Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
comparison sbin/fjail @ 211:ee9b32ab0e9a
Implement the "-o" option for "datasets" to create var/empty with the default "readonly" setting instead of "readonly=on"
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Sun, 21 Aug 2022 17:12:37 +0200 |
| parents | 4d7e00b500a1 |
| children | 39b736a91d0d |
comparison
equal
deleted
inserted
replaced
| 210:4d7e00b500a1 | 211:ee9b32ab0e9a |
|---|---|
| 33 Create ZFS datasets to be used within a jail | 33 Create ZFS datasets to be used within a jail |
| 34 | 34 |
| 35 PARENT must exist already and CHILD must not exist. | 35 PARENT must exist already and CHILD must not exist. |
| 36 | 36 |
| 37 -A Set "canmount=auto" for datasets | 37 -A Set "canmount=auto" for datasets |
| 38 -o Do not create var/empty as read-only dataset but with normal settings | |
| 38 -s Also create a dataset for freebsd-update data files | 39 -s Also create a dataset for freebsd-update data files |
| 39 -t Create a more tiny set of datasets | 40 -t Create a more tiny set of datasets |
| 40 -T Create only an extra tiny set of datasets | 41 -T Create only an extra tiny set of datasets |
| 41 -u Do not automatically mount newly created datasets | 42 -u Do not automatically mount newly created datasets |
| 42 | 43 |
| 141 # and its mount point | 142 # and its mount point |
| 142 local _pmp _get | 143 local _pmp _get |
| 143 # full name of the dataset | 144 # full name of the dataset |
| 144 local _ds | 145 local _ds |
| 145 # dynamic ZFS options -- create cache for freebsd-update -- use a more tiny layout | 146 # dynamic ZFS options -- create cache for freebsd-update -- use a more tiny layout |
| 146 local _zfsopts _fbsdupdate _tiny _zfsnoauto | 147 local _zfsopts _fbsdupdate _tiny _zfsnoauto _varempty_ro |
| 147 | 148 |
| 148 _zfsopts="" | 149 _zfsopts="" |
| 149 _fbsdupdate="" | 150 _fbsdupdate="" |
| 150 _tiny="no" | 151 _tiny="no" |
| 151 _zfsnoauto="" | 152 _zfsnoauto="" |
| 152 while getopts "ustAT" _opt ; do | 153 _varempty_ro="-o readonly=on" |
| 154 while getopts "oustAT" _opt ; do | |
| 153 case ${_opt} in | 155 case ${_opt} in |
| 154 A) | 156 A) |
| 155 # | 157 # |
| 156 # set canmount=noauto where otherwise canmount=on would have been set | 158 # set canmount=noauto where otherwise canmount=on would have been set |
| 157 # or inherited | 159 # or inherited |
| 158 # | 160 # |
| 159 _zfsnoauto="-o canmount=noauto" | 161 _zfsnoauto="-o canmount=noauto" |
| 162 ;; | |
| 163 o) | |
| 164 # Clear out the default setting of creating var/empty as read-only dataset | |
| 165 _varempty_ro="" | |
| 160 ;; | 166 ;; |
| 161 t) | 167 t) |
| 162 # use a more tiny layout | 168 # use a more tiny layout |
| 163 _tiny="yes" | 169 _tiny="yes" |
| 164 ;; | 170 ;; |
| 253 else | 259 else |
| 254 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off "${_ds}/var/db" | 260 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off "${_ds}/var/db" |
| 255 fi | 261 fi |
| 256 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o primarycache=metadata -o compression=off "${_ds}/var/db/freebsd-update" | 262 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o primarycache=metadata -o compression=off "${_ds}/var/db/freebsd-update" |
| 257 fi | 263 fi |
| 258 zfs create ${_zfsopts} ${_zfsnoauto} -o readonly=on -o exec=off -o setuid=off "${_ds}/var/empty" | 264 zfs create ${_zfsopts} ${_zfsnoauto} ${_varempty_ro} -o exec=off -o setuid=off "${_ds}/var/empty" |
| 259 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o primarycache=metadata "${_ds}/var/log" | 265 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o primarycache=metadata "${_ds}/var/log" |
| 260 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o atime=on "${_ds}/var/mail" | 266 zfs create ${_zfsopts} ${_zfsnoauto} -o exec=off -o setuid=off -o atime=on "${_ds}/var/mail" |
| 261 zfs create ${_zfsopts} ${_zfsnoauto} -o sync=disabled -o exec=off -o setuid=off -o compression=off -o primarycache=all "${_ds}/var/run" | 267 zfs create ${_zfsopts} ${_zfsnoauto} -o sync=disabled -o exec=off -o setuid=off -o compression=off -o primarycache=all "${_ds}/var/run" |
| 262 zfs create ${_zfsopts} ${_zfsnoauto} -o sync=disabled -o setuid=off "${_ds}/var/tmp" | 268 zfs create ${_zfsopts} ${_zfsnoauto} -o sync=disabled -o setuid=off "${_ds}/var/tmp" |
| 263 } | 269 } |