jailsdir}/${_jail}/rctl.conf" echo "rctl.conf removed." else - error_continue "rctl.conf not found." + error_continue "[ERROR]: rctl.conf not found." fi ;; esac diff --git a/usr/local/share/bastille/list.sh b/usr/local/share/bastille/list.sh index 9b968ee5..4757ea86 100644 --- a/usr/local/share/bastille/list.sh +++ b/usr/local/share/bastille/list.sh @@ -512,7 +512,7 @@ while [ "$#" -gt 0 ]; do a) ;; j) OPT_JSON=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift @@ -609,4 +609,4 @@ if [ "$#" -eq 1 ]; then fi ;; esac -fi +fi \ No newline at end of file diff --git a/usr/local/share/bastille/mount.sh b/usr/local/share/bastille/mount.sh index 9d58fc57..d412a00c 100644 --- a/usr/local/share/bastille/mount.sh +++ b/usr/local/share/bastille/mount.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift @@ -106,7 +106,6 @@ if [ -z "${_hostpath}" ] || [ -z "${_jailpath}" ] || [ -z "${_type}" ] || [ -z " error_notify "FSTAB format not recognized." warn "Format: /host/path /jail/path nullfs ro 0 0" warn "Read: ${_fstab}" - usage fi # Exit if host path doesn't exist, type is not "nullfs", or mount is an advanced mount type "tmpfs,linprocfs,linsysfs,fdescfs,procfs" @@ -122,7 +121,6 @@ elif [ ! -e "${_hostpath}" ] || [ "${_type}" != "nullfs" ]; then error_notify "Invalid host path or incorrect mount type in FSTAB." warn "Format: /host/path /jail/path nullfs ro 0 0" warn "Read: ${_fstab}" - usage fi # Mount permissions,options must include one of "ro, rw, rq, sw, xx" @@ -130,7 +128,6 @@ if ! echo "${_perms}" | grep -Eq '(ro|rw|rq|sw|xx)(,.*)?$'; then error_notify "Detected invalid mount permissions in FSTAB." warn "Format: /host/path /jail/path nullfs ro 0 0" warn "Read: ${_fstab}" - usage fi # Dump and pass need to be "0 0 - 1 1" @@ -138,7 +135,6 @@ if [ "${_checks}" != "0 0" ] && [ "${_checks}" != "1 0" ] && [ "${_checks}" != " error_notify "Detected invalid fstab options in FSTAB." warn "Format: /host/path /jail/path nullfs ro 0 0" warn "Read: ${_fstab}" - usage fi for _jail in ${JAILS}; do diff --git a/usr/local/share/bastille/network.sh b/usr/local/share/bastille/network.sh index 6816c206..4040cf41 100644 --- a/usr/local/share/bastille/network.sh +++ b/usr/local/share/bastille/network.sh @@ -118,7 +118,7 @@ while [ "$#" -gt 0 ]; do P) PASSTHROUGH=1 ;; V) VNET=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -135,7 +135,7 @@ INTERFACE="${3}" if [ "${ACTION}" = "add" ] && [ "${NO_IP}" -eq 0 ] && [ -n "${4}" ]; then IP="${4}" elif [ "${NO_IP}" -eq 1 ] && [ -n "${4}" ]; then - error_notify "IP should not be present when using -n|--no-ip." + error_exit "[ERROR]: IP should not be present when using -n|--no-ip." else IP="" fi @@ -147,15 +147,15 @@ if [ "${ACTION}" = "add" ]; then { [ "${BRIDGE}" -eq 1 ] && [ "${CLASSIC}" -eq 1 ]; } || \ { [ "${BRIDGE}" -eq 1 ] && [ "${PASSTHROUGH}" -eq 1 ]; } || \ { [ "${CLASSIC}" -eq 1 ] && [ "${PASSTHROUGH}" -eq 1 ]; } then - error_notify "Error: Only one of [-B|--bridge], [-C|--classic], [-P|--passthrough] or [-V|--vnet] should be set." + error_exit "[ERROR]: Only one of [-B|--bridge], [-C|--classic], [-P|--passthrough] or [-V|--vnet] should be set." elif [ "${VNET}" -eq 0 ] && [ "${BRIDGE}" -eq 0 ] && [ "${CLASSIC}" -eq 0 ] && [ "${PASSTHROUGH}" -eq 0 ]; then - error_notify "Error: [-B|--bridge], [-C|--classic], [-P|--passthrough] or [-V|--vnet] must be set." + error_exit "[ERROR]: [-B|--bridge], [-C|--classic], [-P|--passthrough] or [-V|--vnet] must be set." elif [ "${VNET}" -eq 0 ] && [ "${BRIDGE}" -eq 0 ] && [ "${PASSTHROUGH}" -eq 0 ] && [ -n "${VLAN_ID}" ]; then - error_notify "VLANs can only be used with VNET interfaces." + error_exit "[ERROR]: VLANs can only be used with VNET interfaces." elif [ "${VNET}" -eq 0 ] && [ "${BRIDGE}" -eq 0 ] && [ "${NO_IP}" -eq 1 ]; then - error_notify "[-n|--no-ip] can only be used with VNET jails." + error_exit "[ERROR]: [-n|--no-ip] can only be used with VNET jails." elif [ "${bastille_network_vnet_type}" = "netgraph" ] && [ "${BRIDGE}" -eq 1 ]; then - error_notify "[-B|--bridge] cannot be used with Netgraph." + error_exit "[ERROR]: [-B|--bridge] cannot be used with Netgraph." fi fi @@ -166,6 +166,7 @@ fi bastille_root_check set_target_single "${TARGET}" +# Validate jail state check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then bastille stop "${TARGET}" else @@ -175,14 +176,16 @@ else fi validate_ip() { + IP6_ENABLE=0 local ip="${1}" local ip6="$( echo "${ip}" 2>/dev/null | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$)|SLAAC)' )" + if [ -n "${ip6}" ]; then - info "Valid: (${ip6})." + info "\nValid: (${ip6})." IP6_ENABLE=1 elif [ "${ip}" = "0.0.0.0" ] || [ "${ip}" = "DHCP" ]; then - info "Valid: (${ip})." + info "\nValid: (${ip})." else local IFS if echo "${ip}" 2>/dev/null | grep -Eq '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$'; then @@ -194,7 +197,7 @@ validate_ip() { error_exit "Invalid: (${TEST_IP})" fi done - info "Valid: (${ip})." + info "\nValid: (${ip})." else error_exit "Invalid: (${ip})." fi @@ -202,18 +205,22 @@ validate_ip() { } validate_netif() { + local _interface="${1}" + if ifconfig -l | grep -qwo ${_interface}; then - info "Valid: (${_interface})." + info "\nValid: (${_interface})." else error_exit "Invalid: (${_interface})." fi } check_interface_added() { + local _jailname="${1}" local _if="${2}" local _jail_config="${bastille_jailsdir}/${_jailname}/jail.conf" + if grep -qo "${_if}" "${_jail_config}"; then return 0 else @@ -222,6 +229,7 @@ check_interface_added() { } add_interface() { + local _jailname="${1}" local _if="${2}" local _ip="${3}" @@ -232,6 +240,7 @@ add_interface() { local _vnet_if_count="$(grep -Eo 'vnet[1-9]+' ${_jail_rc_config} | sort -u | wc -l | awk '{print $1}')" local _if_vnet="vnet$((_vnet_if_count + 1))" local _bastille_if_num_range=$((_bastille_if_count + 1)) + if [ "${BRIDGE}" -eq 1 ]; then if [ "${_bastille_if_count}" -gt 0 ]; then for _num in $(seq 0 "${_bastille_if_num_range}"); do @@ -426,9 +435,11 @@ EOF } remove_interface() { + local _jailname="${1}" local _if="${2}" local _jail_config="${bastille_jailsdir}/${_jailname}/jail.conf" + # Skip next block in case of classic jail if [ "$(bastille config ${TARGET} get vnet)" != "not set" ]; then local _jail_rc_config="${bastille_jailsdir}/${_jailname}/root/etc/rc.conf" @@ -452,31 +463,31 @@ remove_interface() { local _if_jail="${_if}" _if_type="passthrough" else - error_exit "Could not find interface inside jail: \"${_if_jail}\"" + error_exit "[ERROR]: Could not find interface inside jail: \"${_if_jail}\"" fi if [ "${_if_type}" = "bastille" ] || [ "${_if_type}" = "epair" ]; then if grep -oq "${_if_jail}" ${_jail_config}; then local _if_vnet="$(grep ${_if_jail} ${_jail_rc_config} | grep -Eo 'vnet[0-9]+')" else - error_exit "Interface not found: ${_if_jail}" + error_exit "[ERROR]: Interface not found: ${_if_jail}" fi elif [ "${_if_type}" = "passthrough" ]; then if grep -oq "${_if_jail}" ${_jail_config}; then local _if_vnet="${_if_jail}" else - error_exit "Interface not found: ${_if_jail}" + error_exit "[ERROR]: Interface not found: ${_if_jail}" fi fi # Do not allow removing default vnet0 interface if [ "${_if_vnet}" = "vnet0" ]; then - error_exit "Default interface cannot be removed." + error_exit "[ERROR]: Default interface cannot be removed." fi # Avoid removing entire file contents if variables aren't set for some reason if [ -z "${_if_jail}" ]; then - error_exit "Error: Could not find specifed interface." + error_exit "[ERROR]: Could not find specifed interface." fi # Remove interface from /etc/rc.conf @@ -484,13 +495,13 @@ remove_interface() { if [ -n "${_if_vnet}" ] && echo ${_if_vnet} 2>/dev/null | grep -Eoq 'vnet[0-9]+'; then sed -i '' "/.*${_if_vnet}.*/d" "${_jail_rc_config}" else - error_exit "Failed to remove interface from /etc/rc.conf" + error_exit "[ERROR]: Failed to remove interface from /etc/rc.conf" fi elif [ "${_if_type}" = "passthrough" ]; then if [ -n "${_if_vnet}" ]; then sed -i '' "/.*${_if_vnet}.*/d" "${_jail_rc_config}" else - error_exit "Failed to remove interface from /etc/rc.conf" + error_exit "[ERROR]: Failed to remove interface from /etc/rc.conf" fi fi @@ -507,18 +518,18 @@ remove_interface() { sed -i '' "/.*${_if_jail}.*/d" "${_jail_config}" fi else - error_exit "Failed to remove interface from jail.conf" + error_exit "[ERROR]: Failed to remove interface from jail.conf" fi else # Remove interface from jail.conf (non-VNET) if [ -n "${_if}" ]; then if grep ${_if} ${_jail_config} 2>/dev/null | grep -qo " = "; then - error_exit "Default interface cannot be removed." + error_exit "[ERROR]: Default interface cannot be removed." else sed -i '' "/.*${_if}.*/d" "${_jail_config}" fi else - error_exit "Failed to remove interface from jail.conf" + error_exit "[ERROR]: Failed to remove interface from jail.conf" fi fi @@ -526,12 +537,14 @@ remove_interface() { } add_vlan() { + local _jailname="${1}" local _interface="${2}" local _ip="${3}" local _vlan_id="${4}" local _jail_config="${bastille_jailsdir}/${_jailname}/jail.conf" local _jail_rc_config="${bastille_jailsdir}/${_jailname}/root/etc/rc.conf" + if [ "${VNET}" -eq 1 ]; then local _jail_epair_num="$(grep ${_interface} ${_jail_config} | grep -Eo -m 1 "bastille[0-9]+" | grep -Eo "[0-9]+")" local _jail_vnet="$(grep "e0b_bastille${_jail_epair_num}_name" ${_jail_rc_config} | grep -Eo "vnet[0-9]+")" @@ -542,7 +555,7 @@ add_vlan() { local _jail_vnet="${_interface}" fi if grep -Eq "ifconfig_${_jail_vnet}_${_vlan_id}" "${bastille_jailsdir}/${_jailname}/root/etc/rc.conf"; then - error_exit "VLAN has already been added: VLAN ${_vlan_id}" + error_exit "[ERROR]: VLAN has already been added: VLAN ${_vlan_id}" else bastille start "${_jailname}" bastille template "${_jailname}" ${bastille_template_vlan} --arg VLANID="${_vlan_id}" --arg IFCONFIG="inet ${_ip}" --arg JAIL_VNET="${_jail_vnet}" @@ -571,9 +584,9 @@ case "${ACTION}" in fi if [ "${VNET}" -eq 1 ]; then if [ "$(bastille config ${TARGET} get vnet)" = "not set" ]; then - error_exit "Error: ${TARGET} is not a VNET jail." + error_exit "[ERROR]: ${TARGET} is not a VNET jail." elif ifconfig -g bridge | grep -owq "${INTERFACE}"; then - error_exit "\"${INTERFACE}\" is a bridge interface." + error_exit "[ERROR]: '${INTERFACE}' is a bridge interface." else add_interface "${TARGET}" "${INTERFACE}" "${IP}" if [ -n "${VLAN_ID}" ]; then @@ -585,13 +598,13 @@ case "${ACTION}" in fi elif [ "${BRIDGE}" -eq 1 ]; then if [ "$(bastille config ${TARGET} get vnet)" = "not set" ]; then - error_exit "Error: ${TARGET} is not a VNET jail." + error_exit "[ERROR]: ${TARGET} is not a VNET jail." elif ! ifconfig -g bridge | grep -owq "${INTERFACE}"; then - error_exit "\"${INTERFACE}\" is not a bridge interface." + error_exit "[ERROR]: '${INTERFACE}' is not a bridge interface." else add_interface "${TARGET}" "${INTERFACE}" "${IP}" - if [ -n "${VLAN_ID}" ]; then - add_vlan "${TARGET}" "${INTERFACE}" "${IP}" "${VLAN_ID}" + if [ -n "${VLAN_ID}" ]; then + add_vlan "${TARGET}" "${INTERFACE}" "${IP}" "${VLAN_ID}" fi if [ "${AUTO}" -eq 1 ]; then bastille start "${TARGET}" @@ -599,7 +612,7 @@ case "${ACTION}" in fi elif [ "${PASSTHROUGH}" -eq 1 ]; then if [ "$(bastille config ${TARGET} get vnet)" = "not set" ]; then - error_exit "Error: ${TARGET} is not a VNET jail." + error_exit "[ERROR]: ${TARGET} is not a VNET jail." else add_interface "${TARGET}" "${INTERFACE}" "${IP}" fi @@ -611,7 +624,7 @@ case "${ACTION}" in fi elif [ "${CLASSIC}" -eq 1 ]; then if [ "$(bastille config ${TARGET} get vnet)" != "not set" ]; then - error_exit "Error: ${TARGET} is a VNET jail." + error_exit "[ERROR]: ${TARGET} is a VNET jail." else add_interface "${TARGET}" "${INTERFACE}" "${IP}" if [ "${AUTO}" -eq 1 ]; then @@ -624,7 +637,7 @@ case "${ACTION}" in check_interface_added "${TARGET}" "${INTERFACE}" || error_exit "Interface not found in jail.conf: \"${INTERFACE}\"" validate_netif "${INTERFACE}" if ! grep -q "${INTERFACE}" ${bastille_jailsdir}/${TARGET}/jail.conf; then - error_exit "Interface not found in jail.conf: \"${INTERFACE}\"" + error_exit "[ERROR]: Interface not found in jail.conf: \"${INTERFACE}\"" else remove_interface "${TARGET}" "${INTERFACE}" if [ "${AUTO}" -eq 1 ]; then @@ -633,6 +646,6 @@ case "${ACTION}" in fi ;; *) - error_exit "Only [add|remove] are supported." + error_exit "[ERROR]: Only [add|remove] are supported." ;; -esac +esac \ No newline at end of file diff --git a/usr/local/share/bastille/pkg.sh b/usr/local/share/bastille/pkg.sh index a5b8cd14..b6918c8c 100644 --- a/usr/local/share/bastille/pkg.sh +++ b/usr/local/share/bastille/pkg.sh @@ -72,7 +72,7 @@ while [ "$#" -gt 0 ]; do a) AUTO=1 ;; H) USE_HOST_PKG=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -97,13 +97,13 @@ errors=0 for _jail in ${JAILS}; do + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then - echo "Auto-starting ${_jail}..." bastille start "${_jail}" else info "\n[${_jail}]:" error_notify "Jail is not running." - error_continue_next_jail "Use [-a|--auto] to auto-start the jail." + error_continue "Use [-a|--auto] to auto-start the jail." fi info "\n[${_jail}]:" @@ -131,5 +131,7 @@ for _jail in ${JAILS}; do done if [ $errors -ne 0 ]; then - error_exit "Failed to apply on some jails, please check logs" -fi + error_exit "[ERROR]: Failed to apply on some jails, please check logs" +else + echo +fi \ No newline at end of file diff --git a/usr/local/share/bastille/rcp.sh b/usr/local/share/bastille/rcp.sh index 2adbcce8..aab2c28b 100644 --- a/usr/local/share/bastille/rcp.sh +++ b/usr/local/share/bastille/rcp.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in q) OPTION="-a" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -93,5 +93,7 @@ host_path="${HOST_PATH}" jail_path="$(echo ${bastille_jailsdir}/${TARGET}/root/${JAIL_PATH} | sed 's#//#/#g')" if ! cp "${OPTION}" "${jail_path}" "${host_path}"; then - error_exit "RCP failed: ${jail_path} -> ${host_path}" -fi + error_exit "[ERROR]: RCP failed: ${jail_path} -> ${host_path}" +else + echo +fi \ No newline at end of file diff --git a/usr/local/share/bastille/rdr.sh b/usr/local/share/bastille/rdr.sh index b76d71b8..24837694 100644 --- a/usr/local/share/bastille/rdr.sh +++ b/usr/local/share/bastille/rdr.sh @@ -74,12 +74,12 @@ check_jail_validity() { fi fi else - error_exit "VNET jails do not support rdr." + error_exit "[ERROR]: VNET jails do not support rdr." fi # Check if rdr-anchor is defined in pf.conf if ! (pfctl -sn | grep rdr-anchor | grep 'rdr/\*' >/dev/null); then - error_exit "rdr-anchor not found in pf.conf" + error_exit "[ERROR]: rdr-anchor not found in pf.conf" fi } @@ -89,7 +89,7 @@ check_rdr_ip_validity() { local ip6="$( echo "${ip}" | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$)|SLAAC)' )" if [ -n "${ip6}" ]; then - info "Valid: (${ip6})." + info "\nValid: (${ip6})." else local IFS if echo "${ip}" | grep -Eq '^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$'; then @@ -101,7 +101,7 @@ check_rdr_ip_validity() { error_exit "Invalid: (${TEST_IP})" fi done - info "Valid: (${ip})." + info "\nValid: (${ip})." else error_exit "Invalid: (${ip})." fi @@ -118,7 +118,7 @@ validate_rdr_rule() { local jail_port="${6}" if grep -qs "$if $src $dst $proto $host_port $jail_port" "${bastille_jailsdir}/${TARGET}/rdr.conf"; then - error_notify "Error: Ports already in use on this interface." + error_notify "[ERROR]: Ports already in use on this interface." error_exit "See 'bastille list ports' or 'bastille rdr TARGET reset'." fi } @@ -172,7 +172,7 @@ load_rdr_rule() { if ! ( pfctl -a "rdr/${TARGET}" -Psn 2>/dev/null; printf '%s\nrdr pass on $%s inet proto %s from %s to %s port %s -> %s port %s\n' "$if" "${bastille_network_pf_ext_if}" "$proto" "$src" "$dst" "$host_port" "$JAIL_IP" "$jail_port" ) \ | pfctl -a "rdr/${TARGET}" -f-; then - error_exit "Failed to create IPv4 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" + error_exit "[ERROR]: Failed to create IPv4 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" else echo "IPv4 ${proto}/${host_port}:${jail_port} on ${if_name}" fi @@ -183,7 +183,7 @@ load_rdr_rule() { if ! ( pfctl -a "rdr/${TARGET}" -Psn; printf '%s\nrdr pass on $%s inet6 proto %s from %s to %s port %s -> %s port %s\n' "$if" "${bastille_network_pf_ext_if}" "$proto" "$src" "$dst" "$host_port" "$JAIL_IP6" "$jail_port" ) \ | pfctl -a "rdr/${TARGET}" -f-; then - error_exit "Failed to create IPv6 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" + error_exit "[ERROR]: Failed to create IPv6 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" else echo "IPv6 ${proto}/${host_port}:${jail_port} on ${if_name}" fi @@ -209,7 +209,7 @@ load_rdr_log_rule() { if ! ( pfctl -a "rdr/${TARGET}" -Psn; printf '%s\nrdr pass %s on $%s inet proto %s from %s to %s port %s -> %s port %s\n' "$if" "$log" "${bastille_network_pf_ext_if}" "$proto" "$src" "$dst" "$host_port" "$JAIL_IP" "$jail_port" ) \ | pfctl -a "rdr/${TARGET}" -f-; then - error_exit "Failed to create logged IPv4 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" + error_exit "[ERROR]: Failed to create logged IPv4 