[PC-BSD Commits] r15758 - in pcbsd/current/src-qt4/warden: bin scripts/backend

svn at pcbsd.org svn at pcbsd.org
Thu Mar 8 14:52:56 PST 2012 

Author: kris
Date: 2012-03-08 22:52:56 +0000 (Thu, 08 Mar 2012)
New Revision: 15758

Modified:
   pcbsd/current/src-qt4/warden/bin/warden
   pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh
   pcbsd/current/src-qt4/warden/scripts/backend/stopjail.sh
Log:

Add ability to set multiple IPs, both IPv4 and IPV6 to a single 
warden jail



Modified: pcbsd/current/src-qt4/warden/bin/warden
===================================================================
--- pcbsd/current/src-qt4/warden/bin/warden	2012-03-08 21:53:20 UTC (rev 15757)
+++ pcbsd/current/src-qt4/warden/bin/warden	2012-03-08 22:52:56 UTC (rev 15758)
@@ -51,6 +51,7 @@
     pkgs - Lists the installed packages / inmates in a jail
    start - Start a jail
     stop - Stops a jail
+     set - Sets options for a jail
     type - Set the jail type (portjail/normal)
 "
 };
@@ -112,6 +113,28 @@
 "
 };
 
+help_set()
+{
+ title
+ echo "Help set
+
+Lets you set options for your jail
+
+Available options:
+
+     ip: Lets you set additional IP addresses for this jail
+
+Usage:
+
+  warden set ip <Jail IP> <IP1>,<IP2>,<IP3>
+
+Example:
+
+  warden set ip 192.168.0.5 fe80::8e89:a5ff:fe52:ad19,192.168.1.50,192.168.2.10
+"
+};
+
+
 help_type()
 {
  title
@@ -349,6 +372,7 @@
            indel) help_indel ;;
            mkinmate) help_mkinmate ;;
            type) help_type ;;
+           set) help_set ;;
            *) help_main ;;
          esac  ;;
 
@@ -370,7 +394,30 @@
          ${PROGDIR}/scripts/backend/listpkgs.sh "${IP}" 
 
          ;;
+    set) require_root
+	 OPT="${2}" 
+         if [ "${OPT}" != "ip" ] ; then echo "Invalid option!" ; exit 1 ; fi
+	 IP="${3}"
+         EXTRAIPS="${4}"
 
+         if [ -z "${IP}" ] ; then
+          echo "ERROR: No IP specified!"
+          exit 1
+         fi
+
+         if [ ! -e "${JDIR}/${IP}" ] ; then
+           echo "ERROR: No such jail!"
+           exit 1
+         fi
+
+	 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
+	 rm "${JDIR}/${IP}/etc/.wardenip-extra" >/dev/null 2>/dev/null
+	 for _ip in $IPS
+	 do
+	   echo "$_ip" >> "${JDIR}/${IP}/etc/.wardenip-extra"
+	 done
+         ;;
+
    type) require_root
 	 IP="${2}"
          TYPE="${3}"

Modified: pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh
===================================================================
--- pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh	2012-03-08 21:53:20 UTC (rev 15757)
+++ pcbsd/current/src-qt4/warden/scripts/backend/startjail.sh	2012-03-08 22:52:56 UTC (rev 15758)
@@ -44,15 +44,28 @@
 mount -t procfs proc "${JDIR}/${IP}/proc"
 if [ -e "${JDIR}/${IP}/etc/.wardenxjail" ] ; then mountjailxfs ${IP} ; fi
 
-isV6 "${IP}"
-if [ $? -eq 0 ] ; then
-  ifconfig $NIC inet6 alias ${IP}
-  jail -c name=${HOST} path=${JDIR}/${IP} host.hostname=${HOST} ip6.addr=${IP} persist
-else
-  ifconfig $NIC inet alias ${IP}/32
-  jail -c name=${HOST} path=${JDIR}/${IP} host.hostname=${HOST} ip4.addr=${IP} persist
+IPS="${IP}"
+if [ -e "${JDIR}/${IP}/etc/.wardenip-extra" ] ; then
+  while read line
+  do
+    IPS="${IPS} $line" 
+  done < ${JDIR}/${IP}/etc/.wardenip-extra
 fi
 
+# Setup the IPs for this jail
+for _ip in $IPS
+do
+  isV6 "${_ip}"
+  if [ $? -eq 0 ] ; then
+    ifconfig $NIC inet6 alias ${_ip}
+    _ipflags="${_ipflags} ip6.addr=${_ip}"
+  else
+    ifconfig $NIC inet alias ${_ip}/32
+    _ipflags="${_ipflags} ip4.addr=${_ip}"
+  fi
+done
+
+jail -c name=${HOST} path=${JDIR}/${IP} host.hostname=${HOST} ${_ipflags} persist
 jexec ${HOST} /bin/sh /etc/rc 2>&1
 
 # Get the JailID for this new jail

Modified: pcbsd/current/src-qt4/warden/scripts/backend/stopjail.sh
===================================================================
--- pcbsd/current/src-qt4/warden/scripts/backend/stopjail.sh	2012-03-08 21:53:20 UTC (rev 15757)
+++ pcbsd/current/src-qt4/warden/scripts/backend/stopjail.sh	2012-03-08 22:52:56 UTC (rev 15758)
@@ -57,18 +57,32 @@
 # Check if we need umount x mnts
 if [ -e "${JDIR}/${IP}/etc/.wardenxjail" ] ; then umountjailxfs ${IP} ; fi
 
-# Check if we need to remove the IP alias from this jail
-ifconfig $NIC | grep ${IP} >/dev/null 2>/dev/null
-if [ "$?" = "0" ]
-then
+# Get list of IPs for this jail
+IPS="${IP}"
+if [ -e "${JDIR}/${IP}/etc/.wardenip-extra" ] ; then
+  while read line
+  do
+    IPS="${IPS} $line"
+  done < ${JDIR}/${IP}/etc/.wardenip-extra
+fi
+
+# Check if we need to remove the IP aliases from this jail
+for _ip in $IPS
+do 
+  # See if active alias
+  ifconfig $NIC | grep -q "${_ip}"
+  if [ $? -ne 0 ] ; then continue ; fi
+
+  isV6 "${_ip}"
   if [ $? -eq 0 ] ; then
-    ifconfig $NIC inet6 ${IP} delete
+    ifconfig $NIC inet6 ${_ip} delete
   else
-    ifconfig $NIC inet -alias ${IP}
+    ifconfig $NIC inet -alias ${_ip}
   fi
   echo -e ".\c"
-fi
+done
 
+
 # Create our shutdown script and run it in the jail
 echo "#!/bin/sh
 sh /etc/rc.shutdown

More information about the Commits mailing list