source: src-sh/warden/scripts/backend/functions.sh @ acdf89b

9.1-release9.2-releasereleng/10.0releng/10.0.1releng/10.0.2
Last change on this file since acdf89b was 1620346, checked in by Kris Moore <kris@…>, 15 months ago

Initial import of PC-BSD /current/ SVN repo

  • Property mode set to 100755
File size: 23.5 KB
RevLine 
[1620346]1#!/bin/sh
2# Functions / variables for warden
3######################################################################
4# DO NOT EDIT
5
6# Source local functions
7. /usr/local/share/pcbsd/scripts/functions.sh
8
9# Installation directory
10PROGDIR="/usr/local/share/warden"
11
12# Jail location
13JDIR="$(grep ^JDIR: /usr/local/etc/warden.conf | cut -d' ' -f2)"
14export JDIR
15
16# Set arch type
17REALARCH=`uname -m`
18export REALARCH
19if [ -z "$ARCH" ] ; then
20  ARCH="$REALARCH"
21  export ARCH
22fi
23
24# Location of pcbsd.conf file
25PCBSD_ETCCONF="/usr/local/etc/pcbsd.conf"
26
27# Network interface to use
28NIC="$(grep ^NIC: /usr/local/etc/warden.conf | cut -d' ' -f2)"
29export NIC
30
31# Tmp directory
32WTMP="$(grep ^WTMP: /usr/local/etc/warden.conf | cut -d' ' -f2)"
33export WTMP
34
35# FreeBSD release
36FREEBSD_RELEASE="$(grep ^FREEBSD_RELEASE: /usr/local/etc/warden.conf | cut -d' ' -f2)"
37if [ -z "${FREEBSD_RELEASE}" ] ; then
38  FREEBSD_RELEASE="$(uname -r)"
39fi
40export UNAME_r="${FREEBSD_RELEASE}"
41
42# Temp file for dialog responses
43ATMP="/tmp/.wans"
44export ATMP
45
46# Warden Version
47WARDENVER="1.3"
48export WARDENVER
49
50# Dirs to nullfs mount in X jail
51NULLFS_MOUNTS="/tmp /media /usr/home"
52
53# Clone directory
54CDIR="${JDIR}/clones"
55
56downloadpluginjail() {
57  local _ver="${1}"
58
59  SYSVER=`echo "${_ver}" | sed -E 's|^FreeNAS-(([0-9]+\.){2}[0-9]+).*|\1|'`
60  SYSREL=`echo "${_ver}" | sed -E 's|^FreeNAS-([0-9]+\.){2}[0-9]+-([a-zA-Z0-9]+)-.*|\2|'`
61  SYSARCH=`echo "${_ver}" | sed -E 's#^(.*)(x86|x64)#\2#'`
62
63  SF="http://downloads.sourceforge.net/project/freenas"
64  URL="${SF}/FreeNAS-${SYSVER}/${SYSREL}/${SYSARCH}/plugins"
65
66  PJAIL="FreeNAS-${SYSVER}-${SYSREL}-${SYSARCH}.Plugins_Jail.pbi"
67  PJAILSHA256="${PJAIL}.sha256"
68
69  if [ ! -d "${JDIR}" ] ; then mkdir -p "${JDIR}" ; fi
70  cd ${JDIR}
71
72  echo "Fetching jail environment. This may take a while..."
73
74  if [ ! -e "${PJAIL}" ] ; then
75     echo "Downloading ${URL}/${PJAIL} ..."
76     get_file "${URL}/${PJAIL}" "${PJAIL}" 3
77     [ $? -ne 0 ] && printerror "Error while downloading the pluginjail."
78  fi
79
80  if [ ! -e "${PJAILSHA256}" ] ; then
81     echo "Downloading ${URL}/${PJAILSHA256} ..."
82     get_file "${URL}/${PJAILSHA256}" "${PJAILSHA256}" 3
83     [ $? -ne 0 ] && printerror "Error while downloading the pluginjail sha256."
84  fi
85
86  [ "$(sha256 -q ${PJAIL})" != "$(cat ${PJAILSHA256})" ] &&
87    printerror "Error in download data, checksum mismatch. Please try again later."
88
89  # Creating ZFS dataset?
90  isDirZFS "${JDIR}"
91  if [ $? -eq 0 ] ; then
92    local zfsp=`getZFSRelativePath "${WORLDCHROOT}"`
93
94    # Use ZFS base for cloning
95    echo "Creating ZFS ${WORLDCHROOT} dataset..."
