source: src-sh/warden/bin/warden

releng/10.1.1
Last change on this file was bb6487e, checked in by Kris Moore <kris@…>, 7 weeks ago

Initial update to warden, this adds the following sub-commands:

pkgupdate - Update all packages inside jail
fbsdupdate - Upgrade FreeBSD world with security fixes
fbsdupgrade - Upgrade FreeBSD to new version (still needs work)

  • Property mode set to 100755
File size: 34.4 KB
Line 
1#!/bin/sh
2# Command-line interaction script for the warden
3# Author: Kris Moore
4# License: BSD
5# "The Warden" Copyright 2013 PC-BSD Software (iXsystems)
6######################################################################
7
8# Source external functions
9. /usr/local/share/pcbsd/scripts/functions.sh
10
11require_root() 
12{
13  UTEST="`whoami`"
14  if [ "$UTEST" != "root" ] ; then
15     exit_err "This command must be run as root!"
16  fi
17}
18
19# Source our functions
20PROGDIR="/usr/local/share/warden"
21
22# Source our variables
23. ${PROGDIR}/scripts/backend/functions.sh
24
25title()
26{
27  echo "Warden version ${WARDENVER}
28---------------------------------"
29};
30
31
32# Function to display help information
33help_main()
34{
35  title
36  echo "Available commands
37
38Type in help <command> for information and usage about that command
39
40         help - This help file"
41
42if [ -e "${PROGDIR}/bin/warden-gui" ] ; then
43   echo "          gui - Launch the GUI menu"
44fi
45
46cat<<__EOF__
47         auto - Toggles the autostart flag for a jail
48      bspkgng - BootStrap pkgng and setup TrueOS repo
49      checkup - Check for updates to a jail
50       chroot - Launches chroot into a jail
51       create - Creates a new jail
52      details - Display usage details about a jail
53       delete - Deletes a jail
54       export - Exports a jail to a .wdn file
55   fbsdupdate - Update the FreeBSD world inside jail
56  fbsdupgrade - Upgrade the version of FreeBSD inside a jail
57        fstab - Start users \$EDITOR on jails custom fstab
58          get - Gets options list for a jail
59       import - Imports a jail from a .wdn file
60         list - Lists the installed jails
61    pkgupdate - Update packages inside a jail
62         pkgs - Lists the installed packages in a jail
63         pbis - Lists the installed pbi's in a jail
64          set - Sets options for a jail
65        start - Start a jail
66         stop - Stops a jail
67         type - Set the jail type (pluginjail|portjail|standard)
68     template - Manage jail templates
69         snap - Jail snapshot management
70        clone - Clone an existing jail to a new jail
71     cronsnap - Schedule snapshot creation via cron
72__EOF__
73};
74
75help_get()
76{
77 title
78 echo "Help get
79
80Lets you get options for your jail
81
82Available options:
83
84             iface: Lets you see the network interface for this jail
85              ipv4: Lets you see the IPv4 address for this jail
86              ipv6: Lets you see the IPv6 address for this jail
87        alias-ipv4: Lets you see additional IPv4 addresses for this jail
88        alias-ipv6: Lets you see additional IPv6 addresses for this jail
89       bridge-ipv4: Lets you see the vnet bridge IPv4 address for this jail
90       bridge-ipv6: Lets you see the vnet bridge IPv6 address for this jail
91 alias-bridge-ipv4: Lets you see additional vnet bridge IPv4 addresses for this jail
92 alias-bridge-ipv6: Lets you see additional vnet bridge IPv6 addresses for this jail
93defaultrouter-ipv4: Lets you see the default IPv4 router for this jail
94defaultrouter-ipv6: Lets you see the default IPv6 router for this jail
95             flags: Lets you see additional flags to pass to the 'jail' command at startup
96
97Usage:
98
99  warden get ipv4 <Jail>
100
101  warden get flags <Jail>
102
103Example:
104
105  warden get ipv4 myjail
106
107  warden get flags myjail
108"
109};
110
111help_set()
112{
113 title
114 echo "Help set
115
116Lets you set options for your jail
117
118Available options:
119
120             iface: Set the network interface for this jail
121              ipv4: Set the IPv4 address for this jail
122              ipv6: Set the IPv6 address for this jail
123        alias-ipv4: Set additional IPv4 addresses for this jail
124        alias-ipv6: Set additional IPv6 addresses for this jail
125       bridge-ipv4: Set the vnet bridge IPv4 address for this jail
126       bridge-ipv6: Set the vnet bridge IPv6 address for this jail
127 alias-bridge-ipv4: Set additional vnet bridge IPv4 for this jail
128 alias-bridge-ipv6: Set additional vnet bridge IPv6 for this jail
129defaultrouter-ipv4: Set the default vnet IPv4 router for this jail
130defaultrouter-ipv6: Set the default vnet IPv6 router for this jail
131             flags: Set additional flags to pass to the 'jail' command
132       vnet-enable: Enables vnet support for the jail
133      vnet-disable: Disables vnet support for this jail
134
135Usage:
136
137  warden set ipv4 <Jail> <IP1>,<IP2>,<IP3>
138
139  warden set flags <Jail> <Flag1>,<Flag2>,<Flag3>
140
141Example:
142
143  warden set ipv4 myjail 192.168.1.50,192.168.2.10
144
145  warden set ipv6 myjail fe80::8e89:a5ff:fe52:ad19,fe80::8e89:a5ff:fe52:ad21
146
147  warden set flags myjail allow.raw_sockets=true,allow.chflags=true
148
149  warden set vnet-enable myjail
150"
151};
152
153help_checkup()
154{
155 title
156 echo "Help checkup
157
158Check for updates to a jail(s)
159
160Usage:
161
162  warden checkup <Jail>
163   or
164  warden checkup all
165
166Example:
167
168  warden checkup myjail
169"
170};
171
172help_snap()
173{
174 title
175 echo "Help snap
176
177Perform Snapshot operations on a jail
178
179Available Sub-Commands: list make remove removedate revert
180
181list:
182
183  warden snap list <jail>
184
185make:
186
187  warden snap make <jail> <Optional Comment>
188
189remove:
190
191  warden snap remove <jail> <snapshot>
192
193removedate:
