Mirrors/hackacad
2
0
Fork 0
mirror of https://github.com/hackacad/bastille.git synced 2026-01-03 03:08:25 +01:00
Code Issues Packages Projects Releases Wiki Activity
893 Commits 17 Branches 20 Tags
c00d8a4e0510eaf482e5e646b28b3e8fdc631722
Commit Graph

564 Commits

Author SHA1 Message Date
Christer Edwards
c00d8a4e05 Merge pull request #561 from Vertalo/ip-in-use 
Fix bug in ip-in-use test
 2022-12-13 20:54:58 -07:00
Christer Edwards
bfce059225 Merge pull request #560 from chriswells0/pf-config 
Make pf table name and external interface configurable.
 2022-12-13 20:54:33 -07:00
William Erik Baxter
ec18847f3e Fix bug in ip-in-use test 
Need grep -wF instead of grep -w for IP test to avoid spurious match
against broadcast address in ifconfig output.
 2022-12-04 05:47:15 -06:00
Chris Wells
dd7f195c1e Make pf table name and external interface configurable. 
Closes #508
 2022-11-26 23:24:33 -05:00
Chris Wells
bdae170529 Use "bastille config" to get ipv4.addr. 
Fixes issue with jails not being added to pf table.
 2022-11-23 22:41:45 -05:00
Christer Edwards
778ef6e581 fixing regression in create.sh for Linux containers 2022-11-02 21:17:05 -06:00
Christer Edwards
6a7ab04d9b fixes #389 regarding shutdown order 2022-11-01 17:23:00 -06:00
Christer Edwards
3702066864 Merge pull request #536 from cqexbesd/minor 
Minor Changes
 2022-10-27 11:32:27 -06:00
Christer Edwards
e5c71c794a Merge pull request #553 from frikilax/pkg_report_errors 
PKG::ADDED:: return error code and print error message when 'bastille pkg' fails
 2022-10-27 11:25:54 -06:00
Christer Edwards
e04aee2617 Merge pull request #549 from JartX/advanced_mount_types 
Advanced Mount Types Support
 2022-10-27 11:10:38 -06:00
Théo Bertin
37e607c055 PKG::ADDED:: return error code and print error message when 'bastille pkg' fails 
This allows better integration of 'bastille pkg' in scripts, and permits to catch errors during 'bastille template' commands
 2022-10-14 16:10:52 +00:00
Evilham
f6f179b6c3 Updates for latest commits 2022-10-13 10:49:26 +02:00
Evilham
fdfbb8287f Improve dualstack and IPv6 support on jail creation 
This is still WIP / PoC and would require documentation changes, opening PR to
gather feedback as this is a first-time contribution.

Important changes:
- instead of relying on 0.0.0.0 to signal DHCP, we now support passing "DHCP" in
the IP parameter.
- we also support "SLAAC" as a value for the IP parameter, which enables
accepting route advertisement
- fixed an oddity in the way the gateway was being handled for IPv6 (in certain
cases it was being passed as the GATEWAY template parameter
- allow passing multiple values to the IP parameter, this would work as a quoted
parameter
- that means that, e.g. bastille create -V test 13.0-RELEASE "SLAAC DHCP" wan is
possible and creates a dual-stack jail
- passing both DHCP, SLAAC and fixed IPs is also possible, but only one IP per
protocol number is supported; last one wins
 2022-10-13 10:49:26 +02:00
Sagformas
d451573889 Advanced Mount Types Support 2022-10-04 11:05:05 +02:00
Andrew Stevenson
797f406a31 Convert tab to spaces 
Spaces seem to be the convention for these files, for better or worse, so make
things consistent.
 2022-07-24 22:16:38 +00:00
Andrew Stevenson
a352fd6507 Expand comment 
(this should have gone in a previous commit)
 2022-07-24 22:16:04 +00:00
Andrew Stevenson
a0b7bc54e0 Enable colour only when writing to a tty 
The escape codes can confuse other scripts and things in pipes
 2022-07-23 09:29:42 +00:00
Christer Edwards
260149c2a9 Merge pull request #530 from JRGTH/clone_cmd_fixes 
Update the exec.* with uniq_epair when cloning jails
 2022-07-18 10:31:59 -06:00
Christer Edwards
e35c59330d bugfix for cmd when using ALL target 2022-07-17 18:43:13 -06:00
JRGTH
74b6eb76e7 Update the exec.* with uniq_epair when cloning jails 
This update will fix the startup error after cloning a jail, this was because the exec.prestart/poststop not being properly updated.
 2022-07-14 21:41:52 -04:00
Christer Edwards
f5b47d8f9e prepare for fete nationale 2022 2022-07-13 21:30:04 -06:00
Christer Edwards
6de6e7bc6f Merge pull request #519 from JRGTH/bootstrap_fixes 
Avoid cache/RELEASE dirs creation on Linux jails
 2022-07-10 20:23:44 -06:00
JRGTH
b69eedc066 Allow 'bastille cmd' on Linux jails 
Allow executing commands on Linux jails with `bastille cmd`.
 2022-05-16 09:34:37 -04:00
JRGTH
62d038049d Avoid cache/RELEASE dirs creation on Linux jails 
Don't create unused/stale cache/RELEASE directory/datasets on Linux jails creation.
 2022-05-15 04:15:39 -04:00
Christer Edwards
dbb720fef4 Merge pull request #500 from eborisch/graceful_network_stop 
Permit outgoing network connections during stop action
 2022-05-04 14:49:26 -06:00
Christer Edwards
d0903347a6 Merge pull request #502 from nmurali94/master 
Extend RDR to support logging
 2022-05-04 14:47:30 -06:00
Christer Edwards
b9d38a5d01 Merge pull request #505 from ctuffli/patch-1 
Allow Linux jails to see their mount points
 2022-05-04 14:46:38 -06:00
Christer Edwards
f14eddc958 Merge pull request #507 from ellislm/fix_vnet_epair 
fix non-unique epair creation when using vnet
 2022-05-04 14:45:33 -06:00
Christer Edwards
e64c81d18a Merge pull request #515 from ddowse/template-ip6 
Add variable JAIL_IP6 to access ip6.addr in templates
 2022-05-04 14:44:00 -06:00
Daniel Dowse - Freelancer
4302445eb5 Add variable JAIL_IP6 to access ip6.addr in templates 2022-04-08 15:26:53 +02:00
Logan Ellis
dbd4b5edc5 fix non-unique epair creation when using vnet 2022-03-10 00:08:38 -08:00
Chuck Tuffli
abc8a6b280 Allow Linux jails to see their mount points 
Some Linux packages (shakes fist angrily at Java) look to see if `/proc` is mounted as a part of the installation by running
   `mountpoint /proc`
While the Linux jail can see the contents of its `/proc` directory, the linprocfs driver will not generate the correct contents for `/proc/mounts` or `/proc/self/mountinfo` as `kern_getfsstat()` will, by default, filter all mount points other than the jail's chroot directory.

