Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
annotate sbin/fjail @ 157:3f9cae8f5862
Also create a DS/usr/local dataset perdefault in jails
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Thu, 07 Nov 2019 09:28:36 +0100 |
| parents | 6be3742d21f7 |
| children | 57b9b899bf77 |
| rev | line source |
|---|---|
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
1 #!/bin/sh |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
2 # -*- indent-tabs-mode: nil; -*- |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
3 : 'A very minimal BSD Jail management tool. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
4 |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
5 :Author: Franz Glasner |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
6 :Copyright: (c) 2019 Franz Glasner. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
7 All rights reserved. |
|
104
6f6058939e48
Use the "Full name" in the license section for "fjail" also
Franz Glasner <fzglas.hg@dom66.de>
parents:
93
diff
changeset
|
8 :License: BSD 3-Clause "New" or "Revised" License. |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
9 See LICENSE for details. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
10 If you cannot find LICENSE see |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
11 <https://opensource.org/licenses/BSD-3-Clause> |
| 93 | 12 :ID: @(#)@@PKGORIGIN@@ $HGid$ |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
13 |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
14 ' |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
15 |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
16 set -eu |
| 73 | 17 |
| 18 VERSION="@@VERSION@@" | |
| 19 | |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
20 USAGE=' |
| 75 | 21 USAGE: fjail [ OPTIONS ] COMMAND [ COMMAND OPTIONS ] [ ARG ... ] |
| 22 | |
| 23 OPTIONS: | |
| 24 | |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
25 -V Print the program name and version number to stdout and exit |
|
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
26 |
| 75 | 27 -h Print this help message to stdout and exit |
| 28 | |
| 29 COMMANDS: | |
| 30 | |
| 31 datasets [-u] PARENT CHILD | |
| 32 | |
| 33 Create ZFS datasets to be used within a jail | |
| 34 | |
| 35 PARENT must exist already and CHILD must not exist. | |
| 36 | |
| 37 -u Do not automatically mount newly created datasets | |
| 38 | |
| 39 privs MOUNTPOINT | |
| 40 | |
| 41 Adjust some Unix privileges to mounted jail datasets | |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
42 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
43 populate MOUNTPOINT BASETXZ |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
44 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
45 Populate the jail directory in MOUNTPOINT with the base system in BASETXZ |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
46 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
47 copy SOURCE-DATASET DEST-DATASET |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
48 |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
49 Copy a tree of ZFS datasets with "zfs send -R" and "zfs receive". |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
50 Note that the destination dataset must not exist already. |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
51 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
52 -u Do not automatically mount received datasets |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
53 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
54 ENVIRONMENT: |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
55 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
56 All environment variables that affect "zfs" are effective also. |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
57 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
58 DESCRIPTION: |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
59 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
60 All commands with the exception of "populate" require ZFS as |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
61 filesystem. |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
62 ' |
| 75 | 63 |
| 64 | |
| 73 | 65 # Reset to standard umask |
| 66 umask 0022 | |
| 67 | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
68 |
| 73 | 69 # |
| 70 # "datasets" -- create the ZFS dataset tree | |
| 71 # | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
72 # command_datasets [ -u ] parent-dataset child-dataset |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
73 # |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
74 # -u do not automatically mount newly created datasets |
| 73 | 75 # |
| 76 command_datasets() { | |
| 77 # parent ZFS dataset -- child ZFS dataset name | |
| 78 local _pds _cds | |
| 79 # and its mount point | |
| 80 local _pmp _get _dummy | |
| 81 # full name of the dataset | |
| 82 local _ds | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
83 # dynamic ZFS options |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
84 local _zfsopts |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
85 |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
86 _zfsopts="" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
87 while getopts "u" _opt ; do |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
88 case ${_opt} in |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
89 u) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
90 # do not mount newly created datasets |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
91 _zfsopts="${_zfsopts} -u" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
92 ;; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
93 \?|:) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
94 return 2; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
95 ;; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
96 esac |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
97 done |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
98 shift $((OPTIND-1)) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
99 OPTIND=1 |
| 73 | 100 |
| 101 _pds="$1" | |
| 102 if [ -z "${_pds}" ]; then | |
| 103 echo "ERROR: no parent dataset given" >&2 | |
| 104 return 2 | |
| 105 fi | |
| 106 _get=$(zfs get -H mountpoint "${_pds}" 2>/dev/null) || { echo "ERROR: dataset \`${_pds}' does not exist" >&2; return 1; } | |
| 107 IFS=$'\t' read _dummy _dummy _pmp _dummy <<EOF | |
| 108 ${_get} | |
| 109 EOF | |
| 110 case "${_pmp}" in | |
