From bdfa728eaa257baee82d607bfc2de5c3ddfdff1c Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Wed, 15 Jan 2025 11:34:21 -0700 Subject: [PATCH 01/12] pkg: auto-mode/debug-mode/notify instead of exit when done --- usr/local/share/bastille/pkg.sh | 75 +++++++++++++++++++++++++++------ 1 file changed, 63 insertions(+), 12 deletions(-) diff --git a/usr/local/share/bastille/pkg.sh b/usr/local/share/bastille/pkg.sh index e7cf23d75..12f918db2 100644 --- a/usr/local/share/bastille/pkg.sh +++ b/usr/local/share/bastille/pkg.sh @@ -31,29 +31,82 @@ # OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. . /usr/local/share/bastille/common.sh +. /usr/local/etc/bastille/bastille.conf usage() { - error_exit "Usage: bastille pkg [-H|--host] TARGET command [args]" + error_notify "Usage: bastille pkg [option(s)] TARGET COMMAND args" + cat << EOF + Options: + + -a | --auto Auto mode. Start/stop jail(s) if required. + -H | --host Use the hosts pkg command. + -x | --debug Enable debug mode. + +EOF + exit 1 } -# Handle special-case commands first. -case "$1" in -help|-h|--help) - usage - ;; -esac +# Handle options. +AUTO=0 +USE_HOST_PKG=0 +while [ "$#" -gt 0 ]; do + case "${1}" in + -h|--help|help) + usage + ;; + -a|--auto) + AUTO=1 + shift + ;; + -H|--host) + USE_HOST_PKG=1 + shift + ;; + -x|--debug) + enable_debug + shift + ;; + -*) + for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do + case ${_opt} in + a) AUTO=1 ;; + H) USE_HOST_PKG=1 ;; + x) enable_debug ;; + *) error_exit "Unknown Option: \"${1}\"" ;; + esac + done + shift + ;; + *) + break + ;; + esac +done -if [ $# -lt 1 ]; then +if [ $# -lt 2 ]; then usage fi +TARGET="${1}" +shift + bastille_root_check +set_target "${TARGET}" errors=0 for _jail in ${JAILS}; do + info "[${_jail}]:" - bastille_jail_path=$(/usr/sbin/jls -j "${_jail}" path) + + check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${_jail}" + else + error_notify "Jail is not running." + error_continue "Use [-a|--auto] to auto-start the jail." + fi + + bastille_jail_path="${bastille_jailsdir}/${_jail}/root" if [ -f "/usr/sbin/mport" ]; then if ! jexec -l -U root "${_jail}" /usr/sbin/mport "$@"; then errors=1 @@ -71,10 +124,8 @@ for _jail in ${JAILS}; do errors=1 fi fi - echo done if [ $errors -ne 0 ]; then - error_exit "Failed to apply on some jails, please check logs" - exit 1 + error_notify "Failed to apply on some jails, please check logs" fi From 4b35b2ad471f3d90769f86190b0706f4a306efbe Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Sat, 18 Jan 2025 17:37:04 -0700 Subject: [PATCH 02/12] pkg: exit on error --- usr/local/share/bastille/pkg.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/bastille/pkg.sh b/usr/local/share/bastille/pkg.sh index 12f918db2..01c1708b1 100644 --- a/usr/local/share/bastille/pkg.sh +++ b/usr/local/share/bastille/pkg.sh @@ -127,5 +127,5 @@ for _jail in ${JAILS}; do done if [ $errors -ne 0 ]; then - error_notify "Failed to apply on some jails, please check logs" + error_exit "Failed to apply on some jails, please check logs" fi From 4c20155af6a1e93a80730f73c1b5953e56be9e62 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Sun, 26 Jan 2025 12:28:21 -0700 Subject: [PATCH 03/12] pkg: Usage message clarify --- usr/local/share/bastille/pkg.