Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-23 10:40:43 +01:00
Code Issues Packages Projects Releases Wiki Activity

cp: include rcp in cp and add jail mode

Browse Source
This commit is contained in:
tschettervictor
2025-01-12 11:16:51 -07:00
parent f65b8c3ebf
commit 8e73e6f188
5 changed files with 65 additions and 138 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
README.md
View File

@@ -62,7 +62,7 @@ Available Commands:
config Get or set a config value for the targeted container(s). config Get or set a config value for the targeted container(s).
console Console into a running container. console Console into a running container.
convert Convert a Thin container into a Thick container. convert Convert a Thin container into a Thick container.
cp cp(1) files from host to targeted container(s). cp cp(1) files from host or container to host or targeted container(s).
create Create a new thin container or a thick container if -T|--thick option specified. create Create a new thin container or a thick container if -T|--thick option specified.
destroy Destroy a stopped container or a FreeBSD release. destroy Destroy a stopped container or a FreeBSD release.
edit Edit container configuration files (advanced). edit Edit container configuration files (advanced).
@@ -75,7 +75,6 @@ Available Commands:
mount Mount a volume inside the targeted container(s). mount Mount a volume inside the targeted container(s).
pkg Manipulate binary packages within targeted container(s). See pkg(8). pkg Manipulate binary packages within targeted container(s). See pkg(8).
rdr Redirect host port to container port. rdr Redirect host port to container port.
rcp reverse cp(1) files from a single container to the host.
rename Rename a container. rename Rename a container.
restart Restart a running container. restart Restart a running container.
service Manage services within targeted container(s). service Manage services within targeted container(s).

22
docs/chapters/subcommands/rcp.rst
View File

@@ -1,22 +0,0 @@
===
rcp
===
This command allows copying files from a single jail to the host.
.. code-block:: shell
ishmael ~ # bastille rcp bastion /tmp/myfile /temp
[bastion]:
/usr/local/bastille/jails/bastion/root/tmp/myfile -> /temp/myfile
Unless you see errors reported in the output the `rcp` was successful.
.. code-block:: shell
ishmael ~ # bastille rcp help
Usage: bastille rcp [option(s)] TARGET JAIL_PATH HOST_PATH
Options:
-q | --quiet Suppress output.
-x | --debug Enable debug mode.

3
usr/local/bin/bastille
View File

@@ -95,7 +95,7 @@ Available Commands:
config Get or set a config value for the targeted container(s). config Get or set a config value for the targeted container(s).
console Console into a running container. console Console into a running container.
convert Convert a Thin container into a Thick container. convert Convert a Thin container into a Thick container.
cp cp(1) files from host to targeted container(s). cp cp(1) files from host or container to host or targeted container(s).
create Create a new thin container or a thick container if -T|--thick option specified. create Create a new thin container or a thick container if -T|--thick option specified.
destroy Destroy a stopped container or a FreeBSD release. destroy Destroy a stopped container or a FreeBSD release.
edit Edit container configuration files (advanced). edit Edit container configuration files (advanced).
@@ -107,7 +107,6 @@ Available Commands:
list List containers (running). list List containers (running).
mount Mount a volume inside the targeted container(s). mount Mount a volume inside the targeted container(s).
pkg Manipulate binary packages within targeted container(s). See pkg(8). pkg Manipulate binary packages within targeted container(s). See pkg(8).
rcp reverse cp(1) files from a single container to the host.
rdr Redirect host port to container port. rdr Redirect host port to container port.
rename Rename a container. rename Rename a container.
restart Restart a running container. restart Restart a running container.

