Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2025-12-22 02:00:08 +01:00
Code Issues Packages Projects Releases Wiki Activity

half way point

Browse Source
This commit is contained in:
tschettervictor
2025-04-30 11:21:41 -06:00
parent 984c4a1191
commit bb47671cf0
18 changed files with 109 additions and 83 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
usr/local/bin/bastille
View File

@@ -268,9 +268,6 @@ esac
# shellcheck disable=SC2154 # shellcheck disable=SC2154
SCRIPTPATH="${bastille_sharedir}/${CMD}.sh" SCRIPTPATH="${bastille_sharedir}/${CMD}.sh"
# Start with blank line
echo
if [ -f "${SCRIPTPATH}" ]; then if [ -f "${SCRIPTPATH}" ]; then
: "${UMASK:=022}" : "${UMASK:=022}"

6
usr/local/share/bastille/bootstrap.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille bootstrap [option(s)] [RELEASE|TEMPLATE] [update|arch]" error_notify "Usage: bastille bootstrap [option(s)] [RELEASE|TEMPLATE] [update|arch]"
cat << EOF cat << EOF
Options: Options:
-x | --debug Enable debug mode. -x | --debug Enable debug mode.
@@ -288,7 +289,7 @@ bootstrap_release() {
info "Bootstrap successful." info "Bootstrap successful."
info "See 'bastille --help' for available commands." info "See 'bastille --help' for available commands."
echo
} }
debootstrap_release() { debootstrap_release() {
@@ -384,7 +385,6 @@ debootstrap_release() {
info "Bootstrap successful." info "Bootstrap successful."
info "See 'bastille --help' for available commands." info "See 'bastille --help' for available commands."
echo
} }
bootstrap_template() { bootstrap_template() {
@@ -658,3 +658,5 @@ case "${OPTION}" in
bastille update "${RELEASE}" bastille update "${RELEASE}"
;; ;;
esac esac
echo

16
usr/local/share/bastille/clone.sh
View File

@@ -33,8 +33,9 @@
. /usr/local/share/bastille/common.sh . /usr/local/share/bastille/common.sh
usage() { usage() {
error_notify "Usage: bastille clone [option(s)] TARGET NEW_NAME IP_ADDRESS" error_notify "Usage: bastille clone [option(s)] TARGET NEWNAME IPADDRESS"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. Cannot be used with [-l|--live]. -a | --auto Auto mode. Start/stop jail(s) if required. Cannot be used with [-l|--live].
@@ -373,19 +374,22 @@ update_jailconf_vnet() {
clone_jail() { clone_jail() {
info "Attempting to clone ${TARGET} to ${NEWNAME}..." info "\n[${TARGET}]:"
echo "Attempting clone to ${NEWNAME}..."
if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
if checkyesno bastille_zfs_enable; then if checkyesno bastille_zfs_enable; then
if [ "${LIVE}" -eq 1 ]; then if [ "${LIVE}" -eq 1 ]; then
check_target_is_running "${TARGET}" || error_exit "[-l|--live] can only be used with a running jail." check_target_is_running "${TARGET}" || error_exit "[-l|--live] can only be used with a running jail."
else check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then else check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-stopping ${TARGET}..."
bastille stop "${TARGET}" bastille stop "${TARGET}"
else else
error_notify "Jail is running." error_notify "Jail is running."
error_exit "Use [-a|--auto] to force stop the jail, or [-l|--live] (ZFS only) to clone a running jail." error_exit "Use [-a|--auto] to force stop the jail, or [-l|--live] (ZFS only) to clone a running jail."
fi fi
fi fi
if [ -n "${bastille_zfs_zpool}" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
# Replicate the existing container # Replicate the existing container
DATE=$(date +%F-%H%M%S) DATE=$(date +%F-%H%M%S)
@@ -401,14 +405,18 @@ clone_jail() {
zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}@bastille_clone_${DATE}" zfs destroy "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${NEWNAME}@bastille_clone_${DATE}"
fi fi
else else
# Perform container file copy (archive mode)
check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-stopping ${TARGET}..."
bastille stop "${TARGET}" bastille stop "${TARGET}"
else else
error_notify "Jail is running." error_notify "Jail is running."
error_exit "Use [-a|--auto] to force stop the jail." error_exit "Use [-a|--auto] to force stop the jail."
fi fi
# Perform container file copy (archive mode)
cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}" cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
fi fi
else else
error_exit "${NEWNAME} already exists." error_exit "${NEWNAME} already exists."
@@ -442,3 +450,5 @@ else
fi fi
clone_jail clone_jail
echo

