Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
annotate sbin/fjail @ 164:b62b8bc6184f
Because of mtree errors in freebsd-update: let the directory tree in /boot stay as expanded but delete all regular files
| author | Franz Glasner <hg@dom66.de> |
|---|---|
| date | Fri, 22 Nov 2019 12:36:59 +0100 |
| parents | 9aef3f0e4d1c |
| children | 6782ac823f86 |
| rev | line source |
|---|---|
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
1 #!/bin/sh |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
2 # -*- indent-tabs-mode: nil; -*- |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
3 : 'A very minimal BSD Jail management tool. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
4 |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
5 :Author: Franz Glasner |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
6 :Copyright: (c) 2019 Franz Glasner. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
7 All rights reserved. |
|
104
6f6058939e48
Use the "Full name" in the license section for "fjail" also
Franz Glasner <fzglas.hg@dom66.de>
parents:
93
diff
changeset
|
8 :License: BSD 3-Clause "New" or "Revised" License. |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
9 See LICENSE for details. |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
10 If you cannot find LICENSE see |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
11 <https://opensource.org/licenses/BSD-3-Clause> |
| 93 | 12 :ID: @(#)@@PKGORIGIN@@ $HGid$ |
|
86
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
13 |
|
a3b9d4fe560e
Provide "module" doc-strings
Franz Glasner <fzglas.hg@dom66.de>
parents:
85
diff
changeset
|
14 ' |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
15 |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
16 set -eu |
| 73 | 17 |
| 18 VERSION="@@VERSION@@" | |
| 19 | |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
20 USAGE=' |
| 75 | 21 USAGE: fjail [ OPTIONS ] COMMAND [ COMMAND OPTIONS ] [ ARG ... ] |
| 22 | |
| 23 OPTIONS: | |
| 24 | |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
25 -V Print the program name and version number to stdout and exit |
|
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
26 |
| 75 | 27 -h Print this help message to stdout and exit |
| 28 | |
| 29 COMMANDS: | |
| 30 | |
| 31 datasets [-u] PARENT CHILD | |
| 32 | |
| 33 Create ZFS datasets to be used within a jail | |
| 34 | |
| 35 PARENT must exist already and CHILD must not exist. | |
| 36 | |
| 37 -u Do not automatically mount newly created datasets | |
| 38 | |
| 39 privs MOUNTPOINT | |
| 40 | |
| 41 Adjust some Unix privileges to mounted jail datasets | |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
42 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
43 populate MOUNTPOINT BASETXZ |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
44 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
45 Populate the jail directory in MOUNTPOINT with the base system in BASETXZ |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
46 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
47 copy SOURCE-DATASET DEST-DATASET |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
48 |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
49 Copy a tree of ZFS datasets with "zfs send -R" and "zfs receive". |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
50 Note that the destination dataset must not exist already. |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
51 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
52 -u Do not automatically mount received datasets |
|
105
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
53 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
54 ENVIRONMENT: |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
55 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
56 All environment variables that affect "zfs" are effective also. |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
57 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
58 DESCRIPTION: |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
59 |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
60 All commands with the exception of "populate" require ZFS as |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
61 filesystem. |
|
52523a19797e
Docu: Enhance the docu of fjail
Franz Glasner <fzglas.hg@dom66.de>
parents:
104
diff
changeset
|
62 ' |
| 75 | 63 |
| 64 | |
| 73 | 65 # Reset to standard umask |
| 66 umask 0022 | |
| 67 | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
68 |
|
161
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
69 _get_dataset_for_mountpoint() { |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
70 : 'Use `zfs mount` to determine the ZFS dataset for a given mountpoint. |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
71 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
72 ' |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
73 local _mountpoint |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
74 local _ds _mount |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
75 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
76 _mountpoint="$1" |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
77 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
78 while read -r _ds _mount; do |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
79 if [ "$_mount" = "$_mountpoint" ]; then |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
80 echo $_ds |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
81 return 0 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
82 fi |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
83 done <<EOF__GDSFM |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
84 $(zfs mount) |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
85 EOF__GDSFM |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
86 return 1 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
87 } |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
88 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
89 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
90 _get_dataset_for_varempty() { |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
91 : 'Allow special handling for <mountpoint>/var/empty which may be |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
92 mounted read-only. |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
93 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
94 ' |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
95 local _mountpoint |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
96 local _ve_mount |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