194
195  warden snap removedate <jail> <date>
196
197  NOTE: Removes all snapshots older than the given date.
198        Valid dates are YYYY-MM-DD and YYYYMMDD
199
200revert:
201
202  warden snap revert <jail> <snapshot>
203
204"
205};
206
207help_clone()
208{
209 title
210 echo "Help clone
211
212Clone an existing jail into a new jail with (optional) new IP address
213
214Usage:
215
216  warden clone <Jail> <NewJail>
217
218Example:
219
220  warden clone myjail newjail --ipv4=127.0.0.4/24
221"
222};
223
224help_cronsnap()
225{
226 title
227 echo "Help cronsnap
228
229Schedule a jail snapshot
230
231Usage:
232
233  warden cronsnap <Jail> <action> <frequency> <daysToKeep>
234 
235  action = start / stop
236  frequency = daily / hourly
237  daysToKeep = Number of days to keep snapshots
238
239Example:
240
241  warden cronsnap myjail start daily 10
242
243  or
244
245  warden cronsnap myjail stop
246"
247};
248
249help_details()
250{
251 title
252 echo "Help details
253
254View usage details about a jail
255
256Usage:
257
258  warden details <Jail>
259
260Example:
261
262  warden details myjail
263"
264};
265
266help_template()
267{
268 title
269 echo "Help template
270
271Manage the jail templates used to create new FreeBSD jails
272
273Required subcommands:
274
275  create - Create a new jail template
276  delete - Delete a jail template
277    list - List jail templates on system
278
279Flags:
280
281  create:
282     -fbsd <version>   - FreeBSD Version, 9.1-RELEASE, 9.0-RELEASE, etc
283     -trueos <version> - TrueOS Version, 9.1-RELEASE, 9-STABLE, etc
284     -arch <arch type> - System architecture, i386/amd64
285     -tar <file>       - Use tar archive as template contents (Ignores -arch / -fbsd)
286     -nick <nickname>  - Template nickname for creating jails / deleting templates
287
288Usage:
289
290  warden template create <flags>
291   or
292  warden template delete <template nickname>
293   or
294  warden template list
295
296Example:
297
298  warden template create -fbsd 9.1-RELEASE -arch amd64 -nick 91amd64
299"
300};
301
302
303help_type()
304{
305 title
306 echo "Help type
307
308Lets you set the type of jail to these options:
309
310portjail: Jail with access to your home directories and Xorg
311pluginjail: Jail that can be used to install FreeNAS plugins
312standard: Normal FreeBSD secure jail environment
313
314The flag status can be checked with 'warden list'.
315
316Usage:
317
318  warden type <Jail> <type>
319
320Example:
321
322  warden type myjail portjail
323"
324};
325
326
327help_bspkgng()
328{
329 title
330 echo "Help bspkgng
331
332BootStraps the pkgng package system, and installs the TrueOS repository
333and utilities into a jail.
334
335Usage:
336
337  warden bspkgng <Jail>
338
339Example:
340
341  warden bspkgng myjail
342"
343};
344
345
346
347help_auto()
348{
349 title
350 echo "Help auto
351
352Toggles the autostart flag for a specified jail. If the flag is
353enabled, then the jail will be started at system bootup automatically.
354The flag status can be checked with 'warden list'.
355
356Usage:
357
358  warden auto <Jail>
359
360Example:
361
362  warden auto myjail
363"
364};
365
366help_pkgs()
367{
368 title
369 echo "Help pkgs
370
371Generates a listing of the installed ports in a jail.
372
373Usage:
374
375  warden pkgs <Jail>
376
377Example:
378
379  warden pkgs myjail
380"
381};
382
383help_pbis()
384{
385 title
386 echo "Help pbis
387
388Generates a listing of the installed pbi's in a jail.
389
390Usage:
391
392  warden pbis <Jail>
393
394Example:
395
396  warden pbis myjail
397"
398};
399
400help_list()
401{
402 title
403 echo "Help list
404
405Generates a quick listing of the installed jails, including the running
406status.
407
408Available Flags:
409  -v           (Verbose listing)
410
411Usage:
412
413  warden list [flags] [hosts]
414"
415};
416
417help_export()
418{
419 title
420 echo "Help export
421
422Export will backup a full copy of your jail, compressing it and
423saving it to a .wdn file. This file can then be taken and
424imported on another system to migrate the jail to new hardware.
425Also a .wdn file may be imported on the same system, in order to
426'clone' an existing jail with a new IP address.