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/bastille/pkg.sh b/usr/local/share/bastille/pkg.sh index 01c1708b1..2a37afbcd 100644 --- a/usr/local/share/bastille/pkg.sh +++ b/usr/local/share/bastille/pkg.sh @@ -39,7 +39,7 @@ usage() { Options: -a | --auto Auto mode. Start/stop jail(s) if required. - -H | --host Use the hosts pkg command. + -H | --host Use host 'pkg'. -x | --debug Enable debug mode. EOF From 7be9934a260a9a9fcc4266ce2d8b2def7b79bedb Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Sun, 26 Jan 2025 12:30:24 -0700 Subject: [PATCH 04/12] bastille: Pkg to no action commands --- usr/local/bin/bastille | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/bin/bastille b/usr/local/bin/bastille index 04f28e8c5..93374e8f7 100755 --- a/usr/local/bin/bastille +++ b/usr/local/bin/bastille @@ -164,10 +164,10 @@ version|-v|--version) help|-h|--help) usage ;; -bootstrap|clone|create|destroy|etcupdate|export|htop|import|list|mount|rdr|rename|restart|setup|start|top|umount|update|upgrade|verify) +bootstrap|clone|create|destroy|etcupdate|export|htop|import|list|mount|pkg|rdr|rename|restart|setup|start|top|umount|update|upgrade|verify) # Nothing "extra" to do for these commands. -- cwells ;; -config|cmd|console|convert|cp|edit|limits|pkg|rcp|service|stop|sysrc|tags|template|zfs) +config|cmd|console|convert|cp|edit|limits|rcp|service|stop|sysrc|tags|template|zfs) # Parse the target and ensure it exists. -- cwells if [ $# -eq 0 ]; then # No target was given, so show the command's help. -- cwells PARAMS='help' From c79ff1d5ce10bbd7339dbf95509b1f982836006b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Th=C3=A9o=20Bertin?= Date: Fri, 8 Dec 2023 11:21:31 +0100 Subject: [PATCH 05/12] CREATE.SH::ADDED:: New '--no-validate' parameter to use custom/manually bootstrapped releases --- usr/local/share/bastille/create.sh | 157 +++++++++++++++-------------- 1 file changed, 82 insertions(+), 75 deletions(-) diff --git a/usr/local/share/bastille/create.sh b/usr/local/share/bastille/create.sh index bfc62d064..af06fd9a2 100644 --- a/usr/local/share/bastille/create.sh +++ b/usr/local/share/bastille/create.sh @@ -634,6 +634,7 @@ CLONE_JAIL="" VNET_JAIL="" LINUX_JAIL="" STATIC_MAC="" +VALIDATE_RELEASE="1" # Handle and parse options while [ $# -gt 0 ]; do @@ -711,6 +712,10 @@ while [ $# -gt 0 ]; do VNET_JAIL_BRIDGE="1" shift ;; + --no-validate|no-validate) + VALIDATE_RELEASE="" + shift + ;; --*|-*) error_notify "Unknown Option." usage @@ -754,7 +759,7 @@ if [ -n "${NAME}" ]; then validate_name fi -if [ -n "${LINUX_JAIL}" ]; then +if [ -n "${LINUX_JAIL}" ] && [ -n "${VALIDATE_RELEASE}" ]; then case "${RELEASE}" in bionic|ubuntu_bionic|ubuntu|ubuntu-bionic) ## check for FreeBSD releases name @@ -788,80 +793,82 @@ if [ -n "${LINUX_JAIL}" ]; then fi if [ -z "${EMPTY_JAIL}" ]; then - ## verify release - case "${RELEASE}" in - 2.[0-9]*) - ## check for MidnightBSD releases name - NAME_VERIFY=$(echo "${RELEASE}") - validate_release - ;; - *-CURRENT|*-CURRENT-I386|*-CURRENT-i386|*-current) - ## check for FreeBSD releases name - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g') - validate_release - ;; - *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9]) - ## check for FreeBSD releases name - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g') - validate_release - ;; - *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST) - ## check for HardenedBSD releases name(previous