[PC-BSD Commits] r17371 - in pcbsd/current/src-sh/warden: bin scripts/backend scripts/rc.d

svn at pcbsd.org svn at pcbsd.org
Thu Jun 21 09:01:28 PDT 2012


Author: kris
Date: 2012-06-21 16:01:26 +0000 (Thu, 21 Jun 2012)
New Revision: 17371

Modified:
   pcbsd/current/src-sh/warden/bin/warden
   pcbsd/current/src-sh/warden/scripts/backend/checkupdates.sh
   pcbsd/current/src-sh/warden/scripts/backend/chrootjail.sh
   pcbsd/current/src-sh/warden/scripts/backend/createjail.sh
   pcbsd/current/src-sh/warden/scripts/backend/deletejail.sh
   pcbsd/current/src-sh/warden/scripts/backend/exportjail.sh
   pcbsd/current/src-sh/warden/scripts/backend/functions.sh
   pcbsd/current/src-sh/warden/scripts/backend/importjail.sh
   pcbsd/current/src-sh/warden/scripts/backend/listjails.sh
   pcbsd/current/src-sh/warden/scripts/backend/startjail.sh
   pcbsd/current/src-sh/warden/scripts/backend/stopjail.sh
   pcbsd/current/src-sh/warden/scripts/rc.d/shutdown.sh
   pcbsd/current/src-sh/warden/scripts/rc.d/startup.sh
Log:

Changes to the Warden:

Move all warden MetaData to outside the jail, for added security
Start adding glue for Linux Jail support



Modified: pcbsd/current/src-sh/warden/bin/warden
===================================================================
--- pcbsd/current/src-sh/warden/bin/warden	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/bin/warden	2012-06-21 16:01:26 UTC (rev 17371)
@@ -394,10 +394,11 @@
 Creates a new jail, with options for system source, ports and autostarting.
 
 Available Flags:
-  --src       (Includes /usr/src system source)
-  --ports     (Includes the ports tree)
-  --startauto (Start this jail at system boot)
-  --portjail  (Make this a portjail)
+  --src       		      (Includes /usr/src system source)
+  --ports     		      (Includes the ports tree)
+  --startauto 		      (Start this jail at system boot)
+  --portjail  		      (Make this a portjail)
+  --linuxjail <installscript> (Make this a linux jail and use supplied script for installation)
 
 Usage:
 
@@ -446,6 +447,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
 
          ${PROGDIR}/scripts/backend/listpkgs.sh "${IP}" 
          ;;
@@ -459,6 +461,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
 
          ${PROGDIR}/scripts/backend/details.sh "${IP}" 
          ;;
@@ -477,12 +480,13 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
 
 	 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
-	 rm "${JDIR}/${IP}/etc/warden/ip-extra" >/dev/null 2>/dev/null
+	 rm "${JMETADIR}/ip-extra" >/dev/null 2>/dev/null
 	 for _ip in $IPS
 	 do
-	   echo "$_ip" >> "${JDIR}/${IP}/etc/warden/ip-extra"
+	   echo "$_ip" >> "${JMETADIR}/ip-extra"
 	 done
          ;;
 
@@ -500,9 +504,10 @@
            exit 1
          fi
 
+	 set_warden_metadir
 	 case $TYPE in
 	   portjail) mkportjail "${JDIR}/${IP}" ;;
-	   standard) rm ${JDIR}/${IP}/etc/warden/xjail >/dev/null 2>/dev/null ;;
+	   standard) rm ${JMETADIR}/xjail >/dev/null 2>/dev/null ;;
 	   *) echo "Invalid TYPE" ; exit 1 ;;
          esac
          ;;
@@ -521,14 +526,15 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
 
 
-         if [ -e "${JDIR}/${IP}/etc/warden/autostart" ]
+         if [ -e "${JMETADIR}/autostart" ]
          then
-            rm "${JDIR}/${IP}/etc/warden/autostart"
+            rm "${JMETADIR}/autostart"
             echo "Disabled autostart for ${IP}"
          else
-            touch "${JDIR}/${IP}/etc/warden/autostart"
+            touch "${JMETADIR}/autostart"
             echo "Enabled autostart for ${IP}"
          fi 
 
@@ -554,6 +560,7 @@
             echo "ERROR: No such jail!"
             exit 1
           fi 
+	  set_warden_metadir
          
           # Check if this jail is already running
           ${PROGDIR}/scripts/backend/checkstatus.sh "${IP}"
@@ -580,6 +587,7 @@
             echo "ERROR: No such jail!"
             exit 1
           fi 
+	  set_warden_metadir
          
           # Check if this jail is already running
           ${PROGDIR}/scripts/backend/checkstatus.sh "${IP}"
@@ -625,6 +633,7 @@
             echo "ERROR: No such jail!"
             exit 1
           fi
+	  set_warden_metadir
 
           ${PROGDIR}/scripts/backend/chrootjail.sh "${IP}" "${3}"
           ;;
@@ -692,6 +701,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
 
          # Check if the user wants to place the file in their own DIR
          DIR=""
@@ -729,6 +739,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
          ${PROGDIR}/scripts/backend/zfsmksnap.sh "${IP}"
          ;;
 
@@ -745,6 +756,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
          ${PROGDIR}/scripts/backend/zfslistsnap.sh "${IP}"
          ;;
 
@@ -762,6 +774,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
          ${PROGDIR}/scripts/backend/zfsrevertsnap.sh "${IP}" "$SNAP"
          ;;
 
@@ -779,6 +792,7 @@
            echo "ERROR: No such jail!"
            exit 1
          fi
+	 set_warden_metadir
          ${PROGDIR}/scripts/backend/zfsrmsnap.sh "${IP}" "$SNAP"
          ;;
 
@@ -805,14 +819,19 @@
          PORTS="NO"
          AUTO="NO"
          PORTJAIL="NO"
-         for i in "$@"
-         do
-           case $i in
+         LINUXJAIL="NO"
+         while [ $# -gt 0 ]; do
+           case $1 in
              --src) SRC="YES" ;;
              --ports) PORTS="YES" ;;
              --startauto) AUTO="YES" ;;
              --portjail) PORTJAIL="YES" ;;
+             --linuxjail) LINUXJAIL="YES" ; shift
+			  if [ -z "$1" ] ; then echo "Error: No linux setup script specified!" ; exit 1 ; fi
+			  LINUX_JAIL_SCRIPT="$1" ; export LINUX_JAIL_SCRIPT
+			  ;;
            esac
+           shift
          done
 
          # Check to ensure this jail does not already exist
@@ -823,7 +842,7 @@
          fi  
 
           # Passed all tests, create the jail now
-          ${PROGDIR}/scripts/backend/createjail.sh "${IP}" "${HOST}" "${SRC}" "${PORTS}" "${AUTO}" "${PORTJAIL}"
+          ${PROGDIR}/scripts/backend/createjail.sh "${IP}" "${HOST}" "${SRC}" "${PORTS}" "${AUTO}" "${PORTJAIL}" "${LINUXJAIL}"
 
         ;;
   delete) require_root
@@ -841,6 +860,7 @@
             echo "ERROR: No such jail!"
             exit 1
           fi
+	  set_warden_metadir
 
           if [ "$3" != "--confirm" ]
           then

Modified: pcbsd/current/src-sh/warden/scripts/backend/checkupdates.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/checkupdates.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/checkupdates.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -35,17 +35,18 @@
 # Check for updates
 if [ "$IP" = "all" ] ; then
   cd ${JDIR}
-  for i in `ls -d *`
+  for i in `ls -d .*.meta`
   do
-    if [ ! -d "${i}/etc/warden" ] ; then continue ; fi
-    echo "Checking for jail updates to ${i}"
+    if [ ! -e "${i}/ip" ] ; then continue ; fi
+    jIP="`cat ${i}/ip`"
+    echo "Checking for jail updates to ${jIP}"
     echo "################################################"
  
     # Check for meta-pkg updates
-    pc-metapkgmanager --chroot ${JDIR}/${i} checkup
+    pc-metapkgmanager --chroot ${JDIR}/${jIP} checkup
 
     # Check for system-updates
-    chroot ${JDIR}/${i} cat /usr/sbin/freebsd-update | sed 's|! -t 0|-z '1'|g' | /bin/sh -s 'fetch'
+    chroot ${JDIR}/${jIP} cat /usr/sbin/freebsd-update | sed 's|! -t 0|-z '1'|g' | /bin/sh -s 'fetch'
   done
 else
    echo "Checking for jail updates to ${IP}..."