96    tank=`getZFSTank "${JDIR}"`
97    isDirZFS "${WORLDCHROOT}" "1"
98    if [ $? -ne 0 ] ; then
99       zfs create -o mountpoint=/${tank}${zfsp} -p ${tank}${zfsp}
100       if [ $? -ne 0 ] ; then exit_err "Failed creating ZFS base dataset"; fi
101       mkdir -p "${WORLDCHROOT}/.plugins" >/dev/null 2>&1
102    fi
103
104    pbi_add -e --no-checksig -p ${WORLDCHROOT} ${PJAIL}
105    if [ $? -ne 0 ] ; then exit_err "Failed extracting ZFS chroot environment"; fi
106
107    zfs snapshot ${tank}${zfsp}@clean
108    if [ $? -ne 0 ] ; then exit_err "Failed creating clean ZFS base snapshot"; fi
109    rm ${PJAIL}
110  else
111    # Save the chroot tarball
112    mv ${PJAIL} ${WORLDCHROOT}
113  fi
114  rm ${PJAILSHA256}
115};
116
117### Download the chroot
118downloadchroot() {
119  local CHROOT="${1}"
120
121  # XXX If this is PCBSD, pbreg get /PC-BSD/Version
122  SYSVER="$(echo "$(uname -r)" | cut -f1 -d'-')"
123  FBSD_TARBALL="fbsd-release.txz"
124  FBSD_TARBALL_CKSUM="${FBSD_TARBALL}.md5"
125
126  # Set the mirror URL, may be overridden by setting MIRRORURL environment variable
127  if [ -z "${MIRRORURL}" ]; then
128    get_mirror
129    MIRRORURL="$VAL"
130  fi
131
132  if [ ! -d "${JDIR}" ] ; then mkdir -p "${JDIR}" ; fi
133  cd ${JDIR}
134
135  echo "Fetching jail environment. This may take a while..."
136  echo "Downloading ${MIRRORURL}/${SYSVER}/${ARCH}/netinstall/${FBSD_TARBALL} ..."
137
138  if [ ! -e "$FBSD_TARBALL" ] ; then
139     get_file "${MIRRORURL}/${SYSVER}/${ARCH}/netinstall/${FBSD_TARBALL}" "$FBSD_TARBALL" 3
140     [ $? -ne 0 ] && printerror "Error while downloading the portsjail."
141  fi
142
143  if [ ! -e "$FBSD_TARBALL_CKSUM" ] ; then
144     get_file "${MIRRORURL}/${SYSVER}/${ARCH}/netinstall/${FBSD_TARBALL_CKSUM}" "$FBSD_TARBALL_CKSUM" 3
145     [ $? -ne 0 ] && printerror "Error while downloading the portsjail."
146  fi
147
148  [ "$(md5 -q ${FBSD_TARBALL})" != "$(cat ${FBSD_TARBALL_CKSUM})" ] &&
149    printerror "Error in download data, checksum mismatch. Please try again later."
150
151  # Creating ZFS dataset?
152  isDirZFS "${JDIR}"
153  if [ $? -eq 0 ] ; then
154    local zfsp=`getZFSRelativePath "${CHROOT}"`
155
156    # Use ZFS base for cloning
157    echo "Creating ZFS ${CHROOT} dataset..."
158    tank=`getZFSTank "${JDIR}"`
159    isDirZFS "${CHROOT}" "1"
160    if [ $? -ne 0 ] ; then
161       zfs create -o mountpoint=/${tank}${zfsp} -p ${tank}${zfsp}
162       if [ $? -ne 0 ] ; then exit_err "Failed creating ZFS base dataset"; fi
163    fi
164
165    tar xvpf ${FBSD_TARBALL} -C ${CHROOT} 2>/dev/null
166    if [ $? -ne 0 ] ; then exit_err "Failed extracting ZFS chroot environment"; fi
167
168    zfs snapshot ${tank}${zfsp}@clean
169    if [ $? -ne 0 ] ; then exit_err "Failed creating clean ZFS base snapshot"; fi
170    rm ${FBSD_TARBALL}
171  else
172    # Save the chroot tarball
173    mv ${FBSD_TARBALL} ${CHROOT}
174  fi
175  rm ${FBSD_TARBALL_CKSUM}
176};
177
178
179### Mount all needed filesystems for the jail
180mountjailxfs() {
181  for nullfs_mount in ${NULLFS_MOUNTS}; do
182    if [ ! -d "${JDIR}/${1}${nullfs_mount}" ] ; then
183      mkdir -p "${JDIR}/${1}${nullfs_mount}"
184    fi
185    if is_symlinked_mountpoint ${nullfs_mount}; then
186      echo "${nullfs_mount} has symlink as parent, not mounting"
187      continue
188    fi
189
190    echo "Mounting ${JDIR}/${1}${nullfs_mount}"
191    mount_nullfs ${nullfs_mount} ${JDIR}/${1}${nullfs_mount}
192  done
193
194  # Add support for linprocfs for ports that need linprocfs to build/run
195  if [  ! -d "${JDIR}/${1}/compat/linux/proc" ]; then
196    mkdir -p ${JDIR}/${1}/compat/linux/proc
197  fi
198  if is_symlinked_mountpoint ${JDIR}/${1}/compat/linux/proc; then
199    echo "${JDIR}/${1}/compat/linux/proc has symlink as parent, not mounting"
200    return
201  fi
202  echo "Enabling linprocfs support."
203  mount -t linprocfs linprocfs ${JDIR}/${1}/compat/linux/proc
204}
205
206### Umount all the jail's filesystems
207umountjailxfs() {
208  status="0"
209  # Umount all filesystems that are mounted into the portsjail
210  for mountpoint in $(mount | grep ${JDIR}/${1}/ | cut -d" " -f3); do
211    if [ "$mountpoint" = "${JDIR}/${1}/dev" ] ; then continue ; fi
212    if [ "$mountpoint" = "${JDIR}/${1}/" ] ; then continue ; fi
213    if [ "$mountpoint" = "${JDIR}/${1}" ] ; then continue ; fi
214    echo "Unmounting $mountpoint"
215    umount -f ${mountpoint}
216    if [ $? -ne 0 ] ; then status="1" ; fi
217  done
218  # Now try to umount /dev
219  umount -f ${JDIR}/${1}/dev 2>/dev/null >/dev/null
220  return $status
221}
222
223# Check if PBI scripts are loaded in jail
224checkpbiscripts() {
225  if [ -z "${1}" ] ; then return ; fi
226  if [ ! -e "${1}/usr/local/sbin/pbi_info" ] ; then
227    copypbiscripts "${1}"
228  elif [ "`ls -l /usr/local/sbin/pbi_info | awk '{print $5}'`" != "`ls -l ${1}/usr/local/sbin/pbi_info | awk '{print $5}'`" ] ; then
229    copypbiscripts "${1}"
230  fi
231}
232
233# Copy PBI scripts to jail
234copypbiscripts() {
235  if [ -z "${1}" ] ; then return ; fi
236  mkdir -p ${1}/usr/local/sbin >/dev/null 2>/dev/null
237  cp /usr/local/sbin/pbi* ${1}/usr/local/sbin/
238  chmod 755 ${1}/usr/local/sbin/pbi*
239
240  # Copy rc.d pbid script
241  mkdir -p ${1}/usr/local/etc/rc.d >/dev/null 2>/dev/null
242  cp /usr/local/etc/rc.d/pbid ${1}/usr/local/etc/rc.d/
243
244  # Copy any PBI manpages
245  for man in `find /usr/local/man | grep pbi`
246  do
247    if [ ! -d "${1}`dirname $man`" ] ; then
248      mkdir -p "${1}`dirname $man`"
249    fi
250    cp "${man}" "${1}${man}"
251  done
252}
253
254mkportjail() {
255  if [ -z "${1}" ] ; then return ; fi
256  ETCFILES="resolv.conf passwd master.passwd spwd.db pwd.db group localtime"
257  for file in ${ETCFILES}; do
258    rm ${1}/etc/${file} >/dev/null 2>&1
259    cp /etc/${file} ${1}/etc/${file}
260  done
261 
262  # Need to symlink /home
263  chroot ${1} ln -fs /usr/home /home
264
265  # Make sure we remove our cleartmp rc.d script, causes issues
266  [ -e "${1}/etc/rc.d/cleartmp" ] && rm ${1}/etc/rc.d/cleartmp
267  # Flag this type
268  touch ${JMETADIR}/jail-portjail
269}
270
271mkpluginjail() {
272  if [ -z "${1}" ] ; then return ; fi
273  ETCFILES="resolv.conf passwd master.passwd spwd.db pwd.db group localtime"
274  for file in ${ETCFILES}; do
275    rm ${1}/etc/${file} >/dev/null 2>&1
276    cp /etc/${file} ${1}/etc/${file}
277  done
278 
279  # Need to symlink /home
280  chroot ${1} ln -fs /usr/home /home
281
282  # Make sure we remove our cleartmp rc.d script, causes issues
283  [ -e "${1}/etc/rc.d/cleartmp" ] && rm ${1}/etc/rc.d/cleartmp
284  # Flag this type
285  touch ${JMETADIR}/jail-pluginjail
286}
287
288mkZFSSnap() {
289  isDirZFS "${1}" "1"
290  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
291  tank=`getZFSTank "$1"`
292  rp=`getZFSRelativePath "$1"`
293  zdate=`date +%Y-%m-%d-%H-%M-%S`
294  zfs snapshot $tank${rp}@$zdate
295}
296
297listZFSSnap() {
298  isDirZFS "${1}" "1"
299  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
300  tank=`getZFSTank "$1"`
301  rp=`getZFSRelativePath "$1"`
302  zfs list -t snapshot | grep -w "^${tank}${rp}" | cut -d '@' -f 2 | awk '{print $1}'
303}
304
305listZFSClone() {
306  isDirZFS "${1}" "1"
307  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
308  tank=`getZFSTank "$1"`
