FreeBSD/ports/sysutils/local-bsdtools: sbin/fjail comparison

When executing the "privs" command try to make <mountpoint>/var/empty writeable temporarily to set proper permissions and file flags

comparison

equal deleted inserted replaced

-:57b9b899bf77
+:9bd38c55a75c
 #
 # To be used when all ZFS datasets are mounted.
 #
 command_privs() {
 # mountpoint
-local _mp _d
+local _mp _d _veds _get _vestatus
 _mp="$1"
 if [ -z "${_mp}" ]; then
 echo "ERROR: no mountpoint given" >&2
 return 2
 for _d in tmp var/tmp ; do
 chmod 01777 "${_mp}/${_d}"
 done
 chown root:mail "${_mp}/var/mail"
 chmod 0775 "${_mp}/var/mail"
+#
+# Handle <mountpoint>/var/empty specially:
+# make it writeable temporarily if it is mounted read-only:
+#
+_vestatus=""
+_veds=$(_get_dataset_for_varempty "${_mp}")
+if [ $? -eq 0 ]; then
+_get=$(zfs get -H readonly ${_veds} 2>/dev/null) || { echo "ERROR: cannot determine readonly status of ${_mp}/var/empty" >&2; return 1; }
+IFS=$'\t' read _dummy _dummy _vestatus _dummy <<EOF
+${_get}
+EOF
+if [ "${_vestatus}" = "on" ]; then
+zfs set readonly=off ${_veds} >/dev/null 2>/dev/null || { echo "ERROR: cannot reset readonly-status of ${_mp}/var/empty" >&2; return 1; }
+fi
+fi
+# Set the access rights and the file flags as given in mtree
+chmod 0555 "${_mp}/var/empty"
+chflags schg "${_mp}/var/empty"
+# Reset the read-only status of the mountpoint as it was before
+if [ "${_vestatus}" = "on" ]; then
+zfs set readonly=on ${_veds} >/dev/null 2>/dev/null || { echo "ERROR: cannot reactivate readonly-status of ${_mp}/var/empty" >&2; return 1; }
+fi
 }
 #
 # Global option handling

Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools