diff --git a/docs/chapters/subcommands/console.rst b/docs/chapters/subcommands/console.rst index b1a218eb3..264a87b5f 100644 --- a/docs/chapters/subcommands/console.rst +++ b/docs/chapters/subcommands/console.rst @@ -2,8 +2,7 @@ console ======= -This sub-command launches a login shell into the container. Default is password-less -root login. +This sub-command launches a login shell into the container. Default is password-less root login. .. code-block:: shell @@ -11,6 +10,25 @@ root login. [folsom]: root@folsom:~ # +TARGET can also be a running jails JID value. + +.. code-block:: shell + + ishmael ~ # bastille list + JID IP Address Hostname Path + 1 10.1.2.3 ishmael /usr/local/bastille/jails/ishmael/root + ishmael ~ # bastille console 1 + [ishmael]: + root@ishmael:~ # + At this point you are logged in to the container and have full shell access. The system is yours to use and/or abuse as you like. Any changes made inside the container are limited to the container. + +.. code-block:: shell + + "Usage: bastille console [option(s)] TARGET [user]" + Options: + + -a | --auto Auto mode. Start/stop jail(s) if required. + -x | --debug Enable debug mode. diff --git a/usr/local/bin/bastille b/usr/local/bin/bastille index f86b7254b..d89baf15d 100755 --- a/usr/local/bin/bastille +++ b/usr/local/bin/bastille @@ -139,7 +139,7 @@ EOF CMD=$1 shift -target_all_jails() { +target_all_jails_old() { _JAILS=$(/usr/sbin/jls name) JAILS="" for _jail in ${_JAILS}; do @@ -150,7 +150,7 @@ target_all_jails() { done } -check_target_is_running() { +check_target_is_running_old() { if [ ! "$(/usr/sbin/jls name | awk "/^${TARGET}$/")" ]; then error_exit "[${TARGET}]: Not started. See 'bastille start ${TARGET}'." fi @@ -165,10 +165,11 @@ version|-v|--version) help|-h|--help) usage ;; -bootstrap|clone|create|cp|destroy|etcupdate|export|htop|import|jcp|list|mount|rcp|rdr|rename|restart|setup|start|top|umount|update|upgrade|verify) + +bootstrap|clone|console|create|cp|destroy|etcupdate|export|htop|import|jcp|list|mount|rcp|rdr|rename|restart|setup|start|top|umount|update|upgrade|verify) # Nothing "extra" to do for these commands. -- cwells ;; -config|cmd|console|convert|edit|limits|pkg|service|stop|sysrc|tags|template|zfs) +config|cmd|convert|edit|limits|pkg|service|stop|sysrc|tags|template|zfs) # Parse the target and ensure it exists. -- cwells if [ $# -eq 0 ]; then # No target was given, so show the command's help. -- cwells PARAMS='help' @@ -189,15 +190,15 @@ config|cmd|console|convert|edit|limits|pkg|service|stop|sysrc|tags|template|zfs) fi if [ "${TARGET}" = 'ALL' ]; then - target_all_jails + target_all_jails_old elif [ "${CMD}" = "pkg" ] && [ "${TARGET}" = '-H' ] || [ "${TARGET}" = '--host' ]; then TARGET="${1}" USE_HOST_PKG=1 if [ "${TARGET}" = 'ALL' ]; then - target_all_jails + target_all_jails_old else JAILS="${TARGET}" - check_target_is_running + check_target_is_running_old fi shift elif [ "${CMD}" = 'template' ] && [ "${TARGET}" = '--convert' ]; then @@ -213,8 +214,8 @@ config|cmd|console|convert|edit|limits|pkg|service|stop|sysrc|tags|template|zfs) fi case "${CMD}" in - cmd|console|pkg|service|stop|sysrc|template) - check_target_is_running + cmd|pkg|service|stop|sysrc|template) + check_target_is_running_old ;; convert|rename) # Require the target to be stopped. -- cwells diff --git a/usr/local/share/bastille/clone.sh b/usr/local/share/bastille/clone.sh index 998f4674d..2d2dee9e1 100644 --- a/usr/local/share/bastille/clone.sh +++ b/usr/local/share/bastille/clone.sh @@ -39,7 +39,7 @@ usage() { Options: -a | --auto Auto mode. Start/stop jail(s) if required. Cannot