mirror of
https://github.com/hackacad/bastille.git
synced 2025-12-19 16:51:00 +01:00
Merge branch 'BastilleBSD:master' into rdr-multiple-interfaces
This commit is contained in:
tschettervictor
GitHub
2
LICENSE
2
LICENSE
@@ -1,6 +1,6 @@
|
||||
BSD 3-Clause License
|
||||
|
||||
Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
All rights reserved.
|
||||
|
||||
Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -4,7 +4,7 @@ Bastille is available in the official FreeBSD ports tree at
|
||||
`sysutils/bastille`. Binary packages available in `quarterly` and `latest`
|
||||
repositories.
|
||||
|
||||
Current version is `0.12.20241124`.
|
||||
Current version is `0.12.20250111`.
|
||||
|
||||
To install from the FreeBSD package repository:
|
||||
|
||||
|
||||
@@ -4,6 +4,21 @@ mount
|
||||
|
||||
To mount storage within the container use `bastille mount`.
|
||||
|
||||
Syntax follows standard `/etc/fstab` format:
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
Usage: bastille mount TARGET HOST_PATH JAIL_PATH [filesystem_type options dump pass_number]
|
||||
|
||||
The 'options' string can include a comma-separated list of mount options, but must start with 'ro' or 'rw'.
|
||||
|
||||
Example: Mount a tmpfs filesystem with options.
|
||||
.. code-block:: shell
|
||||
ishmael ~ # bastille mount azkaban tmpfs tmp tmpfs rw,nosuid,mode=01777 0 0
|
||||
Detected advanced mount type tmpfs
|
||||
[azkaban]:
|
||||
Added: tmpfs /usr/local/bastille/jails/azkaban/root/tmp tmpfs rw,nosuid,mode=01777 0 0
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
ishmael ~ # bastille mount azkaban /storage/foo media/foo nullfs ro 0 0
|
||||
@@ -17,7 +32,7 @@ Notice the JAIL_PATH format can be /media/foo or simply media/bar. The leading s
|
||||
|
||||
It is also possible to mount individual files into a jail as seen below.
|
||||
Bastille will not mount if a file is already present at the specified mount point.
|
||||
If you do not specify a file name, bastille will mount the file underneath the specified directory as seen in the second example below.
|
||||
If the jail file name does not match the host file name, bastille will treat the jail path as a directory, and mount the file underneath as seen in the second example below.
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
@@ -37,9 +52,3 @@ It is possible to do the same for the jail path, but again, not recommemded.
|
||||
ishmael ~ # bastille mount azkaban "/storage/my\ directory\ with\ spaces" /media/foo nullfs ro 0 0
|
||||
[azkaban]:
|
||||
Added: /storage/my\040directory\040with\040spaces /usr/local/bastille/jails/azkaban/root/media/foo nullfs ro 0 0
|
||||
|
||||
Syntax follows standard `/etc/fstab` format:
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
Usage: bastille mount TARGET HOST_PATH JAIL_PATH [filesystem_type options dump pass_number]
|
||||
|
||||
@@ -19,7 +19,7 @@ Syntax requires only the jail path to unmount.
|
||||
|
||||
Usage: bastille umount TARGET JAIL_PATH
|
||||
|
||||
If the directory you are unmounting has spaces, make sure to escape them with a backslash \, and enclode the mount point in quotes "".
|
||||
If the directory you are unmounting has spaces, make sure to escape them with a backslash \, and enclose the mount point in quotes "".
|
||||
|
||||
.. code-block:: shell
|
||||
|
||||
|
||||
@@ -8,13 +8,13 @@ else:
|
||||
# -- Project information -----------------------------------------------------
|
||||
|
||||
project = 'Bastille'
|
||||
copyright = '2018-2024, Christer Edwards'
|
||||
copyright = '2018-2025, Christer Edwards'
|
||||
author = 'Christer Edwards'
|
||||
|
||||
# The short X.Y version
|
||||
version = '0.12.20241124'
|
||||
version = '0.12.20250111'
|
||||
# The full version, including alpha/beta/rc tags
|
||||
release = '0.12.20241124-beta'
|
||||
release = '0.12.20250111-beta'
|
||||
|
||||
|
||||
# -- General configuration ---------------------------------------------------
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
@@ -30,20 +32,23 @@
|
||||
|
||||
PATH=${PATH}:/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
|
||||
|
||||
. /usr/local/share/bastille/common.sh
|
||||
|
||||
## check for config existence
|
||||
bastille_conf_check() {
|
||||
if [ ! -r "/usr/local/etc/bastille/bastille.conf" ]; then
|
||||
warn "Configuration file not found. Do yu want to create it with default values? [y/N]"
|
||||
echo "[INFO] Configuration file not found. Do you want to create it with default values? [y/N]"
|
||||
read answer
|
||||
case "${answer}" in
|
||||
[Nn][Oo]|[Nn]|"")
|
||||
error_exit "No configuration file has been generated. Exiting."
