2019-01-04 13:51:05 +01:00
|
|
|
#!/bin/sh
|
2019-01-07 14:47:05 +01:00
|
|
|
#
|
|
|
|
# Start jail <jailname> or all
|
|
|
|
# Usage: start <jailname>|all
|
|
|
|
#
|
2019-01-04 13:51:05 +01:00
|
|
|
|
|
|
|
LIBDIR="$(dirname $0)" && . "${LIBDIR}/config"
|
|
|
|
|
|
|
|
jail="${1:-}"
|
2019-01-07 14:47:05 +01:00
|
|
|
if [ ! -n "${jail}" ]; then
|
|
|
|
"${LIBDIR}/bkctld-help" && exit 1
|
|
|
|
fi
|
2019-01-04 13:51:05 +01:00
|
|
|
check_jail "${jail}" || error "${jail} : trying to start inexistant jail"
|
2019-01-04 16:00:31 +01:00
|
|
|
check_jail_on "${jail}" && exit 0
|
2019-01-04 13:51:05 +01:00
|
|
|
|
|
|
|
cd "${JAILDIR}/${jail}"
|
|
|
|
grep -q "${JAILDIR}/${jail}/proc" /proc/mounts || mount -t proc "proc-${jail}" proc
|
|
|
|
grep -q "${JAILDIR}/${jail}/dev" /proc/mounts || mount -nt tmpfs "dev-${jail}" dev
|
|
|
|
[ -e "dev/console" ] || mknod -m 622 dev/console c 5 1
|
|
|
|
[ -e "dev/null" ] || mknod -m 666 dev/null c 1 3
|
|
|
|
[ -e "dev/zero" ] || mknod -m 666 dev/zero c 1 5
|
|
|
|
[ -e "dev/ptmx" ] || mknod -m 666 dev/ptmx c 5 2
|
|
|
|
[ -e "dev/tty" ] || mknod -m 666 dev/tty c 5 0
|
|
|
|
[ -e "dev/random" ] || mknod -m 444 dev/random c 1 8
|
|
|
|
[ -e "dev/urandom" ] || mknod -m 444 dev/urandom c 1 9
|
|
|
|
chown root:tty dev/console dev/ptmx dev/tty
|
|
|
|
ln -fs proc/self/fd dev/fd
|
|
|
|
ln -fs proc/self/fd/0 dev/stdin
|
|
|
|
ln -fs proc/self/fd/1 dev/stdout
|
|
|
|
ln -fs proc/self/fd/2 dev/stderr
|
|
|
|
ln -fs proc/kcore dev/core
|
|
|
|
mkdir -p dev/pts
|
|
|
|
mkdir -p dev/shm
|
|
|
|
grep -q "${JAILDIR}/${jail}/dev/pts" /proc/mounts || mount -t devpts -o gid=4,mode=620 none dev/pts
|
|
|
|
grep -q "${JAILDIR}/${jail}/dev/shm" /proc/mounts || mount -t tmpfs none dev/shm
|
|
|
|
chroot "${JAILDIR}/${jail}" /usr/sbin/sshd -E /var/log/authlog || error "${jail} : error on starting sshd"
|
|
|
|
pidfile="${JAILDIR}/${jail}/${SSHD_PID}"
|
|
|
|
for try in {1..10}; do
|
|
|
|
[ -f "${pidfile}" ] || sleep 0.3
|
|
|
|
done
|
|
|
|
pid=$(cat "${pidfile}")
|
|
|
|
notice "${jail} was started [${pid}]"
|