97 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
98 _mountpoint="$1" |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
99 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
100 if [ "$_mountpoint" = '/' ]; then |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
101 _ve_mount='/var/empty' |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
102 else |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
103 _ve_mount="${_mountpoint}/var/empty" |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
104 fi |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
105 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
106 _get_dataset_for_mountpoint "${_ve_mount}" |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
107 } |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
108 |
|
57b9b899bf77
Provide functions that will be the base for "/var/empty" handling (manipulate the "readonly" property when doing some special operations)
Franz Glasner <fzglas.hg@dom66.de>
parents:
157
diff
changeset
|
109 |
| 73 | 110 # |
| 111 # "datasets" -- create the ZFS dataset tree | |
| 112 # | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
113 # command_datasets [ -u ] parent-dataset child-dataset |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
114 # |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
115 # -u do not automatically mount newly created datasets |
| 73 | 116 # |
| 117 command_datasets() { | |
| 118 # parent ZFS dataset -- child ZFS dataset name | |
| 119 local _pds _cds | |
| 120 # and its mount point | |
| 121 local _pmp _get _dummy | |
| 122 # full name of the dataset | |
| 123 local _ds | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
124 # dynamic ZFS options |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
125 local _zfsopts |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
126 |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
127 _zfsopts="" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
128 while getopts "u" _opt ; do |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
129 case ${_opt} in |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
130 u) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
131 # do not mount newly created datasets |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
132 _zfsopts="${_zfsopts} -u" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
133 ;; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
134 \?|:) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
135 return 2; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
136 ;; |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
137 esac |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
138 done |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
139 shift $((OPTIND-1)) |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
140 OPTIND=1 |
| 73 | 141 |
| 142 _pds="$1" | |
| 143 if [ -z "${_pds}" ]; then | |
| 144 echo "ERROR: no parent dataset given" >&2 | |
| 145 return 2 | |
| 146 fi | |
| 147 _get=$(zfs get -H mountpoint "${_pds}" 2>/dev/null) || { echo "ERROR: dataset \`${_pds}' does not exist" >&2; return 1; } | |
| 148 IFS=$'\t' read _dummy _dummy _pmp _dummy <<EOF | |
| 149 ${_get} | |
| 150 EOF | |
| 151 case "${_pmp}" in | |
| 152 none) | |
| 153 echo "ERROR: dataset \`${_pds}' has no mountpoint" >&2 | |
| 154 return 1 | |
| 155 ;; | |
| 156 legacy) | |
| 157 echo "ERROR: dataset \`${_pds}' has a \`${_mp}' mountpoint" >&2 | |
| 158 return 1 | |
| 159 ;; | |
| 160 *) | |
| 161 # VOID | |
| 162 ;; | |
| 163 esac | |
| 164 _cds="$2" | |
| 165 if [ -z "${_cds}" ]; then | |
| 166 echo "ERROR: no child dataset given" >&2 | |
| 167 return 2 | |
| 168 fi | |
| 169 _ds="${_pds}/${_cds}" | |
| 170 echo "Resulting new root dataset is \`${_ds}' at mountpoint \`${_pmp}/${_cds}'" | |
| 171 if zfs get -H mountpoint "${_ds}" >/dev/null 2>/dev/null; then | |
| 172 echo "ERROR: dataset \`${_ds}' does already exist" >&2 | |
| 173 return 1 | |
| 174 fi | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
175 zfs create ${_zfsopts} -o atime=off "${_ds}" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
176 zfs create ${_zfsopts} -o sync=disabled -o setuid=off "${_ds}/tmp" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
177 zfs create ${_zfsopts} "${_ds}/usr" |
|
157
3f9cae8f5862
Also create a DS/usr/local dataset perdefault in jails
Franz Glasner <fzglas.hg@dom66.de>
parents:
144
diff
changeset
|
178 zfs create ${_zfsopts} "${_ds}/usr/local" |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
179 zfs create ${_zfsopts} "${_ds}/var" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
180 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/audit" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
181 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/cache" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
182 zfs create ${_zfsopts} -o exec=off -o setuid=off -o compression=off "${_ds}/var/cache/pkg" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
183 zfs create ${_zfsopts} -o exec=off -o setuid=off -o compression=off "${_ds}/var/crash" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
184 zfs create ${_zfsopts} -o exec=off -o setuid=off "${_ds}/var/db" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
185 zfs create ${_zfsopts} -o exec=on -o setuid=off "${_ds}/var/db/pkg" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
186 zfs create ${_zfsopts} -o readonly=on -o exec=off -o setuid=off "${_ds}/var/empty" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
187 zfs create ${_zfsopts} -o exec=off -o setuid=off -o primarycache=metadata "${_ds}/var/log" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
188 zfs create ${_zfsopts} -o exec=off -o setuid=off -o atime=on "${_ds}/var/mail" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
189 zfs create ${_zfsopts} -o sync=disabled -o exec=off -o setuid=off -o compression=off -o primarycache=all "${_ds}/var/run" |
|
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
190 zfs create ${_zfsopts} -o sync=disabled -o setuid=off "${_ds}/var/tmp" |
| 73 | 191 } |
| 192 | |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
193 |
| 73 | 194 # |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
195 # "populate" -- populate the datasets with content from a FreeBSD base.txz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
196 # |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
197 # command_populate mountpoint basetxz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
198 # |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
