summaryrefslogtreecommitdiffstats
path: root/etc/rc.d/jail
blob: 403f524e09cb55ce23b6d587f48f0cc8d83c62d9 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
#!/bin/sh
#
# $FreeBSD$
#

# PROVIDE: jail
# REQUIRE: LOGIN
# KEYWORD: FreeBSD

. /etc/rc.subr

name="jail"
rcvar=`set_rcvar`
start_cmd="jail_start"
stop_cmd="jail_stop"

jail_start()
{
	echo -n 'Configuring jails:'
	echo -n ' set_hostname_allowed='
	if checkyesno jail_set_hostname_allow ; then 
		echo -n 'YES'
		${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=1
	else
		echo -n 'NO'
		${SYSCTL_W} 1>/dev/null security.jail.set_hostname_allowed=0
	fi

	echo -n ' unixiproute_only='
	if checkyesno jail_socket_unixiproute_only ; then 
		echo -n 'YES'
		${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=1
	else
		echo -n 'NO'
		${SYSCTL_W} 1>/dev/null security.jail.socket_unixiproute_only=0
	fi

	echo -n ' sysvipc_allow='
	if checkyesno jail_sysvipc_allow ; then
		echo -n 'YES'
		${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=1
	else
		echo -n 'NO'
		${SYSCTL_W} 1>/dev/null security.jail.sysvipc_allowed=0
	fi
	echo '.'

	echo 'Starting Jails.'
	for _jail in ${jail_list} 
	do
		eval jail_rootdir=\"\$jail_${_jail}_rootdir\"
		eval jail_hostname=\"\$jail_${_jail}_hostname\"
		eval jail_ip=\"\$jail_${_jail}_ip\"
		eval jail_exec=\"\$jail_${_jail}_exec\"
		[ -z ${jail_exec} ] && jail_exec="/bin/sh /etc/rc"
		
		jail ${jail_rootdir} ${jail_hostname} ${jail_ip} ${jail_exec}
	done
}

jail_stop()
{
	kill -TERM $(ps aux | awk '$8 ~ /.*J/ {print  $2};')
}


load_rc_config $name
run_rc_command "$1"
OpenPOWER on IntegriCloud