mirror of
https://github.com/hackacad/bastille.git
synced 2025-12-22 18:21:53 +01:00
77afbd189f
In general and knowing what role will play bastille in the system, has more sense to require networking than login. This can also helps speeding up boot time if for instance some jails in bastille provide some kind of networking role like acting as a DNS server.
62 lines
1.2 KiB
Bash
Executable File
62 lines
1.2 KiB
Bash
Executable File
#!/bin/sh
|
|
|
|
# Bastille jail startup script
|
|
#
|
|
# PROVIDE: bastille
|
|
# REQUIRE: NETWORKING
|
|
# KEYWORD: shutdown
|
|
|
|
# Add the following to /etc/rc.conf[.local] to enable this service
|
|
#
|
|
# bastille_enable (bool): Set to NO by default.
|
|
# Set it to YES to enable bastille.
|
|
# bastille_list (string): Set to "ALL" by default.
|
|
# Space separated list of jails to start.
|
|
#
|
|
|
|
. /etc/rc.subr
|
|
|
|
name=bastille
|
|
rcvar=${name}_enable
|
|
|
|
: ${bastille_enable:=NO}
|
|
: ${bastille_list:="ALL"}
|
|
|
|
command=/usr/local/bin/${name}
|
|
start_cmd="bastille_start"
|
|
stop_cmd="bastille_stop"
|
|
restart_cmd="bastille_stop && bastille_start"
|
|
|
|
bastille_start()
|
|
{
|
|
if [ -z "${bastille_list}" ]; then
|
|
echo "bastille_list is undefined"
|
|
return 1
|
|
fi
|
|
|
|
local _jail
|
|
|
|
for _jail in ${bastille_list}; do
|
|
echo "Starting Bastille Container: ${_jail}"
|
|
${command} start ${_jail}
|
|
done
|
|
}
|
|
|
|
bastille_stop()
|
|
{
|
|
if [ -z "${bastille_list}" ]; then
|
|
echo "bastille_list is undefined"
|
|
return 1
|
|
fi
|
|
|
|
local _jail
|
|
|
|
for _jail in ${bastille_list}; do
|
|
echo "Stopping Bastille Container: ${_jail}"
|
|
${command} stop ${_jail}
|
|
done
|
|
}
|
|
|
|
load_rc_config ${name}
|
|
run_rc_command "$1"
|