source: src-sh/warden/scripts/backend/stopjail.sh @ 1bac9dc

9.2-release
Last change on this file since 1bac9dc was 1bac9dc, checked in by Kris Moore <kris@…>, 11 months ago

Backport fix to warden jail interfaces

  • Property mode set to 100755
File size: 5.1 KB
Line 
1#!/bin/sh
2# Script to stop a jail
3# Args $1 = jail-name
4#######################################################################
5
6# Source our functions
7PROGDIR="/usr/local/share/warden"
8
9# Source our variables
10. ${PROGDIR}/scripts/backend/functions.sh
11
12JAILNAME="${1}"
13if [ "${2}" = "FAST" ]
14then
15  FAST="Y"
16fi
17
18if [ -z "${JAILNAME}" ]
19then
20  echo "ERROR: No jail specified to delete!"
21  exit 5
22fi
23
24if [ -z "${JDIR}" ]
25then
26  echo "ERROR: JDIR is unset!!!!"
27  exit 5
28fi
29
30JAILDIR="${JDIR}/${JAILNAME}"
31
32if [ ! -d "${JAILDIR}" ]
33then
34  echo "ERROR: No jail located at ${JAILDIR}"
35  exit 5
36fi
37
38HOST="`cat ${JMETADIR}/host`"
39
40# Check if we need to enable vnet
41VIMAGEENABLE="NO"
42if [ -e "${JMETADIR}/vnet" ] ; then
43  VIMAGEENABLE="YES"
44fi
45
46IFACE=
47DEFAULT=0
48 
49# Make sure jail uses special interface if specified
50if [ -e "${JMETADIR}/iface" ] ; then
51  IFACE=`cat "${JMETADIR}/iface"`
52fi
53if [ -z "${IFACE}" ] ; then
54  if [ -n "$NIC" ] ; then
55    IFACE="$NIC"
56  else
57    IFACE=`get_default_interface`
58    DEFAULT=1
59  fi
60fi
61if [ -z "${IFACE}" ] ; then
62  echo "ERROR: no interface specified and a default doesn't exist!"
63  exit 6
64fi
65
66# End of error checking, now shutdown this jail
67##################################################################
68
69echo -e "Stopping the jail...\c"
70
71# Get the JailID for this jail
72JID="`jls | grep ${JAILDIR}$ | tr -s " " | cut -d " " -f 2`"
73
74echo -e ".\c"
75
76# Check if we need umount x mnts
77if [ -e "${JMETADIR}/jail-portjail" ] ; then umountjailxfs ${JAILNAME} ; fi
78
79if [ "$VIMAGEENABLE" = "YES" ] ; then
80  jail_interfaces_down "${JID}"
81else
82  # Get list of IP4s for this jail
83  if [ -e "${JMETADIR}/ipv4" ] ; then
84    IP4S="`cat ${JMETADIR}/ipv4 | cut -d '/' -f 1`"
85  fi
86  if [ -e "${JMETADIR}/alias-ipv4" ] ; then
87    while read line
88    do
89      IP4S="${IP4S} `echo $line | cut -d '/' -f 1`"
90    done < ${JMETADIR}/alias-ipv4
91  fi
92
93  # Get list of IP6s for this jail
94  if [ -e "${JMETADIR}/ipv6" ] ; then
95    IP6S="`cat ${JMETADIR}/ipv6 | cut -d '/' -f 1`"
96  fi
97  if [ -e "${JMETADIR}/alias-ipv6" ] ; then
98    while read line
99    do
100      IP6S="${IP6S} `echo $line | cut -d '/' -f 1`"
101    done < ${JMETADIR}/alias-ipv6
102  fi
103 
104 
105  # Check if we need to remove the IP aliases from this jail
106  for _ip in $IP4S
107  do 
108    # See if active alias
109    ifconfig $IFACE | grep -q "${_ip}"
110    if [ $? -ne 0 ] ; then continue ; fi
111
112    ifconfig $IFACE inet -alias ${_ip}
113  done
114
115  for _ip in $IP6S
116  do 
117    # See if active alias
118    ifconfig $IFACE | grep -q "${_ip}"
119    if [ $? -ne 0 ] ; then continue ; fi
120