62
usr/local/share/bastille/cp.sh
View File

@@ -34,10 +34,13 @@
. /usr/local/etc/bastille/bastille.conf . /usr/local/etc/bastille/bastille.conf
usage() { usage() {
error_notify "Usage: bastille cp [option(s)] TARGET HOST_PATH JAIL_PATH" error_notify "Usage: bastille cp [option(s)] TARGET SOURCE DESTINATION"
cat << EOF cat << EOF
Options: Options:
-j | --jail Jail mode. Copy files from jail to jail(s).
Syntax is [-j jail:srcpath jail:dstpath]
-r | --reverse Reverse copy files from jail to host.
-q | --quiet Suppress output. -q | --quiet Suppress output.
-x | --debug Enable debug mode. -x | --debug Enable debug mode.
@@ -46,12 +49,22 @@ EOF
} }
# Handle options. # Handle options.
JAIL_MODE=0
OPTION="-av" OPTION="-av"
REVERSE_MODE=0
while [ "$#" -gt 0 ]; do while [ "$#" -gt 0 ]; do
case "${1}" in case "${1}" in
-h|--help|help) -h|--help|help)
usage usage
;; ;;
-j|--jail)
JAIL_MODE=1
shift
;;
-r|--reverse)
REVERSE_MODE=1
shift
;;
-q|--quiet) -q|--quiet)
OPTION="-a" OPTION="-a"
shift shift
@@ -63,6 +76,8 @@ while [ "$#" -gt 0 ]; do
-*) -*)
for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do
case ${_opt} in case ${_opt} in
j) JAIL_MODE=1 ;;
r) REVERSE_MODE=1 ;;
q) OPTION="-a" ;; q) OPTION="-a" ;;
x) enable_debug ;; x) enable_debug ;;
*) error_exit "Unknown Option: \"${1}\"" ;; *) error_exit "Unknown Option: \"${1}\"" ;;
@@ -76,22 +91,55 @@ while [ "$#" -gt 0 ]; do
esac esac
done done
if [ "$#" -ne 3 ]; then if [ "$#" -lt 2 ] || [ "$#" -gt 3 ]; then
usage usage
fi fi
if [ "${JAIL_MODE}" -eq 1 ]; then
SOURCE_TARGET="$(echo ${1} | awk -F":" '{print $1}')"
SOURCE_PATH="$(echo ${1} | awk -F":" '{print $2}')"
DEST_TARGET="$(echo ${2} | awk -F":" '{print $1}')"
DEST_PATH="$(echo ${2} | awk -F":" '{print $2}')"
set_target_single "${SOURCE_TARGET}" && SOURCE_TARGET="${TARGET}"
set_target "${DEST_TARGET}" && DEST_TARGET="${JAILS}"
for _jail in ${DEST_TARGET}; do
if [ "${_jail}" = "${SOURCE_TARGET}" ]; then
continue
fi
info "[${_jail}]:"
source_path="$(echo ${bastille_jailsdir}/${SOURCE_TARGET}/root/${SOURCE_PATH} | sed 's#//#/#g')"
dest_path="$(echo ${bastille_jailsdir}/${_jail}/root/${DEST_PATH} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${source_path}" "${dest_path}"; then
error_continue "CP failed: ${source_path} -> ${dest_path}"
fi
done
exit
fi
TARGET="${1}" TARGET="${1}"
CPSOURCE="${2}" SOURCE="${2}"
CPDEST="${3}" DEST="${3}"
bastille_root_check bastille_root_check
set_target "${TARGET}"
if [ "${REVERSE_MODE}" -eq 1 ]; then
set_target_single "${TARGET}"
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
info "[${_jail}]:" info "[${_jail}]:"
host_path="${CPSOURCE}" host_path="${DEST}"
jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${CPDEST} | sed 's#//#/#g')" jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${SOURCE} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${jail_path}" "${host_path}"; then
error_exit "RCP failed: ${jail_path} -> ${host_path}"
fi
done
else
set_target "${TARGET}"
for _jail in ${JAILS}; do
info "[${_jail}]:"
host_path="${SOURCE}"
jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${DEST} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${host_path}" "${jail_path}"; then if ! cp "${OPTION}" "${host_path}" "${jail_path}"; then
error_continue "CP failed: ${host_path} -> ${jail_path}" error_continue "CP failed: ${host_path} -> ${jail_path}"
fi fi
done done
fi

97
usr/local/share/bastille/rcp.sh
View File

@@ -1,97 +0,0 @@
#!/bin/sh
#
# SPDX-License-Identifier: BSD-3-Clause
#
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice, this
# list of conditions and the following disclaimer.
#
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
#
# * Neither the name of the copyright holder nor the names of its
# contributors may be used to endorse or promote products derived from
# this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
. /usr/local/share/bastille/common.sh
. /usr/local/etc/bastille/bastille.conf
usage() {
error_notify "Usage: bastille rcp [option(s)] TARGET JAIL_PATH HOST_PATH"
cat << EOF
Options:
-q | --quiet Suppress output.
-x | --debug Enable debug mode.
EOF
exit 1
}
# Handle options.
OPTION="-av"
while [ "$#" -gt 0 ]; do
case "${1}" in
-h|--help|help)
usage
;;
-q|--quiet)
OPTION="-a"
shift
;;
-x|--debug)
enable_debug
shift
;;
-*)
for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do
case ${_opt} in
q) OPTION="-a" ;;
x) enable_debug ;;
*) error_exit "Unknown Option: \"${1}\"" ;;
esac
done
shift
;;
*)
break
;;
esac
done
if [ "$#" -ne 3 ]; then
usage
fi
TARGET="${1}"
CPSOURCE="${2}"
CPDEST="${3}"
bastille_root_check
set_target_single "${TARGET}"
for _jail in ${JAILS}; do
info "[${_jail}]:"
host_path="${CPDEST}"
jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${CPSOURCE} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${jail_path}" "${host_path}"; then
error_continue "RCP failed: ${jail_path} -> ${host_path}"
fi
done