Merge bkctld-params and some functions into bkctld-(ip|port|key) scripts

2019-01-04 16:38:20 +01:00 · 2019-01-04 16:38:20 +01:00 · 1522d2f6cd
parent 6caa9078e6
commit 1522d2f6cd
8 changed files with 81 additions and 85 deletions
--- a/2
+++ b/2
@ -31,7 +31,7 @@ case "${subcommand}" in
        "${LIBDIR}/bkctld-${subcommand}" "${jail}"
    ;;
    "key" | "port" | "ip")
-        "${LIBDIR}/bkctld-params" "${jail}" "${subcommand}" "${option}"
+        "${LIBDIR}/bkctld-${subcommand}" "${jail}" "${option}"
    ;;
    "start" | "stop" | "reload" | "restart" | "sync" | "update" | "remove")
    if [ "${jail}" = "all" ]; then
--- a/lib/bkctld-init
+++ b/lib/bkctld-init
@ -22,8 +22,7 @@ fi
 . "${LIBDIR}/mkjail"
 info "4 - Copie default sshd_config"
 install -m 0640 "${sshd_config}" "${JAILDIR}/${jail}/${SSHD_CONFIG}"
-info "5 - Set usable sshd port"
-set_port "${jail}" auto
-info "6 - Copie default inc configuration"
+info "5 - Copie default inc configuration"
 install -m 0640 "${inctpl}" "${CONFDIR}/${jail}"
+"${LIBDIR}/bkctld-port" "${jail}" auto
 notice "${jail} : created jail"
--- a/lib/bkctld-ip
+++ b/lib/bkctld-ip
@ -1 +0,0 @@
-bkctld-params
--- a/lib/bkctld-ip
+++ b/lib/bkctld-ip
@ -0,0 +1,30 @@
+#!/bin/sh
+
+LIBDIR="$(dirname $0)" && . "${LIBDIR}/config"
+
+jail="${1:-}"
+ip="${2:-}"
+[ -n "${jail}" ] || usage
+check_jail "${jail}" || error "${jail} : inexistant jail'"
+
+if [ -z "${ip}" ]; then
+    grep -E "^AllowUsers" "${JAILDIR}/$jail/${SSHD_CONFIG}"|grep -Eo "root@[^ ]+"| while read allow; do
+        echo "${allow}"|cut -d'@' -f2
+    done
+else
+    if [ "${ip}" = "all" ] || [ "${ip}" = "0.0.0.0/0" ]; then
+        ips="0.0.0.0/0"
+    else
+        ips=$("${LIBDIR}/bkctld-ip" "${jail}")
+        ips=$(echo "${ips}" "${ip}"|xargs -n1|grep -v "0.0.0.0/0"|sort|uniq)
+    fi
+    allow="AllowUsers"
+    for ip in $ips; do
+        allow="${allow} root@${ip}"
+    done
+    sed -i "s~^AllowUsers .*~${allow}~" "${JAILDIR}/$jail/${SSHD_CONFIG}"
+    set_firewall "${jail}"
+    notice "${jail} : update ip => ${ip}"
+
+    check_jail_on "${jail}" && "${LIBDIR}/bkctld-reload" "${jail}"
+fi
--- a/lib/bkctld-key
+++ b/lib/bkctld-key
@ -1 +0,0 @@
-bkctld-params
--- a/lib/bkctld-key
+++ b/lib/bkctld-key
@ -0,0 +1,21 @@
+#!/bin/sh
+
+LIBDIR="$(dirname $0)" && . "${LIBDIR}/config"
+
+jail="${1:-}"
+keyfile="${2:-}"
+[ -n "${jail}" ] || usage
+check_jail "${jail}" || error "${jail} : inexistant jail'"
+
+if [ -z "${keyfile}" ]; then
+    if [ -f "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}" ]; then
+        cat "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
+    fi
+else
+    [ -e "${keyfile}" ] || error "Keyfile ${keyfile} dosen't exist !"
+    cat "${keyfile}" > "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
+    chmod 600 "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
+    notice "${jail} : update key => ${keyfile}"
+
+    check_jail_on "${jail}" && . "${LIBDIR}/bkctld-reload" "${jail}"
+fi
--- a/lib/bkctld-params
+++ b/lib/bkctld-params
@ -1,17 +0,0 @@
-#!/bin/sh
-
-LIBDIR="$(dirname $0)" && . "${LIBDIR}/config"
-
-jail="${1:-}"
-params="${2:-}"
-option="${3:-}"
-[ -n "${jail}" ] || usage
-check_jail "${jail}" || error "${jail} : inexistant jail'"
-
-if [ -z "${option}" ]; then
-    "get_${params}" "${jail}"
-else
-    "set_${params}" "${jail}" "${option}"
-    check_jail_on "${jail}" && . "${LIBDIR}/bkctld-reload" "${jail}"
-    notice "${jail} : update ${params} => ${option}"
-fi
--- a/lib/bkctld-port
+++ b/lib/bkctld-port
@ -1 +0,0 @@
-bkctld-params
--- a/lib/bkctld-port
+++ b/lib/bkctld-port
@ -0,0 +1,23 @@
+#!/bin/sh
+
+LIBDIR="$(dirname $0)" && . "${LIBDIR}/config"
+
+jail="${1:-}"
+port="${2:-}"
+[ -n "${jail}" ] || usage
+check_jail "${jail}" || error "${jail} : inexistant jail'"
+
+if [ -z "${port}" ]; then
+    grep -E "Port [0-9]+" "${JAILDIR}/${jail}/${SSHD_CONFIG}"|grep -oE "[0-9]+"
+else
+    if [ "${port}" = "auto" ]; then
+        port=$(grep -h Port "${JAILDIR}"/*/"${SSHD_CONFIG}" 2>/dev/null | grep -Eo "[0-9]+" | sort -n | tail -1)
+        port=$((port+1))
+        [ "${port}" -le 1 ] && port=2222
+    fi
+    sed -i "s/^Port .*/Port ${port}/" "${JAILDIR}/$jail/${SSHD_CONFIG}"
+    set_firewall "${jail}"
+    notice "${jail} : update port => ${port}"
+
+    check_jail_on "${jail}" && . "${LIBDIR}/bkctld-reload" "${jail}"
+fi
--- a/lib/bkctld-status
+++ b/lib/bkctld-status
@ -12,6 +12,6 @@ if ( check_jail_on "${jail}" ); then
 else
    status="OFF"
 fi
-port=$(get_port "${jail}")
-ip=$(get_ip "${jail}"|xargs|tr -s ' ' ',')
+port=$("${LIBDIR}/bkctld-port" "${jail}")
+ip=$("${LIBDIR}/bkctld-ip" "${jail}"|xargs|tr -s ' ' ',')
 echo "${jail} ${status} ${port} ${inc} ${ip}" | awk '{ printf("%- 30s %- 10s %- 10s %- 10s %- 40s\n", $1, $2, $3, $4, $5); }'
--- a/lib/functions
+++ b/lib/functions
@ -46,26 +46,6 @@ check_jail_on() {
    return "${return}"
 }

