[PC-BSD Commits] r15661 - in pcbsd/current/src-qt4/warden: bin scripts/backend
svn at pcbsd.org
svn at pcbsd.org
Wed Feb 29 13:40:52 PST 2012
Author: kris
Date: 2012-02-29 21:40:51 +0000 (Wed, 29 Feb 2012)
New Revision: 15661
Modified:
pcbsd/current/src-qt4/warden/bin/warden
pcbsd/current/src-qt4/warden/scripts/backend/chrootjail.sh
pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh
Log:
Make warden able to run commands inside a jail, ala portjail functionality
Modified: pcbsd/current/src-qt4/warden/bin/warden
===================================================================
--- pcbsd/current/src-qt4/warden/bin/warden 2012-02-29 21:15:29 UTC (rev 15660)
+++ pcbsd/current/src-qt4/warden/bin/warden 2012-02-29 21:40:51 UTC (rev 15661)
@@ -5,12 +5,14 @@
# "The Warden" Copyright 2008 PC-BSD Software (iXsystems)
######################################################################
-UTEST="`whoami`"
-if [ "$UTEST" != "root" ]
-then
- echo "ERROR: The Warden must be run as root!"
- exit 155
-fi
+require_root()
+{
+ UTEST="`whoami`"
+ if [ "$UTEST" != "root" ] ; then
+ echo "ERROR: This command must be run as root!"
+ exit 155
+ fi
+}
# Source our functions
PROGDIR="/usr/local/share/warden"
@@ -369,7 +371,8 @@
;;
- type) IP="${2}"
+ type) require_root
+ IP="${2}"
TYPE="${3}"
if [ -z "${IP}" ] ; then
@@ -392,13 +395,29 @@
[ -e "${JDIR}/${IP}/etc/rc.d/cleartmp" ] && rm ${JDIR}/${IP}/etc/rc.d/cleartmp
# Flag this type
touch ${JDIR}/${IP}/etc/.wardenxjail
+ # Add the hostname to the portjails /etc/hosts file, to prevent sendmail warnings
+ PJHOST="$(hostname)"
+ if [ -e ${JDIR}/${IP}/etc/hosts ]; then
+ sed -i -e '/^127.0.0.1.*/d' ${JDIR}/${IP}/etc/hosts
+ sed -i -e '/^::1.*/d' ${JDIR}/${IP}/etc/hosts
+ fi
+ echo "::1 localhost localhost.my.domain ${PJHOST}" >>${JDIR}/${IP}/etc/hosts
+ echo "127.0.0.1 localhost localhost.my.domain ${PJHOST}" >>${JDIR}/${IP}/etc/hosts
+
+ # Make sure the /etc/rc.conf HOSTNAME values match
+ cat ${JDIR}/${IP}/etc/rc.conf | grep -v "hostname=" > /tmp/.rc.$$
+ echo "$PJHOST" > ${JDIR}/${IP}/etc/.wardenhost
+ echo "hostname=$PJHOST" > ${JDIR}/${IP}/etc/rc.conf
+ cat /tmp/.rc.$$ >> ${JDIR}/${IP}/etc/rc.conf
+ rm /tmp/.rc.$$
;;
standard) rm ${JDIR}/${IP}/etc/.wardenxjail >/dev/null 2>/dev/null ;;
*) echo "Invalid TYPE" ; exit 1 ;;
esac
;;
- auto) IP="${2}"
+ auto) require_root
+ IP="${2}"
if [ -z "${IP}" ]
then
@@ -424,13 +443,16 @@
;;
- menu) ${PROGDIR}/scripts/warden.sh ;;
+ menu) require_root
+ ${PROGDIR}/scripts/warden.sh ;;
- gui) ${PROGDIR}/bin/warden-gui ;;
+ gui) require_root
+ ${PROGDIR}/bin/warden-gui ;;
list) ${PROGDIR}/scripts/backend/listjails.sh ;;
- start) # Time to startup the jail
+ start) require_root
+ # Time to startup the jail
IP="${2}"
if [ -z "${IP}" ]
@@ -455,7 +477,8 @@
${PROGDIR}/scripts/backend/startjail.sh "${IP}"
;;
- stop) # Time to stop the jail
+ stop) require_root
+ # Time to stop the jail
IP="${2}"
if [ -z "${IP}" ]
@@ -498,7 +521,8 @@
${PROGDIR}/scripts/backend/chrootjail.sh "${IP}" "${3}"
;;
- mkinmate) # The user wants to create an inmate package, do it
+ mkinmate) require_root
+ # The user wants to create an inmate package, do it
IDIR="${2}"
if [ -z "${IDIR}" ]
@@ -511,7 +535,8 @@
${PROGDIR}/scripts/backend/mkinmate.sh "${IDIR}" ""
;;
- inload) # The user wants to install an inmate package, do it
+ inload) require_root
+ # The user wants to install an inmate package, do it
IP="${2}"
IFILE="${3}"
@@ -535,7 +560,8 @@
${PROGDIR}/scripts/backend/installinmate.sh "${IP}" "${IFILE}"
;;
- indel) # The user wants to remove an inmate package, do it
+ indel) require_root
+ # The user wants to remove an inmate package, do it
IP="${2}"
IPKG="${3}"
@@ -554,7 +580,8 @@
${PROGDIR}/scripts/backend/deleteinmate.sh "${IP}" "${IPKG}"
;;
- import) # The user wants to import a jail, lets do it!