| 111 none) | |
| 112 echo "ERROR: dataset \`${_pds}' has no mountpoint" >&2 | |
| 113 return 1 | |
| 114 ;; | |
| 115 legacy) | |
| 116 echo "ERROR: dataset \`${_pds}' has a \`${_mp}' mountpoint" >&2 | |
| 117 return 1 | |
| 118 ;; | |
| 119 *) | |
| 120 # VOID | |
| 121 ;; | |
| 122 esac | |
| 123 _cds="$2" | |
| 124 if [ -z "${_cds}" ]; then | |
| 125 echo "ERROR: no child dataset given" >&2 | |
| 126 return 2 | |
| 127 fi | |
| 128 _ds="${_pds}/${_cds}" | |
| 129 echo "Resulting new root dataset is \`${_ds}' at mountpoint \`${_pmp}/${_cds}'" | |
| 130 if zfs get -H mountpoint "${_ds}" >/dev/null 2>/dev/null; then | |
| 131 echo "ERROR: dataset \`${_ds}' does already exist" >&2 | |
| 132 return 1 | |
| 133 fi | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
134 zfs create ${_zfsopts} -o atime=off "${_ds}" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
135 zfs create ${_zfsopts} -o sync=disabled -o setuid=off "${_ds}/tmp" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
136 zfs create ${_zfsopts} "${_ds}/usr" |
|
157
3f9cae8f5862
Also create a DS/usr/local dataset perdefault in jails
Franz Glasner <fzglas.hg@dom66.de>
parents:
144
diff
changeset
|
137 zfs create ${_zfsopts} "${_ds}/usr/local" |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
138 zfs create ${_zfsopts} "${_ds}/var" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
139 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/audit" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
140 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/cache" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
141 zfs create ${_zfsopts} -o exec=off -o setuid=off -o compression=off "${_ds}/var/cache/pkg" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
142 zfs create ${_zfsopts} -o exec=off -o setuid=off -o compression=off "${_ds}/var/crash" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
143 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/db" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
144 zfs create ${_zfsopts} -o exec=on -o setuid=off "${_ds}/var/db/pkg" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
145 zfs create ${_zfsopts} -o readonly=on -o exec=off -o setuid=off "${_ds}/var/empty" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
146 zfs create ${_zfsopts} -o exec=off -o setuid=off -o primarycache=metadata "${_ds}/var/log" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
147 zfs create ${_zfsopts} -o exec=off -o setuid=off -o atime=on "${_ds}/var/mail" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
148 zfs create ${_zfsopts} -o sync=disabled -o exec=off -o setuid=off -o compression=off -o primarycache=all "${_ds}/var/run" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
149 zfs create ${_zfsopts} -o sync=disabled -o setuid=off "${_ds}/var/tmp" |
| 73 | 150 } |
| 151 | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
152 |
| 73 | 153 # |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
154 # "populate" -- populate the datasets with content from a FreeBSD base.txz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
155 # |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
156 # command_populate mountpoint basetxz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
157 # |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
158 command_populate() { |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
159 # MOUNTPOINT -- base.txz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
160 local _mp _basetxz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
161 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
162 _mp="$1" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
163 _basetxz="$2" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
164 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
165 if [ -z "${_mp}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
166 echo "ERROR: no mountpoint given" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
167 return 2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
168 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
169 if [ -z "${_basetxz}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
170 echo "ERROR: no base.txz given" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
171 return 2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
172 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
173 if [ ! -d "${_mp}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
174 echo "ERROR: mountpoint \`${_mp}' does not exist" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
175 return 1 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
176 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
177 if [ ! -r "${_basetxz}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
178 echo "ERROR: file \`${_basetxz}' is not readable" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
179 return 1 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
180 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
181 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
182 tar -C "${_mp}" --exclude=./var/empty -xJp -f "${_basetxz}" || { echo "ERROR: tar encountered errors" >&2; return 1; } |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
183 } |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
184 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
185 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
186 # |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
187 # "copy" -- ZFS copy of datasets |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
188 # |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
189 # command_copy source-dataset destination-dataset |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
190 # |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
191 command_copy() { |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
192 # source dataset -- destination dataset |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
193 local _source _dest |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
194 # dynamic ZFS options |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
195 local _zfsopts |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
196 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
197 _zfsopts="" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
198 while getopts "u" _opt ; do |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
199 case ${_opt} in |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