427
428Available Flags:
429  --dir=<DIR>  (Specify the directory you want to place the finished .wdn file)
430
431Usage:
432
433  warden export <Jail> --dir=<path>
434
435Example:
436
437  warden export myjail --dir=/tmp
438"
439};
440
441help_fstab()
442{
443 title
444 echo "Help fstab
445
446Runs the users \$EDITOR on the jails custom fstab file. Can be used to setup
447nullfs mounts and others for a specific jail
448
449Usage:
450
451  warden fstab [hosts]
452"
453};
454
455help_import()
456{
457 title
458 echo "Help import
459
460Imports a jail from a .wdn file. Can assign a new IP / Hostname to
461the imported jail on the fly using optional flags. 
462
463Available Flags:
464  --ipv4=<IP/NETMASK> (Specify a new IPv4/NETMASK address to assign to this jail)
465  --ipv6=<IP/NETMASK> (Specify a new IPv6/NETMASK address to assign to this jail)
466  --host=<HOST>       (Specify a new host name to assign to this jail)
467
468Usage:
469
470  warden import <jailname> <.wdn file>
471
472Example:
473
474  warden import myjail /home/kris/myjail.wdn
475"
476};
477
478help_fbsdupgrade()
479{
480 title
481 echo "Help fbsdupgrade
482
483Upgrades the version of FreeBSD inside the jail
484
485Usage:
486
487  warden fbsdupgrade <jail> <new version>
488
489Example:
490
491  warden fbsdupgrade myjail 10.2-RELEASE
492"
493};
494
495help_fbsdupdate()
496{
497 title
498 echo "Help fbsdupdate
499
500Updates the freebsd world inside a jail
501
502Available Flags:
503  --pkgupdate (Also update the packages in the jail)
504
505Usage:
506
507  warden fbsdupdate <jail>
508
509Example:
510
511  warden fbsdupdate myjail
512"
513};
514
515help_pkgupdate()
516{
517 title
518 echo "Help pkgupdate
519
520Updates all the packages inside a jail
521
522Usage:
523
524  warden pkgupdate <Jail>
525
526Example:
527
528  warden pkgupdate myjail
529
530NOTE:
531
532  The upgrade will stop the jail, and do the package upgrade in stopped mode.
533  If the jail was previously running, it will be re-started upon completion.
534"
535};
536
537help_chroot()
538{
539 title
540 echo "Help chroot
541
542Logs into a jail using chroot, or runs the supplied command.
543
544Usage:
545
546  warden chroot <Jail> <optional cmd>
547
548Example:
549
550  warden chroot myjail
551"
552};
553
554
555help_start()
556{
557 title
558 echo "Help start
559
560Starts a stopped jail
561
562Usage:
563
564  warden start <Jail>
565
566Example:
567
568  warden start myjail
569"
570};
571
572help_stop()
573{
574 title
575 echo "Help stop
576
577Stops a running jail
578
579Usage:
580  warden stop <Jail>
581
582Example:
583
584  warden stop myjail
585"
586};
587
588
589help_delete()
590{
591 title
592 echo "Help delete
593
594Stops and deletes a jail
595
596Available Flags:
597  --confirm       (Does not prompt to confirm deletion. DANGEROUS)
598
599Usage:
600
601  warden delete <Jail>
602
603Example:
604
605  warden delete myjail
606"
607};
608
609
610
611help_create()
612{
613 title
614 echo "Help create
615
616Creates a new jail, with options for system source, ports and autostarting.
617
618Available Flags:
619  -32                          Create 32bit jail on 64bit system
620  --autoipv4                   Use the next available IPv4 address from the pool
621  --ipv4=<ip/mask>             Set primary IPv4 address for jail
622  --ipv6=<ip/mask>             Set primary IPv6 address for jail
623  --archive <tar>              Use specified tar file for BSD jail creation
624  --bulk <number>              Create <number> of new jails, using default IP4 pool
625                               or address pool specified with --ip4pool
626  --ip4pool <address>          Starting IPv4 address to use when creating jails in bulk
627  --linuxjail <script>         Make this a linux jail and use supplied script for installation
628  --linuxarchive <tar>         Use specified tar file for Linux jail creation
629  --pluginjail                 Make this a pluginjail
630  --ports                      Includes the ports tree
631  --portjail                   Make this a portjail
632  --src                        Includes /usr/src system source
633  --startauto                  Start this jail at system boot
634  --template <string>          Specify a jail template to build with
635  --vanilla                    Don't install PC-BSD pkgng repo and utilities
636  --version <string>           Use this instead of /etc/version
637
638Usage:
639
640  warden create <JAILNAME> <flags>
641
642Example:
643
644  warden create jailbird --ipv4=192.168.0.25/24 --src --ports --startauto
645"
646};
647
648# Fix old style meta-data, can be removed after 9.1
649fix_old_meta
650
651# This checks if we have JDIR on a valid ZFS dataset
652zfs_prog_check
653
654# Check what the user wants to do
655case "$1" in
656
657   help) case "$2" in
658             auto) help_auto ;;
659          bspkgng) help_bspkgng ;;
660           create) help_create ;;
661           start) help_start ;;
662           stop) help_stop ;;
663           delete) help_delete ;;
664           details) help_details ;;
665           checkup) help_checkup ;;
666           chroot) help_chroot ;;
667           fbsdupdate) help_fbsdupdate ;;
668           fbsdupgrade) help_fbsdupgrade ;;
669           list) help_list ;;
670           export) help_export ;;
671           fstab) help_fstab ;;
672           import) help_import ;;
673           pbis) help_pbis ;;
674           pkgs) help_pkgs ;;
675           pkgupdate) help_pkgupdate ;;
676           template) help_template ;;
677           type) help_type ;;
678           get) help_get ;;
679           set) help_set ;;
680           snap) help_snap ;;