infrastructure) - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})(-stable-last)$' | sed 's/STABLE/stable/g' | sed 's/last/LAST/g') - validate_release - ;; - *-stable-build-[0-9]*|*-STABLE-BUILD-[0-9]*) - ## check for HardenedBSD(specific stable build releases) - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build)-([0-9]{1,3})$' | sed 's/BUILD/build/g' | sed 's/STABLE/stable/g') - validate_release - ;; - *-stable-build-latest|*-stable-BUILD-LATEST|*-STABLE-BUILD-LATEST) - ## check for HardenedBSD(latest stable build release) - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build-latest)$' | sed 's/STABLE/stable/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g') - validate_release - ;; - current-build-[0-9]*|CURRENT-BUILD-[0-9]*) - ## check for HardenedBSD(specific current build releases) - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build)-([0-9]{1,3})' | sed 's/BUILD/build/g' | sed 's/CURRENT/current/g') - validate_release - ;; - current-build-latest|current-BUILD-LATEST|CURRENT-BUILD-LATEST) - ## check for HardenedBSD(latest current build release) - NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build-latest)' | sed 's/CURRENT/current/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g') - validate_release - ;; - ubuntu_bionic|bionic|ubuntu-bionic) - UBUNTU="1" - NAME_VERIFY=Ubuntu_1804 - validate_release - ;; - ubuntu_focal|focal|ubuntu-focal) - UBUNTU="1" - NAME_VERIFY=Ubuntu_2004 - validate_release - ;; - ubuntu_jammy|jammy|ubuntu-jammy) - UBUNTU="1" - NAME_VERIFY=Ubuntu_2204 - validate_release - ;; - debian_buster|buster|debian-buster) - NAME_VERIFY=Debian10 - validate_release - ;; - debian_bullseye|bullseye|debian-bullseye) - NAME_VERIFY=Debian11 - validate_release - ;; - debian_bookworm|bookworm|debian-bookworm) - NAME_VERIFY=Debian12 - validate_release - ;; - *) - error_notify "Unknown Release." - usage - ;; - esac + if [ -n "${VALIDATE_RELEASE}" ]; then + ## verify release + case "${RELEASE}" in + 2.[0-9]*) + ## check for MidnightBSD releases name + NAME_VERIFY=$(echo "${RELEASE}") + validate_release + ;; + *-CURRENT|*-CURRENT-I386|*-CURRENT-i386|*-current) + ## check for FreeBSD releases name + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-CURRENT|-CURRENT-i386)$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g') + validate_release + ;; + *-RELEASE|*-RELEASE-I386|*-RELEASE-i386|*-release|*-RC[1-9]|*-rc[1-9]|*-BETA[1-9]) + ## check for FreeBSD releases name + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})\.[0-9](-RELEASE|-RELEASE-i386|-RC[1-9]|-BETA[1-9])$' | tr '[:lower:]' '[:upper:]' | sed 's/I/i/g') + validate_release + ;; + *-stable-LAST|*-STABLE-last|*-stable-last|*-STABLE-LAST) + ## check for HardenedBSD releases name(previous infrastructure) + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '^([1-9]{2,2})(-stable-last)$' | sed 's/STABLE/stable/g' | sed 's/last/LAST/g') + validate_release + ;; + *-stable-build-[0-9]*|*-STABLE-BUILD-[0-9]*) + ## check for HardenedBSD(specific stable build releases) + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build)-([0-9]{1,3})$' | sed 's/BUILD/build/g' | sed 's/STABLE/stable/g') + validate_release + ;; + *-stable-build-latest|*-stable-BUILD-LATEST|*-STABLE-BUILD-LATEST) + ## check for HardenedBSD(latest stable build release) + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '([0-9]{1,2})(-stable-build-latest)$' | sed 