|
||||
echo "[INFO] No configuration file has been generated. Exiting."
|
||||
exit
|
||||
;;
|
||||
[Yy][Ee][Ss]|[Yy])
|
||||
cp /usr/local/etc/bastille/bastille.conf.sample /usr/local/etc/bastille/bastille.conf
|
||||
info "Configuration file has been generated. Continuing with default values"
|
||||
echo "[INFO] Configuration file has been generated. Continuing with default values"
|
||||
;;
|
||||
*)
|
||||
echo "[ERROR] Invalid option. Please answer with 'y' or 'N'."
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
fi
|
||||
@@ -51,7 +56,8 @@ bastille_conf_check() {
|
||||
|
||||
bastille_conf_check
|
||||
|
||||
## we only load the config if conf_check passes
|
||||
## we only load this if conf_check passes
|
||||
. /usr/local/share/bastille/common.sh
|
||||
. /usr/local/etc/bastille/bastille.conf
|
||||
# Set default values for config properties added during the current major version:
|
||||
: "${bastille_network_pf_ext_if:=ext_if}"
|
||||
@@ -72,7 +78,7 @@ bastille_perms_check() {
|
||||
bastille_perms_check
|
||||
|
||||
## version
|
||||
BASTILLE_VERSION="0.12.20241124"
|
||||
BASTILLE_VERSION="0.12.20250111"
|
||||
|
||||
usage() {
|
||||
cat << EOF
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,5 +1,7 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2014-2015 Bryan Drewery <bdrewery@FreeBSD.org>
|
||||
# All rights reserved.
|
||||
#
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
@@ -136,7 +138,7 @@ for _jail in ${JAILS}; do
|
||||
awk -F= -v line="${LINE}" -v property="${PROPERTY}" '
|
||||
BEGIN {
|
||||
# build RE as string as we can not expand vars in RE literals
|
||||
prop_re = "^[[:space:]]*" property "[[:space:]]*$";
|
||||
prop_re = "^[[:space:]]*" property "[[:space:]]*;?$";
|
||||
}
|
||||
$1 ~ prop_re && !found {
|
||||
# we already have an entry in the config for this property so
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
# Ressource limits added by Sven R github.com/hackacad
|
||||
#
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
@@ -56,32 +58,33 @@ list_all(){
|
||||
if [ -d "${bastille_jailsdir}" ]; then
|
||||
DEFAULT_VALUE="-"
|
||||
SPACER=2
|
||||
MAX_LENGTH_JAIL_NAME=$(find ""${bastille_jailsdir}/*/jail.conf"" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h -m 1 -e "^.* {$" | awk '{ print length($1) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_NAME=$(find ${bastille_jailsdir}/*/jail.conf -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h -m 1 -e "^.* {$" | awk '{ print length($1) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_NAME=${MAX_LENGTH_JAIL_NAME:-3}
|
||||
if [ "${MAX_LENGTH_JAIL_NAME}" -lt 3 ]; then MAX_LENGTH_JAIL_NAME=3; fi
|
||||
MAX_LENGTH_JAIL_IP=$(find ""${bastille_jailsdir}/*/jail.conf"" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 sed -n "s/^[ ]*ip[4,6].addr[ ]*=[ ]*\(.*\);$/\1 /p" | sed 's/\// /g' | awk '{ print length($1) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JID=${MAX_LENGTH_JID:-3}
|
||||