Fix is to set `enforce_statfs` to allow mount points below the jail's chroot directory to be visible.
 2022-03-04 08:16:33 -08:00
Niketh Murali
6e5a566d7f Extend RDR to support logging 
PF allows us to log rdr rules. The syntax to enable this is found in
pf.conf under the syntax grammar section for rdr-rule.

This commit extends Bastille's command line interface to allow users
to choose to log their rdr rules using the pf.conf syntax -

``````````````````````````````````````````````````````
tcp|udp host_port jail_port [log ['(' logopts ')'] ]
``````````````````````````````````````````````````````
Here, the syntax after jail_port is optional. This is sufficient to
provide backwards compatibility. The keyword 'log' enables logging with
the default options. The user can also provide custom options -
logopts - whose the syntax and allowed keywords are defined in pf.conf.
It's left to the user to supply correct logopts as the code does not
verify those values or their syntax.
 2022-03-01 21:54:34 -05:00
Eric A. Borisch
24eb03c2e6 Permit outgoing connections during stop action 2022-02-24 09:42:40 -06:00
Christer Edwards
aafc2b3323 0.9.20220216 release 2022-02-16 23:28:09 -07:00
Christer Edwards
efed673e76 Merge pull request #490 from noracenofun/new-option--p-for-list-release 
added the new option -p for list release
 2022-02-16 23:05:03 -07:00
Christer Edwards
6aa6e40db1 Merge pull request #485 from JRGTH/clonejail_support 
Initial support for clone jails
 2022-02-16 23:02:41 -07:00
Christer Edwards
4726c48813 Merge pull request #491 from JRGTH/rename_fixes 
Consistency improvements
 2022-02-16 22:59:31 -07:00
Theo BERTIN
6ca0369072 CLONE.SH::ADDED:: Complete FSTAB_RELEASE grep from fstab to get all release names 
some release names (such as 14.0-CURRENT) were not correctly extracted from the fstab during fstab modification
 2022-02-11 10:16:59 +01:00
Theo BERTIN
66d830a55f CLONE.SH::ADDED:: update fstab paths with new jail path 2022-02-11 09:41:02 +01:00
JRGTH
9052271232 Consistency improvements 2022-01-17 20:47:48 -04:00
noracenofun
4be7795f0a added the new option -p for list release 
This new option lists the patch level of FreeBSD releases.
 2022-01-18 01:05:29 +01:00
Christer Edwards
ab43a7569f Merge pull request #488 from JRGTH/rename_fixes 
Update Linuxjail name entries upon jail renaming
 2022-01-17 16:21:37 -07:00
Christer Edwards
d7d0d864c3 Merge pull request #489 from noracenofun/bootstrap-aarch64/arm64-Debian/Ubuntu 
bootstrap aarch64/arm64 Debian/Ubuntu support
 2022-01-17 16:20:38 -07:00
noracenofun
dc9b5fb9bd bootstrap aarch64/arm64 Debian/Ubuntu 
added support to bootstrap aarch64/arm64 Debian or Ubuntu for ARM64 hosts
 2022-01-16 19:51:58 +01:00
JRGTH
a62f36333d Update Linuxjail name entries upon jail renaming 2022-01-16 14:00:23 -04:00
noracenofun
29e72cd34d various optimization and added linux release 
various optimization as well as determine and display of linux release added
 2022-01-16 16:06:20 +01:00
JRGTH
03b9817f5a Initial support for clone jails 2022-01-15 11:32:28 -04:00
Christer Edwards
38bb7faabf Merge pull request #483 from robarnold/import_vnet 
Import basic vnet settings from iocage
 2022-01-14 20:22:04 -07:00
Christer Edwards
cc8e9f24a1 Merge pull request #482 from JRGTH/update_fixes 
Fix to allow 32-Bit base releases to be updated
 2022-01-14 20:18:16 -07:00