diff options
| author | mtm <mtm@FreeBSD.org> | 2003-04-16 16:27:23 +0000 |
|---|---|---|
| committer | mtm <mtm@FreeBSD.org> | 2003-04-16 16:27:23 +0000 |
| commit | 21aff7c292c400d52f1b1a98e0fd6d056e7e5924 (patch) | |
| tree | f8fc94821bcfa83e02ff138c8d16a771e462e0f2 /etc | |
| parent | b2bb2ae2851e0ba59a1c1db1607e2fbe2d7e0abb (diff) | |
| download | FreeBSD-src-21aff7c292c400d52f1b1a98e0fd6d056e7e5924.zip FreeBSD-src-21aff7c292c400d52f1b1a98e0fd6d056e7e5924.tar.gz | |
o Add a script to start jails on boot.
o Hook it up to the build
Approved by: markm (mentor)
Submitted by: Clement Laforet <sheepkiller@cultdeadsheep.org> (modified)
Prodded by: mike
Diffstat (limited to 'etc')
| -rwxr-xr-x | etc/rc.d/Makefile | 2 | ||||
| -rw-r--r-- | etc/rc.d/jail | 68 |
2 files changed, 69 insertions, 1 deletions
diff --git a/etc/rc.d/Makefile b/etc/rc.d/Makefile index 49bf0e0..64ccf76 100755 --- a/etc/rc.d/Makefile +++ b/etc/rc.d/Makefile @@ -7,7 +7,7 @@ FILES= DAEMON LOGIN NETWORKING SERVERS abi accounting addswap adjkerntz amd \ apm apmd atm1 atm2.sh atm3.sh archdep bgfsck bootparams ccd cleanvar \ cleartmp cron devd devdb devfs diskless dmesg dumpon fsck inetd \ initdiskless initrandom ip6fw ipfilter ipfw ipmon ipnat ipsec \ - ipxrouted isdnd kadmind kerberos keyserv kldxref ldconfig local \ + ipxrouted isdnd jail kadmind kerberos keyserv kldxref ldconfig local \ localdaemons lomac lpd motd mountcritlocal mountcritremote \ mountd moused mroute6d mrouted msgs named network1 network2 \ network3 network_ipv6 nfsclient nfsd nfslocking nfsserver ntpd \ diff --git a/etc/rc.d/jail b/etc/rc.d/jail new file mode 100644 index 0000000..e4c2eed --- /dev/null +++ b/etc/rc.d/jail @@ -0,0 +1,68 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: jail +# REQUIRE: LOGIN +# KEYWORD: FreeBSD + +. /etc/rc.subr + +name="jail" +rcvar=`set_rcvar` +start_cmd="jail_start" +stop_cmd="jail_stop" + +jail_start() +{ + echo -n 'Configuring jails:' + echo -n ' set_hostname_allowed=' + if checkyesno jail_set_hostname_allow ; then + echo -n 'YES' + ${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=1 + else + echo -n 'NO' + ${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=0 + fi + + echo -n ' unixiproute_only=' + if checkyesno jail_socket_unixiproute_only ; then + echo -n 'YES' + ${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=1 + else + echo -n 'NO' + ${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=0 + fi + + echo -n ' sysvipc_allow=' + if checkyesno jail_sysvipc_allow ; then + echo -n 'YES' + ${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=1 + else + echo -n 'NO' + ${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=0 + fi + echo '.' + + echo 'Starting Jails.' + for _jail in ${jail_list} + do + eval jail_rootdir=\"\$jail_${_jail}_rootdir\" + eval jail_hostname=\"\$jail_${_jail}_hostname\" + eval jail_ip=\"\$jail_${_jail}_ip\" + eval jail_exec=\"\$jail_${_jail_name}_exec\" + [ -z ${jail_exec} ] && jail_exec="/bin/sh /etc/rc" + + jail ${jail_rootdir} ${jail_hostname} ${jail_ip} ${jail_exec} + done +} + +jail_stop() +{ + kill -5 $(ps aux | awk '$8 ~ /.*J/ {print $2};') +} + + +load_rc_config $name +run_rc_command "$1" |