681           cronsnap) help_cronsnap ;;
682           clone) help_clone ;;
683           *) help_main ;;
684         esac  ;;
685
686
687    pkgs) JAILNAME="${2}"
688         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
689         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
690         set_warden_metadir
691
692         ${PROGDIR}/scripts/backend/listpkgs.sh "${JAILNAME}" 
693         ;;
694pkgupdate) JAILNAME="${2}"
695         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
696         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
697         set_warden_metadir
698
699         ${PROGDIR}/scripts/backend/pkgupdate.sh "${JAILNAME}" 
700         ;;
701fbsdupdate) JAILNAME="${2}"
702         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
703         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
704         set_warden_metadir
705
706         ${PROGDIR}/scripts/backend/fbsdupdate.sh "${JAILNAME}" "$3"
707         ;;
708fbsdupgrade) JAILNAME="${2}"
709         NEWFBSDVER="${3}"
710         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
711         if [ -z "${NEWFBSDVER}" ]; then exit_err "No FreeBSD version specified!"; fi
712         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
713         set_warden_metadir
714
715         ${PROGDIR}/scripts/backend/fbsdupgrade.sh "$JAILNAME" "$NEWFBSDVER"
716         ;;
717details) JAILNAME="${2}"
718         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
719         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
720         set_warden_metadir
721
722         ${PROGDIR}/scripts/backend/details.sh "${JAILNAME}" 
723         ;;
724    pbis) JAILNAME="${2}"
725         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
726         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
727         set_warden_metadir
728
729         ${PROGDIR}/scripts/backend/listpbis.sh "${JAILNAME}" 
730         ;;
731    fstab) JAILNAME="${2}"
732         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
733         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
734         set_warden_metadir
735         if [ ! -e "${JMETADIR}/fstab" ] ; then
736            echo "# Device      Mountpoint      FStype          Options Dump Pass" > ${JMETADIR}/fstab
737         fi
738         if [ -z "$EDITOR" ]; then EDITOR="vi"; fi
739         $EDITOR ${JMETADIR}/fstab
740         exit $?
741         ;;
742template) require_root
743         OPT="$2"
744         case $OPT in
745            create) shift ; shift;
746                    # Read our flags
747                    while [ $# -gt 0 ]; do
748                    case $1 in
749                          -fbsd) shift
750                                 if [ -z "$1" ] ; then exit_err "No FreeBSD version specified"; fi
751                                 FBSDVER="${1}"
752                                 ;;
753                        -trueos) shift
754                                 if [ -z "$1" ] ; then exit_err "No TrueOS version specified"; fi
755                                 TRUEOSVER="${1}"
756                                 ;;
757                          -arch) shift
758                                 if [ -z "$1" ] ; then exit_err "No FreeBSD architecture specified"; fi
759                                 FBSDARCH="${1}"
760                                 ;;
761                           -tar) shift
762                                 if [ -z "$1" ] ; then exit_err "No tar file specified"; fi
763                                 if [ ! -e "$1" ] ; then exit_err "Could not find tar file: $1"; fi
764                                 FBSDTAR="${1}"
765                                 ;;
766                          -nick) shift
767                                 if [ -z "$1" ] ; then exit_err "No nickname specified"; fi
768                                 TNICK="`echo ${1} | sed 's| |_|g'`"
769                                 ;;
770                    -pluginjail) shift
771                                 TPLUGJAIL="YES"
772                                 ;;
773                              *) exit_err "Invalid option: $1" ;;
774                    esac
775                    shift
776                    done
777                    export TPLUGJAIL TNICK FBSDTAR FBSDARCH TRUEOSVER FBSDVER
778                    ${PROGDIR}/scripts/backend/createtemplate.sh ; exit $? ;;
779            delete) delete_template "$3" ;;
780              list) list_templates ;;
781                 *) help_template ; exit 1 ;;
782         esac
783         ;;
784    get) require_root
785         OPT="${2}"
786         JAILNAME="${3}"
787         if [ -z "${JAILNAME}" ] ; then help_get; exit 1; fi
788         if [ ! -e "${JDIR}/${JAILNAME}" ] ; then exit_err "No such jail!"; fi
789         set_warden_metadir
790
791         case $OPT in
792             flags) cat "${JMETADIR}/jail-flags" 2>/dev/null | sed 's| |,|g' ;;
793             iface) cat "${JMETADIR}/iface"  2>/dev/null ;;
794              ipv4) cat "${JMETADIR}/ipv4"  2>/dev/null | sed 's| |,|g' ;;
795              ipv6) cat "${JMETADIR}/ipv6"  2>/dev/null | sed 's| |,|g' ;;
796        alias-ipv4) cat "${JMETADIR}/alias-ipv4"  2>/dev/null | sed 's| |,|g' ;;
797        alias-ipv6) cat "${JMETADIR}/alias-ipv6"  2>/dev/null | sed 's| |,|g' ;;
798       bridge-ipv4) cat "${JMETADIR}/bridge-ipv4" 2>/dev/null | sed 's| |,|g' ;;
799       bridge-ipv6) cat "${JMETADIR}/bridge-ipv6" 2>/dev/null | sed 's| |,|g' ;;
800 alias-bridge-ipv4) cat "${JMETADIR}/alias-bridge-ipv4" 2>/dev/null | sed 's| |,|g' ;;
801 alias-bridge-ipv6) cat "${JMETADIR}/alias-bridge-ipv6" 2>/dev/null | sed 's| |,|g' ;;