17
usr/local/share/bastille/cmd.sh
View File

@@ -33,8 +33,9 @@
. /usr/local/share/bastille/common.sh . /usr/local/share/bastille/common.sh
usage() { usage() {
error_notify "Usage: bastille cmd [option(s)] TARGET command" error_notify "Usage: bastille cmd [option(s)] TARGET COMMAND"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.
@@ -90,16 +91,16 @@ set_target "${TARGET}"
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
info "\n[${_jail}]:"
check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-starting ${_jail}..."
bastille start "${_jail}" bastille start "${_jail}"
else else
info "[${_jail}]:"
error_notify "Jail is not running." error_notify "Jail is not running."
error_continue_next_jail "Use [-a|--auto] to auto-start the jail." error_continue "Use [-a|--auto] to auto-start the jail."
fi fi
info "[${_jail}]:"
COUNT=$(($COUNT+1)) COUNT=$(($COUNT+1))
if grep -qw "linsysfs" "${bastille_jailsdir}/${_jail}/fstab"; then if grep -qw "linsysfs" "${bastille_jailsdir}/${_jail}/fstab"; then
# Allow executing commands on Linux jails. # Allow executing commands on Linux jails.
@@ -117,14 +118,12 @@ for _jail in ${JAILS}; do
RETURN=$(($RETURN+$ERROR_CODE)) RETURN=$(($RETURN+$ERROR_CODE))
fi fi
# Print blank line
echo ""
done done
# Check when a command is executed in all running jails. (bastille cmd ALL ...) # Check when a command is executed in all running jails. (bastille cmd ALL ...)
if [ "${COUNT}" -gt 1 ] && [ "${RETURN}" -gt 0 ]; then if [ "${COUNT}" -gt 1 ] && [ "${RETURN}" -gt 0 ]; then
RETURN=1 RETURN=1
return "${RETURN}"
fi fi
return "${RETURN}" echo

17
usr/local/share/bastille/common.sh
View File

@@ -72,22 +72,13 @@ error_continue() {
continue continue
} }
# Notify message on error, and continue to next jail
# Echo blank line
error_continue_next_jail() {
error_notify "$@"
echo
# shellcheck disable=SC2104
continue
}
# Notify message on error, but do not exit # Notify message on error, but do not exit
error_notify() { error_notify() {
echo -e "${COLOR_RED}$*${COLOR_RESET}" 1>&2 echo -e "${COLOR_RED}$*${COLOR_RESET}" 1>&2
} }
# Notify message on error and exit # Notify message on error and exit
# Echo blank line # Echo blank line when exiting
error_exit() { error_exit() {
error_notify "$@" error_notify "$@"
echo echo
@@ -209,14 +200,15 @@ set_target() {
if get_jail_name "${_jail}" > /dev/null; then if get_jail_name "${_jail}" > /dev/null; then
_jail="$(get_jail_name ${_jail})" _jail="$(get_jail_name ${_jail})"
else else
error_continue_next_jail "Error: JID \"${_jail}\" not found. Is jail running?" error_continue "Error: JID \"${_jail}\" not found. Is jail running?"
fi fi
elif ! check_target_exists "${_jail}"; then elif ! check_target_exists "${_jail}"; then
if jail_autocomplete "${_jail}" > /dev/null; then if jail_autocomplete "${_jail}" > /dev/null; then
_jail="$(jail_autocomplete ${_jail})" _jail="$(jail_autocomplete ${_jail})"
elif [ $? -eq 2 ]; then elif [ $? -eq 2 ]; then
error_continue_next_jail "Jail not found \"${_jail}\"" error_continue "Jail not found \"${_jail}\""
else else
echo
exit 1 exit 1
fi fi
fi fi
@@ -253,6 +245,7 @@ set_target_single() {
elif [ $? -eq 2 ]; then elif [ $? -eq 2 ]; then
error_exit "Jail not found \"${_TARGET}\"" error_exit "Jail not found \"${_TARGET}\""
else else
echo
exit 1 exit 1
fi fi
fi fi

