From b16d21b018c88437dcd1307047934fe8b414a00d Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 9 Dec 2024 20:06:28 -0700 Subject: [PATCH 1/3] Fix error produced by pfctl when no rules are returned --- usr/local/share/bastille/rdr.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/usr/local/share/bastille/rdr.sh b/usr/local/share/bastille/rdr.sh index 6bd7fbcd..58f7795b 100644 --- a/usr/local/share/bastille/rdr.sh +++ b/usr/local/share/bastille/rdr.sh @@ -115,11 +115,11 @@ fi # function: load rdr rule via pfctl load_rdr_rule() { -( pfctl -a "rdr/${JAIL_NAME}" -Psn; +( pfctl -a "rdr/${JAIL_NAME}" -Psn 2>/dev/null; printf '%s\nrdr pass on $%s inet proto %s to port %s -> %s port %s\n' "$EXT_IF" "${bastille_network_pf_ext_if}" "$1" "$2" "$JAIL_IP" "$3" ) \ | pfctl -a "rdr/${JAIL_NAME}" -f- if [ -n "$JAIL_IP6" ]; then - ( pfctl -a "rdr/${JAIL_NAME}" -Psn; + ( pfctl -a "rdr/${JAIL_NAME}" -Psn 2>/dev/null; printf '%s\nrdr pass on $%s inet proto %s to port %s -> %s port %s\n' "$EXT_IF" "${bastille_network_pf_ext_if}" "$1" "$2" "$JAIL_IP6" "$3" ) \ | pfctl -a "rdr/${JAIL_NAME}" -f- fi @@ -130,11 +130,11 @@ load_rdr_log_rule() { proto=$1;host_port=$2;jail_port=$3; shift 3; log=$@ -( pfctl -a "rdr/${JAIL_NAME}" -Psn; +( pfctl -a "rdr/${JAIL_NAME}" -Psn 2>/dev/null; printf '%s\nrdr pass %s on $%s inet proto %s to port %s -> %s port %s\n' "$EXT_IF" "$log" "${bastille_network_pf_ext_if}" "$proto" "$host_port" "$JAIL_IP" "$jail_port" ) \ | pfctl -a "rdr/${JAIL_NAME}" -f- if [ -n "$JAIL_IP6" ]; then - ( pfctl -a "rdr/${JAIL_NAME}" -Psn; + ( pfctl -a "rdr/${JAIL_NAME}" -Psn 2>/dev/null; printf '%s\nrdr pass %s on $%s inet proto %s to port %s -> %s port %s\n' "$EXT_IF" "$log" "${bastille_network_pf_ext_if}" "$proto" "$host_port" "$JAIL_IP6" "$jail_port" ) \ | pfctl -a "rdr/${JAIL_NAME}" -f- fi From f91f24695b77e8c0366ce139f41fd39958ba9f20 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 16 Dec 2024 07:02:09 -0700 Subject: [PATCH 2/3] fix for new shell check --- usr/local/share/bastille/list.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/bastille/list.sh b/usr/local/share/bastille/list.sh index 25190642..dee2b391 100644 --- a/usr/local/share/bastille/list.sh +++ b/usr/local/share/bastille/list.sh @@ -167,7 +167,7 @@ list_release(){ REL_LIST="$(ls "${bastille_releasesdir}" | sed "s/\n//g")" for _REL in ${REL_LIST}; do if [ -f "${bastille_releasesdir}/${_REL}/root/.profile" ] || [ -d "${bastille_releasesdir}/${_REL}/debootstrap" ]; then - if [ "${2}" = "-p" ] && [ -f "${bastille_releasesdir}/${_REL}/bin/freebsd-version" ]; then + if [ "${1}" = "-p" ] && [ -f "${bastille_releasesdir}/${_REL}/bin/freebsd-version" ]; then REL_PATCH_LEVEL=$(sed -n "s/^USERLAND_VERSION=\"\(.*\)\"$/\1/p" "${bastille_releasesdir}/${_REL}/bin/freebsd-version" 2> /dev/null) REL_PATCH_LEVEL=${REL_PATCH_LEVEL:-${_REL}} echo "${REL_PATCH_LEVEL}" @@ -214,7 +214,7 @@ if [ $# -gt 0 ]; then list_all ;; release|releases) - list_release + list_release "${2}" ;; template|templates) list_template From bc54c30ef110a7c77170a05e1d283c32756284b0 Mon Sep 17 00:00:00 2001 From: foudil Date: Thu, 7 Nov 2024 22:41:10 +0100 Subject: [PATCH 3/3] Document destroy force release as also destroying the cache --- docs/chapters/subcommands/destroy.rst | 8 ++++++++ docs/chapters/upgrading.rst | 4 +++- 2 files changed, 11 insertions(+), 1 deletion(-) diff --git a/docs/chapters/subcommands/destroy.rst b/docs/chapters/subcommands/destroy.rst index d8fcb8f4..f800e386 100644 --- a/docs/chapters/subcommands/destroy.rst +++ b/docs/chapters/subcommands/destroy.rst @@ -17,3 +17,11 @@ created. Note: containers must be stopped before destroyed. Deleting Container: folsom. Note: containers console logs not destroyed. /usr/local/bastille/logs/folsom_console.log + +Release can be destroyed provided there are no child jails. The `force` option +deletes the release cache directory as well: + +.. code-block:: shell + + ishmael ~ # bastille destroy force 14.0-RELEASE + Deleting base: 14.0-RELEASE diff --git a/docs/chapters/upgrading.rst b/docs/chapters/upgrading.rst index 719f6103..b059fa0d 100644 --- a/docs/chapters/upgrading.rst +++ b/docs/chapters/upgrading.rst @@ -38,4 +38,6 @@ After upgrading all jails from one release to the next you may find that you now `bastille list releases` to list all bootstrapped releases. -`bastille destroy X.Y-RELEASE` to fully delete the release. +`bastille destroy X.Y-RELEASE` to fully delete the release. + +`bastille destroy force X.Y-RELEASE` to delete the cache directory as well.