Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions usr/local/bin/bastille
Original file line number Diff line number Diff line change
Expand Up @@ -152,14 +152,14 @@ while [ "$#" -gt 0 ]; do
usage
;;
version|-v|--version)
info "${BASTILLE_VERSION}"
info 1 "${BASTILLE_VERSION}"
exit 0
;;
-c|--config)
BASTILLE_CONFIG="${2}"
if [ -r "/usr/local/etc/bastille/${BASTILLE_CONFIG}" ]; then
BASTILLE_CONFIG="/usr/local/etc/bastille/${BASTILLE_CONFIG}"
info "Using custom config: ${BASTILLE_CONFIG}"
info 1 "Using custom config: ${BASTILLE_CONFIG}"
export BASTILLE_CONFIG
else
error_exit "Not a valid config file: ${BASTILLE_CONFIG}"
Expand Down
45 changes: 22 additions & 23 deletions usr/local/share/bastille/bootstrap.sh
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ validate_release() {
# Set release name to sane release
RELEASE="${NAME_VERIFY}"

info "\nAttempting to bootstrap ${PLATFORM_OS} release: ${RELEASE}"
info 1 "\nAttempting to bootstrap ${PLATFORM_OS} release: ${RELEASE}"

### FreeBSD ###
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then
Expand All @@ -212,7 +212,7 @@ validate_release() {
fi
### Linux ###
elif [ "${PLATFORM_OS}" = "Linux/Debian" ] || [ "${PLATFORM_OS}" = "Linux/Ubuntu" ]; then
info "\nEnsuring Linux compatability..."
info 1 "\nEnsuring Linux compatability..."
if ! bastille setup -y linux >/dev/null 2>/dev/null; then
error_notify "[ERROR]: Failed to configure linux."
error_exit "See 'bastille setup linux' for more details."
Expand Down Expand Up @@ -255,23 +255,23 @@ bootstrap_release_legacy() {
bastille_bootstrap_archives=$(echo "${bastille_bootstrap_archives}" | sed "s/${distfile}//")
done
if [ -z "${bastille_bootstrap_archives}" ]; then
info "\nBootstrap appears complete!\n"
info 1 "\nBootstrap appears complete!\n"
exit 0
fi
fi

# Bootstrap archives
for archive in ${bastille_bootstrap_archives}; do
if [ -f "${bastille_cachedir}/${RELEASE}/${archive}.txz" ]; then
info "\nExtracting ${PLATFORM_OS} archive: ${archive}.txz"
info 1 "\nExtracting ${PLATFORM_OS} archive: ${archive}.txz"
if ! /usr/bin/tar -C "${bastille_releasesdir}/${RELEASE}" -xf "${bastille_cachedir}/${RELEASE}/${archive}.txz"; then
ERRORS=$((ERRORS + 1))
error_continue "[ERROR]: Failed to extract archive: ${archive}.txz."
fi
else
# Fetch MANIFEST
if [ ! -f "${bastille_cachedir}/${RELEASE}/MANIFEST" ]; then
info "\nFetching MANIFEST..."
info 1 "\nFetching MANIFEST..."
if ! fetch "${UPSTREAM_URL}/MANIFEST" -o "${bastille_cachedir}/${RELEASE}/MANIFEST"; then
ERRORS=$((ERRORS + 1))
error_continue "[ERROR]: Failed to fetch MANIFEST."
Expand All @@ -280,30 +280,30 @@ bootstrap_release_legacy() {

# Fetch distfile
if [ ! -f "${bastille_cachedir}/${RELEASE}/${archive}.txz" ]; then
info "\nFetching distfile: ${archive}.txz"
info 1 "\nFetching distfile: ${archive}.txz"
if ! fetch "${UPSTREAM_URL}/${archive}.txz" -o "${bastille_cachedir}/${RELEASE}/${archive}.txz"; then
ERRORS=$((ERRORS + 1))
error_continue "[ERROR]: Failed to fetch archive: ${archive}.txz"
fi
fi

