Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2026-01-04 03:33:41 +01:00
Code Issues Packages Projects Releases Wiki Activity

Support jailing datasets

Browse Source
This commit is contained in:
tschettervictor
2025-05-09 10:33:19 -06:00
parent 9e1a1f65d1
commit c222d602aa
2 changed files with 19 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
usr/local/share/bastille/start.sh
View File

@@ -186,6 +186,16 @@ for _jail in ${JAILS}; do
# Start jail
jail ${OPTION} -f "${bastille_jailsdir}/${_jail}/jail.conf" -c "${_jail}"
# Add ZFS jailed datasets
if [ -s "${bastille_jailsdir}/${_jail}/zfs.conf" ]; then
while read _dataset _mount; do
zfs set jailed=on "${_dataset}"
zfs jail ${_jail} "${_dataset}"
jexec -l -U root "${_jail}" zfs set mountpoint="${_mount}" "${_dataset}"
jexec -l -U root "${_jail}" zfs mount "${_dataset}" 2>/dev/null
done < "${bastille_jailsdir}/${_jail}/zfs.conf"
fi
# Add rctl limits
if [ -s "${bastille_jailsdir}/${_jail}/rctl.conf" ]; then
while read _limits; do
@@ -215,4 +225,4 @@ for _jail in ${JAILS}; do
bastille_running_jobs "${bastille_process_limit}"
done
wait
wait