199 command_populate() { |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
200 # MOUNTPOINT -- base.txz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
201 local _mp _basetxz |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
202 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
203 _mp="$1" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
204 _basetxz="$2" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
205 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
206 if [ -z "${_mp}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
207 echo "ERROR: no mountpoint given" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
208 return 2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
209 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
210 if [ -z "${_basetxz}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
211 echo "ERROR: no base.txz given" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
212 return 2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
213 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
214 if [ ! -d "${_mp}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
215 echo "ERROR: mountpoint \`${_mp}' does not exist" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
216 return 1 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
217 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
218 if [ ! -r "${_basetxz}" ]; then |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
219 echo "ERROR: file \`${_basetxz}' is not readable" >&2 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
220 return 1 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
221 fi |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
222 |
|
164
b62b8bc6184f
Because of mtree errors in freebsd-update: let the directory tree in /boot stay as expanded but delete all regular files
Franz Glasner <hg@dom66.de>
parents:
163
diff
changeset
|
223 tar -C "${_mp}" --exclude=./var/empty -xJp -f "${_basetxz}" || { echo "ERROR: tar encountered errors" >&2; return 1; } |
|
b62b8bc6184f
Because of mtree errors in freebsd-update: let the directory tree in /boot stay as expanded but delete all regular files
Franz Glasner <hg@dom66.de>
parents:
163
diff
changeset
|
224 find "${_mp}/boot" -type f -delete |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
225 } |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
226 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
227 |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
228 # |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
229 # "copy" -- ZFS copy of datasets |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
230 # |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
231 # command_copy source-dataset destination-dataset |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
232 # |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
233 command_copy() { |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
234 # source dataset -- destination dataset |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
235 local _source _dest |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
236 # dynamic ZFS options |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
237 local _zfsopts |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
238 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
239 _zfsopts="" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
240 while getopts "u" _opt ; do |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
241 case ${_opt} in |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
242 u) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
243 # do not mount newly created datasets |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
244 _zfsopts="${_zfsopts} -u" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
245 ;; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
246 \?|:) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
247 return 2; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
248 ;; |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
249 esac |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
250 done |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
251 shift $((OPTIND-1)) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
252 OPTIND=1 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
253 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
254 _source="$1" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
255 if [ -z "${_source}" ]; then |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
256 echo "ERROR: no source dataset given" >&2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
257 return 2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
258 fi |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
259 _dest="$2" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
260 if [ -z "${_dest}" ]; then |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
261 echo "ERROR: no source dataset given" >&2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
262 return 2 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
263 fi |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
264 zfs send -R -n -v ${_source} || { echo "ERROR: ZFS operation failed in no-op mode" >&2; return 1; } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
265 zfs send -R "${_source}" | zfs receive ${_zfsopts} "${_dest}" || { echo "ERROR: ZFS operation failed" >&2; return 1; } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
266 } |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
267 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
268 |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
269 # |
| 73 | 270 # "privs" -- adjust privileges |
| 271 # | |
| 272 # To be used when all ZFS datasets are mounted. | |
| 273 # | |
| 274 command_privs() { | |
| 275 # mountpoint | |
|
162
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
276 local _mp _d _veds _get _vestatus |
| 73 | 277 |
| 278 _mp="$1" | |
| 279 if [ -z "${_mp}" ]; then | |
| 280 echo "ERROR: no mountpoint given" >&2 | |
| 281 return 2 | |
| 282 fi | |
| 283 if [ ! -d "${_mp}" ]; then | |
| 284 echo "ERROR: directory \`${_mp}' does not exist" >&2 | |
| 285 return 1 | |
| 286 fi | |
| 287 for _d in tmp var/tmp ; do | |
| 288 chmod 01777 "${_mp}/${_d}" | |
| 289 done | |
| 290 chown root:mail "${_mp}/var/mail" | |
| 291 chmod 0775 "${_mp}/var/mail" | |
|
162
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
292 |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
293 # |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
