Changeset f4066f6


Ignore:
Timestamp:
07/27/13 18:37:39 (17 months ago)
Author:
Kris Moore <kris@…>
Branches:
master, 9.2-release, releng/10.0, releng/10.0.1, releng/10.0.2, releng/10.0.3, releng/10.1
Children:
70f39ef
Parents:
37f4931
Message:

Start adding the early framework of a new type of PBI container
to Warden.

Location:
src-sh/warden
Files:
6 edited

Legend:

Unmodified
Added
Removed
  • src-sh/warden/bin/warden

    r77fd45f rf4066f6  
    6262        start - Start a jail 
    6363         stop - Stops a jail 
    64          type - Set the jail type (portjail|pluginjail|standard) 
     64         type - Set the jail type (pbibox|pluginjail|portjail|standard) 
    6565     template - Manage jail templates 
    6666    zfsmksnap - Create a ZFS snapshot of a jail  
     
    376376Lets you set the type of jail to these options: 
    377377 
     378pbibox: Special container for PBIs using host IP & user directories 
    378379portjail: Jail with access to your home directories and Xorg 
    379380pluginjail: Jail that can be used to install FreeNAS plugins 
     
    475476 
    476477Available Flags: 
     478  -a           (List all jails, including pbi containers) 
    477479  -v           (Verbose listing) 
    478480 
     
    635637  --vanilla                    (Don't install PC-BSD pkgng repo and utilities) 
    636638  --startauto                  (Start this jail at system boot) 
     639  --pbibox                     (Make this a pbi container) 
    637640  --portjail                   (Make this a portjail) 
    638641  --pluginjail                 (Make this a pluginjail) 
     
    876879 
    877880         case $TYPE in 
     881           pbibox) 
     882              rm ${JMETADIR}/jail-pluginjail > /dev/null 2>/dev/null 
     883              rm ${JMETADIR}/jail-portjail >/dev/null 2>/dev/null 
     884              mkpbibox "${JAILDIR}" 
     885              ;; 
    878886           portjail) 
    879887              rm ${JMETADIR}/jail-pluginjail > /dev/null 2>/dev/null 
     
    11741182             --vanilla) VANILLA="YES" ;; 
    11751183             --portjail) JAILTYPE="portjail" ;; 
     1184             --pbibox) JAILTYPE="pbibox" ;; 
    11761185             --pluginjail) JAILTYPE="pluginjail" ; VANILLA="YES" ;;  
    11771186             --linuxjail) JAILTYPE="linuxjail" ; shift 
  • src-sh/warden/scripts/backend/createjail.sh

    r77fd45f rf4066f6  
    8181 
    8282case "${JAILTYPE}" in 
     83  pbibox) PBIBOX="YES" ;; 
     84  linuxjail) LINUXJAIL="YES" ;; 
     85  pluginjail) PLUGINJAIL="YES" ;; 
    8386  portjail) PORTJAIL="YES" ;; 
    84   pluginjail) PLUGINJAIL="YES" ;; 
    85   linuxjail) LINUXJAIL="YES" ;; 
    8687  standard) ;; 
    8788esac 
     
    332333echo "PCBSD_METAPKGSET: warden" > ${JAILDIR}/usr/local/etc/pcbsd.conf 
    333334 
    334 # Copy over the pbid scripts 
    335 checkpbiscripts "${JAILDIR}" 
     335# Check if making a PBI box 
     336if [ "$PBIBOX" = "YES" ] ; then mkpbibox "${JAILDIR}" ; fi 
    336337 
    337338# Check if making a portjail 
  • src-sh/warden/scripts/backend/functions.sh

    r5a47ba4 rf4066f6  
    4848export WARDENVER 
    4949 
    50 # Dirs to nullfs mount in X jail 
    51 NULLFS_MOUNTS="/tmp /media /usr/home" 
     50# Dirs to nullfs mount in X jail / pbibox 
     51NULLFS_MOUNTS="/tmp /media" 
     52X11_MOUNTS="/usr/local/lib/X11/icons /usr/local/lib/X11/fonts /usr/local/etc/fonts" 
    5253 
    5354# Clone directory 
     