309  cdir=`getZFSRelativePath "${CDIR}"` 
310  echo "Clone Directory: ${CDIR}"
311  echo "-----------------------------------"
312  zfs list | grep -w "^${tank}${cdir}/${2}" | awk '{print $5}' | sed "s|${CDIR}/${2}-||g"
313}
314
315rmZFSClone() {
316  CLONEDIR="${CDIR}/${3}-${2}"
317  isDirZFS "${CLONEDIR}" "1"
318  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${CLONEDIR}" ; fi
319  tank=`getZFSTank "${CLONEDIR}"`
320  rp=`getZFSRelativePath "${CLONEDIR}"`
321  zfs destroy ${tank}${rp}
322}
323
324rmZFSSnap() {
325  isDirZFS "${1}" "1"
326  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
327  tank=`getZFSTank "$1"`
328  rp=`getZFSRelativePath "$1"`
329  zfs destroy $tank${rp}@$2
330}
331
332revertZFSSnap() {
333  isDirZFS "${1}" "1"
334  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
335  tank=`getZFSTank "$1"`
336  rp=`getZFSRelativePath "$1"`
337
338  # Make sure this is a valid snapshot
339  zfs list -t snapshot | grep -w "^${tank}${rp}" | cut -d '@' -f 2 | awk '{print $1}' | grep -q ${2}
340  if [ $? -ne 0 ] ; then printerror "Invalid ZFS snapshot!" ; fi
341
342  # Check if the jail is running first
343  ${PROGDIR}/scripts/backend/checkstatus.sh "${3}"
344  if [ "$?" = "0" ]; then
345    restartJail="YES"
346    # Make sure the jail is stopped
347    ${PROGDIR}/scripts/backend/stopjail.sh "${3}"
348    ${PROGDIR}/scripts/backend/checkstatus.sh "${3}"
349    if [ "$?" = "0" ]; then
350      printerror "Could not stop jail... Halting..."
351    fi
352  fi
353
354  # Rollback the snapshot
355  zfs rollback -R -f ${tank}${rp}@$2
356
357  # If it was started, restart the jail now
358  if [ "$restartJail" = "YES" ]; then
359    ${PROGDIR}/scripts/backend/startjail.sh "${3}"
360  fi
361 
362}
363
364cloneZFSSnap() {
365  isDirZFS "${1}" "1"
366  if [ $? -ne 0 ] ; then printerror "Not a ZFS volume: ${1}" ; fi
367  tank=`getZFSTank "$1"`
368  rp=`getZFSRelativePath "$1"`
369  cdir=`getZFSRelativePath "${CDIR}"`
370
371  # Make sure this is a valid snapshot
372  zfs list -t snapshot | grep -w "^${tank}${rp}" | cut -d '@' -f 2 | awk '{print $1}' | grep -q ${2}
373  if [ $? -ne 0 ] ; then printerror "Invalid ZFS snapshot!" ; fi
374
375  if [ -d "${CDIR}/${3}-${2}" ] ; then
376     printerror "This snapshot is already cloned and mounted at: ${CDIR}/${3}-${2}"
377  fi
378
379  # Clone the snapshot
380  zfs clone -p ${tank}${rp}@$2 ${tank}${cdir}/${3}-${2}
381
382  echo "Snapshot cloned and mounted to: ${CDIR}/${3}-${2}"
383}
384
385set_warden_metadir()
386{
387   JMETADIR="${JDIR}/.${JAILNAME}.meta"
388   export JMETADIR
389}
390
391get_ip_and_netmask()
392{
393   JIP=`echo "${1}" | cut -f1 -d'/'`
394   JMASK=`echo "${1}" | cut -f2 -d'/' -s`
395}
396
397get_interface_addresses()
398{
399   ifconfig ${1} | grep -w inet | awk '{ print $2 }'
400}
401
402get_interface_ipv4_addresses()
403{
404   ifconfig ${1} | grep -w inet | awk '{ print $2 }'
405}
406
407get_interface_ipv6_addresses()
408{
409   ifconfig ${1} | grep -w inet6 | awk '{ print $2 }'
410}
411
412get_interface_address()
413{
414   ifconfig ${1} | grep -w inet | head -1 | awk '{ print $2 }'
415}
416
417get_interface_ipv4_address()
418{
419   ifconfig ${1} | grep -w inet | head -1 | awk '{ print $2 }'
420}
421
422get_interface_ipv6_address()
423{
424   ifconfig ${1} | grep -w inet6 | head -1 | awk '{ print $2 }'
425}
426
427get_interface_aliases()
428{
429   local _count
430
431   _count=`ifconfig ${1} | grep -w inet | wc -l`