802defaultrouter-ipv4) cat "${JMETADIR}/defaultrouter-ipv4" 2>/dev/null | sed 's| |,|g' ;;
803defaultrouter-ipv6) cat "${JMETADIR}/defaultrouter-ipv6" 2>/dev/null | sed 's| |,|g' ;;
804              *) exit_err "Invalid option!" ;;
805         esac
806         ;;
807
808    set) require_root
809         OPT="${2}" 
810         JAILNAME="${3}"
811         if [ -z "${JAILNAME}" ] ; then exit_err "No jail specified!"; fi
812         if [ ! -e "${JDIR}/${JAILNAME}" ] ; then exit_err "No such jail!"; fi
813         set_warden_metadir
814
815         case $OPT in
816          iface) IFACE="${4}"
817                 if [ -z "$IFACE" ] ; then
818                    rm "${JMETADIR}/iface"
819                    exit 0
820                 fi
821                 ifconfig $IFACE 2>/dev/null >/dev/null
822                 if [ $? -eq 0 ] ; then
823                    echo "WARNING: The interface ($IFACE) does not exist"
824                 fi
825                 echo $IFACE > "${JMETADIR}/iface"
826                 ;;
827             ipv4) IP4="${4}"
828                 get_ip_and_netmask "${IP4}"
829                 IP4="${JIP}"
830                 MASK4="${JMASK}"
831                 if [ -z "$MASK4" ] ; then MASK4="24"; fi
832                 echo "$IP4/$MASK4" > "${JMETADIR}/ipv4"
833                 ;;
834             ipv6) IP6="${4}"
835                 get_ip_and_netmask "${IP6}"
836                 IP6="${JIP}"
837                 MASK6="${JMASK}"
838                 if [ -z "$MASK6" ] ; then MASK4="64"; fi
839                 echo "$IP6/$MASK6" > "${JMETADIR}/ipv6"
840                 ;;
841       alias-ipv4) EXTRAIPS="${4}"
842                 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
843                 rm "${JMETADIR}/alias-ipv4" >/dev/null 2>/dev/null
844                 for _ip in $IPS
845                 do
846                    echo "$_ip" >> "${JMETADIR}/alias-ipv4"
847                 done
848                ;;
849       alias-ipv6) EXTRAIPS="${4}"
850                 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
851                 rm "${JMETADIR}/alias-ipv6" >/dev/null 2>/dev/null
852                 for _ip in $IPS
853                 do
854                    echo "$_ip" >> "${JMETADIR}/alias-ipv6"
855                 done
856                ;;
857       bridge-ipv4) BIP4="${4}"
858                 echo "$BIP4" > "${JMETADIR}/bridge-ipv4"
859                 ;;
860       bridge-ipv6) BIP6="${4}"
861                 echo "$BIP6" > "${JMETADIR}/bridge-ipv6"
862                 ;;
863 alias-bridge-ipv4) EXTRAIPS="${4}"
864                 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
865                 rm "${JMETADIR}/alias-bridge-ipv4" >/dev/null 2>/dev/null
866                 for _ip in $IPS
867                 do
868                    echo "$_ip" >> "${JMETADIR}/alias-bridge-ipv4"
869                 done
870                ;;
871 alias-bridge-ipv6) EXTRAIPS="${4}"
872                 IPS=`echo $EXTRAIPS | sed 's|,| |g'`
873                 rm "${JMETADIR}/alias-bridge-ipv6" >/dev/null 2>/dev/null
874                 for _ip in $IPS
875                 do
876                    echo "$_ip" >> "${JMETADIR}/alias-bridge-ipv6"
877                 done
878                ;;
879defaultrouter-ipv4) DEFAULTROUTER="${4}"
880                 echo "$DEFAULTROUTER" > "${JMETADIR}/defaultrouter-ipv4"
881                 ;;
882defaultrouter-ipv6) DEFAULTROUTER="${4}"
883                 echo "$DEFAULTROUTER" > "${JMETADIR}/defaultrouter-ipv6"
884                 ;;
885          flags) EXTRAFLAGS="${4}"
886                 echo $EXTRAFLAGS | sed 's|,| |g' > "${JMETADIR}/jail-flags"
887                 ;;
888    vnet-enable) touch "${JMETADIR}/vnet" ;;
889    vnet-disable) rm "${JMETADIR}/vnet" 2>/dev/null ;;
890              *) exit_err "Invalid option!" ;;
891           esac
892         ;;
893
894   type) require_root
895         JAILNAME="${2}"
896         TYPE="${3}"
897         JAILDIR="${JDIR}/${JAILNAME}"
898
899         if [ -z "${JAILNAME}" ] ; then exit_err "No jail specified!"; fi
900         if [ ! -e "${JAILDIR}" ] ; then exit_err "No such jail!"; fi
901
902         set_warden_metadir
903         if [ -e "${JMETADIR}/jail-linux" ] ; then exit_err "Cannot change type on Linux jail!"; fi
904
905         case $TYPE in
906           portjail)
907              rm ${JMETADIR}/jail-pluginjail > /dev/null 2>/dev/null
908              mkportjail "${JAILDIR}"
909              ;;
910           standard)
911              rm ${JMETADIR}/jail-pluginjail > /dev/null 2>/dev/null
912              rm ${JMETADIR}/jail-portjail >/dev/null 2>/dev/null
913              ;;
914           pluginjail)
915              mkpluginjail "${JAILDIR}"
916              ;;
917           *) exit_err "Invalid TYPE" ;;
918         esac
919         ;;
920
921 bspkgng) require_root
922    JAILNAME="${2}"
923         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
924         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
925         bootstrap_pkgng "${JDIR}/${JAILNAME}"
926         ;;
927
928   auto) require_root
929         JAILNAME="${2}"
930
931         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
932
933         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
934         set_warden_metadir
935
936         if [ -e "${JMETADIR}/autostart" ]
937         then
938            rm "${JMETADIR}/autostart"
939            echo "Disabled autostart for ${JAILNAME}"
940         else
941            touch "${JMETADIR}/autostart"
942            echo "Enabled autostart for ${JAILNAME}"
943         fi 
944