    176177}; 
    177178 
    178  
    179 ### Mount all needed filesystems for the jail 
    180 mountjailxfs() { 
     179# Check if a directory is mounted 
     180isDirMounted() { 
     181  mount | grep -q "on $1 (" 
     182  return $? 
     183} 
     184 
     185# Mount all the FS needed for a PBI container 
     186mountpbibox() { 
     187 
    181188  for nullfs_mount in ${NULLFS_MOUNTS}; do 
    182189    if [ ! -d "${JDIR}/${1}${nullfs_mount}" ] ; then 
     
    188195    fi 
    189196 
     197    # If this is already mounted we can skip for now 
     198    isDirMounted "${JDIR}/${1}${nullfs_mount}" && continue 
     199 
    190200    echo "Mounting ${JDIR}/${1}${nullfs_mount}" 
    191201    mount_nullfs ${nullfs_mount} ${JDIR}/${1}${nullfs_mount} 
    192202  done 
    193203 
     204  # Check and mount /dev 
     205  isDirMounted "${JDIR}/${1}/dev" 
     206  if [ $? -ne 0 ] ; then 
     207    echo "Enabling devfs" 
     208    mount -t devfs devfs ${JDIR}/${1}/dev 
     209  fi 
     210 
    194211  # Add support for linprocfs for ports that need linprocfs to build/run 
    195212  if [  ! -d "${JDIR}/${1}/compat/linux/proc" ]; then 
     
    200217    return 
    201218  fi 
    202   echo "Enabling linprocfs support." 
    203   mount -t linprocfs linprocfs ${JDIR}/${1}/compat/linux/proc 
     219 
     220  # If this is already mounted we can skip for now 
     221  isDirMounted "${JDIR}/${1}/compat/linux/proc" 
     222  if [ $? -ne 0 ] ; then 
     223    echo "Enabling linprocfs support." 
     224    mount -t linprocfs linprocfs ${JDIR}/${1}/compat/linux/proc 
     225  fi 
     226 
     227  # Add support for linsysfs for ports that need linprocfs to build/run 
     228  if [  ! -d "${JDIR}/${1}/compat/linux/sys" ]; then 
     229    mkdir -p ${JDIR}/${1}/compat/linux/sys 
     230  fi 
     231  if is_symlinked_mountpoint ${JDIR}/${1}/compat/linux/sys; then 
     232    echo "${JDIR}/${1}/compat/linux/sys has symlink as parent, not mounting" 
     233    return 
     234  fi 
     235 
     236  # If this is already mounted we can skip for now 
     237  isDirMounted "${JDIR}/${1}/compat/linux/sys" 
     238  if [ $? -ne 0 ] ; then 
     239    echo "Enabling linsysfs support." 
     240    mount -t linsysfs linsysfs ${JDIR}/${1}/compat/linux/sys 
     241  fi 
     242 
     243  # Lastly we need to mount /usr/home/* directories 
     244  for i in `ls -d /usr/home/*` 
     245  do 
     246    # If this is already mounted we can skip for now 
     247    isDirMounted "${JDIR}/${1}${i}" && continue 
     248    if [ ! -d "${JDIR}/${1}${i}" ] ; then mkdir -p ${JDIR}/${1}${i} ; fi 
     249    echo "Mounting home: ${i}" 
     250    mount_nullfs ${i} ${JDIR}/${1}${i} 
     251  done 
     252 
     253  # If this is a portjail, we can stop now 
     254  if [ "$1" = "portjail" ] ; then return ; fi 
     255 
     256  # For PBIs lets mount a few extra things 
     257  for nullfs_mount in ${X11_MOUNTS}; do 
     258    if [ ! -d "${JDIR}/${1}${nullfs_mount}" ] ; then 
     259        continue 
     260    fi 
     261    if is_symlinked_mountpoint ${nullfs_mount}; then 
     262      echo "${nullfs_mount} has symlink as parent, not mounting" 
     263      continue 
     264    fi 
     265 
     266    # If this is already mounted we can skip for now 
     267    isDirMounted "${JDIR}/${1}${nullfs_mount}" && continue 
     268 
     269    echo "Mounting ${JDIR}/${1}${nullfs_mount}" 
     270    mount_nullfs ${nullfs_mount} ${JDIR}/${1}${nullfs_mount} 
     271  done 
     272   
     273} 
     274 
     275### Mount all needed filesystems for the jail 
     276mountjailxfs() { 
     277  
     278   # Mount the same mount-points as pbibox  
     279   mountpbibox "portjail" 
     280 
    204281} 
    205282 
     