121    ifconfig $IFACE inet6 ${_ip} delete
122  done
123fi
124
125if [ -e "${JMETADIR}/jail-linux" ] ; then LINUXJAIL="YES" ; fi
126
127# Check for user-supplied mounts
128if [ -e "${JMETADIR}/fstab" ] ; then
129   echo "Unmounting user-supplied file-systems"
130   cp ${JMETADIR}/fstab /tmp/.wardenfstab.$$
131   sed -i '' "s|%%JAILDIR%%|${JAILDIR}|g" /tmp/.wardenfstab.$$
132   umount -a -F /tmp/.wardenfstab.$$
133   rm /tmp/.wardenfstab.$$
134fi
135
136if [ "$LINUXJAIL" = "YES" ] ; then
137  # If we have a custom stop script
138  if [ -e "${JMETADIR}/jail-stop" ] ; then
139    sCmd=`cat ${JMETADIR}/jail-stop`
140    echo "Stopping jail with: ${sCmd}"
141    if [ -n "${JID}" ] ; then
142      jexec ${JID} ${sCmd} 2>&1
143    fi
144  else
145    # Check for different init styles
146    if [ -e "${JAILDIR}/etc/init.d/rc" ] ; then
147      if [ -n "${JID}" ] ; then
148        jexec ${JID} /bin/sh /etc/init.d/rc 0 2>&1
149      fi
150    elif [ -e "${JAILDIR}/etc/rc" ] ; then
151      if [ -n "${JID}" ] ; then
152        jexec ${JID} /bin/sh /etc/rc 0 2>&1
153      fi
154    fi
155  fi
156  sleep 3
157
158  umount -f ${JAILDIR}/sys 2>/dev/null
159  umount -f ${JAILDIR}/dev/fd 2>/dev/null
160  umount -f ${JAILDIR}/dev 2>/dev/null
161  umount -f ${JAILDIR}/lib/init/rw 2>/dev/null
162else
163  # If we have a custom stop script
164  if [ -e "${JMETADIR}/jail-stop" ] ; then
165    if [ -n "${JID}" ] ; then
166      sCmd=`cat ${JMETADIR}/jail-stop`
167      echo "Stopping jail with: ${sCmd}"
168      jexec ${JID} ${sCmd} 2>&1
169    fi
170  else
171    if [ -n "${JID}" ] ; then
172      echo "Stopping jail with: /etc/rc.shutdown"
173      jexec ${JID} /bin/sh /etc/rc.shutdown >/dev/null 2>/dev/null
174    fi
175  fi
176fi
177
178umount -f ${JAILDIR}/dev >/dev/null 2>/dev/null
179
180echo -e ".\c"
181
182# Skip the time consuming portion if we are shutting down
183if [ "$FAST" != "Y" ]
184then
185
186# We asked nicely, so now kill the jail for sure
187killall -j ${JID} -TERM 2>/dev/null
188sleep 1
189killall -j ${JID} -KILL 2>/dev/null
190
191echo -e ".\c"
192
193# Check if we need to unmount the devfs in jail
194mount | grep "${JAILDIR}/dev" >/dev/null 2>/dev/null
195if [ "$?" = "0" ]
196then
197  # Setup a 60 second timer to try and umount devfs, since takes a bit
198  SEC="0"
199  while
200   i=1
201  do
202   sleep 2
203
204   # Try to unmount dev
205   umount -f "${JAILDIR}/dev" 2>/dev/null
206   if [ "$?" = "0" ]
207   then
208      break
209   fi
210
211   SEC="`expr $SEC + 2`"
212   echo -e ".\c"
213
214   if [ ${SEC} -gt 60 ]
215   then
216      break
217   fi
218
219  done
220fi
221
222# Check if we need to unmount any extra dirs
223mount | grep "${JAILDIR}/proc" >/dev/null 2>/dev/null
224if [ "$?" = "0" ]; then
225  umount -f "${JAILDIR}/proc"
226fi
227
228if [ -e "${JMETADIR}/jail-portjail" ] ; then
229  umountjailxfs
230fi
231
232fi # End of FAST check
233
234echo -e ".\c"
235
236if [ -n "${JID}" ] ; then
237  jail -r ${JID}
238fi
239
240echo -e "Done"
Note: See TracBrowser for help on using the repository browser.