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" else echo "IPv4 ${proto}/${host_port}:${jail_port} on ${if_name}" fi @@ -221,7 +221,7 @@ load_rdr_log_rule() { if ! ( pfctl -a "rdr/${TARGET}" -Psn; printf '%s\nrdr pass %s on $%s inet6 proto %s from %s to %s port %s -> %s port %s\n' "$if" "$log" "${bastille_network_pf_ext_if}" "$proto" "$src" "$dst" "$host_port" "$JAIL_IP6" "$jail_port" ) \ | pfctl -a "rdr/${TARGET}" -f-; then - error_exit "Failed to create logged IPv6 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" + error_exit "[ERROR]: Failed to create logged IPv6 rdr rule \"${if_name} ${src} ${dst} ${proto} ${host_port} ${jail_port}\"" else echo "IPv6 ${proto}/${host_port}:${jail_port} on ${if_name}" fi @@ -248,7 +248,7 @@ while [ "$#" -gt 0 ]; do RDR_DST="${2}" shift 2 else - error_exit "${2} is not an IP on this system." + error_exit "[ERROR]: '${2}' is not an IP on this system." fi ;; -i|--interface) @@ -257,7 +257,7 @@ while [ "$#" -gt 0 ]; do RDR_IF="${2}" shift 2 else - error_exit "${2} is not a valid interface." + error_exit "[ERROR]: '${2}' is not a valid interface." fi ;; -s|--source) @@ -268,7 +268,7 @@ while [ "$#" -gt 0 ]; do ;; -t|--type) if [ "${2}" != "ipv4" ] && [ "${2}" != "ipv6" ]; then - error_exit "[-t|--type] must be [ipv4|ipv6]" + error_exit "[ERROR]: [-t|--type] must be [ipv4|ipv6]" else OPTION_INET_TYPE=1 RDR_INET="${2}" @@ -280,7 +280,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_exit "Unknown option: \"${1}\"" + error_exit "[ERROR]: Unknown option: \"${1}\"" ;; *) break @@ -304,7 +304,7 @@ while [ "$#" -gt 0 ]; do case "${1}" in list) if [ "${OPTION_IF}" -eq 1 ] || [ "${OPTION_SRC}" -eq 1 ] || [ "${OPTION_DST}" -eq 1 ] || [ "${OPTION_INET_TYPE}" -eq 1 ];then - error_exit "Command \"${1}\" cannot be used with options." + error_exit "[ERROR]: Command \"${1}\" cannot be used with options." elif [ -n "${2}" ]; then usage else @@ -315,7 +315,7 @@ while [ "$#" -gt 0 ]; do ;; clear) if [ "${OPTION_IF}" -eq 1 ] || [ "${OPTION_SRC}" -eq 1 ] || [ "${OPTION_DST}" -eq 1 ] || [ "${OPTION_INET_TYPE}" -eq 1 ];then - error_exit "Command \"${1}\" cannot be used with options." + error_exit "[ERROR]: Command \"${1}\" cannot be used with options." elif [ -n "${2}" ]; then usage else @@ -326,15 +326,15 @@ while [ "$#" -gt 0 ]; do ;; reset) if [ "${OPTION_IF}" -eq 1 ] || [ "${OPTION_SRC}" -eq 1 ] || [ "${OPTION_DST}" -eq 1 ] || [ "${OPTION_INET_TYPE}" -eq 1 ];then - error_exit "Command \"${1}\" cannot be used with options." + error_exit "[ERROR]: Command \"${1}\" cannot be used with options." elif [ -n "${2}" ]; then usage else check_jail_validity pfctl -a "rdr/${TARGET}" -Fn - if rm -f "${bastille_jailsdir}/${TARGET}/rdr.conf"; then + if rm -f "${bastille_jailsdir}/${TARGET}/rdr.conf"; then echo "rdr.conf removed" - fi + fi fi shift ;; @@ -342,7 +342,7 @@ while [ "$#" -gt 0 ]; do if [ "$#" -lt 3 ]; then usage elif [ "${OPTION_SRC}" -eq 1 ] || [ "${OPTION_DST}" -eq 1 ] && [ "${OPTION_INET_TYPE}" -ne 1 ];then - error_exit "[-t|--type] must be set when using [-s|--source] or [-d|--destination]" + error_exit "[ERROR]: [-t|--type] must be set when using [-s|--source] or [-d|--destination]" elif [ "$#" -eq 3 ]; then check_jail_validity validate_rdr_rule $RDR_IF $RDR_SRC $RDR_DST $1 $2 $3 diff --git a/usr/local/share/bastille/rename.sh b/usr/local/share/bastille/rename.sh index c62fc5fc..5c462ad5 100644 --- a/usr/local/share/bastille/rename.sh +++ b/usr/local/share/bastille/rename.sh @@ -79,6 +79,7 @@ NEWNAME="${2}" bastille_root_check set_target_single "${TARGET}" +# Validate jail state check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then bastille stop "${TARGET}" else @@ -93,9 +94,9 @@ validate_name() { local NAME_SANITY="$(echo "${NAME_VERIFY}" | tr -c -d 'a-zA-Z0-9-_')" if [ -n "$(echo "${NAME_SANITY}" | awk "/^[-_].*$/" )" ]; then - error_exit "Container names may not begin with (-|_) characters!" + error_exit "[ERROR]: Jail names may not begin with (-|_) characters!" elif [ "${NAME_VERIFY}" != "${NAME_SANITY}" ]; then - error_exit "Container names may not contain special characters!" + error_exit "[ERROR]: Jail names may not contain special characters!" fi } @@ -134,6 +135,7 @@ update_jailconf_vnet() { for _if in ${_if_list}; do if echo ${_if} | grep -Eoq 'epair[0-9]+'; then + # Check if epair name = jail name local _epair_num="$(grep -Eo -m 1 "epair[0-9]+" "${_jail_conf}" | grep -Eo "[0-9]+")" if grep -E "epair[0-9]+a" "${_jail_conf}" | grep -Eo "e[0-9]+a_${TARGET}"; then @@ -143,6 +145,7 @@ update_jailconf_vnet() { local _target_host_epair="$(grep -Eo -m 1 "epair[0-9]+a" "${_jail_conf}")" local _target_jail_epair="$(grep -Eo -m 1 "epair[0-9]+b" "${_jail_conf}")" fi + if [ "$(echo -n "e${_epair_num}a_${NEWNAME}" | awk '{print length}')" -lt 16 ]; then # Generate new epair name local _new_host_epair="e${_epair_num}a_${NEWNAME}" @@ -151,18 +154,22 @@ update_jailconf_vnet() { local _new_host_epair="epair${_epair_num}a" local _new_jail_epair="epair${_epair_num}b" fi + # Replace host epair name in jail.conf sed -i '' "s|up name ${_target_host_epair}|up name ${_new_host_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} ether|${_new_host_epair} ether|g" "${_jail_conf}" sed -i '' "s|deletem ${_target_host_epair}|deletem ${_new_host_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} destroy|${_new_host_epair} destroy|g" "${_jail_conf}" sed -i '' "s|${_target_host_epair} description|${_new_host_epair} description|g" "${_jail_conf}" + # Replace jail epair name in jail.conf sed -i '' "s|= ${_target_jail_epair};|= ${_new_jail_epair};|g" "${_jail_conf}" sed -i '' "s|up name ${_target_jail_epair}|up name ${_new_jail_epair}|g" "${_jail_conf}" sed -i '' "s|${_target_jail_epair} ether|${_new_jail_epair} ether|g" "${_jail_conf}" + # Replace epair description sed -i '' "s|vnet host interface for Bastille jail ${TARGET}|vnet host interface for Bastille jail ${NEWNAME}|g" "${_jail_conf}" + # Replace epair name in /etc/rc.conf sed -i '' "/ifconfig/ s|${_target_jail_epair}|${_new_jail_epair}|g" "${_rc_conf}" fi @@ -195,10 +202,10 @@ change_name() { ZFS_DATASET_TARGET=$(echo "${ZFS_DATASET_ORIGIN}" | sed "s|\/${TARGET}||") if [ -n "${ZFS_DATASET_ORIGIN}" ] && [ -n "${ZFS_DATASET_TARGET}" ]; then if ! zfs rename -f "${ZFS_DATASET_ORIGIN}" "${ZFS_DATASET_TARGET}/${NEWNAME}"; then - error_exit "Can't rename '${TARGET}' dataset." + error_exit "[ERROR]: Can't rename '${TARGET}' dataset." fi else - error_exit "Can't determine the ZFS origin path of '${TARGET}'." + error_exit "[ERROR]: Can't determine the ZFS origin path of '${TARGET}'." fi else # Just rename the jail directory @@ -212,7 +219,7 @@ change_name() { # Check exit status and notify if [ "$?" -ne 0 ]; then - error_exit "An error has occurred while attempting to rename '${TARGET}'." + error_exit "[ERROR]: An error has occurred while attempting to rename '${TARGET}'." else echo "Renamed '${TARGET}' to '${NEWNAME}' successfully." if [ "${AUTO}" -eq 1 ]; then @@ -228,9 +235,11 @@ fi # Check if a jail already exists with NEW_NAME if [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then - error_exit "Jail: ${NEWNAME} already exists." + error_exit "[ERROR]: Jail: ${NEWNAME} already exists." fi info "\nAttempting to rename '${TARGET}' to ${NEWNAME}..." -change_name \ No newline at end of file +change_name + +info "\nRenamed '${TARGET}' to '${NEWNAME}' successfully.\n" \ No newline at end of file diff --git a/usr/local/share/bastille/restart.sh b/usr/local/share/bastille/restart.sh index 3b608c45..a812b440 100644 --- a/usr/local/share/bastille/restart.sh +++ b/usr/local/share/bastille/restart.sh @@ -89,7 +89,7 @@ while [ "$#" -gt 0 ]; do _stop_options="${_stop_options} -x" ;; *) - error_exit "Unknown Option: \"${1}\"" + error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done @@ -118,4 +118,4 @@ for _jail in ${JAILS}; do bastille start ${_start_options} ${_jail} fi -done +done \ No newline at end of file diff --git a/usr/local/share/bastille/service.sh b/usr/local/share/bastille/service.sh index 94bf70a9..710b12f1 100644 --- a/usr/local/share/bastille/service.sh +++ b/usr/local/share/bastille/service.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -87,17 +87,18 @@ bastille_root_check set_target "${TARGET}" for _jail in ${JAILS}; do - + + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else info "\n[${_jail}]:" error_notify "Jail is not running." - error_continue_next_jail "Use [-a|--auto] to auto-start the jail." + error_continue "Use [-a|--auto] to auto-start the jail." fi info "\n[${_jail}]:" jexec -l "${_jail}" /usr/sbin/service "$@" -done +done \ No newline at end of file diff --git a/usr/local/share/bastille/setup.sh b/usr/local/share/bastille/setup.sh index 25ddfe0e..a48c3879 100644 --- a/usr/local/share/bastille/setup.sh +++ b/usr/local/share/bastille/setup.sh @@ -250,7 +250,7 @@ case "$1" in configure_pf ;; -n|netgraph) - warn "[WARNING] Bastille only allows using either 'if_bridge' or 'netgraph'" + warn "[WARNING]: Bastille only allows using either 'if_bridge' or 'netgraph'" warn "as VNET network options. You CANNOT use both on the same system. If you have" warn "already started using bastille with 'if_bridge' do not continue." # shellcheck disable=SC3045 @@ -270,7 +270,7 @@ case "$1" in ;; -l|loopback) - warn "[WARNING] Bastille only allows using either the 'loopback' or 'shared'" + warn "[WARNING]: Bastille only allows using either the 'loopback' or 'shared'" warn "interface to be configured ant one time. If you continue, the 'shared'" warn "interface will be disabled, and the 'loopback' interface will be used as default." # shellcheck disable=SC3045 @@ -288,7 +288,7 @@ case "$1" in esac ;; -s|shared) - warn "[WARNING] Bastille only allows using either the 'loopback' or 'shared'" + warn "[WARNING]: Bastille only allows using either the 'loopback' or 'shared'" warn "interface to be configured at one time. If you continue, the 'loopback'" warn "interface will be disabled, and the shared interface will be used as default." # shellcheck disable=SC3045 @@ -315,4 +315,7 @@ case "$1" in configure_vnet configure_bridge ;; + *) + error_exit "[ERROR]: Unknown option: \"${1}\"" + ;; esac \ No newline at end of file diff --git a/usr/local/share/bastille/start.sh b/usr/local/share/bastille/start.sh index a7877934..995b936a 100644 --- a/usr/local/share/bastille/start.sh +++ b/usr/local/share/bastille/start.sh @@ -82,7 +82,7 @@ while [ "$#" -gt 0 ]; do b) BOOT=1 ;; v) OPTION="-v" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -134,14 +134,14 @@ for _jail in ${JAILS}; do fi if ifconfig | grep "^${_if}:" >/dev/null; then if ifconfig | grep -qwF "${_ip}"; then - warn "Warning: IP address (${_ip}) already in use, continuing..." + warn "[WARNING]: IP address (${_ip}) already in use, continuing..." fi ## add ip to firewall table if it is not reachable through local interface (assumes NAT/rdr is needed) if route -n get ${_ip} | grep "gateway" >/dev/null; then pfctl -q -t "${bastille_network_pf_table}" -T add "${_ip}" fi else - error_continue "Error: ${_if} interface does not exist." + error_continue "[ERROR]: ${_if} interface does not exist." fi done fi @@ -157,14 +157,14 @@ for _jail in ${JAILS}; do fi if ifconfig | grep "^${_if}:" >/dev/null; then if ifconfig | grep -qwF "${_ip}"; then - warn "Warning: IP address (${_ip}) already in use, continuing..." + warn "[WARNING]: IP address (${_ip}) already in use, continuing..." fi ## add ip to firewall table if it is not reachable through local interface (assumes NAT/rdr is needed) if route -n get ${_ip} | grep "gateway" >/dev/null; then pfctl -q -t "${bastille_network_pf_table}" -T add "${_ip}" fi else - error_continue "Error: ${_if} interface does not exist." + error_continue "[ERROR]: ${_if} interface does not exist." fi done fi diff --git a/usr/local/share/bastille/stop.sh b/usr/local/share/bastille/stop.sh index 35b92d8b..72d696e1 100644 --- a/usr/local/share/bastille/stop.sh +++ b/usr/local/share/bastille/stop.