3
usr/local/share/bastille/config.sh
View File

@@ -34,8 +34,9 @@
usage() { usage() {
error_notify "Usage: bastille config TARGET [get|set|remove] PROPERTY [VALUE]" error_notify "Usage: bastille config TARGET [get|set|remove] PROPERTY VALUE"
cat << EOF cat << EOF
Options: Options:
-x | --debug Enable debug mode. -x | --debug Enable debug mode.

14
usr/local/share/bastille/console.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille console [option(s)] TARGET [user]" error_notify "Usage: bastille console [option(s)] TARGET [user]"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.
@@ -115,16 +116,16 @@ check_fib() {
} }
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
info "\n[${_jail}]:"
check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-starting ${_jail}..."
bastille start "${_jail}" bastille start "${_jail}"
else else
info "[${_jail}]:"
error_notify "Jail is not running." error_notify "Jail is not running."
error_continue_next_jail "Use [-a|--auto] to auto-start the jail." error_continue "Use [-a|--auto] to auto-start the jail."
fi fi
info "[${_jail}]:"
LOGIN="$(jexec -l "${_jail}" which login)" LOGIN="$(jexec -l "${_jail}" which login)"
if [ -n "${USER}" ]; then if [ -n "${USER}" ]; then
validate_user "${_jail}" "${USER}" validate_user "${_jail}" "${USER}"
@@ -134,7 +135,6 @@ for _jail in ${JAILS}; do
${_setfib} jexec -l "${_jail}" $LOGIN -f root ${_setfib} jexec -l "${_jail}" $LOGIN -f root
fi fi
# Print blank line
echo ""
done done
echo

12
usr/local/share/bastille/convert.sh
View File

@@ -34,8 +34,8 @@
usage() { usage() {
error_notify "Usage: bastille convert [option(s)] [TARGET|TARGET RELEASE]" error_notify "Usage: bastille convert [option(s)] [TARGET|TARGET RELEASE]"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.
@@ -81,7 +81,11 @@ CONVERT_RELEASE="${2}"
bastille_root_check bastille_root_check
set_target_single "${TARGET}" set_target_single "${TARGET}"
info "\n[${TARGET}]:"
check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-stopping ${TARGET}..."
bastille stop "${TARGET}" bastille stop "${TARGET}"
else else
error_notify "Jail is running." error_notify "Jail is running."
@@ -103,7 +107,7 @@ convert_jail_to_release() {
_jailname="${1}" _jailname="${1}"
_release="${2}" _release="${2}"
info "Creating ${_release} from ${_jailname}..." echo "Creating ${_release} from ${_jailname}..."
if checkyesno bastille_zfs_enable; then if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
@@ -162,7 +166,7 @@ convert_symlinks() {
done done
# Copy new files to destination jail # Copy new files to destination jail
info "Copying required base files to container..." echo "Copying required base files to container..."
for _link in ${SYMLINKS}; do for _link in ${SYMLINKS}; do
if [ ! -d "${_link}" ]; then if [ ! -d "${_link}" ]; then
if [ -d "${bastille_releasesdir}/${RELEASE}/${_link}" ]; then if [ -d "${bastille_releasesdir}/${RELEASE}/${_link}" ]; then
@@ -274,3 +278,5 @@ elif [ "$#" -eq 2 ]; then
else else
usage usage
fi fi
echo