's/STABLE/stable/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g') + validate_release + ;; + current-build-[0-9]*|CURRENT-BUILD-[0-9]*) + ## check for HardenedBSD(specific current build releases) + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build)-([0-9]{1,3})' | sed 's/BUILD/build/g' | sed 's/CURRENT/current/g') + validate_release + ;; + current-build-latest|current-BUILD-LATEST|CURRENT-BUILD-LATEST) + ## check for HardenedBSD(latest current build release) + NAME_VERIFY=$(echo "${RELEASE}" | grep -iwE '(current-build-latest)' | sed 's/CURRENT/current/g' | sed 's/build/BUILD/g' | sed 's/latest/LATEST/g') + validate_release + ;; + ubuntu_bionic|bionic|ubuntu-bionic) + UBUNTU="1" + NAME_VERIFY=Ubuntu_1804 + validate_release + ;; + ubuntu_focal|focal|ubuntu-focal) + UBUNTU="1" + NAME_VERIFY=Ubuntu_2004 + validate_release + ;; + ubuntu_jammy|jammy|ubuntu-jammy) + UBUNTU="1" + NAME_VERIFY=Ubuntu_2204 + validate_release + ;; + debian_buster|buster|debian-buster) + NAME_VERIFY=Debian10 + validate_release + ;; + debian_bullseye|bullseye|debian-bullseye) + NAME_VERIFY=Debian11 + validate_release + ;; + debian_bookworm|bookworm|debian-bookworm) + NAME_VERIFY=Debian12 + validate_release + ;; + *) + error_notify "Unknown Release." + usage + ;; + esac + fi ## check for name/root/.bastille if [ -d "${bastille_jailsdir}/${NAME}/root/.bastille" ]; then From 0bdd4faea106f3f39c44067b4db5e64bce0935e1 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Tue, 28 Jan 2025 11:07:43 -0700 Subject: [PATCH 06/12] umount: Add auto-mode/debug mode --- usr/local/share/bastille/umount.sh | 53 ++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 7 deletions(-) diff --git a/usr/local/share/bastille/umount.sh b/usr/local/share/bastille/umount.sh index f5d689699..5ffbc3a0e 100644 --- a/usr/local/share/bastille/umount.sh +++ b/usr/local/share/bastille/umount.sh @@ -34,15 +34,47 @@ . /usr/local/etc/bastille/bastille.conf usage() { - error_exit "Usage: bastille umount TARGET JAIL_PATH" + error_notify "Usage: bastille umount [option(s)] TARGET JAIL_PATH" + cat << EOF + Options: + + -a | --auto Auto mode. Start/stop jail(s) if required. + -x | --debug Enable debug mode. + +EOF + exit 1 } -# Handle special-case commands first. -case "${1}" in - help|-h|--help) - usage - ;; -esac +# Handle options. +AUTO=0 +while [ "$#" -gt 0 ]; do + case "${1}" in + -h|--help|help) + usage + ;; + -a|--auto) + AUTO=1 + shift + ;; + -x|--debug) + enable_debug + shift + ;; + -*) + for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do + case ${_opt} in + a) AUTO=1 ;; + x) enable_debug ;; + *) error_exit "Unknown Option: \"${1}\"" + esac + done + shift + ;; + *) + break + ;; + esac +done if [ "$#" -ne 2 ]; then usage @@ -58,6 +90,13 @@ for _jail in ${JAILS}; do info "[${_jail}]:" + check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${TARGET}" + else + error_notify "Jail is not running." + error_exit "Use [-a|--auto] to auto-start the jail." + fi + _jailpath="$( echo "${bastille_jailsdir}/${_jail}/root/${MOUNT_PATH}" 2>/dev/null | sed 's#//#/#' | sed 's#\\##g')" _mount="$( mount | grep -Eo "[[:blank:]]${_jailpath}[[:blank:]]" )" _jailpath_fstab="$(echo "${bastille_jailsdir}/${_jail}/root/${MOUNT_PATH}" | sed 's#//#/#g' | sed 's# #\\#g' | sed 's#\\#\\\\040#g')" From 1348452afa8d37f4df206223457f3db55923ad07 