# Validate checksums
info "\nValidating checksum for archive: ${archive}.txz"
info 1 "\nValidating checksum for archive: ${archive}.txz"
if [ -f "${bastille_cachedir}/${RELEASE}/${archive}.txz" ]; then
SHA256_DIST=$(grep -w "${archive}.txz" "${bastille_cachedir}/${RELEASE}/MANIFEST" | awk '{print $2}')
SHA256_FILE=$(sha256 -q "${bastille_cachedir}/${RELEASE}/${archive}.txz")
if [ "${SHA256_FILE}" != "${SHA256_DIST}" ]; then
ERRORS=$((ERRORS + 1))
error_continue "[ERROR]: Failed to validate checksum for archive: ${archive}.txz"
else
echo "MANIFEST: ${SHA256_DIST}"
echo "DOWNLOAD: ${SHA256_FILE}"
info "\nChecksum validated."
info 2 "MANIFEST: ${SHA256_DIST}"
info 2 "DOWNLOAD: ${SHA256_FILE}"
info 1 "\nChecksum validated."
fi
fi

# Extract distfile
info "\nExtracting archive: ${archive}.txz"
info 1 "\nExtracting archive: ${archive}.txz"
if [ -f "${bastille_cachedir}/${RELEASE}/${archive}.txz" ]; then
if ! /usr/bin/tar -C "${bastille_releasesdir}/${RELEASE}" -xf "${bastille_cachedir}/${RELEASE}/${archive}.txz"; then
ERRORS=$((ERRORS + 1))
Expand All @@ -325,7 +325,7 @@ bootstrap_release_legacy() {

bootstrap_release_pkgbase() {

info "\nUsing PkgBase..."
info 1 "\nUsing PkgBase..."

### FreeBSD ###
if [ "${PLATFORM_OS}" = "FreeBSD" ]; then
Expand Down Expand Up @@ -367,7 +367,7 @@ bootstrap_release_pkgbase() {
# Verify package sets
bastille_pkgbase_packages=$(echo "${bastille_pkgbase_packages}" | sed "s/base-jail//")
if [ -z "${bastille_pkgbase_packages}" ]; then
info "\nBootstrap appears complete!"
info 1 "\nBootstrap appears complete!"
exit 0
fi
fi
Expand All @@ -384,7 +384,7 @@ bootstrap_release_pkgbase() {
return 1
fi

info "\nUpdating ${repo_name} repository..."
info 1 "\nUpdating ${repo_name} repository..."

# Update PkgBase repo
if ! pkg --rootdir "${bastille_releasesdir}/${RELEASE}" \
Expand All @@ -401,12 +401,12 @@ bootstrap_release_pkgbase() {
error_notify "[ERROR]: Failed to update repository: ${repo_name}"
fi

info "\nInstalling packages..."
info 1 "\nInstalling packages..."

for package in ${bastille_pkgbase_packages}; do

# Check if package set is already installed
if ! pkg --rootdir "${bastille_releasesdir}/${RELEASE}" info "FreeBSD-set-${package}" 2>/dev/null; then
if ! pkg --rootdir "${bastille_releasesdir}/${RELEASE}" info 1 "FreeBSD-set-${package}" 2>/dev/null; then
# Install package set
if ! pkg --rootdir "${bastille_releasesdir}/${RELEASE}" \
--repo-conf-dir="${repo_dir}" \
Expand All @@ -423,7 +423,7 @@ bootstrap_release_pkgbase() {
error_continue "[ERROR]: Failed to install package set: ${package}"
fi
else
info "\nPackage set already installed: ${package}"
info 1 "\nPackage set already installed: ${package}"
fi
done

Expand Down Expand Up @@ -451,8 +451,8 @@ bootstrap_release_linux() {
# Set necessary settings
case "${LINUX_FLAVOR}" in
bionic|focal|jammy|buster|bullseye|bookworm|noble)
info "Increasing APT::Cache-Start"
echo "APT::Cache-Start 251658240;" > "${bastille_releasesdir}"/${RELEASE}/etc/apt/apt.conf.d/00aptitude
info 1 "Increasing APT::Cache-Start"
iffo 2 "APT::Cache-Start 251658240;" > "${bastille_releasesdir}"/${RELEASE}/etc/apt/apt.conf.d/00aptitude
;;
esac
fi
Expand Down Expand Up @@ -561,7 +561,7 @@ bastille_root_check