10
usr/local/share/bastille/cp.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille cp [option(s)] TARGET HOST_PATH JAIL_PATH" error_notify "Usage: bastille cp [option(s)] TARGET HOST_PATH JAIL_PATH"
cat << EOF cat << EOF
Options: Options:
-q | --quiet Suppress output. -q | --quiet Suppress output.
@@ -88,16 +89,15 @@ set_target "${TARGET}"
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
info "[${_jail}]:" info "\n[${_jail}]:"
host_path="${HOST_PATH}" host_path="${HOST_PATH}"
jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${JAIL_PATH} | sed 's#//#/#g')" jail_path="$(echo ${bastille_jailsdir}/${_jail}/root/${JAIL_PATH} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${host_path}" "${jail_path}"; then if ! cp "${OPTION}" "${host_path}" "${jail_path}"; then
error_continue_next_jail "CP failed: ${host_path} -> ${jail_path}" error_continue "CP failed: ${host_path} -> ${jail_path}"
fi fi
# Print blank line
echo ""
done done
echo

10
usr/local/share/bastille/create.sh
View File

@@ -401,7 +401,7 @@ create_jail() {
if [ -z "${THICK_JAIL}" ] && [ -z "${CLONE_JAIL}" ]; then if [ -z "${THICK_JAIL}" ] && [ -z "${CLONE_JAIL}" ]; then
LINK_LIST="bin boot lib libexec rescue sbin usr/bin usr/include usr/lib usr/lib32 usr/libdata usr/libexec usr/sbin usr/share usr/src" LINK_LIST="bin boot lib libexec rescue sbin usr/bin usr/include usr/lib usr/lib32 usr/libdata usr/libexec usr/sbin usr/share usr/src"
info "Creating a thinjail..." info "\nCreating a thinjail..."
for _link in ${LINK_LIST}; do for _link in ${LINK_LIST}; do
ln -sf /.bastille/${_link} ${_link} ln -sf /.bastille/${_link} ${_link}
done done
@@ -432,7 +432,7 @@ create_jail() {
if checkyesno bastille_zfs_enable; then if checkyesno bastille_zfs_enable; then
if [ -n "${bastille_zfs_zpool}" ]; then if [ -n "${bastille_zfs_zpool}" ]; then
if [ -n "${CLONE_JAIL}" ]; then if [ -n "${CLONE_JAIL}" ]; then
info "Creating a clonejail...\n" info "\nCreating a clonejail...\n"
## clone the release base to the new basejail ## clone the release base to the new basejail
SNAP_NAME="bastille-clone-$(date +%Y-%m-%d-%H%M%S)" SNAP_NAME="bastille-clone-$(date +%Y-%m-%d-%H%M%S)"
# shellcheck disable=SC2140 # shellcheck disable=SC2140
@@ -444,7 +444,7 @@ create_jail() {
# Check and apply required settings. # Check and apply required settings.
post_create_jail post_create_jail
elif [ -n "${THICK_JAIL}" ]; then elif [ -n "${THICK_JAIL}" ]; then
info "Creating a thickjail. This may take a while...\n" info "\nCreating a thickjail. This may take a while...\n"
## perform release base replication ## perform release base replication
## sane bastille zfs options ## sane bastille zfs options
@@ -971,7 +971,7 @@ if [ -z "${EMPTY_JAIL}" ]; then
validate_netconf validate_netconf
fi fi
else else
info "Creating empty jail: ${NAME}." info "\nCreating empty jail: ${NAME}."
fi fi
# May not exist on deployments created before Bastille 0.7.20200714, so creating it. -- cwells # May not exist on deployments created before Bastille 0.7.20200714, so creating it. -- cwells
@@ -1008,3 +1008,5 @@ if check_target_exists "${NAME}"; then
fi fi
create_jail "${NAME}" "${RELEASE}" "${IP}" "${INTERFACE}" create_jail "${NAME}" "${RELEASE}" "${IP}" "${INTERFACE}"
echo

