Mercurial > hgrepos > FreeBSD > ports > sysutils > local-bsdtools
changeset 328:184412e2543e
Implement the -d option for fjail configure: temporarily mount a devfs filesystem
| author | Franz Glasner <fzglas.hg@dom66.de> |
|---|---|
| date | Wed, 30 Nov 2022 09:46:29 +0100 |
| parents | 37eb955f2395 |
| children | 2623f7e775e3 |
| files | docs/man/man8/fjail-configure.rst sbin/fjail |
| diffstat | 2 files changed, 72 insertions(+), 20 deletions(-) [+] |
line wrap: on
line diff
--- a/docs/man/man8/fjail-configure.rst Tue Nov 29 11:10:24 2022 +0100 +++ b/docs/man/man8/fjail-configure.rst Wed Nov 30 09:46:29 2022 +0100 @@ -6,7 +6,7 @@ Synopsis -------- -**fjail configure** `mountpoint` +**fjail configure** [**-d**] `mountpoint` Description @@ -14,36 +14,50 @@ Configure some basic settings of a jail that is mounted at `mountpoint`. -The "root" account within the jail is deactivated. +.. program:: fjail configure -In the jail's :file:`/etc/rc.conf`:: +.. option:: -d + + Temporarily also mount a standard devfs filesystem to `mountpoint`/dev. - sendmail_enable="NONE" - clear_tmp_enable="YES" - clear_tmp_X="NO" - syslogd_flags="-ss" - bsdstats_enable="NO" +The following configuration settings are applied: -The timezone is set to "Europe/Berlin" if not yet set. + The "root" account within the jail is deactivated. + + In the jail's :file:`/etc/rc.conf`:: -The :file:`/etc/resolv.conf` is copied from the host into the jail if -the target does not exist yet. + sendmail_enable="NONE" + clear_tmp_enable="YES" + clear_tmp_X="NO" + syslogd_flags="-ss" + bsdstats_enable="NO" -:command:`/usr/bin/newaliases` is called within the jail. + The timezone is set to "Europe/Berlin" if not yet set. -In the jail's :file:`/etc/periodic.conf.local`:: + The :file:`/etc/resolv.conf` is copied from the host into the jail if + the target does not exist yet. - daily_ntpd_leapfile_enable="NO" - daily_status_zfs_zpool_list_enable="NO" - daily_status_disks_enable="NO" - daily_status_uptime_enable="NO" + :command:`/usr/bin/newaliases` is called within the jail. + + In the jail's :file:`/etc/periodic.conf.local`:: -Can be used for all sort of jails (normal, thin). + daily_ntpd_leapfile_enable="NO" + daily_status_zfs_zpool_list_enable="NO" + daily_status_disks_enable="NO" + daily_status_uptime_enable="NO" + +This command can be used for all sort of jails (normal, thin). A proposal for a hostid suitable for use within the jail is printed to stdout also; this is done by calling :command:`fjail hostid`. +Implementation Notes +-------------------- + +A working dev filesystem is typically needed to work properly. + + See Also --------
--- a/sbin/fjail Tue Nov 29 11:10:24 2022 +0100 +++ b/sbin/fjail Wed Nov 30 09:46:29 2022 +0100 @@ -57,7 +57,7 @@ Populate the jail directory in MOUNTPOINT with the base system in BASETXZ - configure MOUNTPOINT + configure [OPTIONS] MOUNTPOINT Configure some basic parts of the system at MOUNTPOINT: disable root password, syslog and other basic configuration settings @@ -65,6 +65,8 @@ Also handle thin jails by checking whether "etc" is a symlink to "skeleton/etc". + -d Temporarily mount a devfs filesystem to MOUNTPOINT/dev + hostid Print proposals for a hostuuid and hostid @@ -359,8 +361,29 @@ command_configure() { # mountpoint local _mp + local _opt_devfs - local _pcl + local _pcl _umount_devfs + + _umount_devfs="" + + _opt_devfs="" + while getopts "d" _opt ; do + case ${_opt} in + d) + _opt_devfs="yes" + ;; + \?) + return 2; + ;; + *) + echo "ERROR: option handling failed" 1>&2 + return 2 + ;; + esac + done + shift $((OPTIND-1)) + OPTIND=1 _mp="$1" @@ -373,6 +396,16 @@ return 1 fi + if [ "${_opt_devfs}" = "yes" ]; then + if [ ! -c "{_mp}/dev/null" ]; then + echo "Mounting devfs" + mount -t devfs devfs "${_mp}/dev" + _umount_devfs="yes" + else + echo "devfs is already mounted" + fi + fi + # Deactive the by default empty root password pw -R "${_mp}" usermod -w no -n root @@ -432,6 +465,11 @@ fi command_hostid + + if [ "${_umount_devfs}" = "yes" ]; then + echo "Unmounting devfs" + umount "{_mp}/dev" + fi }