| jail (187708) | jail (191620) |
|---|---|
| 1#!/bin/sh 2# | 1#!/bin/sh 2# |
| 3# $FreeBSD: head/etc/rc.d/jail 187708 2009-01-26 12:59:11Z bz $ | 3# $FreeBSD: head/etc/rc.d/jail 191620 2009-04-28 09:45:32Z ru $ |
| 4# 5 6# PROVIDE: jail 7# REQUIRE: LOGIN cleanvar 8# BEFORE: securelevel 9# KEYWORD: nojail shutdown 10 11# WARNING: This script deals with untrusted data (the data and --- 24 unchanged lines hidden (view full) --- 36 eval _rootdir=\"\$jail_${_j}_rootdir\" 37 _devdir="${_rootdir}/dev" 38 _fdescdir="${_devdir}/fd" 39 _procdir="${_rootdir}/proc" 40 eval _hostname=\"\$jail_${_j}_hostname\" 41 eval _ip=\"\$jail_${_j}_ip\" 42 eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\" 43 eval _exec=\"\$jail_${_j}_exec\" | 4# 5 6# PROVIDE: jail 7# REQUIRE: LOGIN cleanvar 8# BEFORE: securelevel 9# KEYWORD: nojail shutdown 10 11# WARNING: This script deals with untrusted data (the data and --- 24 unchanged lines hidden (view full) --- 36 eval _rootdir=\"\$jail_${_j}_rootdir\" 37 _devdir="${_rootdir}/dev" 38 _fdescdir="${_devdir}/fd" 39 _procdir="${_rootdir}/proc" 40 eval _hostname=\"\$jail_${_j}_hostname\" 41 eval _ip=\"\$jail_${_j}_ip\" 42 eval _interface=\"\${jail_${_j}_interface:-${jail_interface}}\" 43 eval _exec=\"\$jail_${_j}_exec\" |
| 44 45 i=0 46 while : ; do 47 eval _exec_prestart${i}=\"\${jail_${_j}_exec_prestart${i}:-\${jail_exec_prestart${i}}}\" 48 [ -z "$(eval echo \"\$_exec_prestart${i}\")" ] && break 49 i=$((i + 1)) 50 done 51 |
|
| 44 eval _exec_start=\"\${jail_${_j}_exec_start:-${jail_exec_start}}\" 45 46 i=1 47 while [ true ]; do 48 eval _exec_afterstart${i}=\"\${jail_${_j}_exec_afterstart${i}:-\${jail_exec_afterstart${i}}}\" 49 [ -z "$(eval echo \"\$_exec_afterstart${i}\")" ] && break 50 i=$((i + 1)) 51 done | 52 eval _exec_start=\"\${jail_${_j}_exec_start:-${jail_exec_start}}\" 53 54 i=1 55 while [ true ]; do 56 eval _exec_afterstart${i}=\"\${jail_${_j}_exec_afterstart${i}:-\${jail_exec_afterstart${i}}}\" 57 [ -z "$(eval echo \"\$_exec_afterstart${i}\")" ] && break 58 i=$((i + 1)) 59 done |
| 52 | 60 61 i=0 62 while : ; do 63 eval _exec_poststart${i}=\"\${jail_${_j}_exec_poststart${i}:-\${jail_exec_poststart${i}}}\" 64 [ -z "$(eval echo \"\$_exec_poststart${i}\")" ] && break 65 i=$((i + 1)) 66 done 67 68 i=0 69 while : ; do 70 eval _exec_prestop${i}=\"\${jail_${_j}_exec_prestop${i}:-\${jail_exec_prestop${i}}}\" 71 [ -z "$(eval echo \"\$_exec_prestop${i}\")" ] && break 72 i=$((i + 1)) 73 done 74 |
| 53 eval _exec_stop=\"\${jail_${_j}_exec_stop:-${jail_exec_stop}}\" | 75 eval _exec_stop=\"\${jail_${_j}_exec_stop:-${jail_exec_stop}}\" |
| 76 77 i=0 78 while : ; do 79 eval _exec_poststop${i}=\"\${jail_${_j}_exec_poststop${i}:-\${jail_exec_poststop${i}}}\" 80 [ -z "$(eval echo \"\$_exec_poststop${i}\")" ] && break 81 i=$((i + 1)) 82 done 83 |
|
| 54 if [ -n "${_exec}" ]; then 55 # simple/backward-compatible execution 56 _exec_start="${_exec}" 57 _exec_stop="" 58 else 59 # flexible execution 60 if [ -z "${_exec_start}" ]; then 61 _exec_start="/bin/sh /etc/rc" --- 35 unchanged lines hidden (view full) --- 97 debug "$_j interface: $_interface" 98 debug "$_j fib: $_fib" 99 debug "$_j root: $_rootdir" 100 debug "$_j devdir: $_devdir" 101 debug "$_j fdescdir: $_fdescdir" 102 debug "$_j procdir: $_procdir" 103 debug "$_j ruleset: $_ruleset" 104 debug "$_j fstab: $_fstab" | 