    265342  # Make sure we remove our cleartmp rc.d script, causes issues 
    266343  [ -e "${1}/etc/rc.d/cleartmp" ] && rm ${1}/etc/rc.d/cleartmp 
     344 
    267345  # Flag this type 
    268346  touch ${JMETADIR}/jail-portjail 
    269347} 
     348 
     349mkpbibox() { 
     350 
     351  if [ -z "${1}" ] ; then return ; fi 
     352 
     353  # KPM - Replace this section with a "mergeuserpw" function 
     354  # Need to be able to merge user accounts from /home on base system 
     355  # into the chroot each time we start it 
     356  ETCFILES="resolv.conf passwd master.passwd spwd.db pwd.db group localtime" 
     357  for file in ${ETCFILES}; do 
     358    rm ${1}/etc/${file} >/dev/null 2>&1 
     359    cp /etc/${file} ${1}/etc/${file} 
     360  done 
     361   
     362  # Need to symlink /home 
     363  chroot ${1} ln -fs /usr/home /home 
     364 
     365  # Make sure we remove our cleartmp rc.d script, causes issues 
     366  [ -e "${1}/etc/rc.d/cleartmp" ] && rm ${1}/etc/rc.d/cleartmp 
     367 
     368  # Flag this type 
     369  touch ${JMETADIR}/jail-pbibox 
     370 
     371} 
     372 
    270373 
    271374mkpluginjail() { 
     
    733836  local arch="$(uname -m)" 
    734837 
    735   get_mirror 
    736   local mirror="${VAL}" 
    737  
    738838cat<<__EOF__>"${outfile}" 
    739839#!/bin/sh 
     
    745845echo "PUBKEY: /usr/local/etc/pkg-pubkey.cert" >>/usr/local/etc/pkg.conf 
    746846echo "PKG_CACHEDIR: /usr/local/tmp" >>/usr/local/etc/pkg.conf 
    747 pkg install -y pcbsd-utils 
    748847exit $? 
    749848__EOF__ 
  • src-sh/warden/scripts/backend/listjails.sh

    rcea595b rf4066f6  
    3434  case "$1" in 
    3535    -v) VERBOSE="YES" ;;  
     36    -a) ALLJAILS="YES" ;;  
    3637     *) JAILS="${JAILS} .$1.meta" ;; 
    3738  esac 
     
    5455  AUTO="Disabled"  
    5556  STATUS="<unknown>" 
     57 
     58  # if not doing a full listing, skip pbi boxes 
     59  if [ "$ALLJAILS" != "YES" -a -e "${i}/jail-pbibox" ] ; then 
     60     continue 
     61  fi 
    5662 
    5763  if [ ! -e "${i}/id" ] ; then  
     
    140146  
    141147  # Figure out the type of jail 
    142   if [ -e "${i}/jail-portjail" ] ; then 
     148  if [ -e "${i}/jail-pbibox" ] ; then 
     149    TYPE="pbibox" 
     150  elif [ -e "${i}/jail-portjail" ] ; then 
    143151    TYPE="portjail" 
    144152  elif [ -e "${i}/jail-pluginjail" ] ; then 
  • src-sh/warden/scripts/backend/startjail.sh

    rcea595b rf4066f6  
    276276fi 
    277277 
     278# If this is a pbibox, we don't really need to start any jail, just  
     279# need to do some mounts and such 
     280if [ -e "${JMETADIR}/jail-pbibox" ] ; then  
     281  mountpbibox ${JAILNAME} 
     282  exit 0 
     283fi 
     284 
    278285# Make sure the jail is NOT already running 
    279286jls | grep ${JAILDIR}$ >/dev/null 2>/dev/null 
  • src-sh/warden/scripts/backend/stopjail.sh

    rcea595b rf4066f6  
    3636fi 
    3737 
     38# If this a pbibox, we can just safely unmount its dirs and finish 
     39if [ -e "${JMETADIR}/jail-pbibox" ] ; then  
     40  umountjailxfs ${JAILNAME}  
     41  exit 0 
     42fi 
    3843 
    3944HOST="`cat ${JMETADIR}/host`" 
Note: See TracChangeset for help on using the changeset viewer.