# Validate if ZFS is enabled in rc.conf and bastille.conf.
if [ "$(sysrc -n zfs_enable)" = "YES" ] && ! checkyesno bastille_zfs_enable; then
warn "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
warn 1 "ZFS is enabled in rc.conf but not bastille.conf. Do you want to continue? (N|y)"
read answer
case $answer in
no|No|n|N|"")
Expand Down Expand Up @@ -756,9 +756,8 @@ if [ "${ERRORS}" -eq 0 ]; then
fi

# Success
info "\nBootstrap successful."
echo "See 'bastille --help' for available commands."
echo
info 1 "\nBootstrap successful."
info 2 "See 'bastille --help' for available commands.\n"
else
error_exit "[ERROR]: Bootstrap failed!"
fi
12 changes: 6 additions & 6 deletions usr/local/share/bastille/clone.sh
Original file line number Diff line number Diff line change
Expand Up @@ -129,7 +129,7 @@ define_ips() {
error_exit "[ERROR]: Unsupported IP option for standard jail: ${IP4_ADDR}"
fi
elif ifconfig | grep -qwF "${IP4_ADDR}"; then
warn "\n[WARNING]: IP address already in use: ${TEST_IP}"
warn 1 "\n[WARNING]: IP address already in use: ${TEST_IP}"
fi
fi

Expand Down Expand Up @@ -482,7 +482,7 @@ clone_jail() {
if [ "${AUTO}" -eq 1 ]; then
bastille stop "${TARGET}"
else
info "\n[${TARGET}]:"
info 1 "\n[${TARGET}]:"
error_notify "Jail is running."
error_exit "Use [-a|--auto] to force stop the jail, or [-l|--live] (ZFS only) to clone a running jail."
fi
Expand All @@ -508,7 +508,7 @@ clone_jail() {
check_target_is_stopped "${TARGET}" || if [ "${AUTO}" -eq 1 ]; then
bastille stop "${TARGET}"
else
info "\n[${TARGET}]:"
info 1 "\n[${TARGET}]:"
error_notify "Jail is running."
error_exit "Use [-a|--auto] to force stop the jail."
fi
Expand All @@ -529,9 +529,9 @@ clone_jail() {
if [ "$?" -ne 0 ]; then
error_exit "[ERROR]: An error has occurred while attempting to clone '${TARGET}'."
else
info "\nCloned '${TARGET}' to '${NEWNAME}' successfully."
info 1 "\nCloned '${TARGET}' to '${NEWNAME}' successfully."
if [ "${CLONE_INTERFACE_COUNT}" -gt 1 ]; then
info "\nEdit 'rc.conf' to manually set network info for non-default interfaces."
info 1 "\nEdit 'rc.conf' to manually set network info for non-default interfaces."
fi
fi

Expand All @@ -544,7 +544,7 @@ clone_jail() {
fi
}

info "\nAttempting to clone '${TARGET}' to '${NEWNAME}'..."
info 1 "\nAttempting to clone '${TARGET}' to '${NEWNAME}'..."

clone_validate_jail_name

Expand Down
4 changes: 2 additions & 2 deletions usr/local/share/bastille/cmd.sh
Original file line number Diff line number Diff line change
Expand Up @@ -94,12 +94,12 @@ for jail in ${JAILS}; do
check_target_is_running "${jail}" || if [ "${AUTO}" -eq 1 ]; then
bastille start "${jail}"
else
info "\n[${jail}]:"
info 1 "\n[${jail}]:"
error_notify "Jail is not running."
error_continue "Use [-a|--auto] to auto-start the jail."
fi

info "\n[${jail}]:"
info 1 "\n[${jail}]:"

# Allow executing commands on linux jails
if grep -qw "linsysfs" "${bastille_jailsdir}/${jail}/fstab"; then
Expand Down
55 changes: 37 additions & 18 deletions usr/local/share/bastille/common.sh
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ enable_color() {

enable_debug() {
# Enable debug mode.
warn "***DEBUG MODE***"
warn 1 "***DEBUG MODE***"
set -x
}

