[PC-BSD Commits] r19692 - in pcbsd/branches/9.1/src-sh/warden: bin scripts/backend
svn at pcbsd.org
svn at pcbsd.org
Tue Oct 16 07:58:16 PDT 2012
Author: kris
Date: 2012-10-16 14:58:16 +0000 (Tue, 16 Oct 2012)
New Revision: 19692
Modified:
pcbsd/branches/9.1/src-sh/warden/bin/warden
pcbsd/branches/9.1/src-sh/warden/scripts/backend/createjail.sh
Log:
MFC to 9.1 the new CLI options to set / get startup flags for warden
Modified: pcbsd/branches/9.1/src-sh/warden/bin/warden
===================================================================
--- pcbsd/branches/9.1/src-sh/warden/bin/warden 2012-10-16 14:57:22 UTC (rev 19691)
+++ pcbsd/branches/9.1/src-sh/warden/bin/warden 2012-10-16 14:58:16 UTC (rev 19692)
@@ -51,12 +51,13 @@
details - Display usage details about a jail
delete - Deletes a jail
export - Exports a jail to a .wdn file
+ get - Gets options list for a jail
import - Imports a jail from a .wdn file
list - Lists the installed jails
pkgs - Lists the installed packages in a jail
+ set - Sets options for a jail
start - Start a jail
stop - Stops a jail
- set - Sets options for a jail
type - Set the jail type (portjail/normal)
zfsmksnap - Create a ZFS snapshot of a jail
zfslistclone - List clones of jail snapshots
@@ -69,6 +70,32 @@
"
};
+help_get()
+{
+ title
+ echo "Help get
+
+Lets you get options for your jail
+
+Available options:
+
+ ip: Lets you see additional IP addresses for this jail
+ flags: Lets you see additional flags to pass to the 'jail' command at startup
+
+Usage:
+
+ warden get ip <Jail IP>
+
+ warden get flags <Jail IP>
+
+Example:
+
+ warden get ip 192.168.0.5
+
+ warden get flags 192.168.0.5
+"
+};
+
help_set()
{
title
@@ -79,14 +106,19 @@
Available options:
ip: Lets you set additional IP addresses for this jail
+ flags: Lets you set additional flags to pass to the 'jail' command at startup
Usage:
warden set ip <Jail IP> <IP1>,<IP2>,<IP3>
+ warden set flags <Jail IP> <Flag1>,<Flag2>,<Flag3>
+
Example:
warden set ip 192.168.0.5 fe80::8e89:a5ff:fe52:ad19,192.168.1.50,192.168.2.10
+
+ warden set flags 192.168.0.5 allow.raw_sockets=true,allow.chflags=true
"
};
@@ -510,6 +542,7 @@
import) help_import ;;
pkgs) help_pkgs ;;
type) help_type ;;
+ get) help_get ;;
set) help_set ;;
zfsmksnap) help_zfsmksnap ;;
zfslistsnap) help_zfslistsnap ;;
@@ -537,23 +570,44 @@
${PROGDIR}/scripts/backend/details.sh "${IP}"
;;
+ get) require_root
+ OPT="${2}"
+ IP="${3}"
+ if [ -z "${IP}" ] ; then exit_err "No IP specified!"; fi
+ if [ ! -e "${JDIR}/${IP}" ] ; then exit_err "No such jail!"; fi
+ set_warden_metadir
+
+ case $OPT in
+ ip) cat "${JMETADIR}/ip-extra" 2>/dev/null | sed 's| |,|g' ;;
+ flags) cat "${JMETADIR}/jail-flags" 2>/dev/null | sed 's| |,|g' ;;
+ *) exit_err "Invalid option!" ;;
+ esac
+
+ ;;
+
set) require_root
OPT="${2}"
- if [ "${OPT}" != "ip" ] ; then exit_err "Invalid option!"; fi
- IP="${3}"
- EXTRAIPS="${4}"
-
+ IP="${3}"
if [ -z "${IP}" ] ; then exit_err "No IP specified!"; fi
if [ ! -e "${JDIR}/${IP}" ] ; then exit_err "No such jail!"; fi
-
set_warden_metadir
- IPS=`echo $EXTRAIPS | sed 's|,| |g'`
- rm "${JMETADIR}/ip-extra" >/dev/null 2>/dev/null
- for _ip in $IPS
- do
- echo "$_ip" >> "${JMETADIR}/ip-extra"
- done
+ case $OPT in
+ ip) EXTRAIPS="${4}"
+
+ IPS=`echo $EXTRAIPS | sed 's|,| |g'`
+ rm "${JMETADIR}/ip-extra" >/dev/null 2>/dev/null
+ for _ip in $IPS
+ do
+ echo "$_ip" >> "${JMETADIR}/ip-extra"
+ done
+ ;;
+ flags) EXTRAFLAGS="${4}"
+
+ echo $EXTRAFLAGS | sed 's|,| |g' > "${JMETADIR}/jail-flags"
+ ;;
+ *) exit_err "Invalid option!" ;;
+ esac
;;
type) require_root
Modified: pcbsd/branches/9.1/src-sh/warden/scripts/backend/createjail.sh
===================================================================
--- pcbsd/branches/9.1/src-sh/warden/scripts/backend/createjail.sh 2012-10-16 14:57:22 UTC (rev 19691)
+++ pcbsd/branches/9.1/src-sh/warden/scripts/backend/createjail.sh 2012-10-16 14:58:16 UTC (rev 19692)
@@ -193,6 +193,9 @@
touch "${JMETADIR}/autostart"
fi
+# Set some default flags for the jail
+echo "allow.raw_sockets=true" > ${JMETADIR}/jail-flags
+
# Set the default meta-pkg set
mkdir -p ${JDIR}/${IP}/usr/local/etc >/dev/null 2>/dev/null
echo "PCBSD_METAPKGSET: warden" > ${JDIR}/${IP}/usr/local/etc/pcbsd.conf
More information about the Commits
mailing list