945         # Update flags so syscache knows to re-scan
946         pc-systemflag WARDENUPDATE SUCCESS
947       
948         sleep 2
949
950         ;;
951
952    gui) require_root
953          ${PROGDIR}/bin/warden-gui ;;
954
955    list) require_root
956        shift
957        ${PROGDIR}/scripts/backend/listjails.sh $* ;;
958   
959   start) require_root
960          # Time to startup the jail
961          JAILNAME="${2}"
962
963          if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
964          if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
965          set_warden_metadir
966         
967          # Check if this jail is already running
968          ${PROGDIR}/scripts/backend/checkstatus.sh "${JAILNAME}"
969          if [ "$?" = "0" ]; then exit_err "This jail is already running!"; fi
970 
971          ${PROGDIR}/scripts/backend/startjail.sh "${JAILNAME}" 
972          ;;
973   stop)  require_root
974          # Time to stop the jail
975          JAILNAME="${2}"
976
977          if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
978          if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
979          set_warden_metadir
980         
981          ${PROGDIR}/scripts/backend/stopjail.sh "${JAILNAME}" 
982          ;;
983
984 checkup) # Log a user into chroot session
985          JAILNAME="${2}"
986
987          if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
988          if [ ! -e "${JDIR}/${JAILNAME}" -a "${JAILNAME}" != "all" ]; then exit_err "No such jail!"; fi
989
990          ${PROGDIR}/scripts/backend/checkupdates.sh "${JAILNAME}"
991          ;;
992
993
994 chroot) # Log a user into chroot session
995          JAILNAME="${2}"
996
997          if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
998          if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
999          set_warden_metadir
1000
1001          ${PROGDIR}/scripts/backend/chrootjail.sh "${JAILNAME}" "${3}"
1002          ;;
1003
1004 import) require_root
1005         # The user wants to import a jail, lets do it!
1006         NAME="$2"
1007         IFILE="$3"
1008         if [ ! -e "$IFILE" -o -z "$IFILE" ]; then exit_err "Invalid filename: ${IFILE}"; fi
1009
1010         # Parse the IP / Host flags
1011         HOST="OFF"
1012         IP4="OFF"
1013         IP6="OFF"
1014         get_ip_host_flags "$@"
1015         if [ "${IP4}" != "OFF" ] ; then
1016            IP4="${IP4}/${MASK4}"
1017         fi
1018         if [ "${IP6}" != "OFF" ] ; then
1019            IP6="${IP6}/${MASK6}"
1020         fi
1021
1022         # Import the jail now!
1023         ${PROGDIR}/scripts/backend/importjail.sh "$NAME" "$IFILE" "$HOST" "$IP4" "$IP6"
1024        ;;
1025
1026 export) require_root
1027         # The user wants to export a jail, lets do it!
1028         JAILNAME="$2"
1029         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1030         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
1031         set_warden_metadir
1032
1033         # Check if the user wants to place the file in their own DIR
1034         DIR=""
1035         for i in "$@"
1036         do
1037           echo ${i} | grep "\-\-dir=" >/dev/null 2>/dev/null
1038           if [ "$?" = "0" ]
1039           then
1040              DIR="`echo ${i} | cut -d '=' -f 2`"
1041              # Check if the directory exists
1042              if [ ! -d "${DIR}" ]; then exit_err "No such directory ${DIR}!"; fi
1043           fi
1044
1045         done
1046
1047         # Export the jail now
1048         ${PROGDIR}/scripts/backend/exportjail.sh "${JAILNAME}" "${DIR}"
1049
1050         ;;
1051
1052 snap) require_root
1053         JAILNAME="$3"
1054         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1055         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
1056         set_warden_metadir
1057
1058         # Get the sub-command here
1059         case $2 in
1060            list) ${PROGDIR}/scripts/backend/zfslistsnap.sh "${JAILNAME}" ;;
1061            make) ${PROGDIR}/scripts/backend/zfsmksnap.sh "${JAILNAME}" "$4" ;;
1062          remove) ${PROGDIR}/scripts/backend/zfsrmsnap.sh "${JAILNAME}" "$4" ;;
1063      removedate) ${PROGDIR}/scripts/backend/zfsrmsnapdate.sh "${JAILNAME}" "$4" ;;
1064          revert) ${PROGDIR}/scripts/backend/zfsrevertsnap.sh "${JAILNAME}" "$4" ;;
1065                *) help_snap ; exit 1 ;;
1066         esac
1067         ;;
1068
1069 clone) require_root
1070         JAILNAME="$2"
1071         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1072         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
1073         set_warden_metadir
1074
1075         get_ip_host_flags "$@"
1076
1077         if [ "${IP4}" != "OFF" ] ; then
1078            IP4="${IP4}/${MASK4}"
1079         fi
1080         if [ "${IP6}" != "OFF" ] ; then
1081            IP6="${IP6}/${MASK6}"
1082         fi
1083
1084         ${PROGDIR}/scripts/backend/zfsclone.sh "${JAILNAME}" "$3" "$IP4" "$IP6"
1085         ;;
1086
1087 cronsnap) require_root
1088         JAILNAME="$2"
1089         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1090         if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
1091         set_warden_metadir
1092         ${PROGDIR}/scripts/backend/zfscronsnap.sh "${JAILNAME}" "$3" "$4" "$5"
1093         ;;
1094
1095
1096 create) require_root
1097         # The user wants to create a new jail, do error checking
1098         JAILNAME="$2"
1099         if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1100         echo "$2" | grep -q '^-'
1101         if [ $? -eq 0 ] ; then
1102            exit_err "Jailname must be specified first before -- flags!"