Modified: pcbsd/current/src-sh/warden/scripts/backend/chrootjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/chrootjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/chrootjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -29,6 +29,8 @@
   exit 5
 fi
 
+set_warden_metadir
+
 # Make sure the jail is running
 jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
 if [ "$?" != "0" ]
@@ -41,8 +43,8 @@
 JID="`jls | grep ${JDIR}/${IP} | tr -s " " | cut -d " " -f 2`"
 
 # If on an xjail, make display available
-if [ -e "${JDIR}/${IP}/etc/warden/xjail" ] ; then
-  HOST="`cat ${JDIR}/${IP}/etc/warden/host`"
+if [ -e "${JMETADIR}/xjail" ] ; then
+  HOST="`cat ${JMETADIR}/host`"
   xhost + 2>/dev/null >/dev/null
 else
  if [ "`whoami`" != "root" ] ; then

Modified: pcbsd/current/src-sh/warden/scripts/backend/createjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/createjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/createjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -2,6 +2,28 @@
 # Script to create a new jail based on given flags
 #####################################################################
 
+setup_linux_jail()
+{
+  echo "Setting up linux jail..."
+  echo $LINUX_JAIL_SCRIPT
+
+
+  mkdir -p ${JMETADIR}
+  echo "${HOST}" > ${JMETADIR}/host
+  echo "${IP}" > ${JMETADIR}/ip
+  if [ "$STARTUP" = "YES" ] ; then
+    touch "${JMETADIR}/autostart"
+  fi
+  touch "${JMETADIR}/linuxjail"
+
+  exit 0
+
+  # If we are auto-starting the jail, do it now
+  if [ "$STARTUP" = "YES" ] ; then warden start ${IP} ; fi
+
+  echo "Success! Linux jail created at ${JDIR}/${IP}"
+}
+
 # Source our functions
 PROGDIR="/usr/local/share/warden"
 
@@ -15,6 +37,7 @@
 PORTS="${4}"
 STARTUP="${5}"
 PORTJAIL="${6}"
+LINUXJAIL="${7}"
 
 if [ -z "$IP" -o -z "${HOST}" -o -z "$SOURCE" -o -z "${PORTS}" -o -z "${STARTUP}" ] 
 then
@@ -24,6 +47,7 @@
 
 
 JAILDIR="${JDIR}/${IP}"
+set_warden_metadir
 
 if [ -e "${JAILDIR}" ]
 then
@@ -32,20 +56,15 @@
 fi
 
 # Make sure we don't have a host already with this name
-for i in `ls -d ${JDIR}/* 2>/dev/null`
+for i in `ls -d ${JDIR}/.*.meta 2>/dev/null`
 do
-  if [ ! -e "${i}/etc/warden/host" ] ; then continue ; fi
-  if [ "`cat ${i}/etc/warden/host`" = "$HOST" ] ; then
+  if [ ! -e "${i}/host" ] ; then continue ; fi
+  if [ "`cat ${i}/host`" = "$HOST" ] ; then
     echo "ERROR: A jail with this hostname already exists!"
     exit 5
   fi
 done
 
-# Check if we need to download the chroot file
-if [ ! -e "${WORLDCHROOT}" ] ; then downloadchroot ; fi
-
-echo "Building new Jail... Please wait..."
-
 isDirZFS "${JDIR}"
 if [ $? -eq 0 ] ; then
   # Create ZFS mount
@@ -55,13 +74,24 @@
   mkdir -p "${JAILDIR}"
 fi
 
+# If we are setting up a linux jail, lets do it now
+if [ "$LINUXJAIL" = "YES" ] ; then
+   setup_linux_jail
+   exit 0
+fi
+
+# Check if we need to download the chroot file
+if [ ! -e "${WORLDCHROOT}" ] ; then downloadchroot ; fi
+
+echo "Building new Jail... Please wait..."
+
 echo "Installing world..."
 tar xvf ${WORLDCHROOT} -C "${JAILDIR}" 2>/dev/null
 echo "Done"
 
-mkdir ${JAILDIR}/etc/warden
-echo "${HOST}" > ${JAILDIR}/etc/warden/host
-echo "${IP}" > ${JAILDIR}/etc/warden/ip
+mkdir ${JMETADIR}
+echo "${HOST}" > ${JMETADIR}/host
+echo "${IP}" > ${JMETADIR}/ip
 
 if [ "$SOURCE" = "YES" ]
 then
@@ -124,9 +154,8 @@
   sed -i '' "s|#ListenAddress ::|ListenAddress ${IP}|g" ${JDIR}/${IP}/etc/ssh/sshd_config
 fi
 