+ import) require_root
+ # The user wants to import a jail, lets do it!
IFILE="$2"
if [ ! -e "$IFILE" ]
then
@@ -602,7 +629,8 @@
${PROGDIR}/scripts/backend/importjail.sh "${IFILE}" "${IP}" "${HOST}"
;;
- export) # The user wants to export a jail, lets do it!
+ export) require_root
+ # The user wants to export a jail, lets do it!
IP="$2"
if [ -z "$IP" ]
then
@@ -639,7 +667,8 @@
;;
- create) # The user wants to create a new jail, do error checking
+ create) require_root
+ # The user wants to create a new jail, do error checking
IP="$2"
HOST="$3"
if [ -z "$IP" -o -z "$HOST" ]
@@ -680,7 +709,8 @@
${PROGDIR}/scripts/backend/createjail.sh "${IP}" "${HOST}" "${SRC}" "${PORTS}" "${AUTO}"
;;
- delete) # Time to delete a jail
+ delete) require_root
+ # Time to delete a jail
IP="${2}"
if [ -z "${IP}" ]
Modified: pcbsd/current/src-qt4/warden/scripts/backend/chrootjail.sh
===================================================================
--- pcbsd/current/src-qt4/warden/scripts/backend/chrootjail.sh 2012-02-29 21:15:29 UTC (rev 15660)
+++ pcbsd/current/src-qt4/warden/scripts/backend/chrootjail.sh 2012-02-29 21:40:51 UTC (rev 15661)
@@ -40,6 +40,10 @@
# Get the JailID for this jail
JID="`jls | grep ${IP} | tr -s " " ":" | cut -d ":" -f 2`"
+# If on an xjail, make display available
+if [ -e "${JDIR}/${IP}/etc/.wardenxjail" ] ; then
+ xhost + 2>/dev/null >/dev/null
+fi
# Done with error checking, now lets chroot into the jail
###################################################################
Modified: pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh
===================================================================
--- pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh 2012-02-29 21:15:29 UTC (rev 15660)
+++ pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh 2012-02-29 21:40:51 UTC (rev 15661)
@@ -44,7 +44,10 @@
mount -t devfs devfs "${JDIR}/${IP}/dev"
mount -t procfs proc "${JDIR}/${IP}/proc"
if [ -e "${JDIR}/${IP}/etc/.wardenxjail" ] ; then mountjailxfs ${IP} ; fi
-jail ${JDIR}/${IP} ${HOST} ${IP} /bin/sh /etc/rc 2>&1
+echo "jail -c name=${HOST} path=${JDIR}/${IP} host.hostname=${HOST} ip4.addr=${IP} persist"
+jail -c name=${HOST} path=${JDIR}/${IP} host.hostname=${HOST} ip4.addr=${IP} persist
+jexec ${HOST} /bin/sh /etc/rc 2>&1
+#jail ${JDIR}/${IP} ${HOST} ${IP} /bin/sh /etc/rc 2>&1
# Get the JailID for this new jail
JID="`jls | grep ${IP} | tr -s " " ":" | cut -d ":" -f 2`"
More information about the Commits
mailing list