1103         fi
1104
1105
1106         # Parse the IP flags
1107         IP4="OFF"
1108         IP6="OFF"
1109         get_ip_host_flags "$@"
1110         if [ "${IP4}" != "OFF" ] ; then
1111            IP4="${IP4}/${MASK4}"
1112         fi
1113         if [ "${IP6}" != "OFF" ] ; then
1114            IP6="${IP6}/${MASK6}"
1115         fi
1116
1117         # Set the hostname
1118         HOST="$2"
1119         export HOST
1120
1121         #Now check for the presence of the optional flags
1122         SRC="NO"
1123         SOURCE="NO"
1124         PORTS="NO"
1125         AUTOSTART="NO"
1126         VANILLA="NO"
1127         CREATEVERSION=""
1128         JAILTYPE="standard"
1129         ARCHIVE_FILE= 
1130         while [ $# -gt 0 ]; do
1131           case $1 in
1132             --src) SRC="YES" ; SOURCE="YES" ;;
1133             --ports) PORTS="YES" ;;
1134             --startauto) AUTOSTART="YES" ;;
1135             --autoipv4) AUTOIPV4="YES" ;;
1136             --vanilla) VANILLA="YES" ;;
1137             --portjail) JAILTYPE="portjail" ;;
1138             --pluginjail) JAILTYPE="pluginjail" ; VANILLA="YES" ;;
1139             --linuxjail) JAILTYPE="linuxjail" ; shift
1140                          if [ -z "$1" ] ; then exit_err "No linux setup script specified!"; fi
1141                          LINUX_JAIL_SCRIPT="$1" ; export LINUX_JAIL_SCRIPT
1142                          if [ -n "$LINUXARCHIVE_FILE" ] ; then
1143                             exit_err "--linuxjail and --linuxarchive are mutually exclusive!"
1144                          fi
1145                          ;;
1146                     -32) if [ "$REALARCH" != "amd64" ] ; then
1147                                exit_err "-32 can only be used on amd64 host"
1148                          fi
1149                          ARCH=i386
1150                          export ARCH
1151                          ;;
1152             --archive) shift
1153                          if [ -z "$1" ] ; then exit_err "No archive file specified!"; fi
1154                          ARCHIVE_FILE="$1" ; export ARCHIVE_FILE
1155                          if [ ! -e "$ARCHIVE_FILE" ] ; then
1156                             exit_err "No such file: $ARCHIVE_FILE"
1157                          fi
1158                          ;;
1159             --linuxarchive) JAILTYPE="linuxjail" ; shift
1160                          if [ -z "$1" ] ; then exit_err "No archive file specified!"; fi
1161                          LINUXARCHIVE_FILE="$1" ; export LINUXARCHIVE_FILE
1162                          if [ ! -e "$LINUXARCHIVE_FILE" ] ; then
1163                             exit_err "No such file: $LINUXARCHIVE_FILE"
1164                          fi
1165                          if [ -n "$LINUX_JAIL_SCRIPT" ] ; then
1166                             exit_err "--linuxjail and --linuxarchive are mutually exclusive!"
1167                          fi
1168                          ;;
1169             --version) shift
1170                          if [ -z "$1" ] ; then exit_err "No version string specified!"; fi
1171                          CREATEVERSION="${1}"
1172                          ;;
1173             --bulk) shift
1174                          if [ -z "$1" ] ; then exit_err "No bulk number specified!"; fi
1175                          BULKCOUNT="${1}"
1176                          ;;
1177             --ip4pool) shift
1178                          if [ -z "$1" ] ; then exit_err "No IPv4 pool specified!"; fi
1179                          IP4POOL="${1}"
1180                          ;;
1181             --template) shift
1182                          if [ -z "$1" ] ; then exit_err "No template string specified!"; fi
1183                          isDirZFS "${JDIR}"
1184                          if [ $? -eq 0 ] ; then
1185                             TDIR="${JDIR}/.warden-template-$1"
1186                          else
1187                             TDIR="${JDIR}/.warden-template-$1.tbz"
1188                          fi
1189                          if [ ! -e "$TDIR" ] ; then
1190                             exit_err "Invalid template specified: $1"
1191                          fi
1192                          TEMPLATE="${1}"
1193                          ;;
1194           esac
1195           shift
1196         done
1197
1198         #
1199         # Redonkulous number of parameters that exceeds 9,
1200         # export into environment
1201         #
1202         export SRC SOURCE PORTS AUTOSTART JAILTYPE ARCHIVE_FILE CREATEVERSION VANILLA TEMPLATE
1203
1204         # Are we doing bulk creation?