-if [ "$STARTUP" = "YES" ]
-then
-  touch "${JDIR}/${IP}/etc/warden/autostart"
+if [ "$STARTUP" = "YES" ] ; then
+  touch "${JMETADIR}/autostart"
 fi
 
 # Set the default meta-pkg set

Modified: pcbsd/current/src-sh/warden/scripts/backend/deletejail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/deletejail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/deletejail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -25,6 +25,13 @@
   exit 5
 fi
 
+if [ ! -d "${JDIR}/${IP}" ] ; then
+   echo "ERROR: No such jail at ${JDIR}/${IP}"
+   exit 5
+fi
+
+set_warden_metadir
+
 # Check if the jail is running first
 ${PROGDIR}/scripts/backend/checkstatus.sh "${IP}"
 if [ "$?" = "0" ]
@@ -33,11 +40,6 @@
   ${PROGDIR}/scripts/backend/stopjail.sh "${IP}"
 fi
 
-if [ ! -d "${JDIR}/${IP}" ] ; then
-   echo "ERROR: No such jail at ${JDIR}/${IP}"
-   exit 5
-fi
-
 echo -e "Deleting Jail...\c"
 isDirZFS "${JDIR}/${IP}" "1"
 if [ $? -eq 0 ] ; then
@@ -49,5 +51,9 @@
   rm -rf "${JDIR}/${IP}"
 fi
 
+if [ ! -z "${JMETADIR}" -a "${JMETADIR} != " " ] ; then
+  rm -rf "${JMETADIR}"
+fi
+
 echo "Done"
 

Modified: pcbsd/current/src-sh/warden/scripts/backend/exportjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/exportjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/exportjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -29,6 +29,7 @@
   exit 5
 fi
 
+set_warden_metadir
 
 # First check if this jail is running, and stop it
 ${PROGDIR}/scripts/backend/checkstatus.sh "$IP"
@@ -41,7 +42,7 @@
 cd ${JDIR}/${IP}
 
 # Get the Hostname
-HOST="`cat etc/warden/host`"
+HOST="`cat ${JMETADIR}/host`"
 
 
 echo "Creating compressed archive of ${IP}... Please Wait..." >&1

Modified: pcbsd/current/src-sh/warden/scripts/backend/functions.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/functions.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/functions.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -148,6 +148,11 @@
     if [ ! -d "${JDIR}/${1}${nullfs_mount}" ] ; then
       mkdir -p "${JDIR}/${1}${nullfs_mount}"
     fi
+    if is_symlinked_mountpoint ${nullfs_mount}; then
+      echo "${nullfs_mount} has symlink as parent, not mounting"
+      continue
+    fi
+
     echo "Mounting ${JDIR}/${1}${nullfs_mount}"
     mount_nullfs ${nullfs_mount} ${JDIR}/${1}${nullfs_mount}
   done
@@ -156,6 +161,10 @@
   if [  ! -d "${JDIR}/${1}/compat/linux/proc" ]; then
     mkdir -p ${JDIR}/${1}/compat/linux/proc
   fi
+  if is_symlinked_mountpoint ${JDIR}/${1}/compat/linux/proc; then
+    echo "${JDIR}/${1}/compat/linux/proc has symlink as parent, not mounting"
+    return
+  fi
   echo "Enabling linprocfs support."
   mount -t linprocfs linprocfs ${JDIR}/${1}/compat/linux/proc
 }
@@ -218,7 +227,7 @@
   # Make sure we remove our cleartmp rc.d script, causes issues
   [ -e "${1}/etc/rc.d/cleartmp" ] && rm ${1}/etc/rc.d/cleartmp
   # Flag this type
-  touch ${1}/etc/warden/xjail
+  touch ${JMETADIR}/xjail
 }
 
 isV6() {
@@ -310,3 +319,21 @@
   fi
   
 }
+
+# is_symlinked_mountpoint()
+#       Is a mount point, or any of its parent directories, a symlink?
+is_symlinked_mountpoint()
+{
+        local _dir
+        _dir=$1
+        [ -L "$_dir" ] && return 0
+        [ "$_dir" = "/" ] && return 1
+        is_symlinked_mountpoint `dirname $_dir`
+        return $?
+}
+
+set_warden_metadir()
+{
+   JMETADIR="${JDIR}/.${IP}.meta"
+   export JMETADIR
+}