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in v) OPTION="-v" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift diff --git a/usr/local/share/bastille/sysrc.sh b/usr/local/share/bastille/sysrc.sh index e19f868b..727080b6 100644 --- a/usr/local/share/bastille/sysrc.sh +++ b/usr/local/share/bastille/sysrc.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -88,6 +88,7 @@ set_target "${TARGET}" for _jail in ${JAILS}; do + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else diff --git a/usr/local/share/bastille/tags.sh b/usr/local/share/bastille/tags.sh index 85dd8894..5aa0b757 100644 --- a/usr/local/share/bastille/tags.sh +++ b/usr/local/share/bastille/tags.sh @@ -56,7 +56,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_exit "Unknown Option: \"${1}\"" + error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; *) break @@ -118,5 +118,4 @@ for _jail in ${JAILS}; do ;; esac -done - +done \ No newline at end of file diff --git a/usr/local/share/bastille/template.sh b/usr/local/share/bastille/template.sh index 214d5be1..8b9a7e0e 100644 --- a/usr/local/share/bastille/template.sh +++ b/usr/local/share/bastille/template.sh @@ -35,6 +35,7 @@ usage() { error_notify "Usage: bastille template [option(s)] TARGET [--convert|project/template]" cat << EOF + Options: -a | --auto Auto mode. Start/stop jail(s) if required. @@ -45,6 +46,7 @@ EOF } post_command_hook() { + _jail=$1 _cmd=$2 _args=$3 @@ -110,7 +112,7 @@ render() { echo "Rendering File: ${_file_path}" eval "sed -i '' ${ARG_REPLACEMENTS} '${_file_path}'" else - warn "Path not found for render: ${2}" + warn "[WARNING]: Path not found for render: ${2}" fi } @@ -123,7 +125,7 @@ line_in_file() { echo "${_line}" >> "${_jailpath}/${_filepath}" fi else - warn "Path not found for line_in_file: ${_filepath}" + warn "[WARNING]: Path not found for line_in_file: ${_filepath}" fi } @@ -147,7 +149,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -175,11 +177,11 @@ bastille_root_check # Special case conversion of hook-style template files into a Bastillefile. -- cwells if [ "${TARGET}" = '--convert' ]; then if [ -d "${TEMPLATE}" ]; then # A relative path was provided. -- cwells - cd "${TEMPLATE}" || error_exit "Failed to change to directory: ${TEMPLATE}" + cd "${TEMPLATE}" || error_exit "[ERROR]: Failed to change to directory: ${TEMPLATE}" elif [ -d "${bastille_template}" ]; then - cd "${bastille_template}" || error_exit "Failed to change to directory: ${TEMPLATE}" + cd "${bastille_template}" || error_exit "[ERROR]: Failed to change to directory: ${TEMPLATE}" else - error_exit "Template not found: ${TEMPLATE}" + error_exit "[ERROR]: Template not found: ${TEMPLATE}" fi echo "Converting template: ${TEMPLATE}" @@ -217,7 +219,7 @@ if [ "${TARGET}" = '--convert' ]; then fi done - info "Template converted: ${TEMPLATE}" + info "\nTemplate converted: ${TEMPLATE}" exit 0 else set_target "${TARGET}" @@ -229,7 +231,7 @@ case ${TEMPLATE} in if [ ! -d "${bastille_templatesdir}/${TEMPLATE_DIR}" ]; then info "Bootstrapping ${TEMPLATE}..." if ! bastille bootstrap "${TEMPLATE}"; then - error_exit "Failed to bootstrap template: ${TEMPLATE}" + error_exit "[ERROR]: Failed to bootstrap template: ${TEMPLATE}" fi fi TEMPLATE="${TEMPLATE_DIR}" @@ -238,14 +240,14 @@ case ${TEMPLATE} in */*) if [ ! -d "${bastille_templatesdir}/${TEMPLATE}" ]; then if [ ! -d ${TEMPLATE} ]; then - error_exit "${TEMPLATE} not found." + error_exit "[ERROR]: ${TEMPLATE} not found." else bastille_template=${TEMPLATE} fi fi ;; *) - error_exit "Template name/URL not recognized." + error_exit "[ERROR]: Template name/URL not recognized." esac # Check for an --arg-file parameter. -- cwells @@ -265,7 +267,7 @@ for _script_arg in "$@"; do done if [ -n "${ARG_FILE}" ] && [ ! -f "${ARG_FILE}" ]; then - error_exit "File not found: ${ARG_FILE}" + error_exit "[ERROR]: File not found: ${ARG_FILE}" fi for _jail in ${JAILS}; do @@ -406,7 +408,7 @@ for _jail in ${JAILS}; do if ! eval "bastille ${_cmd} ${_jail} ${_args}"; then set +f unset IFS - error_exit "Failed to execute command: ${_cmd}" + error_exit "[ERROR]: Failed to execute command: ${_cmd}" fi post_command_hook "${_jail}" "${_cmd}" "${_args}" @@ -450,9 +452,9 @@ for _jail in ${JAILS}; do info "[${_jail}]:${_hook} -- START" if [ "${_hook}" = 'CMD' ] || [ "${_hook}" = 'PRE' ]; then - bastille cmd "${_jail}" /bin/sh < "${bastille_template}/${_hook}" || error_exit "Failed to execute command." + bastille cmd "${_jail}" /bin/sh < "${bastille_template}/${_hook}" || error_exit "[ERROR]: Failed to execute command." elif [ "${_hook}" = 'PKG' ]; then - bastille pkg "${_jail}" install -y "$(cat "${bastille_template}/PKG")" || error_exit "Failed to install packages." + bastille pkg "${_jail}" install -y "$(cat "${bastille_template}/PKG")" || error_exit "[ERROR]: Failed to install packages." bastille pkg "${_jail}" audit -F else while read _line; do @@ -462,7 +464,7 @@ for _jail in ${JAILS}; do # Replace "arg" variables in this line with the provided values. -- cwells _line=$(echo "${_line}" | eval "sed ${ARG_REPLACEMENTS}") eval "_args=\"${_args_template}\"" - bastille "${_cmd}" "${_jail}" "${_args}" || error_exit "Failed to execute command." + bastille "${_cmd}" "${_jail}" "${_args}" || error_exit "[ERROR]: Failed to execute command." done < "${bastille_template}/${_hook}" fi info "[${_jail}]:${_hook} -- END" @@ -470,6 +472,6 @@ for _jail in ${JAILS}; do fi done - echo "Template applied: ${TEMPLATE}" + info "\nTemplate applied: ${TEMPLATE}" done \ No newline at end of file diff --git a/usr/local/share/bastille/top.sh b/usr/local/share/bastille/top.sh index 625ef173..65879c88 100644 --- a/usr/local/share/bastille/top.sh +++ b/usr/local/share/bastille/top.