1205         if [ -n "$BULKCOUNT" ] ; then
1206           if [ ! $(is_num "$BULKCOUNT") ] ; then exit_err "Invalid bulk number"; fi
1207
1208           # Set the IP pool to use
1209           if [ -z "$IP4POOL" ] ; then IP4POOL="$DEFAULT_IP4POOL"; fi
1210           if [ -z "$IP4POOL" ] ; then
1211              exit_err "No IPv4 pool specified! Use --ipv4pool or setup IP4POOL: in warden.conf"
1212           fi
1213           curNum="`echo $IP4POOL | cut -d '.' -f 4`"
1214           baseIP="`echo $IP4POOL | cut -d '.' -f 1-3`"
1215           if [ ! $(is_num "$curNum") ] ; then exit_err "Invalid IPv4 pool number"; fi
1216
1217           num=0
1218           while :
1219           do
1220             # Is this host / jail directory available?
1221             if [ -e "${JDIR}/${JAILNAME}${curNum}" ] ; then
1222                curNum=`expr $curNum + 1`
1223                continue
1224             fi
1225
1226             # Now check if this IP address is available
1227             ipConflict=0
1228             for i in `ls -d ${JDIR}/.*.meta 2>/dev/null`
1229             do
1230                if [ ! -e "${i}/ipv4" ] ; then continue ; fi
1231                if [ "`cat ${i}/ipv4`" = "${baseIP}.${curNum}/24" ] ; then
1232                   ipConflict=1 ; break
1233                fi
1234             done
1235             if [ $ipConflict -eq 1 ] ; then
1236                curNum=`expr $curNum + 1`
1237                continue
1238             fi
1239
1240             IP="${baseIP}.${curNum}/24" ; export IP
1241
1242             # Passed all tests, create the jail now
1243             echo "Creating BULK jail: ${JAILNAME}${curNum} - ${IP}"
1244             ${PROGDIR}/scripts/backend/createjail.sh "${JAILNAME}${curNum}"
1245             if [ $? -ne 0 ] ; then
1246                exit 1
1247             fi
1248             echo ""
1249
1250             num=`expr $num + 1`
1251             if [ $num -ge $BULKCOUNT ] ; then break ; fi
1252           done
1253
1254         else
1255
1256           # Check to ensure this jail does not already exist
1257           if [ -e "${JDIR}/${JAILNAME}" ]; then exit_err "A jail with this name already exists!"; fi
1258
1259           if [ -n "$AUTOIPV4" ] ; then
1260             # Get the pool addresses loaded
1261             if [ -z "$IP4POOL" ] ; then IP4POOL="$DEFAULT_IP4POOL"; fi
1262             curNum="`echo $IP4POOL | cut -d '.' -f 4`"
1263             baseIP="`echo $IP4POOL | cut -d '.' -f 1-3`"
1264             if [ ! $(is_num "$curNum") ] ; then exit_err "Invalid IPv4 pool number"; fi
1265
1266             # Get the next available IPv4 Address in this pool
1267             while :
1268             do
1269               ipConflict=0
1270               for i in `ls -d ${JDIR}/.*.meta 2>/dev/null`
1271               do
1272                if [ ! -e "${i}/ipv4" ] ; then continue ; fi
1273                if [ "`cat ${i}/ipv4`" = "${baseIP}.${curNum}/24" ] ; then
1274                   ipConflict=1 ; break
1275                fi
1276               done
1277               if [ $ipConflict -eq 0 ] ; then break; fi
1278               curNum=`expr $curNum + 1`
1279             done
1280
1281             # Set the next IP address
1282             IP4="${baseIP}.${curNum}/24"
1283           fi
1284
1285           export IP4 IP6
1286
1287           # Passed all tests, create the jail now
1288           ${PROGDIR}/scripts/backend/createjail.sh "${JAILNAME}"
1289           exit $?
1290         fi
1291
1292        ;;
1293  delete|destroy) require_root
1294          # Time to delete a jail
1295          JAILNAME="${2}"
1296
1297          if [ -z "${JAILNAME}" ]; then exit_err "No jail specified!"; fi
1298          if [ ! -e "${JDIR}/${JAILNAME}" ]; then exit_err "No such jail!"; fi
1299          set_warden_metadir
1300
1301          if [ "$3" != "--confirm" ]
1302          then
1303            echo "Are you sure you want to delete ${JAILNAME}?"
1304            echo -e "Choice: (y/n)\c"
1305            read confirm
1306            if [ "$confirm" != "y" ]; then exit_err "Canceled!"; fi
1307          fi
1308
1309          # Check if this jail is running
1310          ${PROGDIR}/scripts/backend/checkstatus.sh "${JAILNAME}"
1311          if [ "$?" = "0" ] ; then
1312            ${PROGDIR}/scripts/backend/stopjail.sh "${JAILNAME}"
1313          fi
1314
1315          # Check if this jail is STILL running
1316          ${PROGDIR}/scripts/backend/checkstatus.sh "${JAILNAME}"
1317          if [ "$?" = "0" ] ; then exit_err "Jail still is running or has leftovers.."; fi
1318
1319          # Delete it now
1320          ${PROGDIR}/scripts/backend/deletejail.sh "${JAILNAME}"
1321        ;;
1322   *) help_main ;;
1323esac
1324
1325
1326exit 0
Note: See TracBrowser for help on using the repository browser.