Modified: pcbsd/current/src-sh/warden/scripts/backend/importjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/importjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/importjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -32,7 +32,7 @@
     echo "ERROR: A Jail exists with IP: $IP"
     exit 5
   fi
-
+  set_warden_metadir
 fi
 
 # Lets start importing the jail now
@@ -150,13 +150,13 @@
 tail +${SKIP} ${IFILE} | tar xpf - -C "${JDIR}/${IP}" 2>/dev/null
 
 # Make sure we have an IP address saved
-echo "${IP}" >"${JDIR}/${IP}/etc/warden/ip"
+echo "${IP}" >"${JMETADIR}/ip"
 
 # Create the host for this device
 if [ "${HOST}" != "OFF" -a ! -z "${HOST}" ]
 then
   # Save the details to the .wardenhost file
-  echo "${HOST}" >"${JDIR}/${IP}/etc/warden/host"
+  echo "${HOST}" >"${JMETADIR}/host"
 
   # Change the hostname in rc.conf
   cat "${JDIR}/${IP}/etc/rc.conf" | grep -v "hostname=" >${JDIR}/${IP}/.rc.conf

Modified: pcbsd/current/src-sh/warden/scripts/backend/listjails.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/listjails.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/listjails.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -22,33 +22,35 @@
 
 cd ${JDIR}
 
-for i in `ls -d * 2>/dev/null`
+for i in `ls -d .*.meta 2>/dev/null`
 do
   HOST="<unknown>"
   AUTO="Disabled" 
   STATUS="<unknown>"
 
-  if [ ! -d "${i}/etc/warden" ] ; then continue ; fi
+  if [ ! -e "${i}/ip" ] ; then continue ; fi
 
   # Get the HostName
-  if [ -e "${i}/etc/warden/host" ]
+  if [ -e "${i}/host" ]
   then
-    HOST="`cat ${i}/etc/warden/host`"
+    HOST="`cat ${i}/host`"
   fi
 
   # Check if we are autostarting this jail
-  if [ -e "${i}/etc/warden/autostart" ] ; then
+  if [ -e "${i}/autostart" ] ; then
     AUTO="Enabled"
   fi
  
   # Figure out the type of jail
-  if [ -e "${i}/etc/warden/xjail" ] ; then
+  if [ -e "${i}/xjail" ] ; then
     TYPE="portjail"
   else
     TYPE="standard"
   fi
 
-  ${PROGDIR}/scripts/backend/checkstatus.sh ${i} 2>/dev/null
+  jIP="`cat ${i}/ip`"
+
+  ${PROGDIR}/scripts/backend/checkstatus.sh ${jIP} 2>/dev/null
   if [ "$?" = "0" ]
   then
     STATUS="Running"
@@ -57,7 +59,7 @@
   fi
 
   # Pad the variables a bit
-  IP=`echo "${i}             " | cut -c 1-25`
+  IP=`echo "${jIP}             " | cut -c 1-25`
   AUTO=`echo "${AUTO}          " | cut -c 1-15`
   STATUS=`echo "${STATUS}          " | cut -c 1-10`
   HOST=`echo "${HOST}          " | cut -c 1-15`

Modified: pcbsd/current/src-sh/warden/scripts/backend/startjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/startjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/startjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -37,19 +37,33 @@
   exit 6
 fi
 
+if [ -e "${JMETADIR}/linuxjail" ] ; then
+   LINUXJAIL="YES"
+   exit 0
+fi
 
-HOST="`cat ${JDIR}/${IP}/etc/warden/host`"
+HOST="`cat ${JMETADIR}/host`"
 
-mount -t devfs devfs "${JDIR}/${IP}/dev"
-mount -t procfs proc "${JDIR}/${IP}/proc"
-if [ -e "${JDIR}/${IP}/etc/warden/xjail" ] ; then mountjailxfs ${IP} ; fi
+if is_symlinked_mountpoint ${JDIR}/${IP}/dev; then
+   echo "${JDIR}/${IP}/dev has symlink as parent, not mounting"
+else
+   mount -t devfs devfs "${JDIR}/${IP}/dev"
+fi
 