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift diff --git a/usr/local/share/bastille/umount.sh b/usr/local/share/bastille/umount.sh index c78762eb..7b56da38 100644 --- a/usr/local/share/bastille/umount.sh +++ b/usr/local/share/bastille/umount.sh @@ -65,7 +65,7 @@ while [ "$#" -gt 0 ]; do case ${_opt} in a) AUTO=1 ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" esac done shift @@ -88,6 +88,7 @@ set_target "${TARGET}" for _jail in ${JAILS}; do + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else @@ -105,18 +106,18 @@ for _jail in ${JAILS}; do # Exit if mount point non-existent if [ -z "${_mount}" ] && [ -z "${_fstab_entry}" ]; then - error_continue "The specified mount point does not exist." + error_continue "[ERROR]: The specified mount point does not exist." fi # Unmount if [ -n "${_mount}" ]; then - umount "${_jailpath}" || error_continue "Failed to unmount volume: ${MOUNT_PATH}" + umount "${_jailpath}" || error_continue "[ERROR]: Failed to unmount volume: ${MOUNT_PATH}" fi # Remove entry from fstab if [ -n "${_fstab_entry}" ]; then if ! sed -E -i '' "\, +${_jailpath_fstab} +,d" "${bastille_jailsdir}/${_jail}/fstab"; then - error_continue "Failed to delete fstab entry: ${MOUNT_PATH}" + error_continue "[ERROR]: Failed to delete fstab entry: ${MOUNT_PATH}" fi fi diff --git a/usr/local/share/bastille/update.sh b/usr/local/share/bastille/update.sh index a9e230dc..902acd7f 100644 --- a/usr/local/share/bastille/update.sh +++ b/usr/local/share/bastille/update.sh @@ -75,7 +75,7 @@ while [ "$#" -gt 0 ]; do a) AUTO=1 ;; f) OPTION="-F" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -91,12 +91,11 @@ TARGET="${1}" bastille_root_check if [ -f "/bin/midnightbsd-version" ]; then - echo -e "${COLOR_RED}Not yet supported on MidnightBSD.${COLOR_RESET}" - exit 1 + error_exit "[ERROR]: Not yet supported on MidnightBSD." fi if freebsd-version | grep -qi HBSD; then - error_exit "Not yet supported on HardenedBSD." + error_exit "[ERROR]: Not yet supported on HardenedBSD." fi # Check for alternate/unsupported archs @@ -122,7 +121,7 @@ jail_check() { info "\n[${TARGET}]:" if grep -qw "${bastille_jailsdir}/${TARGET}/root/.bastille" "${bastille_jailsdir}/${TARGET}/fstab"; then - error_notify "${TARGET} is not a thick container." + error_notify "[ERROR]: ${TARGET} is not a thick container." error_exit "See 'bastille update RELEASE' to update thin jails." fi } @@ -138,7 +137,7 @@ jail_update() { if [ -d "${bastille_jailsdir}/${TARGET}" ]; then CURRENT_VERSION=$(/usr/sbin/jexec -l "${TARGET}" freebsd-version 2>/dev/null) if [ -z "${CURRENT_VERSION}" ]; then - error_exit "Can't determine '${TARGET}' version." + error_exit "[ERROR]: Can't determine '${TARGET}' version." else env PAGER="/bin/cat" freebsd-update ${OPTION} \ --not-running-from-cron \ @@ -175,7 +174,7 @@ release_update() { -f "${_freebsd_update_conf}" \ install --currently-running "${TARGET_TRIM}" else - error_exit "${TARGET} not found. See 'bastille bootstrap RELEASE'." + error_exit "[ERROR]: ${TARGET} not found. See 'bastille bootstrap RELEASE'." fi } @@ -185,13 +184,13 @@ template_update() { _template_path=${bastille_templatesdir}/${BASTILLE_TEMPLATE} if [ -d $_template_path ]; then - info "[${BASTILLE_TEMPLATE}]:" - git -C $_template_path pull ||\ - error_notify "${BASTILLE_TEMPLATE} update unsuccessful." - + info "\n[${BASTILLE_TEMPLATE}]:" + if ! git -C $_template_path pull; then + error_exit "[ERROR]: ${BASTILLE_TEMPLATE} update unsuccessful." + fi bastille verify "${BASTILLE_TEMPLATE}" else - error_exit "${BASTILLE_TEMPLATE} not found. See 'bastille bootstrap'." + error_exit "[ERROR]: ${BASTILLE_TEMPLATE} not found. See 'bastille bootstrap'." fi } @@ -200,7 +199,7 @@ templates_update() { # Update all templates _updated_templates=0 if [ -d ${bastille_templatesdir} ]; then - # shellcheck disable=SC2045 + # shellcheck disable=SC2045 for _template_path in $(ls -d ${bastille_templatesdir}/*/*); do if [ -d $_template_path/.git ]; then BASTILLE_TEMPLATE=$(echo "$_template_path" | awk -F / '{ print $(NF-1) "/" $NF }') @@ -212,9 +211,9 @@ templates_update() { fi if [ "$_updated_templates" -ne "0" ]; then - info "$_updated_templates templates updated." + info "\n$_updated_templates templates updated." else - error_exit "no templates found. See 'bastille bootstrap'." + error_exit "[ERROR]: No templates found. See 'bastille bootstrap'." fi } diff --git a/usr/local/share/bastille/upgrade.sh b/usr/local/share/bastille/upgrade.sh index d484e9c5..f22099a8 100644 --- a/usr/local/share/bastille/upgrade.sh +++ b/usr/local/share/bastille/upgrade.sh @@ -72,7 +72,7 @@ while [ "$#" -gt 0 ]; do a) AUTO=1 ;; f) OPTION="-F" ;; x) enable_debug ;; - *) error_exit "Unknown Option: \"${1}\"" ;; + *) error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; esac done shift @@ -95,19 +95,18 @@ set_target_single "${TARGET}" # Check for unsupported actions if [ -f "/bin/midnightbsd-version" ]; then - echo -e "${COLOR_RED}Not yet supported on MidnightBSD.