o Add a script to start jails on boot.
o Hook it up to the build Approved by: markm (mentor) Submitted by: Clement Laforet <sheepkiller@cultdeadsheep.org> (modified) Prodded by: mike
This commit is contained in:
parent
cb82f4c20e
commit
676f8a41dd
@ -7,7 +7,7 @@ FILES= DAEMON LOGIN NETWORKING SERVERS abi accounting addswap adjkerntz amd \
|
||||
apm apmd atm1 atm2.sh atm3.sh archdep bgfsck bootparams ccd cleanvar \
|
||||
cleartmp cron devd devdb devfs diskless dmesg dumpon fsck inetd \
|
||||
initdiskless initrandom ip6fw ipfilter ipfw ipmon ipnat ipsec \
|
||||
ipxrouted isdnd kadmind kerberos keyserv kldxref ldconfig local \
|
||||
ipxrouted isdnd jail kadmind kerberos keyserv kldxref ldconfig local \
|
||||
localdaemons lomac lpd motd mountcritlocal mountcritremote \
|
||||
mountd moused mroute6d mrouted msgs named network1 network2 \
|
||||
network3 network_ipv6 nfsclient nfsd nfslocking nfsserver ntpd \
|
||||
|
68
etc/rc.d/jail
Normal file
68
etc/rc.d/jail
Normal file
@ -0,0 +1,68 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# $FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: jail
|
||||
# REQUIRE: LOGIN
|
||||
# KEYWORD: FreeBSD
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name="jail"
|
||||
rcvar=`set_rcvar`
|
||||
start_cmd="jail_start"
|
||||
stop_cmd="jail_stop"
|
||||
|
||||
jail_start()
|
||||
{
|
||||
echo -n 'Configuring jails:'
|
||||
echo -n ' set_hostname_allowed='
|
||||
if checkyesno jail_set_hostname_allow ; then
|
||||
echo -n 'YES'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=1
|
||||
else
|
||||
echo -n 'NO'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=0
|
||||
fi
|
||||
|
||||
echo -n ' unixiproute_only='
|
||||
if checkyesno jail_socket_unixiproute_only ; then
|
||||
echo -n 'YES'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=1
|
||||
else
|
||||
echo -n 'NO'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=0
|
||||
fi
|
||||
|
||||
echo -n ' sysvipc_allow='
|
||||
if checkyesno jail_sysvipc_allow ; then
|
||||
echo -n 'YES'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=1
|
||||
else
|
||||
echo -n 'NO'
|
||||
${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=0
|
||||
fi
|
||||
echo '.'
|
||||
|
||||
echo 'Starting Jails.'
|
||||
for _jail in ${jail_list}
|
||||
do
|
||||
eval jail_rootdir=\"\$jail_${_jail}_rootdir\"
|
||||
eval jail_hostname=\"\$jail_${_jail}_hostname\"
|
||||
eval jail_ip=\"\$jail_${_jail}_ip\"
|
||||
eval jail_exec=\"\$jail_${_jail_name}_exec\"
|
||||
[ -z ${jail_exec} ] && jail_exec="/bin/sh /etc/rc"
|
||||
|
||||
jail ${jail_rootdir} ${jail_hostname} ${jail_ip} ${jail_exec}
|
||||
done
|
||||
}
|
||||
|
||||
jail_stop()
|
||||
{
|
||||
kill -5 $(ps aux | awk '$8 ~ /.*J/ {print $2};')
|
||||
}
|
||||
|
||||
|
||||
load_rc_config $name
|
||||
run_rc_command "$1"
|
Loading…
Reference in New Issue
Block a user