12
usr/local/share/bastille/destroy.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille destroy [option(s)] [JAIL|RELEASE]" error_notify "Usage: bastille destroy [option(s)] [JAIL|RELEASE]"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.
@@ -52,15 +53,17 @@ destroy_jail() {
for _jail in ${JAILS}; do for _jail in ${JAILS}; do
info "[${_jail}]:"
bastille_jail_base="${bastille_jailsdir}/${_jail}" bastille_jail_base="${bastille_jailsdir}/${_jail}"
bastille_jail_log="${bastille_logsdir}/${_jail}_console.log" bastille_jail_log="${bastille_logsdir}/${_jail}_console.log"
check_target_is_stopped "${_jail}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_stopped "${_jail}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-stopping ${_jail}..."
bastille stop "${_jail}" bastille stop "${_jail}"
else else
info "[${_jail}]:"
error_notify "Jail is running." error_notify "Jail is running."
error_continue_next_jail "Use [-a|--auto] to auto-stop the jail." error_continue "Use [-a|--auto] to auto-stop the jail."
fi fi
if [ -d "${bastille_jail_base}" ]; then if [ -d "${bastille_jail_base}" ]; then
@@ -110,9 +113,6 @@ destroy_jail() {
fi fi
fi fi
# Print blank line
echo ""
done done
} }
@@ -304,3 +304,5 @@ case "${TARGET}" in
destroy_jail "${JAILS}" destroy_jail "${JAILS}"
;; ;;
esac esac
echo

1
usr/local/share/bastille/edit.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille edit [option(s)] TARGET [filename]" error_notify "Usage: bastille edit [option(s)] TARGET [filename]"
cat << EOF cat << EOF
Options: Options:
-x | --debug Enable debug mode. -x | --debug Enable debug mode.

25
usr/local/share/bastille/etcupdate.sh
View File

@@ -32,6 +32,7 @@
usage() { usage() {
error_notify "Usage: bastille etcupdate [option(s)] [bootstrap|TARGET] [diff|resolve|update RELEASE]" error_notify "Usage: bastille etcupdate [option(s)] [bootstrap|TARGET] [diff|resolve|update RELEASE]"
cat << EOF cat << EOF
Options: Options:
-d | --dry-run Show output, but do not apply. -d | --dry-run Show output, but do not apply.
@@ -59,40 +60,40 @@ bootstrap_etc_release() {
bootstrap_etc_tarball() { bootstrap_etc_tarball() {
local _release="${1}" local _release="${1}"
if [ ! -f ${bastille_cachedir}/${_release}.tbz2 ]; then if [ ! -f ${bastille_cachedir}/${_release}.tbz2 ]; then
echo "Building tarball, please wait..." echo "\nBuilding tarball, please wait..."
if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then
error_exit "Failed to build etcupdate tarball \"${_release}.tbz2\"" error_exit "Failed to build etcupdate tarball \"${_release}.tbz2\""
else else
info "Etcupdate bootstrap complete: ${_release}" info "\nEtcupdate bootstrap complete: ${_release}"
fi fi
elif [ -f ${bastille_cachedir}/${_release}.tbz2 ] && [ "${FORCE}" -eq 1 ]; then elif [ -f ${bastille_cachedir}/${_release}.tbz2 ] && [ "${FORCE}" -eq 1 ]; then
rm -f "${bastille_cachedir}/${_release}.tbz2" rm -f "${bastille_cachedir}/${_release}.tbz2"
echo "Building tarball, please wait..." echo "Building tarball, please wait..."
if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then if ! etcupdate build -d /tmp/etcupdate -s ${bastille_releasesdir}/${_release}/usr/src ${bastille_cachedir}/${_release}.tbz2; then
error_exit "Failed to build etcupdate tarball: ${_release}.tbz2" error_exit "[ERROR]: Failed to build etcupdate tarball: ${_release}.tbz2"
else else
info "Etcupdate bootstrap complete: ${_release}" info "\nEtcupdate bootstrap complete: ${_release}"
fi fi
else else
info "Etcupdate release has already been prepared for application: ${_release}" info "\nEtcupdate release has already been prepared for application: ${_release}"
fi fi
} }
diff_review() { diff_review() {
local _jail="${1}" local _jail="${1}"
if [ "${DRY_RUN}" -eq 1 ]; then if [ "${DRY_RUN}" -eq 1 ]; then
warn "Warning: diff mode does not support [-d|--dryrun]" error_exit "[ERROR]: diff mode does not support [-d|--dryrun]"
fi fi
info "[${_jail}]: etcupdate --diff mode" info "\n[${_jail}]: etcupdate --diff mode"
etcupdate diff -D "${bastille_jailsdir}/${_jail}/root" etcupdate diff -D "${bastille_jailsdir}/${_jail}/root"
} }
resolve_conflicts() { resolve_conflicts() {
local _jail="${1}" local _jail="${1}"
if [ "${DRY_RUN}" -eq 1 ]; then if [ "${DRY_RUN}" -eq 1 ]; then
warn "Warning: resolve mode does not support [-d|--dryrun]" error_exit "[ERROR]: resolve mode does not support [-d|--dryrun]"
fi fi
info "[${_jail}]: etcupdate resolve" info "\n[${_jail}]: etcupdate resolve"
etcupdate resolve -D "${bastille_jailsdir}/${_jail}/root" etcupdate resolve -D "${bastille_jailsdir}/${_jail}/root"
} }
@@ -103,10 +104,10 @@ update_jail_etc() {
error_exit "Error: Please run \"bastille etcupdate bootstrap RELEASE\" first." error_exit "Error: Please run \"bastille etcupdate bootstrap RELEASE\" first."
fi fi
if [ "${DRY_RUN}" -eq 1 ]; then if [ "${DRY_RUN}" -eq 1 ]; then
info "[${_jail}]: etcupdate update --dry-run" info "\n[${_jail}]: etcupdate update --dry-run"
etcupdate -n -D "${bastille_jailsdir}/${_jail}/root" -t ${bastille_cachedir}/${_release}.tbz2 etcupdate -n -D "${bastille_jailsdir}/${_jail}/root" -t ${bastille_cachedir}/${_release}.tbz2
else else
info "[${_jail}]: etcupdate update" info "\n[${_jail}]: etcupdate update"
etcupdate -D "${bastille_jailsdir}/${_jail}/root" -t ${bastille_cachedir}/${_release}.tbz2 etcupdate -D "${bastille_jailsdir}/${_jail}/root" -t ${bastille_cachedir}/${_release}.tbz2
fi fi
} }
@@ -194,3 +195,5 @@ while [ "$#" -gt 0 ]; do
;; ;;
esac esac
done done
echo