432   _count="$(echo "${_count} - 1" | bc)"
433
434   ifconfig ${1} | grep -w inet | tail -${_count} | awk '{ print $2 }'
435}
436
437get_interface_ipv4_aliases()
438{
439   local _count
440
441   _count=`ifconfig ${1} | grep -w inet | wc -l`
442   _count="$(echo "${_count} - 1" | bc)"
443
444   ifconfig ${1} | grep -w inet | tail -${_count} | awk '{ print $2 }'
445}
446
447get_interface_ipv6_aliases()
448{
449   local _count
450
451   _count=`ifconfig ${1} | grep -w inet | wc -l`
452   _count="$(echo "${_count} - 1" | bc)"
453
454   ifconfig ${1} | grep -w inet6 | tail -${_count} | awk '{ print $2 }'
455}
456
457get_default_route()
458{
459   netstat -f inet -nr | grep '^default' | awk '{ print $2 }'
460}
461
462get_default_interface()
463{
464   netstat -f inet -nrW | grep '^default' | awk '{ print $7 }'
465}
466
467get_bridge_interfaces()
468{
469   ifconfig -a | grep -E '^bridge[0-9]+' | cut -f1 -d:
470}
471
472get_bridge_members()
473{
474   ifconfig ${1} | grep -w member | awk '{ print $2 }'
475}
476
477get_bridge_interface_by_ipv4_network()
478{
479   local network="${1}"
480   local bridges="$(get_bridge_interfaces)"
481
482   if [ -z "${network}" ]
483   then
484      return 1
485   fi
486
487   for _bridge in ${bridges}
488   do
489      local ips="$(get_interface_ipv4_aliases "${_bridge}")"
490      for _ip in ${ips}
491      do
492         if in_ipv4_network "${_ip}" "${network}"
493         then
494            echo "${_bridge}"
495            return 0
496         fi
497      done
498   done
499
500   return 1
501}
502
503get_bridge_interface_by_ipv6_network()
504{
505   local network="${1}"
506   local bridges="$(get_bridge_interfaces)"
507
508   if [ -z "${network}" ]
509   then
510      return 1
511   fi
512
513   for _bridge in ${bridges}
514   do
515      local ips="$(get_interface_ipv6_aliases "${_bridge}")"
516      for _ip in ${ips}
517      do
518         if in_ipv6_network "${_ip}" "${network}"
519         then
520            echo "${_bridge}"
521            return 0
522         fi
523      done
524   done
525
526   return 1
527}
528
529is_bridge_member()
530{
531   local _bridge="${1}"
532   local _iface="${2}"
533
534   for _member in `get_bridge_members ${_bridge}`
535   do
536      if [ "${_member}" = "${_iface}" ] ; then
537         return 0
538      fi
539   done
540
541   return 1
542}
543
544jail_interfaces_down()
545{
546   local _jid="${1}"
547   local _bridgeif
548   local _epaira
549   local _epairb
550
551   _epairb=`jexec ${_jid} ifconfig -a | grep '^epair' | cut -f1 -d:`
552   if [ -n "${_epairb}" ] ; then
553      _epaira=`echo ${_epairb} | sed -E 's|b$|a|'`
554      _bridgeif=
555
556      for _bridge in `ifconfig -a | grep -E '^bridge[0-9]+' | cut -f1 -d:`
557      do
558         for _member in `ifconfig ${_bridge} | grep member | awk '{ print $2 }'`
559         do
560            if [ "${_member}" = "${_epaira}" ] ; then
561               _bridgeif="${_bridge}"
562                break
563            fi
564         done
565         if [ -n "${_bridgeif}" ] ; then
566            break
567         fi
568      done
569
570      jexec ${_jid} ifconfig ${_epairb} down
571      ifconfig ${_epaira} down
572      ifconfig ${_epaira} destroy
573      _count=`ifconfig ${_bridgeif} | grep member | awk '{ print $2 }' | wc -l`
574      if [ "${_count}" -le "1" ] ; then
575         ifconfig ${_bridgeif} destroy
576      fi
577   fi
578}
579
580enable_cron()
581{