294 # Handle <mountpoint>/var/empty specially: |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
295 # make it writeable temporarily if it is mounted read-only: |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
296 # |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
297 _vestatus="" |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
298 _veds=$(_get_dataset_for_varempty "${_mp}") |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
299 if [ $? -eq 0 ]; then |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
300 _get=$(zfs get -H readonly ${_veds} 2>/dev/null) || { echo "ERROR: cannot determine readonly status of ${_mp}/var/empty" >&2; return 1; } |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
301 IFS=$'\t' read _dummy _dummy _vestatus _dummy <<EOF |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
302 ${_get} |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
303 EOF |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
304 if [ "${_vestatus}" = "on" ]; then |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
305 zfs set readonly=off ${_veds} >/dev/null 2>/dev/null || { echo "ERROR: cannot reset readonly-status of ${_mp}/var/empty" >&2; return 1; } |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
306 fi |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
307 fi |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
308 # Set the access rights and the file flags as given in mtree |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
309 chmod 0555 "${_mp}/var/empty" |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
310 chflags schg "${_mp}/var/empty" |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
311 # Reset the read-only status of the mountpoint as it was before |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
312 if [ "${_vestatus}" = "on" ]; then |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
313 zfs set readonly=on ${_veds} >/dev/null 2>/dev/null || { echo "ERROR: cannot reactivate readonly-status of ${_mp}/var/empty" >&2; return 1; } |
|
9bd38c55a75c
When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags
Franz Glasner <hg@dom66.de>
parents:
161
diff
changeset
|
314 fi |
| 73 | 315 } |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
316 |
|
74
247d35f910ca
fjail datasets now recognized a "-u" command option to not automatically mount created datasets
Franz Glasner <hg@dom66.de>
parents:
73
diff
changeset
|
317 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
318 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
319 # Global option handling |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
320 # |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
321 while getopts "Vh" _opt ; do |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
322 case ${_opt} in |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
323 V) |
|
144
6be3742d21f7
- FIX: Really print the version in check-ports
Franz Glasner <hg@dom66.de>
parents:
128
diff
changeset
|
324 printf 'fjail v%s (rv:%s)\n' "${VERSION}" '@@HGREVISION@@' |
|
81
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
325 exit 0 |
|
124faa20ae80
Implemented a "-V" global option to print the program's name and version number to stdout
Franz Glasner <fzglas.hg@dom66.de>
parents:
80
diff
changeset
|
326 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
327 h) |
| 75 | 328 echo "${USAGE}" |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
329 exit 0 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
330 ;; |
|
80
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
331 \?) |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
332 exit 2; |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
333 ;; |
|
80
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
334 *) |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
335 echo "ERROR: option handling failed" >&2 |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
336 exit 2 |
|
f5cf08e8d246
Handle the error case when option handling fails because of wrong case labels
Franz Glasner <fzglas.hg@dom66.de>
parents:
77
diff
changeset
|
337 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
338 esac |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
339 done |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
340 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
341 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
342 # Reset the Shell's option handling system to prepare for handling |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
343 # command-local options. |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
344 # |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
345 shift $((OPTIND-1)) |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
346 OPTIND=1 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
347 |
|
92
a8e76893140f
Extra error message if no command is given
Franz Glasner <fzglas.hg@dom66.de>
parents:
86
diff
changeset
|
348 test $# -gt 0 || { echo "ERROR: no command given" >&2; exit 2; } |
|
a8e76893140f
Extra error message if no command is given
Franz Glasner <fzglas.hg@dom66.de>
parents:
86
diff
changeset
|
349 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
350 command="$1" |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
351 shift |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
352 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
353 case "${command}" in |
| 73 | 354 datasets) |
| 355 command_datasets "$@" | |
| 356 ;; | |
| 357 privs) | |
| 358 command_privs "$@" | |
| 359 ;; | |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
360 populate) |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
361 command_populate "$@" |
|
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
362 ;; |
|
77
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
363 copy) |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
364 command_copy "$@" |
|
5aab3a28895f
Implemented a "copy" command to employ zfs send/receive for recursively copying jail datasets
Franz Glasner <hg@dom66.de>
parents:
76
diff
changeset
|
365 ;; |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
366 *) |
|
76
fea2ef3ff89a
Populate an existing directory tree with the contents of base.txz
Franz Glasner <hg@dom66.de>
parents:
75
diff
changeset
|
367 echo "ERROR: unknown command \`${command}'" >&2 |
|
72
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
368 exit 2 |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
369 ;; |
|
929051be7845
Begin a simple (ZFS-related) jail setup tool
Franz Glasner <fzglas.hg@dom66.de>
parents:
diff
changeset
|
370 esac |