8
usr/local/share/bastille/export.sh
View File

@@ -39,6 +39,7 @@ usage() {
# If no compression option specified, user must redirect standard output # If no compression option specified, user must redirect standard output
error_notify "Usage: bastille export [option(s)] TARGET PATH" error_notify "Usage: bastille export [option(s)] TARGET PATH"
cat << EOF cat << EOF
Options: Options:
--gz Export a ZFS jail using GZIP(.gz) compressed image. --gz Export a ZFS jail using GZIP(.gz) compressed image.
@@ -240,7 +241,7 @@ fi
create_zfs_snap() { create_zfs_snap() {
# Take a recursive temporary snapshot # Take a recursive temporary snapshot
if [ -z "${USER_EXPORT}" ]; then if [ -z "${USER_EXPORT}" ]; then
info "Creating temporary ZFS snapshot for export..." echo "Creating temporary ZFS snapshot for export..."
fi fi
zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_${TARGET}_${DATE}" zfs snapshot -r "${bastille_zfs_zpool}/${bastille_zfs_prefix}/jails/${TARGET}@bastille_${TARGET}_${DATE}"
} }
@@ -296,6 +297,9 @@ export_check() {
} }
jail_export() { jail_export() {
info "\n[${_jail}]:"
# Attempt to export the container # Attempt to export the container
DATE=$(date +%F-%H%M%S) DATE=$(date +%F-%H%M%S)
if checkyesno bastille_zfs_enable; then if checkyesno bastille_zfs_enable; then
@@ -387,3 +391,5 @@ if [ -n "${TARGET}" ]; then
fi fi
jail_export jail_export
fi fi
echo

