From 116014d1915ad020aa24828a35cbc73921903329 Mon Sep 17 00:00:00 2001 From: Yaazkal Date: Fri, 23 Jul 2021 05:33:49 -0500 Subject: [PATCH 1/5] Refactor: creates check_linux_prerequisites function --- usr/local/share/bastille/bootstrap.sh | 65 +++++++++++---------------- 1 file changed, 26 insertions(+), 39 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 347a1ef..448943c 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -341,6 +341,28 @@ bootstrap_template() { bastille verify "${_user}/${_repo}" } +check_linux_prerequisites() { +#check and install OS dependencies @hackacad +if [ ! "$(sysrc -f /boot/loader.conf -n linprocfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n linsysfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n tmpfs_load)" = "YES" ]; then + warn "linprocfs_load, linsysfs_load, tmpfs_load not enabled in /boot/loader.conf or linux_enable not active. Should I do that for you? (N|y)" + read answer + case $answer in + [Nn][Oo]|[Nn]|"") + error_exit "Exiting." + ;; + [Yy][Ee][Ss]|[Yy]) + info "Loading modules" + kldload linux linux64 linprocfs linsysfs tmpfs + info "Persisting modules" + sysrc linux_enable=YES + sysrc -f /boot/loader.conf linprocfs_load=YES + sysrc -f /boot/loader.conf linsysfs_load=YES + sysrc -f /boot/loader.conf tmpfs_load=YES + ;; + esac +fi +} + HW_MACHINE=$(sysctl hw.machine | awk '{ print $2 }') HW_MACHINE_ARCH=$(sysctl hw.machine_arch | awk '{ print $2 }') RELEASE="${1}" @@ -431,25 +453,8 @@ http?://*/*/*) ;; #adding Ubuntu Bionic as valid "RELEASE" for POC @hackacad ubuntu_bionic|bionic|ubuntu-bionic) - #check and install OS dependencies @hackacad - if [ ! "$(sysrc -f /boot/loader.conf -n linprocfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n linsysfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n tmpfs_load)" = "YES" ]; then - warn "linprocfs_load, linsysfs_load, tmpfs_load not enabled in /boot/loader.conf or linux_enable not active. Should I do that for you? (N|y)" - read answer - case $answer in - [Nn][Oo]|[Nn]|"") - error_exit "Exiting." - ;; - [Yy][Ee][Ss]|[Yy]) - info "Loading modules" - kldload linux linux64 linprocfs linsysfs tmpfs - info "Persisting modules" - sysrc linux_enable=YES - sysrc -f /boot/loader.conf linprocfs_load=YES - sysrc -f /boot/loader.conf linsysfs_load=YES - sysrc -f /boot/loader.conf tmpfs_load=YES - ;; - esac - fi + check_linux_prerequisites + if which -s debootstrap; then debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 else @@ -468,26 +473,8 @@ ubuntu_bionic|bionic|ubuntu-bionic) echo "APT::Cache-Start 251658240;" > "${bastille_releasesdir}"/Ubuntu_1804/etc/apt/apt.conf.d/00aptitude ;; ubuntu_focal|focal|ubuntu-focal) - #check and install OS dependencies @hackacad - #ToDo: add function 'linux_pre' for sysrc etc. - if [ ! "$(sysrc -f /boot/loader.conf -n linprocfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n linsysfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n tmpfs_load)" = "YES" ]; then - warn "linprocfs_load, linsysfs_load, tmpfs_load not enabled in /boot/loader.conf or linux_enable not active. Should I do that for you? (N|y)" - read answer - case $answer in - [Nn][Oo]|[Nn]|"") - error_exit "Exiting." - ;; - [Yy][Ee][Ss]|[Yy]) - info "Loading modules" - kldload linux linux64 linprocfs linsysfs tmpfs - info "Persisting modules" - sysrc linux_enable=YES - sysrc -f /boot/loader.conf linprocfs_load=YES - sysrc -f /boot/loader.conf linsysfs_load=YES - sysrc -f /boot/loader.conf tmpfs_load=YES - ;; - esac - fi + check_linux_prerequisites + if which -s debootstrap; then debootstrap --foreign --arch=amd64 --no-check-gpg focal "${bastille_releasesdir}"/Ubuntu_2004 else From f9018047ea966efd37ac844807cab7c62ba58c5f Mon Sep 17 00:00:00 2001 From: Yaazkal Date: Fri, 23 Jul 2021 05:42:04 -0500 Subject: [PATCH 2/5] Refactor: check_linux_prerequisites indentation --- usr/local/share/bastille/bootstrap.sh | 38 +++++++++++++-------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 448943c..20b28dc 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -342,25 +342,25 @@ bootstrap_template() { } check_linux_prerequisites() { -#check and install OS dependencies @hackacad -if [ ! "$(sysrc -f /boot/loader.conf -n linprocfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n linsysfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n tmpfs_load)" = "YES" ]; then - warn "linprocfs_load, linsysfs_load, tmpfs_load not enabled in /boot/loader.conf or linux_enable not active. Should I do that for you? (N|y)" - read answer - case $answer in - [Nn][Oo]|[Nn]|"") - error_exit "Exiting." - ;; - [Yy][Ee][Ss]|[Yy]) - info "Loading modules" - kldload linux linux64 linprocfs linsysfs tmpfs - info "Persisting modules" - sysrc linux_enable=YES - sysrc -f /boot/loader.conf linprocfs_load=YES - sysrc -f /boot/loader.conf linsysfs_load=YES - sysrc -f /boot/loader.conf tmpfs_load=YES - ;; - esac -fi + #check and install OS dependencies @hackacad + if [ ! "$(sysrc -f /boot/loader.conf -n linprocfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n linsysfs_load)" = "YES" ] && [ ! "$(sysrc -f /boot/loader.conf -n tmpfs_load)" = "YES" ]; then + warn "linprocfs_load, linsysfs_load, tmpfs_load not enabled in /boot/loader.conf or linux_enable not active. Should I do that for you? (N|y)" + read answer + case $answer in + [Nn][Oo]|[Nn]|"") + error_exit "Exiting." + ;; + [Yy][Ee][Ss]|[Yy]) + info "Loading modules" + kldload linux linux64 linprocfs linsysfs tmpfs + info "Persisting modules" + sysrc linux_enable=YES + sysrc -f /boot/loader.conf linprocfs_load=YES + sysrc -f /boot/loader.conf linsysfs_load=YES + sysrc -f /boot/loader.conf tmpfs_load=YES + ;; + esac + fi } HW_MACHINE=$(sysctl hw.machine | awk '{ print $2 }') From 85b5c204c4c5033665d61b989470056a9d3bbe9c Mon Sep 17 00:00:00 2001 From: Yaazkal Date: Fri, 23 Jul 2021 05:50:23 -0500 Subject: [PATCH 3/5] Refactor: Creates ensure_debootstrap an change logic to prevent typing errors because of duplicated code --- usr/local/share/bastille/bootstrap.sh | 53 ++++++++++++--------------- 1 file changed, 23 insertions(+), 30 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 20b28dc..8e900d5 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -363,6 +363,22 @@ check_linux_prerequisites() { fi } +ensure_debootstrap() { + if ! which -s debootstrap; then + warn "Debootstrap not found. Should it be installed? (N|y)" + read answer + case $answer in + [Nn][Oo]|[Nn]|"") + error_exit "Exiting. You need to install debootstap before boostrapping a Linux jail." + ;; + [Yy][Ee][Ss]|[Yy]) + pkg install -y debootstrap + debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 + ;; + esac + fi +} + HW_MACHINE=$(sysctl hw.machine | awk '{ print $2 }') HW_MACHINE_ARCH=$(sysctl hw.machine_arch | awk '{ print $2 }') RELEASE="${1}" @@ -455,41 +471,18 @@ http?://*/*/*) ubuntu_bionic|bionic|ubuntu-bionic) check_linux_prerequisites - if which -s debootstrap; then - debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 - else - warn "Debootstrap not found. Should it be installed? (N|y)" - read answer - case $answer in - [Nn][Oo]|[Nn]|"") - error_exit "Exiting. You need to install debootstap before boostrapping a Linux jail." - ;; - [Yy][Ee][Ss]|[Yy]) - pkg install -y debootstrap - debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 - ;; - esac - fi + ensure_debootstrap + + debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 + echo "APT::Cache-Start 251658240;" > "${bastille_releasesdir}"/Ubuntu_1804/etc/apt/apt.conf.d/00aptitude ;; ubuntu_focal|focal|ubuntu-focal) check_linux_prerequisites - if which -s debootstrap; then - debootstrap --foreign --arch=amd64 --no-check-gpg focal "${bastille_releasesdir}"/Ubuntu_2004 - else - warn "Debootstrap not found. Should it be installed? (N|y)" - read answer - case $answer in - [Nn][Oo]|[Nn]|"") - error_exit "Exiting. You need to install debootstap before boostrapping a Linux jail." - ;; - [Yy][Ee][Ss]|[Yy]) - pkg install -y debootstrap - debootstrap --foreign --arch=amd64 --no-check-gpg focal "${bastille_releasesdir}"/Ubuntu_2004 - ;; - esac - fi + ensure_debootstrap + + debootstrap --foreign --arch=amd64 --no-check-gpg focal "${bastille_releasesdir}"/Ubuntu_2004 ;; *) usage From 295e57ac045024b59db654055b426182e4d4d47d Mon Sep 17 00:00:00 2001 From: Yaazkal Date: Fri, 23 Jul 2021 05:51:35 -0500 Subject: [PATCH 4/5] Refactor: removes cosmetic whitelines --- usr/local/share/bastille/bootstrap.sh | 5 ----- 1 file changed, 5 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 8e900d5..ff627f5 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -470,18 +470,13 @@ http?://*/*/*) #adding Ubuntu Bionic as valid "RELEASE" for POC @hackacad ubuntu_bionic|bionic|ubuntu-bionic) check_linux_prerequisites - ensure_debootstrap - debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 - echo "APT::Cache-Start 251658240;" > "${bastille_releasesdir}"/Ubuntu_1804/etc/apt/apt.conf.d/00aptitude ;; ubuntu_focal|focal|ubuntu-focal) check_linux_prerequisites - ensure_debootstrap - debootstrap --foreign --arch=amd64 --no-check-gpg focal "${bastille_releasesdir}"/Ubuntu_2004 ;; *) From 403d6739bcf9b503562e48e3268f1515d84428fc Mon Sep 17 00:00:00 2001 From: Yaazkal Date: Fri, 23 Jul 2021 05:56:00 -0500 Subject: [PATCH 5/5] Fix: removes unwanted line in esure_debootstrap --- usr/local/share/bastille/bootstrap.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index ff627f5..dbb0b54 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -373,7 +373,6 @@ ensure_debootstrap() { ;; [Yy][Ee][Ss]|[Yy]) pkg install -y debootstrap - debootstrap --foreign --arch=amd64 --no-check-gpg bionic "${bastille_releasesdir}"/Ubuntu_1804 ;; esac fi