84 if [ -n "${_exec}" ]; then 85 # simple/backward-compatible execution 86 _exec_start="${_exec}" 87 _exec_stop="" 88 else 89 # flexible execution 90 if [ -z "${_exec_start}" ]; then 91 _exec_start="/bin/sh /etc/rc" --- 35 unchanged lines hidden (view full) --- 127 debug "$_j interface: $_interface" 128 debug "$_j fib: $_fib" 129 debug "$_j root: $_rootdir" 130 debug "$_j devdir: $_devdir" 131 debug "$_j fdescdir: $_fdescdir" 132 debug "$_j procdir: $_procdir" 133 debug "$_j ruleset: $_ruleset" 134 debug "$_j fstab: $_fstab" |
| 105 debug "$_j exec start: $_exec_start" | |
| 106 debug "$_j consolelog: $_consolelog" 107 | 135 debug "$_j consolelog: $_consolelog" 136 |
| 137 i=0 138 while : ; do 139 eval out=\"\${_exec_prestart${i}:-''}\" 140 if [ -z "$out" ]; then 141 break 142 fi 143 debug "$_j exec pre-start #${i}: ${out}" 144 i=$((i + 1)) 145 done 146 147 debug "$_j exec start: $_exec_start" 148 |
|
| 108 i=1 109 while [ true ]; do 110 eval out=\"\${_exec_afterstart${i}:-''}\" 111 112 if [ -z "$out" ]; then 113 break; 114 fi 115 116 debug "$_j exec after start #${i}: ${out}" 117 i=$((i + 1)) 118 done 119 | 149 i=1 150 while [ true ]; do 151 eval out=\"\${_exec_afterstart${i}:-''}\" 152 153 if [ -z "$out" ]; then 154 break; 155 fi 156 157 debug "$_j exec after start #${i}: ${out}" 158 i=$((i + 1)) 159 done 160 |
| 161 i=0 162 while : ; do 163 eval out=\"\${_exec_poststart${i}:-''}\" 164 if [ -z "$out" ]; then 165 break 166 fi 167 debug "$_j exec post-start #${i}: ${out}" 168 i=$((i + 1)) 169 done 170 171 i=0 172 while : ; do 173 eval out=\"\${_exec_prestop${i}:-''}\" 174 if [ -z "$out" ]; then 175 break 176 fi 177 debug "$_j exec pre-stop #${i}: ${out}" 178 i=$((i + 1)) 179 done 180 |
|
| 120 debug "$_j exec stop: $_exec_stop" | 181 debug "$_j exec stop: $_exec_stop" |
| 182 183 i=0 184 while : ; do 185 eval out=\"\${_exec_poststop${i}:-''}\" 186 if [ -z "$out" ]; then 187 break 188 fi 189 debug "$_j exec post-stop #${i}: ${out}" 190 i=$((i + 1)) 191 done 192 |
|
| 121 debug "$_j flags: $_flags" 122 debug "$_j consolelog: $_consolelog" 123 124 if [ -z "${_hostname}" ]; then 125 err 3 "$name: No hostname has been defined for ${_j}" 126 fi 127 if [ -z "${_rootdir}" ]; then 128 err 3 "$name: No root directory has been defined for ${_j}" --- 421 unchanged lines hidden (view full) --- 550 else 551 info "Mounting procfs onto ${_procdir}" 552 if [ -d "${_procdir}" ] ; then 553 mount -t procfs proc "${_procdir}" 554 fi 555 fi 556 fi 557 _tmp_jail=${_tmp_dir}/jail.$$ | 193 debug "$_j flags: $_flags" 194 debug "$_j consolelog: $_consolelog" 195 196 if [ -z "${_hostname}" ]; then 197 err 3 "$name: No hostname has been defined for ${_j}" 198 fi 199 if [ -z "${_rootdir}" ]; then 200 err 3 "$name: No root directory has been defined for ${_j}" --- 421 unchanged lines hidden (view full) --- 622 else 623 info "Mounting procfs onto ${_procdir}" 624 if [ -d "${_procdir}" ] ; then 625 mount -t procfs proc "${_procdir}" 626 fi 627 fi 628 fi 629 _tmp_jail=${_tmp_dir}/jail.$$ |
| 630 631 i=0 632 while : ; do 633 eval out=\"\${_exec_prestart${i}:-''}\" 634 [ -z "$out" ] && break 635 ${out} 636 i=$((i + 1)) 637 done 638 |
|