582   cronscript="${PROGDIR}/scripts/backend/cronsnap.sh"
583   grep -q "${cronscript}" /etc/crontab
584   if [ $? -eq 0 ] ; then return 0 ; fi
585   echo "2     *        *       *       *        root    ${cronscript}" >> /etc/crontab
586   # Restart cron
587   /etc/rc.d/cron restart >/dev/null 2>/dev/null
588}
589
590fix_old_meta()
591{
592   for i in `ls -d ${JDIR}/.*.meta 2>/dev/null`
593   do
594      if [ -e "${i}/xjail" ] ; then
595         touch ${i}/jail-portjail 2>/dev/null
596      fi
597      if [ -e "${i}/linuxjail" ] ; then
598         touch ${i}/jail-linux 2>/dev/null
599      fi
600   done
601}
602
603is_ipv4()
604{
605   local addr="${1}"
606   local res=1
607
608   local ipv4="$(/usr/local/bin/sipcalc "${addr}"|head -1|cut -f2 -d'['|awk '{ print $1 }')"
609   if [ "${ipv4}" = "ipv4" ]
610   then
611      res=0
612   fi
613
614   return ${res}
615}
616
617is_ipv6()
618{
619   local addr="${1}"
620   local res=1
621
622   local ipv6="$(/usr/local/bin/sipcalc "${addr}"|head -1|cut -f2 -d'['|awk '{ print $1 }')"
623   if [ "${ipv6}" = "ipv6" ]
624   then
625      res=0
626   fi
627
628   return ${res}
629}
630
631in_ipv4_network()
632{
633   local addr="${1}"
634   local network="${2}"
635   local res=1
636
637   local start="$(/usr/local/bin/sipcalc "${network}"|awk '/^Usable/ { print $4 }')"
638   local end="$(/usr/local/bin/sipcalc "${network}"|awk '/^Usable/ { print $6 }')"
639
640   local iaddr="$(/usr/local/bin/sipcalc "${addr}"|awk '/(decimal)/ { print $5 }')"
641   local istart="$(/usr/local/bin/sipcalc "${start}"|awk '/(decimal)/ { print $5 }')"
642   local iend="$(/usr/local/bin/sipcalc "${end}"|awk '/(decimal)/ { print $5 }')"
643
644   if [ "${iaddr}" -ge "${istart}" -a "${iaddr}" -le "${iend}" ]
645   then
646      res=0
647   fi
648
649   return ${res}
650}
651
652ipv6_to_binary()
653{
654   echo ${1}|awk '{
655      split($1, octets, ":");
656      olen = length(octets);
657               
658      bnum = "";
659      for (i = 1;i <= olen;i++) {
660         tbnum = "";
661         dnum = int(sprintf("0x%s", octets[i]));
662         for (;;) {
663            rem = int(dnum % 2);
664            if (rem == 0)
665               tbnum = sprintf("0%s", tbnum);
666            else               
667               tbnum = sprintf("1%s", tbnum);
668            dnum /= 2;
669            if (dnum < 1)
670               break;
671         }
672         bnum = sprintf("%s%016s", bnum, tbnum);
673      }
674      printf("%s", bnum);
675   }'
676}
677
678in_ipv6_network()
679{
680   local addr="${1}"
681   local network="${2}"
682   local mask="$(echo "${network}"|cut -f2 -d'/' -s)"
683   local res=1
684
685   local addr="$(/usr/local/bin/sipcalc "${addr}"|awk \
686      '/^Expanded/ { print $4}')"
687   local start="$(/usr/local/bin/sipcalc "${network}"|egrep \
688      '^Network range'|awk '{ print $4 }')"
689
690   local baddr="$(ipv6_to_binary "${addr}")"
691   local bstart="$(ipv6_to_binary "${start}")"
692
693   local baddrnet="$(echo "${baddr}"|awk -v mask="${mask}" \
694      '{ s = substr($0, 1, mask); printf("%s", s); }')"
695   local bstartnet="$(echo "${bstart}"|awk -v mask="${mask}" \
696      '{ s = substr($0, 1, mask); printf("%s", s); }')"
697
698   if [ "${baddrnet}" = "${bstartnet}" ]
699   then
700      res=0
701   fi
702
703   return ${res}
704}
705
706install_pc_extractoverlay()
707{
708  if [ -z "${1}" ] ; then
709    return 1
710  fi
711
712  mkdir -p ${1}/usr/local/bin
