Update bastille config and prepare for RELEASE 12.2

CHANGELOG

@@ -3,6 +3,7 @@
 ======================
 Version    Description
 
+1.0.75......Update bastille config and prepare for RELEASE 12.2.
 1.0.74......Use sysrc to manage jail startup variables.
 1.0.73......Fix typo and minor changes.
 1.0.72......Add jail cloning ability to WebGUI utilities and minor changes.

bastille-init

@@ -9,7 +9,7 @@
 # Debug script
 #set -x
 
-# Copyright (c) 2019-2020, José Rivera (joserprg@gmail.com).
+# Copyright (c) 2019-2021, José Rivera (joserprg@gmail.com).
 # All rights reserved.
 
 # Redistribution and use in source and binary forms, with or without
@@ -200,7 +200,7 @@ bastille_upgrade()
 			rm -R ${CWDIR}/update
 		fi
 
-		# Temporal workaround to update legacy config.
+		# Workaround to update legacy config.
 		if [ "${UPDATEVER}" -gt "0620200202" ]; then
 			update_config
 		fi
@@ -1032,6 +1032,8 @@ rc_params()
 update_config()
 {
 	# Update config based on minimum version.
+
+	# Network parameters.
 	if grep -qw 'bastille_jail_loopback=' ${BASTILLECONF}; then
 		sed -i '' 's/bastille_jail_loopback=/bastille_network_loopback=/' ${BASTILLECONF}
 	fi
@@ -1042,6 +1044,23 @@ update_config()
 		sed -i '' 's/bastille_jail_gateway=/bastille_network_gateway=/' ${BASTILLECONF}
 	fi
 
+	# Template parameters.
+	if grep -qw 'bastille_template_base=' ${BASTILLECONF}; then
+		sysrc -f ${BASTILLECONF} bastille_template_base="default/base"
+	fi
+	if grep -qw 'bastille_template_empty=' ${BASTILLECONF}; then
+		sysrc -f ${BASTILLECONF} bastille_template_empty="default/empty"
+	fi
+	if grep -qw 'bastille_template_thick=' ${BASTILLECONF}; then
+		sysrc -f ${BASTILLECONF} bastille_template_thick="default/thick"
+	fi
+	if grep -qw 'bastille_template_thin=' ${BASTILLECONF}; then
+		sysrc -f ${BASTILLECONF} bastille_template_thin="default/thin"
+	fi
+	if grep -qw 'bastille_template_vnet=' ${BASTILLECONF}; then
+		sysrc -f ${BASTILLECONF} bastille_template_vnet="default/vnet"
+	fi
+
 	# Remove deprecated parameters based on minimum version.
 	if grep -qw 'bastille_jail_interface' ${BASTILLECONF}; then
 		sysrc -f ${BASTILLECONF} -x bastille_jail_interface

conf/bastille.conf.ext

@@ -20,3 +20,8 @@ bastille_decompress_xz_options="-c -d -v"
 bastille_network_loopback=""
 bastille_network_shared=""
 bastille_network_gateway=""
+bastille_template_base="default/base"
+bastille_template_empty="default/empty"
+bastille_template_thick="default/thick"
+bastille_template_thin="default/thin"
+bastille_template_vnet="default/vnet"

conf/system/freebsd-update/12.2/freebsd-update.conf

@@ -0,0 +1,76 @@
+# $FreeBSD: releng/12.2/usr.sbin/freebsd-update/freebsd-update.conf 337338 2018-08-04 22:25:41Z brd $
+
+# Trusted keyprint.  Changing this is a Bad Idea unless you've received
+# a PGP-signed email from <security-officer@FreeBSD.org> telling you to
+# change it and explaining why.
+KeyPrint 800651ef4b4c71c27e60786d7b487188970f4b4169cc055784e21eb71d410cc5
+
+# Server or server pool from which to fetch updates.  You can change
+# this to point at a specific server if you want, but in most cases
+# using a "nearby" server won't provide a measurable improvement in
+# performance.
+ServerName update.FreeBSD.org
+
+# Components of the base system which should be kept updated.
+Components src world kernel
+
+# Example for updating the userland and the kernel source code only:
+# Components src/base src/sys world
+
+# Paths which start with anything matching an entry in an IgnorePaths
+# statement will be ignored.
+IgnorePaths
+
+# Paths which start with anything matching an entry in an IDSIgnorePaths
+# statement will be ignored by "freebsd-update IDS".
+IDSIgnorePaths /usr/share/man/cat
+IDSIgnorePaths /usr/share/man/whatis
+IDSIgnorePaths /var/db/locate.database
+IDSIgnorePaths /var/log
+
+# Paths which start with anything matching an entry in an UpdateIfUnmodified
+# statement will only be updated if the contents of the file have not been
+# modified by the user (unless changes are merged; see below).
+UpdateIfUnmodified /etc/ /var/ /root/ /.cshrc /.profile
+
+# When upgrading to a new FreeBSD release, files which match MergeChanges
+# will have any local changes merged into the version from the new release.
+MergeChanges /etc/ /boot/device.hints
+
+### Default configuration options:
+
+# Directory in which to store downloaded updates and temporary
+# files used by FreeBSD Update.
+# WorkDir /var/db/freebsd-update
+
+# Destination to send output of "freebsd-update cron" if an error
+# occurs or updates have been downloaded.
+# MailTo root
+
+# Is FreeBSD Update allowed to create new files?
+# AllowAdd yes
+
+# Is FreeBSD Update allowed to delete files?
+# AllowDelete yes
+
+# If the user has modified file ownership, permissions, or flags, should
+# FreeBSD Update retain this modified metadata when installing a new version
+# of that file?
+# KeepModifiedMetadata yes
+
+# When upgrading between releases, should the list of Components be
+# read strictly (StrictComponents yes) or merely as a list of components
+# which *might* be installed of which FreeBSD Update should figure out
+# which actually are installed and upgrade those (StrictComponents no)?
+# StrictComponents no
+
+# When installing a new kernel perform a backup of the old one first
+# so it is possible to boot the old kernel in case of problems.
+# BackupKernel yes
+
+# If BackupKernel is enabled, the backup kernel is saved to this
+# directory.
+# BackupKernelDir /boot/kernel.old
+
+# When backing up a kernel also back up debug symbol files?
+# BackupKernelSymbolFiles no

version

@@ -1 +1 @@
-1.0.74
+1.0.75