${COLOR_RESET}" - exit 1 + error_exit "[ERROR]: Not yet supported on MidnightBSD." fi if freebsd-version | grep -qi HBSD; then - error_exit "Not yet supported on HardenedBSD." + error_exit "[ERROR]: Not yet supported on HardenedBSD." fi thick_jail_check() { local _jail="${1}" - # Check if the jail is thick and is running + # Validate jail state check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille start "${_jail}" else @@ -121,7 +120,7 @@ thin_jail_check() { local _jail="${1}" - # Check if the jail is thick and is running + # Validate jail state check_target_is_stopped "${_jail}" || if [ "${AUTO}" -eq 1 ]; then bastille stop "${_jail}" else @@ -137,13 +136,13 @@ release_check() { # Validate the release if ! echo "${_release}" | grep -q "[0-9]\{2\}.[0-9]-[RELEASE,BETA,RC]"; then - error_exit "${_release} is not a valid release." + error_exit "[ERROR]: ${_release} is not a valid release." fi # Exit if NEWRELEASE doesn't exist if [ "${THIN_JAIL}" -eq 1 ]; then if [ ! -d "${bastille_releasesdir}/${_release}" ]; then - error_notify "Release not found: ${_release}" + error_notify "[ERROR]: Release not found: ${_release}" error_exit "See 'bastille bootstrap ${_release} to bootstrap the release." fi fi @@ -152,6 +151,7 @@ release_check() { jail_upgrade() { local _jailname="${1}" + if [ "${THIN_JAIL}" -eq 1 ]; then local _oldrelease="$(bastille config ${_jailname} get osrelease)" else @@ -174,7 +174,7 @@ jail_upgrade() { if [ "${AUTO}" -eq 1 ]; then bastille start "${_jailname}" fi - echo "Upgraded ${_jailname}: ${_oldrelease} -> ${_newrelease}" + info "\nUpgraded ${_jailname}: ${_oldrelease} -> ${_newrelease}" echo "See 'bastille etcupdate TARGET' to update /etc/rc.conf" else # Upgrade a thick jail @@ -187,8 +187,7 @@ jail_upgrade() { # Update "osrelease" entry inside jail.conf sed -i '' "/osrelease/ s|${_oldrelease}|${_newrelease}|g" "${bastille_jailsdir}/${_jailname}/jail.conf" - echo - echo -e "${COLOR_YELLOW}Please run 'bastille upgrade ${_jailname} install', restart the jail, then run 'bastille upgrade ${_jailname} install' again to finish installing updates.${COLOR_RESET}" + warn "Please run 'bastille upgrade ${_jailname} install', restart the jail, then run 'bastille upgrade ${_jailname} install' again to finish installing updates." fi } @@ -207,7 +206,7 @@ jail_updates_install() { -f "${_freebsd_update_conf}" \ install else - error_exit "${_jailname} not found. See 'bastille bootstrap RELEASE'." + error_exit "[ERROR]: ${_jailname} not found. See 'bastille bootstrap RELEASE'." fi } diff --git a/usr/local/share/bastille/verify.sh b/usr/local/share/bastille/verify.sh index 11b8b847..6b72c25b 100644 --- a/usr/local/share/bastille/verify.sh +++ b/usr/local/share/bastille/verify.sh @@ -47,17 +47,17 @@ EOF verify_release() { if [ -f "/bin/midnightbsd-version" ]; then - error_exit "Not yet supported on MidnightBSD." + error_exit "[ERROR]: Not yet supported on MidnightBSD." fi if freebsd-version | grep -qi HBSD; then - error_exit "Not yet supported on HardenedBSD." + error_exit "[ERROR]: Not yet supported on HardenedBSD." fi if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then freebsd-update -b "${bastille_releasesdir}/${RELEASE}" --currently-running "${RELEASE}" IDS else - error_exit "${RELEASE} not found. See 'bastille bootstrap'." + error_exit "[ERROR]: ${RELEASE} not found. See 'bastille bootstrap'." fi } @@ -73,7 +73,7 @@ handle_template_include() { bastille verify "${BASTILLE_TEMPLATE_USER}/${BASTILLE_TEMPLATE_REPO}" ;; *) - error_exit "Template INCLUDE content not recognized." + error_exit "[ERROR]: Template INCLUDE content not recognized." ;; esac } @@ -87,14 +87,14 @@ verify_template() { _path=${_template_path}/${_hook} if [ -s "${_path}" ]; then _hook_validate=$((_hook_validate+1)) - info "Detected ${_hook} hook." + info "\nDetected ${_hook} hook." ## line count must match newline count # shellcheck disable=SC2046 # shellcheck disable=SC3003 if [ $(wc -l "${_path}" | awk '{print $1}') -ne "$(tr -d -c '\n' < "${_path}" | wc -c)" ]; then info "[${_hook}]:" - error_notify "${BASTILLE_TEMPLATE}:${_hook} [failed]." + error_notify "[ERROR]: ${BASTILLE_TEMPLATE}:${_hook} [failed]." error_notify "Line numbers don't match line breaks." error_exit "Template validation failed." ## if INCLUDE; recursive verify @@ -140,13 +140,13 @@ verify_template() { # Remove bad templates if [ "${_hook_validate}" -lt 1 ]; then rm -rf "${_template_path}" - error_notify "No valid template hooks found." + error_notify "[ERROR]: No valid template hooks found." error_exit "Template discarded." fi ## if validated; ready to use if [ "${_hook_validate}" -gt 0 ]; then - info "Template ready to use." + info "\nTemplate ready to use." fi } @@ -161,7 +161,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_exit "Unknown Option: \"${1}\"" + error_exit "[ERROR]: Unknown Option: \"${1}\"" ;; *) break @@ -194,4 +194,6 @@ case "${1}" in *) usage ;; -esac \ No newline at end of file +esac + +echo \ No newline at end of file diff --git a/usr/local/share/bastille/zfs.sh b/usr/local/share/bastille/zfs.sh index d48d95d7..fb0aa707 100644 --- a/usr/local/share/bastille/zfs.sh +++ b/usr/local/share/bastille/zfs.sh @@ -118,7 +118,7 @@ while [ "$#" -gt 0 ]; do shift ;; -*) - error_notify "Unknown Option: \"${1}\"" + error_notify "[ERROR]: Unknown Option: \"${1}\"" usage ;; *) @@ -139,12 +139,12 @@ set_target "${TARGET}" # Check if ZFS is enabled if ! checkyesno bastille_zfs_enable; then - error_exit "ZFS not enabled." + error_exit "[ERROR]: ZFS not enabled." fi # Check if zpool is defined if [ -z "${bastille_zfs_zpool}" ]; then - error_exit "ZFS zpool not defined." + error_exit "[ERROR]: ZFS zpool not defined." fi case "${ACTION}" in