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Tue, 28 Jan 2025 11:09:09 -0700 Subject: [PATCH 07/12] mount: Add auto-mode/debug mode --- usr/local/share/bastille/mount.sh | 38 +++++++++++++++++++++++++++---- 1 file changed, 34 insertions(+), 4 deletions(-) diff --git a/usr/local/share/bastille/mount.sh b/usr/local/share/bastille/mount.sh index e2c060e61..67373a530 100644 --- a/usr/local/share/bastille/mount.sh +++ b/usr/local/share/bastille/mount.sh @@ -34,18 +34,41 @@ . /usr/local/etc/bastille/bastille.conf usage() { - error_exit "Usage: bastille mount [option(s)] TARGET HOST_PATH JAIL_PATH [filesystem_type options dump pass_number]" + error_notify "Usage: bastille mount [option(s)] TARGET HOST_PATH JAIL_PATH [filesystem_type options dump pass_number]" + cat << EOF + Options: + + -a | --auto Auto mode. Start/stop jail(s) if required. + -x | --debug Enable debug mode. + +EOF + exit 1 } # Handle options. +AUTO=0 while [ "$#" -gt 0 ]; do case "${1}" in -h|--help|help) usage ;; - --*|-*) - error_notify "Unknown Option." - usage + -a|--auto) + AUTO=1 + shift + ;; + -x|--debug) + enable_debug + shift + ;; + -*) + for _opt in $(echo ${1} | sed 's/-//g' | fold -w1); do + case ${_opt} in + a) AUTO=1 ;; + x) enable_debug ;; + *) error_exit "Unknown Option: \"${1}\"" + esac + done + shift ;; *) break @@ -120,6 +143,13 @@ for _jail in ${JAILS}; do info "[${_jail}]:" + check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${TARGET}" + else + error_notify "Jail is not running." + error_exit "Use [-a|--auto] to auto-start the jail." + fi + _fullpath_fstab="$( echo "${bastille_jailsdir}/${_jail}/root/${_jailpath_fstab}" 2>/dev/null | sed 's#//#/#' )" _fullpath="$( echo "${bastille_jailsdir}/${_jail}/root/${_jailpath}" 2>/dev/null | sed 's#//#/#' )" _fstab_entry="${_hostpath_fstab} ${_fullpath_fstab} ${_type} ${_perms} ${_checks}" From 8b6e5338f1f1c06df45745e2c32dfa3b5d339c08 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 3 Feb 2025 11:20:35 -0700 Subject: [PATCH 08/12] mount: Fix var --- usr/local/share/bastille/mount.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/bastille/mount.sh b/usr/local/share/bastille/mount.sh index 67373a530..f13c98ed3 100644 --- a/usr/local/share/bastille/mount.sh +++ b/usr/local/share/bastille/mount.sh @@ -143,8 +143,8 @@ for _jail in ${JAILS}; do info "[${_jail}]:" - check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then - bastille start "${TARGET}" + check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${_jail}" else error_notify "Jail is not running." error_exit "Use [-a|--auto] to auto-start the jail." From 19c485e57171aa6bfcbce86d287eb3f3705e7290 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 3 Feb 2025 11:21:27 -0700 Subject: [PATCH 09/12] umount: Fix vars --- usr/local/share/bastille/umount.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/usr/local/share/bastille/umount.sh b/usr/local/share/bastille/umount.sh index 5ffbc3a0e..89017dfd1 100644 --- a/usr/local/share/bastille/umount.sh +++ b/usr/local/share/bastille/umount.sh @@ -90,8 +90,8 @@ for _jail in ${JAILS}; do info "[${_jail}]:" - check_target_is_running "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then - bastille start "${TARGET}" + check_target_is_running "${_jail}" || if [ "${AUTO}" -eq 1 ]; then + bastille start "${_jail}" else error_notify "Jail is not running." error_exit "Use [-a|--auto] to auto-start the jail." From b76201e25ccf021da19b5092e8c3c5eed12c3a19 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 3 Feb 2025 12:45:55 -0700 Subject: [PATCH 10/12] =?UTF-8?q?clone:=20Fix=20cloning=20with=20=E2=80=9C?