Expand All @@ -66,7 +66,7 @@ fi

# Error messages/functions
error_notify() {
echo -e "${COLOR_RED}$*${COLOR_RESET}" 1>&2
printf "%b\n" "${COLOR_RED}$*${COLOR_RESET}" 1>&2
}

error_continue() {
Expand All @@ -82,11 +82,30 @@ error_exit() {
}

info() {
echo -e "${COLOR_GREEN}$*${COLOR_RESET}"

level="${1}"
shift 1

if [ "${level}" -eq 1 ]; then
printf "%b\n" "${COLOR_GREEN}$*${COLOR_RESET}" 1>&2
elif [ "${level}" -eq 2 ]; then
printf "%b\n" "$*" 1>&2
else
printf "%b\n" "$*"
fi
}


warn() {
echo -e "${COLOR_YELLOW}$*${COLOR_RESET}"

level="${1}"
shift 1

if [ "${level}" -eq 1 ]; then
printf "%b\n" "${COLOR_YELLOW}$*${COLOR_RESET}" 1>&2
elif [ "${level}" -eq 3 ]; then
printf "%b\n" "${COLOR_YELLOW}$*${COLOR_RESET}"
fi
}

check_target_exists() {
Expand Down Expand Up @@ -142,7 +161,7 @@ get_jail_name() {
if [ -z "${jail_name}" ]; then
return 1
else
echo "${jail_name}"
info 1 "${jail_name}"
fi
}

Expand Down Expand Up @@ -528,14 +547,14 @@ validate_ip() {
fi
ip6="${ip6}/${subnet}"
fi
info "\nValid IP: ${ip6}"
info 1 "\nValid IP: ${ip6}"
export IP6_ADDR="${ip6}"
elif [ "${ip}" = "inherit" ] || [ "${ip}" = "ip_hostname" ]; then
info "\nValid IP: ${ip}"
info 1 "\nValid IP: ${ip}"
export IP4_ADDR="${ip}"
export IP6_ADDR="${ip}"
elif [ "${ip}" = "0.0.0.0" ] || [ "${ip}" = "DHCP" ] || [ "${ip}" = "SYNCDHCP" ]; then
info "\nValid IP: ${ip}"
info 1 "\nValid IP: ${ip}"
export IP4_ADDR="${ip}"
elif [ -n "${ip4}" ]; then
if [ "${vnet_jail}" -eq 1 ]; then
Expand All @@ -558,7 +577,7 @@ validate_ip() {
fi
done

info "\nValid IP: ${ip4}"
info 1 "\nValid IP: ${ip4}"
export IP4_ADDR="${ip4}"
else
error_exit "[ERROR]: Invalid IP: ${ip4}"
Expand Down Expand Up @@ -602,7 +621,7 @@ checkyesno() {
return 1
;;
*)
warn "\$${1} is not set properly - see rc.conf(5)."
warn 1 "\$${1} is not set properly - see rc.conf(5)."
return 1
;;
esac
Expand All @@ -617,10 +636,10 @@ update_jail_syntax_v1() {
# Only apply if old syntax is found
if grep -Eoq "exec.prestart.*ifconfig epair[0-9]+ create.*" "${jail_config}"; then

warn "\n[WARNING]\n"
warn "Updating jail.conf file..."
warn "Please review your jail.conf file after completion."
warn "VNET jails created without -M will be assigned a new MAC address."
warn 1 "\n[WARNING]\n"
warn 1 "Updating jail.conf file..."
warn 1 "Please review your jail.conf file after completion."
warn 1 "VNET jails created without -M will be assigned a new MAC address."

if [ "$(echo -n "e0a_${jail}" | awk '{print length}')" -lt 16 ]; then
local new_host_epair=e0a_${jail}
Expand Down Expand Up @@ -653,10 +672,10 @@ update_jail_syntax_v1() {

elif grep -Eoq "exec.poststop.*jib destroy.*" "${jail_config}"; then

warn "\n[WARNING]\n"
warn "Updating jail.conf file..."
warn "Please review your jail.conf file after completion."
warn "VNET jails created without -M will be assigned a new MAC address."
warn 1 "\n[WARNING]\n"
warn 1 "Updating jail.conf file..."
warn 1 "Please review your jail.conf file after completion."
warn 1 "VNET jails created without -M will be assigned a new MAC address."

local external_interface="$(grep -Eo "jib addm.*" "${jail_config}" | awk '{print $4}')"

Expand Down
Loading