-get_port() {
-    jail="${1}"
-    port=$(grep -E "Port [0-9]+" "${JAILDIR}/${jail}/${SSHD_CONFIG}"|grep -oE "[0-9]+")
-    echo "${port}"
-}
-
-get_key() {
-    jail="${1}"
-    if [ -f "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}" ]; then
-        cat "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
-    fi
-}
-
-get_ip() {
-    jail="${1}"
-    grep -E "^AllowUsers" "${JAILDIR}/$jail/${SSHD_CONFIG}"|grep -Eo "root@[^ ]+"| while read allow; do
-        echo "${allow}"|cut -d'@' -f2
-    done
-}
-
 get_inc() {
    jail="${1}"
    inc="0"
@ -77,43 +57,6 @@ get_inc() {
    echo "${inc}"
 }

-set_port() {
-    jail="${1}"
-    port="${2}"
-    if [ "${port}" = "auto" ]; then
-        port=$(grep -h Port "${JAILDIR}"/*/"${SSHD_CONFIG}" 2>/dev/null | grep -Eo "[0-9]+" | sort -n | tail -1)
-        port=$((port+1))
-        [ "${port}" -le 1 ] && port=2222
-    fi
-    sed -i "s/^Port .*/Port ${port}/" "${JAILDIR}/$jail/${SSHD_CONFIG}"
-    set_firewall "${jail}"
-}
-
-set_key() {
-    jail="${1}"
-    keyfile="${2}"
-    [ -e "${keyfile}" ] || error "Keyfile ${keyfile} dosen't exist !"
-    cat "${keyfile}" > "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
-    chmod 600 "${JAILDIR}/${jail}/${AUTHORIZED_KEYS}"
-}
-
-set_ip() {
-    jail="${1}"
-    ip="${2}"
-    if [ "${ip}" = "all" ] || [ "${ip}" = "0.0.0.0/0" ]; then
-        ips="0.0.0.0/0"
-    else
-        ips=$(get_ip "${jail}")
-        ips=$(echo "${ips}" "${ip}"|xargs -n1|grep -v "0.0.0.0/0"|sort|uniq)
-    fi
-    allow="AllowUsers"
-    for ip in $ips; do
-        allow="${allow} root@${ip}"
-    done
-    sed -i "s~^AllowUsers .*~${allow}~" "${JAILDIR}/$jail/${SSHD_CONFIG}"
-    set_firewall "${jail}"
-}
-
 set_firewall() {
    jail="${1}"
    if [ -n "${FIREWALL_RULES}" ]; then
@ -121,8 +64,8 @@ set_firewall() {
            sed -i "/#${jail}$/d" "${FIREWALL_RULES}"
        fi
        if ( check_jail "${jail}" ); then
-            port=$(get_port "${jail}")
-            for ip in $(get_ip "${jail}"); do
+            port=$("${LIBDIR}/bkctld-port" "${jail}")
+            for ip in $("${LIBDIR}/bkctld-ip" "${jail}"); do
                echo "/sbin/iptables -A INPUT -p tcp --sport 1024: --dport ${port} -s ${ip} -j ACCEPT #${jail}" >> "${FIREWALL_RULES}"
            done
            if [ -f /etc/init.d/minifirewall ]; then