MAX_LENGTH_JAIL_IP=$(find ${bastille_jailsdir}/*/jail.conf -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 sed -n "s/^[ ]*ip[4,6].addr[ ]*=[ ]*\(.*\);$/\1 /p" | sed 's/\// /g' | awk '{ print length($1) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_IP=${MAX_LENGTH_JAIL_IP:-10}
|
||||
MAX_LENGTH_JAIL_VNET_IP=$(find "${bastille_jailsdir}/*/jail.conf" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -l "vnet;" | grep -h "ifconfig_vnet0=" "$(sed -n "s/\(.*\)jail.conf$/\1root\/etc\/rc.conf/p")" | sed -n "s/^ifconfig_vnet0=\"\(.*\)\"$/\1/p"| sed "s/\// /g" | awk '{ if ($1 ~ /^[inet|inet6]/) print length($2); else print 15 }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_VNET_IP=$(find ${bastille_jailsdir}/*/jail.conf -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -l "vnet;" | grep -h "ifconfig_vnet0=" "$(sed -n "s/\(.*\)jail.conf$/\1root\/etc\/rc.conf/p")" | sed -n "s/^ifconfig_vnet0=\"\(.*\)\"$/\1/p"| sed "s/\// /g" | awk '{ if ($1 ~ /^[inet|inet6]/) print length($2); else print 15 }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_VNET_IP=${MAX_LENGTH_JAIL_VNET_IP:-10}
|
||||
if [ "${MAX_LENGTH_JAIL_VNET_IP}" -gt "${MAX_LENGTH_JAIL_IP}" ]; then MAX_LENGTH_JAIL_IP=${MAX_LENGTH_JAIL_VNET_IP}; fi
|
||||
if [ "${MAX_LENGTH_JAIL_IP}" -lt 10 ]; then MAX_LENGTH_JAIL_IP=10; fi
|
||||
MAX_LENGTH_JAIL_HOSTNAME=$(find ""${bastille_jailsdir}/*/jail.conf"" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h -m 1 -e "^[ ]*host.hostname[ ]*=[ ]*\(.*\);" | awk '{ print length(substr($3, 1, length($3)-1)) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_HOSTNAME=$(find ${bastille_jailsdir}/*/jail.conf -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h -m 1 -e "^[ ]*host.hostname[ ]*=[ ]*\(.*\);" | awk '{ print length(substr($3, 1, length($3)-1)) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_HOSTNAME=${MAX_LENGTH_JAIL_HOSTNAME:-8}
|
||||
if [ "${MAX_LENGTH_JAIL_HOSTNAME}" -lt 8 ]; then MAX_LENGTH_JAIL_HOSTNAME=8; fi
|
||||
MAX_LENGTH_JAIL_PORTS=$(find ""${bastille_jailsdir}/*/rdr.conf"" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 -n1 awk '{ lines++; chars += length($0)} END { chars += lines - 1; print chars }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_PORTS=$(find ${bastille_jailsdir}/*/rdr.conf -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 -n1 awk '{ lines++; chars += length($0)} END { chars += lines - 1; print chars }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_PORTS=${MAX_LENGTH_JAIL_PORTS:-15}
|
||||
if [ "${MAX_LENGTH_JAIL_PORTS}" -lt 15 ]; then MAX_LENGTH_JAIL_PORTS=15; fi
|
||||
if [ "${MAX_LENGTH_JAIL_PORTS}" -gt 30 ]; then MAX_LENGTH_JAIL_PORTS=30; fi
|
||||
MAX_LENGTH_JAIL_RELEASE=$(find "${bastille_jailsdir}/*/fstab" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h "/releases/.*/root/.bastille.*nullfs" | grep -hE "^USERLAND_VERSION=" "$(sed -n "s/^\(.*\) \/.*$/\1\/bin\/freebsd-version/p" | awk '!_[$0]++')" | sed "s/[\"\'\^]//g;s/ .*$//g" | sed -n "s/^USERLAND_VERSION=\(.*\)$/\1/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_RELEASE=$(find ${bastille_jailsdir}/*/fstab -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h "/releases/.*/root/.bastille.*nullfs" | grep -hE "^USERLAND_VERSION=" "$(sed -n "s/^\(.*\) \/.*$/\1\/bin\/freebsd-version/p" | awk '!_[$0]++')" | sed "s/[\"\'\^]//g;s/ .*$//g" | sed -n "s/^USERLAND_VERSION=\(.*\)$/\1/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_JAIL_RELEASE=${MAX_LENGTH_JAIL_RELEASE:-7}