= =?UTF-8?q?if|ip=E2=80=9D=20jail=20entry?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- usr/local/share/bastille/clone.sh | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/usr/local/share/bastille/clone.sh b/usr/local/share/bastille/clone.sh index 2d2dee9e1..3871c6eb6 100644 --- a/usr/local/share/bastille/clone.sh +++ b/usr/local/share/bastille/clone.sh @@ -159,17 +159,21 @@ update_jailconf() { # IP4 if [ "${_ip4}" != "not set" ]; then for _ip in ${_ip4}; do - _ip="$(echo ${_ip} | awk -F"|" '{print $2}')" - sed -i '' "/${IPX_ADDR} = .*/ s/${_ip}/${IP}/" "${JAIL_CONFIG}" - sed -i '' "/${IPX_ADDR} += .*/ s/${_ip}/127.0.0.1/" "${JAIL_CONFIG}" + if echo ${_ip} | grep -q "|"; then + _ip="$(echo ${_ip} | awk -F"|" '{print $2}')" + fi + sed -i '' "/ip4.addr = .*/ s/${_ip}/${IP}/" "${JAIL_CONFIG}" + sed -i '' "/ip4.addr += .*/ s/${_ip}/127.0.0.1/" "${JAIL_CONFIG}" done fi # IP6 if [ "${_ip6}" != "not set" ]; then for _ip in ${_ip6}; do - _ip="$(echo ${_ip} | awk -F"|" '{print $2}')" - sed -i '' "/${IPX_ADDR} = .*/ s/${_ip}/${IP}/" "${JAIL_CONFIG}" - sed -i '' "/${IPX_ADDR} += .*/ s/${_ip}/127.0.0.1/" "${JAIL_CONFIG}" + if echo ${_ip} | grep -q "|"; then + _ip="$(echo ${_ip} | awk -F"|" '{print $2}')" + fi + sed -i '' "/ip6.addr = .*/ s/${_ip}/${IP}/" "${JAIL_CONFIG}" + sed -i '' "/ip6.addr += .*/ s/${_ip}/127.0.0.1/" "${JAIL_CONFIG}" done fi fi From ef6d7616bae6c9ea21add9d92870755a8fdf5294 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 3 Feb 2025 12:51:52 -0700 Subject: [PATCH 11/12] clone: Remove unneeded vars --- usr/local/share/bastille/clone.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/usr/local/share/bastille/clone.sh b/usr/local/share/bastille/clone.sh index 3871c6eb6..9360cde48 100644 --- a/usr/local/share/bastille/clone.sh +++ b/usr/local/share/bastille/clone.sh @@ -108,12 +108,10 @@ if echo "${NEWNAME}" | grep -q "[.]"; then fi validate_ip() { - IPX_ADDR="ip4.addr" IP6_MODE="disable" ip6=$(echo "${IP}" | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$))') if [ -n "${ip6}" ]; then info "Valid: (${ip6})." - IPX_ADDR="ip6.addr" # shellcheck disable=SC2034 IP6_MODE="new" else From d9af67b3d3b452b827829ef5f49b4ad25b9ad7e3 Mon Sep 17 00:00:00 2001 From: tschettervictor <85497460+tschettervictor@users.noreply.github.com> Date: Mon, 3 Feb 2025 13:01:36 -0700 Subject: [PATCH 12/12] clone: Fix IP6 mode --- usr/local/share/bastille/clone.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/share/bastille/clone.sh b/usr/local/share/bastille/clone.sh index 9360cde48..0db638353 100644 --- a/usr/local/share/bastille/clone.sh +++ b/usr/local/share/bastille/clone.sh @@ -112,7 +112,6 @@ validate_ip() { ip6=$(echo "${IP}" | grep -E '^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$))') if [ -n "${ip6}" ]; then info "Valid: (${ip6})." - # shellcheck disable=SC2034 IP6_MODE="new" else local IFS @@ -172,6 +171,7 @@ update_jailconf() { fi sed -i '' "/ip6.addr = .*/ s/${_ip}/${IP}/" "${JAIL_CONFIG}" sed -i '' "/ip6.addr += .*/ s/${_ip}/127.0.0.1/" "${JAIL_CONFIG}" + sed -i '' "s/ip6 = .*/ip6 = ${IP6_MODE};/" "${JAIL_CONFIG}" done fi fi