7
usr/local/share/bastille/htop.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille htop [option(s)] TARGET" error_notify "Usage: bastille htop [option(s)] TARGET"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.
@@ -84,16 +85,16 @@ TARGET="${1}"
bastille_root_check bastille_root_check
set_target_single "${TARGET}" set_target_single "${TARGET}"
info "[${TARGET}]:"
check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
echo "Auto-starting ${TARGET}..."
bastille start "${TARGET}" bastille start "${TARGET}"
else else
info "[${TARGET}]:"
error_notify "Jail is not running." error_notify "Jail is not running."
error_continue_next_jail "Use [-a|--auto] to auto-start the jail." error_continue_next_jail "Use [-a|--auto] to auto-start the jail."
fi fi
info "[${TARGET}]:"
if [ ! -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then if [ ! -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then
error_notify "htop not found on ${TARGET}." error_notify "htop not found on ${TARGET}."
elif [ -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then elif [ -x "${bastille_jailsdir}/${TARGET}/root/usr/local/bin/htop" ]; then

4
usr/local/share/bastille/import.sh
View File

@@ -36,8 +36,8 @@ usage() {
# Build an independent usage for the import command # Build an independent usage for the import command
# If no file/extension specified, will import from standard input # If no file/extension specified, will import from standard input
error_notify "Usage: bastille import [option(s)] FILE [RELEASE]" error_notify "Usage: bastille import [option(s)] FILE [RELEASE]"
cat << EOF cat << EOF
Options: Options:
-f | --force Force an archive import regardless if the checksum file does not match or missing. -f | --force Force an archive import regardless if the checksum file does not match or missing.
@@ -748,3 +748,5 @@ fi
if [ -n "${TARGET}" ]; then if [ -n "${TARGET}" ]; then
jail_import jail_import
fi fi
echo

10
usr/local/share/bastille/jcp.sh
View File

@@ -35,6 +35,7 @@
usage() { usage() {
error_notify "Usage: bastille jcp [option(s)] SOURCE_JAIL JAIL_PATH DEST_JAIL JAIL_PATH" error_notify "Usage: bastille jcp [option(s)] SOURCE_JAIL JAIL_PATH DEST_JAIL JAIL_PATH"
cat << EOF cat << EOF
Options: Options:
-q | --quiet Suppress output. -q | --quiet Suppress output.
@@ -94,17 +95,16 @@ for _jail in ${DEST_TARGET}; do
continue continue
else else
info "[${_jail}]:" info "\n[${_jail}]:"
source_path="$(echo ${bastille_jailsdir}/${SOURCE_TARGET}/root/${SOURCE_PATH} | sed 's#//#/#g')" source_path="$(echo ${bastille_jailsdir}/${SOURCE_TARGET}/root/${SOURCE_PATH} | sed 's#//#/#g')"
dest_path="$(echo ${bastille_jailsdir}/${_jail}/root/${DEST_PATH} | sed 's#//#/#g')" dest_path="$(echo ${bastille_jailsdir}/${_jail}/root/${DEST_PATH} | sed 's#//#/#g')"
if ! cp "${OPTION}" "${source_path}" "${dest_path}"; then if ! cp "${OPTION}" "${source_path}" "${dest_path}"; then
error_continue_next_jail "JCP failed: ${source_path} -> ${dest_path}" error_continue "JCP failed: ${source_path} -> ${dest_path}"
fi fi
# Print blank line
echo
fi fi
done done
echo

1
usr/local/share/bastille/limits.sh
View File

@@ -37,6 +37,7 @@ usage() {
error_notify "Usage: bastille limits [option(s)] TARGET [add OPTION VALUE|remove OPTION|clear|reset|[list|show] (active)|stats]" error_notify "Usage: bastille limits [option(s)] TARGET [add OPTION VALUE|remove OPTION|clear|reset|[list|show] (active)|stats]"
echo -e "Example: bastille limits TARGET add memoryuse 1G" echo -e "Example: bastille limits TARGET add memoryuse 1G"
cat << EOF cat << EOF
Options: Options:
-a | --auto Auto mode. Start/stop jail(s) if required. -a | --auto Auto mode. Start/stop jail(s) if required.