be used with [-l|--live]. - -l | --live Clone a running jail. ZFS only. Jail must be running. Cannot be used with [-f|--force]. + -l | --live Clone a running jail. ZFS only. Jail must be running. Cannot be used with [-a|--auto]. -x | --debug Enable debug mode. EOF diff --git a/usr/local/share/bastille/common.sh b/usr/local/share/bastille/common.sh index 3f861fab6..fd62d6e20 100644 --- a/usr/local/share/bastille/common.sh +++ b/usr/local/share/bastille/common.sh @@ -366,3 +366,4 @@ checkyesno() { ;; esac } + diff --git a/usr/local/share/bastille/console.sh b/usr/local/share/bastille/console.sh index 9131b221b..96690b3de 100644 --- a/usr/local/share/bastille/console.sh +++ b/usr/local/share/bastille/console.sh @@ -34,26 +34,66 @@ . /usr/local/etc/bastille/bastille.conf usage() { - error_exit "Usage: bastille console TARGET [user]" + error_notify "Usage: bastille console [option(s)] TARGET [user]" + cat << EOF + Options: + + -a | --auto Auto mode. Start/stop jail(s) if required. + -x | --debug Enable debug mode. + +EOF + exit 1 } -# Handle special-case commands first. -case "$1" in -help|-h|--help) - usage - ;; -esac +# Handle options. +AUTO=0 +while [ "$#" -gt 0 ]; do + case "${1}" in + -h|--help|help) + usage + ;; + -a|--auto) + AUTO=1 + shift + ;; + -x|--debug) + enable_debug + shift + ;; + -*) + for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do + case ${_opt} in + x) enable_debug ;; + a) AUTO=1 ;; + *) error_exit "Unknown Option: \"${1}\"" ;; + esac + done + shift + ;; + *) + break + ;; + esac +done -if [ $# -gt 1 ]; then +if [ "$#" -lt 1 ] || [ "$#" -gt 2 ]; then usage fi -bastille_root_check +TARGET="${1}" +USER="${2}" -USER="${1}" +bastille_root_check +set_target_single "${TARGET}" +check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${TARGET}" +else + error_notify "Jail is not running." + error_exit "Use [-a|--auto] to auto-start the jail." +fi validate_user() { - if jexec -l "${_jail}" id "${USER}" >/dev/null 2>&1; then + if jexec -l "${TARGET}" id "${USER}" >/dev/null 2>&1; then USER_SHELL="$(jexec -l "${_jail}" getent passwd "${USER}" | cut -d: -f7)" if [ -n "${USER_SHELL}" ]; then if jexec -l "${_jail}" grep -qwF "${USER_SHELL}" /etc/shells; then @@ -70,7 +110,7 @@ validate_user() { } check_fib() { - fib=$(grep 'exec.fib' "${bastille_jailsdir}/${_jail}/jail.conf" | awk '{print $3}' | sed 's/\;//g') + fib=$(grep 'exec.fib' "${bastille_jailsdir}/${TARGET}/jail.conf" | awk '{print $3}' | sed 's/\;//g') if [ -n "${fib}" ]; then _setfib="setfib -F ${fib}" else @@ -78,15 +118,12 @@ check_fib() { fi } -for _jail in ${JAILS}; do - info "[${_jail}]:" - LOGIN="$(jexec -l "${_jail}" which login)" - if [ -n "${USER}" ]; then - validate_user - else - check_fib - LOGIN="$(jexec -l "${_jail}" which login)" - ${_setfib} jexec -l "${_jail}" $LOGIN -f root - fi - echo -done +info "[${TARGET}]:" +LOGIN="$(jexec -l "${TARGET}" which login)" +if [ -n "${USER}" ]; then + validate_user +else + check_fib + LOGIN="$(jexec -l "${TARGET}" which login)" + ${_setfib} jexec -l "${TARGET}" $LOGIN -f root +fi diff --git a/usr/local/share/bastille/create.sh b/usr/local/share/bastille/create.sh index 0f47f17c1..bfc62d064 100644 --- a/usr/local/share/bastille/create.sh +++ b/usr/local/share/bastille/create.sh @@ -68,6 +68,8 @@ validate_name() { error_exit "Container names may not begin with (-|_) characters!" elif [ "${NAME_VERIFY}" != "${NAME_SANITY}" ]; then error_exit "Container names may not contain special characters!" + elif echo "${NAME_VERIFY}" | grep -qE '^[0-9]+$'; then + error_exit "Container names may not contain only digits." fi }