713  mkdir -p ${1}/usr/local/share/pcbsd/conf
714  mkdir -p ${1}/usr/local/share/pcbsd/distfiles
715
716  cp /usr/local/bin/pc-extractoverlay ${1}/usr/local/bin/
717  chmod 755 ${1}/usr/local/bin/pc-extractoverlay
718
719  cp /usr/local/share/pcbsd/conf/server-excludes \
720    ${1}/usr/local/share/pcbsd/conf
721  cp /usr/local/share/pcbsd/distfiles/server-overlay.txz \
722    ${1}/usr/local/share/pcbsd/distfiles
723
724  return 0
725}
726
727make_bootstrap_pkgng_file_standard()
728{
729  local jaildir="${1}"
730  local outfile="${2}"
731
732  local release="$(uname -r)"
733  local arch="$(uname -m)"
734
735  get_mirror
736  local mirror="${VAL}"
737
738cat<<__EOF__>"${outfile}"
739#!/bin/sh
740tar xvf pkg.txz --exclude +MANIFEST --exclude +MTREE_DIRS 2>/dev/null
741pkg add pkg.txz
742rm pkg.txz
743
744echo "packagesite: ${mirror}/packages/${release}/${arch}" >/usr/local/etc/pkg.conf
745echo "HTTP_MIRROR: http" >>/usr/local/etc/pkg.conf
746echo "PUBKEY: /usr/local/etc/pkg-pubkey.cert" >>/usr/local/etc/pkg.conf
747echo "PKG_CACHEDIR: /usr/local/tmp" >>/usr/local/etc/pkg.conf
748pkg install -y pcbsd-utils
749exit $?
750__EOF__
751}
752
753make_bootstrap_pkgng_file_pluginjail()
754{
755
756  local jaildir="${1}"
757  local outfile="${2}"
758
759  local release="$(uname -r)"
760  local arch="$(uname -m)"
761
762  get_mirror
763  local mirror="${VAL}"
764
765  cp /usr/local/share/warden/pluginjail-packages "${jaildir}/pluginjail-packages"
766
767cat<<__EOF__>"${outfile}"
768#!/bin/sh
769tar xvf pkg.txz --exclude +MANIFEST --exclude +MTREE_DIRS 2>/dev/null
770pkg add pkg.txz
771rm pkg.txz
772
773mount -t devfs devfs /dev
774
775echo "packagesite: ${mirror}/packages/${release}/${arch}" >/usr/local/etc/pkg.conf
776echo "HTTP_MIRROR: http" >>/usr/local/etc/pkg.conf
777echo "PUBKEY: /usr/local/etc/pkg-pubkey.cert" >>/usr/local/etc/pkg.conf
778echo "PKG_CACHEDIR: /usr/local/tmp" >>/usr/local/etc/pkg.conf
779pkg install -y pcbsd-utils
780__EOF__
781
782echo '
783i=0
784count=`wc -l /pluginjail-packages| awk "{ print $1 }"`
785for p in `cat /pluginjail-packages`
786do
787  pkg install -y ${p}
788  : $(( i += 1 ))
789done
790
791umount devfs
792exit $?
793' >> "${outfile}"
794}
795
796
797bootstrap_pkgng()
798{
799  local jaildir="${1}"
800  local jailtype="${2}"
801  if [ -z "${jailtype}" ] ; then
802    jailtype="standard"
803  fi
804  local release="$(uname -r)"
805  local arch="$(uname -m)"
806
807  local ffunc="make_bootstrap_pkgng_file_standard"
808  if [ "${jailtype}" = "pluginjail" ] ; then
809    ffunc="make_bootstrap_pkgng_file_pluginjail"
810  fi
811
812  cd ${jaildir} 
813  echo "Boot-strapping pkgng"
814
815  mkdir -p ${jaildir}/usr/local/etc
816  pubcert="/usr/local/etc/pkg-pubkey.cert"
817
818  cp "${pubcert}" ${jaildir}/usr/local/etc
819  install_pc_extractoverlay "${jaildir}"
820
821  ${ffunc} "${jaildir}" "${jaildir}/bootstrap-pkgng"
822  chmod 755 "${jaildir}/bootstrap-pkgng"
823
824  if [ -e "pkg.txz" ] ; then rm pkg.txz ; fi
825  get_file_from_mirrors "/packages/${release}/${arch}/Latest/pkg.txz" "pkg.txz"
826  if [ $? -eq 0 ] ; then
827    chroot ${jaildir} /bootstrap-pkgng
828    if [ $? -eq 0 ] ; then
829      rm -f "${jaildir}/bootstrap-pkgng"
830      rm -f "${jaildir}/pluginjail-packages"
831      chroot ${jaildir} pc-extractoverlay server --sysinit
832      return 0
833    fi
834  fi
835
836  echo "Failed boot-strapping PKGNG, most likely cause is internet connection failure."