200 u) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
201 # do not mount newly created datasets |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
202 _zfsopts="${_zfsopts} -u" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
203 ;; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
204 \?|:) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
205 return 2; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
206 ;; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
207 esac |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
208 done |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
209 shift $((OPTIND-1)) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
210 OPTIND=1 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
211 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
212 _source="$1" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
213 if [ -z "${_source}" ]; then |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
214 echo "ERROR: no source dataset given" >&2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
215 return 2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
216 fi |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
217 _dest="$2" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
218 if [ -z "${_dest}" ]; then |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
219 echo "ERROR: no source dataset given" >&2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
220 return 2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
221 fi |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
222 zfs send -R -n -v ${_source} || { echo "ERROR: ZFS operation failed in no-op mode" >&2; return 1; } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
223 zfs send -R "${_source}" | zfs receive ${_zfsopts} "${_dest}" || { echo "ERROR: ZFS operation failed" >&2; return 1; } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
224 } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
225 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
226 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
227 # |
| 73 | 228 # "privs" -- adjust privileges |
| 229 # | |
| 230 # To be used when all ZFS datasets are mounted. | |
| 231 # | |
| 232 command_privs() { | |
| 233 # mountpoint | |
| 234 local _mp _d | |
| 235 | |
| 236 _mp="$1" | |
| 237 if [ -z "${_mp}" ]; then | |
| 238 echo "ERROR: no mountpoint given" >&2 | |
| 239 return 2 | |
| 240 fi | |
| 241 if [ ! -d "${_mp}" ]; then | |
| 242 echo "ERROR: directory \`${_mp}' does not exist" >&2 | |
| 243 return 1 | |
| 244 fi | |
| 245 for _d in tmp var/tmp ; do | |
| 246 chmod 01777 "${_mp}/${_d}" | |
| 247 done | |
| 248 chown root:mail "${_mp}/var/mail" | |
| 249 chmod 0775 "${_mp}/var/mail" | |
| 250 } | |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
251 |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
252 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
253 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
254 # Global option handling |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
255 # |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
256 while getopts "Vh" _opt ; do |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
257 case ${_opt} in |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
258 V) |
|
144
6be3742d21f7
- FIX: Really print the version in check-ports
Franz Glasner <hg@dom66.de>
parents:
128
diff
changeset
|
259 printf 'fjail v%s (rv:%s)\n' "${VERSION}" '@@HGREVISION@@' |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
260 exit 0 |
|
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
261 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
262 h) |
| 75 | 263 echo "${USAGE}" |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
264 exit 0 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
265 ;; |
|
80
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
266 \?) |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
267 exit 2; |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
268 ;; |
|
80
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
269 *) |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
270 echo "ERROR: option handling failed" >&2 |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
271 exit 2 |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
272 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
273 esac |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
274 done |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
275 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
276 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
277 # Reset the Shell's option handling system to prepare for handling |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
278 # command-local options. |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
279 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
280 shift $((OPTIND-1)) |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
281 OPTIND=1 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
282 |
|
92
a8e76893140f
Extra error message if no command is given
Franz Glasner <fzglas.hg@dom66.de>
parents:
86
diff
changeset
|
283 test $# -gt 0 || { echo "ERROR: no command given" >&2; exit 2; } |
|
a8e76893140f
Extra error message if no command is given
Franz Glasner <fzglas.hg@dom66.de>
parents:
86
diff
changeset
|
284 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
285 command="$1" |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
286 shift |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
287 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
288 case "${command}" in |
| 73 | 289 datasets) |
| 290 command_datasets "$@" | |
| 291 ;; | |
| 292 privs) | |
| 293 command_privs "$@" | |
| 294 ;; | |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
295 populate) |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
296 command_populate "$@" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
297 ;; |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
298 copy) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
299 command_copy "$@" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
300 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
301 *) |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
302 echo "ERROR: unknown command \`${command}'" >&2 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
303 exit 2 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
304 ;; |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
305 esac |