|
||||
MAX_LENGTH_THICK_JAIL_RELEASE=$(find "${bastille_jailsdir}/*/root/bin/freebsd-version" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -hE "^USERLAND_VERSION=" | sed "s/[\"\'\^]//g;s/ .*$//g" | sed -n "s/^USERLAND_VERSION=\(.*\)$/\1/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_THICK_JAIL_RELEASE=$(find ${bastille_jailsdir}/*/root/bin/freebsd-version -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -hE "^USERLAND_VERSION=" | sed "s/[\"\'\^]//g;s/ .*$//g" | sed -n "s/^USERLAND_VERSION=\(.*\)$/\1/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_THICK_JAIL_RELEASE=${MAX_LENGTH_THICK_JAIL_RELEASE:-7}
|
||||
MAX_LENGTH_LINUX_JAIL_RELEASE=$(find "${bastille_jailsdir}/*/fstab" -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h "/jails/.*/root/proc.*linprocfs" | grep -hE "^NAME=|^VERSION_ID=|^VERSION_CODENAME=" "$(sed -n "s/^linprocfs *\(.*\)\/.*$/\1\/etc\/os-release/p")" 2> /dev/null | sed "s/\"//g" | sed "s/ GNU\/Linux//g" | sed "N;N;s/\n/;/g" | sed -n "s/^NAME=\(.*\);VERSION_ID=\(.*\);VERSION_CODENAME=\(.*\)$/\1 \2 (\3)/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_LINUX_JAIL_RELEASE=$(find ${bastille_jailsdir}/*/fstab -maxdepth 1 -type f -print0 2> /dev/null | xargs -r0 -P0 grep -h "/jails/.*/root/proc.*linprocfs" | grep -hE "^NAME=|^VERSION_ID=|^VERSION_CODENAME=" "$(sed -n "s/^linprocfs *\(.*\)\/.*$/\1\/etc\/os-release/p")" 2> /dev/null | sed "s/\"//g" | sed "s/ GNU\/Linux//g" | sed "N;N;s/\n/;/g" | sed -n "s/^NAME=\(.*\);VERSION_ID=\(.*\);VERSION_CODENAME=\(.*\)$/\1 \2 (\3)/p" | awk '{ print length($0) }' | sort -nr | head -n 1)
|
||||
MAX_LENGTH_LINUX_JAIL_RELEASE=${MAX_LENGTH_LINUX_JAIL_RELEASE:-7}
|
||||
if [ "${MAX_LENGTH_THICK_JAIL_RELEASE}" -gt "${MAX_LENGTH_JAIL_RELEASE}" ]; then MAX_LENGTH_JAIL_RELEASE=${MAX_LENGTH_THICK_JAIL_RELEASE}; fi
|
||||
if [ "${MAX_LENGTH_LINUX_JAIL_RELEASE}" -gt "${MAX_LENGTH_JAIL_RELEASE}" ]; then MAX_LENGTH_JAIL_RELEASE=${MAX_LENGTH_LINUX_JAIL_RELEASE}; fi
|
||||
if [ "${MAX_LENGTH_JAIL_RELEASE}" -lt 7 ]; then MAX_LENGTH_JAIL_RELEASE=7; fi
|
||||
printf " JID%*sState%*sIP Address%*sPublished Ports%*sHostname%*sRelease%*sPath\n" "$((${MAX_LENGTH_JAIL_NAME} + ${SPACER} - 3))" "" "$((${SPACER}))" "" "$((${MAX_LENGTH_JAIL_IP} + ${SPACER} - 10))" "" "$((${MAX_LENGTH_JAIL_PORTS} + ${SPACER} - 15))" "" "$((${MAX_LENGTH_JAIL_HOSTNAME} + ${SPACER} - 8))" "" "$((${MAX_LENGTH_JAIL_RELEASE} + ${SPACER} - 7))" ""
|
||||
printf " JID%*sState%*sIP Address%*sPublished Ports%*sHostname%*sRelease%*sPath\n" "$((${MAX_LENGTH_JID} + ${SPACER} - 3))" "" "$((${SPACER}))" "" "$((${MAX_LENGTH_JAIL_IP} + ${SPACER} - 10))" "" "$((${MAX_LENGTH_JAIL_PORTS} + ${SPACER} - 15))" "" "$((${MAX_LENGTH_JAIL_HOSTNAME} + ${SPACER} - 8))" "" "$((${MAX_LENGTH_JAIL_RELEASE} + ${SPACER} - 7))" ""