837  rm -f "${jaildir}/bootstrap-pkgng"
838  rm -f "${jaildir}/pluginjail-packages"
839  return 1
840}
841
842ipv4_configured()
843{
844   local iface="${1}"
845   local jid="${2}"
846   local jexec=
847
848   if [ -n "${jid}" ] ; then
849      jexec="jexec ${jid}"
850   fi
851
852   ${jexec} ifconfig "${iface}" | grep -qw inet 2>/dev/null
853   return $?
854}
855
856ipv4_address_configured()
857{
858   local iface="${1}"
859   local addr="${2}"
860   local jid="${3}"
861   local jexec= 
862
863   addr="$(echo ${addr}|cut -f1 -d'/')"
864
865   if [ -n "${jid}" ] ; then
866      jexec="jexec ${jid}"
867   fi
868
869   ${jexec} ifconfig "${iface}" | \
870      grep -w inet | \
871      awk '{ print $2 }' | \
872      grep -Ew "^${addr}" >/dev/null 2>&1
873   return $?
874}
875
876ipv6_configured()
877{
878   local iface="${1}"
879   local jid="${2}"
880   local jexec=
881
882   if [ -n "${jid}" ] ; then
883      jexec="jexec ${jid}"
884   fi
885
886   ${jexec} ifconfig "${iface}" | grep -qw inet6 2>/dev/null
887   return $?
888}
889
890ipv6_address_configured()
891{
892   local iface="${1}"
893   local addr="${2}"
894   local jid="${3}"
895   local jexec= 
896
897   addr="$(echo ${addr}|cut -f1 -d'/')"
898
899   if [ -n "${jid}" ] ; then
900      jexec="jexec ${jid}"
901   fi
902
903   ${jexec} ifconfig "${iface}" | \
904      grep -w inet6 | \
905      awk '{ print $2 }' | \
906      grep -Ew "^${addr}" >/dev/null 2>&1
907   return $?
908}
909
910get_ipfw_nat_instance()
911{
912   local iface="${1}"
913   local res=1
914
915   if [ -z "${iface}" ] ; then
916      local instance="`ipfw list|egrep '[0-9]+ nat'|awk '{ print $3 }'|tail -1`"
917      if [ -z "${instance}" ] ; then
918         instance="100"
919      else               
920         : $(( instance += 100 )) 
921      fi
922      echo "${instance}"
923      return 0
924   fi
925
926   for ni in `ipfw list|egrep '[0-9]+ nat'|awk '{ print $3 }'`
927   do
928      ipfw nat "${ni}" show config|egrep -qw "${iface}"
929      if [ "$?" = "0" ] ; then
930         echo "${ni}"
931         res=0
932         break
933      fi
934   done
935
936   return ${res}
937}
938
939get_ipfw_nat_priority()
940{
941   local iface="${1}"
942   local res=1
943
944   if [ -z "${iface}" ] ; then
945      local priority="`ipfw list|egrep '[0-9]+ nat'|awk '{ print $1 }'|tail -1`"
946      if [ -z "${priority}" ] ; then
947         priority=2000
948      fi
949      printf "%05d\n" "${priority}"
950      return 0
951   fi
952
953   local IFS='
954'
955   for rule in `ipfw list|egrep '[0-9]+ nat'`
956   do
957      local priority="`echo "${rule}"|awk '{ print $1 }'`"
958      local ni="`echo "${rule}"|awk '{ print $3 }'`"
959
960      ipfw nat "${ni}" show config|egrep -qw "${iface}"
961      if [ "$?" = "0" ] ; then
962         echo "${priority}"
963         res=0
964         break
965      fi
966   done
967
968   return ${res}
969}
970
Note: See TracBrowser for help on using the repository browser.