+if is_symlinked_mountpoint ${JDIR}/${IP}/proc; then
+   echo "${JDIR}/${IP}/proc has symlink as parent, not mounting"
+else
+   mount -t procfs proc "${JDIR}/${IP}/proc"
+fi
+
+if [ -e "${JMETADIR}/xjail" ] ; then mountjailxfs ${IP} ; fi
+
 IPS="${IP}"
-if [ -e "${JDIR}/${IP}/etc/warden/ip-extra" ] ; then
+if [ -e "${JMETADIR}/ip-extra" ] ; then
   while read line
   do
     IPS="${IPS} $line" 
-  done < ${JDIR}/${IP}/etc/warden/ip-extra
+  done < ${JMETADIR}/ip-extra
 fi
 
 # Setup the IPs for this jail

Modified: pcbsd/current/src-sh/warden/scripts/backend/stopjail.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/backend/stopjail.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/backend/stopjail.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -34,7 +34,7 @@
 fi
 
 
-HOST="`cat ${JDIR}/${IP}/etc/warden/host`"
+HOST="`cat ${JMETADIR}/host`"
 
 # Make sure the jail is running
 jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
@@ -55,15 +55,15 @@
 echo -e ".\c"
 
 # Check if we need umount x mnts
-if [ -e "${JDIR}/${IP}/etc/warden/xjail" ] ; then umountjailxfs ${IP} ; fi
+if [ -e "${JMETADIR}/xjail" ] ; then umountjailxfs ${IP} ; fi
 
 # Get list of IPs for this jail
 IPS="${IP}"
-if [ -e "${JDIR}/${IP}/etc/warden/ip-extra" ] ; then
+if [ -e "${JMETADIR}/ip-extra" ] ; then
   while read line
   do
     IPS="${IPS} $line"
-  done < ${JDIR}/${IP}/etc/warden/ip-extra
+  done < ${JMETADIR}/ip-extra
 fi
 
 # Check if we need to remove the IP aliases from this jail

Modified: pcbsd/current/src-sh/warden/scripts/rc.d/shutdown.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/rc.d/shutdown.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/rc.d/shutdown.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -23,15 +23,15 @@
 if [ ! -d "${JDIR}" ] ; then exit 0 ; fi
 
 cd ${JDIR}
-for i in `ls -d *`
+for i in `ls -d .*.meta`
 do
-  if [ ! -d "${i}/etc/warden" ] ; then continue; fi
+  if [ ! -e "${i}/ip" ] ; then continue; fi
+  jIP="`cat ${i}/ip`"
 
-  ${PROGDIR}/scripts/backend/checkstatus.sh "${i}" 2>/dev/null
-  if [ "$?" = "0" ]
-  then
-    echo "Stopping jail (${i})"
-    ${PROGDIR}/scripts/backend/stopjail.sh "${i}" "FAST"
+  ${PROGDIR}/scripts/backend/checkstatus.sh "${jIP}" 2>/dev/null
+  if [ "$?" = "0" ] ; then
+    echo "Stopping jail (${jIP})"
+    ${PROGDIR}/scripts/backend/stopjail.sh "${jIP}" "FAST"
   fi
 done
 

Modified: pcbsd/current/src-sh/warden/scripts/rc.d/startup.sh
===================================================================
--- pcbsd/current/src-sh/warden/scripts/rc.d/startup.sh	2012-06-21 15:31:14 UTC (rev 17370)
+++ pcbsd/current/src-sh/warden/scripts/rc.d/startup.sh	2012-06-21 16:01:26 UTC (rev 17371)
@@ -23,12 +23,12 @@
 if [ ! -d "${JDIR}" ] ; then exit 0 ; fi
 
 cd ${JDIR}
-for i in `ls -d *`
+for i in `ls -d .*.meta`
 do
-  if [ -e "${i}/etc/warden/autostart" ]
-  then
-   echo -e "Starting Jail (${i})...\c"
-   ${PROGDIR}/scripts/backend/startjail.sh "${i}" >/dev/null 2>/dev/null
+  if [ -e "${i}/ip" -a -e "${i}/autostart" ] ; then
+   jIP=`cat ${i}/ip`"
+   echo -e "Starting Jail (${jIP})...\c"
+   ${PROGDIR}/scripts/backend/startjail.sh "${jIP}" >/dev/null 2>/dev/null
    echo "Done"
   fi
 done



More information about the Commits mailing list