|
||||
if [ -n "${TARGET}" ]; then
|
||||
# Query all info for a specific jail.
|
||||
JAIL_LIST="${TARGET}"
|
||||
@@ -92,6 +95,7 @@ list_all(){
|
||||
for _JAIL in ${JAIL_LIST}; do
|
||||
if [ -f "${bastille_jailsdir}/${_JAIL}/jail.conf" ]; then
|
||||
JAIL_NAME=$(grep -h -m 1 -e "^.* {$" "${bastille_jailsdir}/${_JAIL}/jail.conf" 2> /dev/null | awk '{ print $1 }')
|
||||
JID="$(jls -j ${_JAIL} jid 2>/dev/null)"
|
||||
IS_FREEBSD_JAIL=0
|
||||
if [ -f "${bastille_jailsdir}/${JAIL_NAME}/root/bin/freebsd-version" ] || [ -f "${bastille_jailsdir}/${JAIL_NAME}/root/.bastille/bin/freebsd-version" ] || [ "$(grep -c "/releases/.*/root/.bastille.*nullfs" "${bastille_jailsdir}/${JAIL_NAME}/fstab" 2> /dev/null)" -gt 0 ]; then IS_FREEBSD_JAIL=1; fi
|
||||
IS_FREEBSD_JAIL=${IS_FREEBSD_JAIL:-0}
|
||||
@@ -144,6 +148,7 @@ list_all(){
|
||||
|
||||
if [ "${#JAIL_PORTS}" -gt "${MAX_LENGTH_JAIL_PORTS}" ]; then JAIL_PORTS="$(echo ${JAIL_PORTS} | cut -c-$((${MAX_LENGTH_JAIL_PORTS} - 3)))..."; fi
|
||||
JAIL_NAME=${JAIL_NAME:-${DEFAULT_VALUE}}
|
||||
JID=${JID:-${DEFAULT_VALUE}}
|
||||
JAIL_STATE=${JAIL_STATE:-${DEFAULT_VALUE}}
|
||||
JAIL_IP=${JAIL_IP:-${DEFAULT_VALUE}}
|
||||
JAIL_PORTS=${JAIL_PORTS:-${DEFAULT_VALUE}}
|
||||
@@ -164,7 +169,7 @@ list_all(){
|
||||
printf "%*s %*s${IP}\n" "$((${MAX_LENGTH_JAIL_NAME} + ${SPACER}))" "" "$((5 + ${SPACER}))" ""
|
||||
done
|
||||
else
|
||||
printf " ${JAIL_NAME}%*s${JAIL_STATE}%*s${JAIL_IP}%*s${JAIL_PORTS}%*s${JAIL_HOSTNAME}%*s${JAIL_RELEASE}%*s${JAIL_PATH}\n" "$((${MAX_LENGTH_JAIL_NAME} - ${#JAIL_NAME} + ${SPACER}))" "" "$((5 - ${#JAIL_STATE} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_IP} - ${#JAIL_IP} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_PORTS} - ${#JAIL_PORTS} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_HOSTNAME} - ${#JAIL_HOSTNAME} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_RELEASE} - ${#JAIL_RELEASE} + ${SPACER}))" ""
|
||||
printf " ${JID}%*s${JAIL_STATE}%*s${JAIL_IP}%*s${JAIL_PORTS}%*s${JAIL_HOSTNAME}%*s${JAIL_RELEASE}%*s${JAIL_PATH}\n" "$((${MAX_LENGTH_JID} - ${#JID} + ${SPACER}))" "" "$((5 - ${#JAIL_STATE} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_IP} - ${#JAIL_IP} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_PORTS} - ${#JAIL_PORTS} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_HOSTNAME} - ${#JAIL_HOSTNAME} + ${SPACER}))" "" "$((${MAX_LENGTH_JAIL_RELEASE} - ${#JAIL_RELEASE} + ${SPACER}))" ""
|
||||
fi
|
||||
fi
|
||||
done
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
@@ -42,7 +44,7 @@ case "${1}" in
|
||||
;;
|
||||
esac
|
||||
|
||||
if [ "$#" -lt 3 ] || [ "$#" -gt 6 ]; then
|
||||
if [ "$#" -lt 3 ] || [ "$#" -gt 7 ]; then
|
||||
usage
|
||||
fi
|
||||
|
||||
@@ -89,8 +91,8 @@ elif [ ! -e "${_hostpath}" ] || [ "${_type}" != "nullfs" ]; then
|
||||
usage
|
||||
fi
|
||||
|
||||
# Mount permissions need to be "ro" or "rw"
|
||||
if [ "${_perms}" != "ro" ] && [ "${_perms}" != "rw" ]; then
|
||||
# Mount permissions,options need to start with "ro" or "rw"
|
||||
if ! echo "${_perms}" | grep -Eq 'r[w|o],.*$'; then
|
||||
error_notify "Detected invalid mount permissions in FSTAB."
|
||||
warn "Format: /host/path /jail/path nullfs ro 0 0"
|
||||
warn "Read: ${_fstab}"
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
# Ressource limits added by Lars Engels github.com/bsdlme
|
||||
#
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
@@ -1,6 +1,8 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Copyright (c) 2018-2024, Christer Edwards <christer.edwards@gmail.com>
|
||||
# SPDX-License-Identifier: BSD-3-Clause
|
||||
#
|
||||
# Copyright (c) 2018-2025, Christer Edwards <christer.edwards@gmail.com>
|
||||
# All rights reserved.
|
||||
#
|
||||
# Redistribution and use in source and binary forms, with or without
|
||||
|
||||
Reference in New Issue
Block a user