| 558 eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \ 559 \"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1 560 561 if [ "$?" -eq 0 ] ; then 562 _jail_id=$(head -1 ${_tmp_jail}) 563 i=1 564 while [ true ]; do 565 eval out=\"\${_exec_afterstart${i}:-''}\" --- 4 unchanged lines hidden (view full) --- 570 571 jexec "${_jail_id}" ${out} 572 i=$((i + 1)) 573 done 574 575 echo -n " $_hostname" 576 tail +2 ${_tmp_jail} >${_consolelog} 577 echo ${_jail_id} > /var/run/jail_${_jail}.id | 639 eval ${_setfib} jail ${_flags} -i ${_rootdir} ${_hostname} \ 640 \"${_addrl}\" ${_exec_start} > ${_tmp_jail} 2>&1 641 642 if [ "$?" -eq 0 ] ; then 643 _jail_id=$(head -1 ${_tmp_jail}) 644 i=1 645 while [ true ]; do 646 eval out=\"\${_exec_afterstart${i}:-''}\" --- 4 unchanged lines hidden (view full) --- 651 652 jexec "${_jail_id}" ${out} 653 i=$((i + 1)) 654 done 655 656 echo -n " $_hostname" 657 tail +2 ${_tmp_jail} >${_consolelog} 658 echo ${_jail_id} > /var/run/jail_${_jail}.id |
| 659 660 i=0 661 while : ; do 662 eval out=\"\${_exec_poststart${i}:-''}\" 663 [ -z "$out" ] && break 664 ${out} 665 i=$((i + 1)) 666 done |
|
| 578 else 579 jail_umount_fs 580 jail_ips "del" 581 echo " cannot start jail \"${_jail}\": " 582 tail +2 ${_tmp_jail} 583 fi 584 rm -f ${_tmp_jail} 585 done --- 5 unchanged lines hidden (view full) --- 591{ 592 echo -n 'Stopping jails:' 593 for _jail in ${jail_list} 594 do 595 if [ -f "/var/run/jail_${_jail}.id" ]; then 596 _jail_id=$(cat /var/run/jail_${_jail}.id) 597 if [ ! -z "${_jail_id}" ]; then 598 init_variables $_jail | 667 else 668 jail_umount_fs 669 jail_ips "del" 670 echo " cannot start jail \"${_jail}\": " 671 tail +2 ${_tmp_jail} 672 fi 673 rm -f ${_tmp_jail} 674 done --- 5 unchanged lines hidden (view full) --- 680{ 681 echo -n 'Stopping jails:' 682 for _jail in ${jail_list} 683 do 684 if [ -f "/var/run/jail_${_jail}.id" ]; then 685 _jail_id=$(cat /var/run/jail_${_jail}.id) 686 if [ ! -z "${_jail_id}" ]; then 687 init_variables $_jail |
| 688 689 i=0 690 while : ; do 691 eval out=\"\${_exec_prestop${i}:-''}\" 692 [ -z "$out" ] && break 693 ${out} 694 i=$((i + 1)) 695 done 696 |
|
| 599 if [ -n "${_exec_stop}" ]; then 600 eval env -i /usr/sbin/jexec ${_jail_id} ${_exec_stop} \ 601 >> ${_consolelog} 2>&1 602 fi 603 killall -j ${_jail_id} -TERM > /dev/null 2>&1 604 sleep 1 605 killall -j ${_jail_id} -KILL > /dev/null 2>&1 606 jail_umount_fs 607 echo -n " $_hostname" | 697 if [ -n "${_exec_stop}" ]; then 698 eval env -i /usr/sbin/jexec ${_jail_id} ${_exec_stop} \ 699 >> ${_consolelog} 2>&1 700 fi 701 killall -j ${_jail_id} -TERM > /dev/null 2>&1 702 sleep 1 703 killall -j ${_jail_id} -KILL > /dev/null 2>&1 704 jail_umount_fs 705 echo -n " $_hostname" |
| 706 707 i=0 708 while : ; do 709 eval out=\"\${_exec_poststop${i}:-''}\" 710 [ -z "$out" ] && break 711 ${out} 712 i=$((i + 1)) 713 done |
|
| 608 fi 609 jail_ips "del" 610 rm /var/run/jail_${_jail}.id 611 else 612 echo " cannot stop jail ${_jail}. No jail id in /var/run" 613 fi 614 done 615 echo '.' 616} 617 618load_rc_config $name 619cmd="$1" 620if [ $# -gt 0 ]; then 621 shift 622fi 623if [ -n "$*" ]; then 624 jail_list="$*" 625fi 626run_rc_command "${cmd}" | 714 fi 715 jail_ips "del" 716 rm /var/run/jail_${_jail}.id 717 else 718 echo " cannot stop jail ${_jail}. No jail id in /var/run" 719 fi 720 done 721 echo '.' 722} 723 724load_rc_config $name 725cmd="$1" 726if [ $# -gt 0 ]; then 727 shift 728fi 729if [ -n "$*" ]; then 730 jail_list="$*" 731fi 732run_rc_command "${cmd}" |