0.3.20181124 patch

usr/local/bin/bastille

@@ -32,7 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 ## version
-BASTILLE_VERSION="0.3.20181120"
+BASTILLE_VERSION="0.3.20181124"
 
 usage() {
     cat << EOF

usr/local/etc/rc.d/bastille

@@ -2,8 +2,6 @@
 
 # $FreeBSD: $
 #
-# Bastille startup script
-#
 # PROVIDE: bastille
 # REQUIRE: LOGIN
 # KEYWORD: shutdown
@@ -19,47 +17,29 @@
 . /etc/rc.subr
 
 name=bastille
-rcvar=bastille_enable
+rcvar=${name}_enable
 
-load_rc_config ${name}
+command="/usr/local/bin/${name}"
+
+start_cmd="${name}_start"
+stop_cmd="${name}_stop"
 
 : ${bastille_enable:=NO}
-: ${bastille_list:=""}
-
-start_cmd=bastille_start
-stop_cmd=bastille_stop
-
-start_command="%%PREFIX%%/bin/bastille start"
-stop_command="%%PREFIX%%/bin/bastille stop"
+: ${bastille_list:="ALL"}
 
 bastille_start()
 {
-    if [ ! -n "${bastille_list}" ]; then
-        echo "${bastille_list} is undefined"
-        return 1
-    fi
-
-    local _jail
-
     for _jail in ${bastille_list}; do
-        echo "Starting Bastille Jail: ${_jail}"
-        ${start_command} ${_jail}
+        ${command} start ${_jail}
     done
 }
 
 bastille_stop()
 {
-    if [ ! -n "${bastille_list}" ]; then
-        echo "${bastille_list} is undefined"
-        return 1
-    fi
-
-    local _jail
-
     for _jail in ${bastille_list}; do
-        echo "Stopping Bastille Jail: ${_jail}"
-        ${stop_command} ${_jail}
+        ${command} stop ${_jail}
     done
 }
 
-run_rc_command "$1"
+load_rc_config ${name}
+run_rc_command "$@"

usr/local/share/bastille/bootstrap.sh

@@ -46,36 +46,42 @@ esac
 RELEASE=$1
 
 bootstrap() {
-    ### create $bastille_base/release/$release directory
-    ### fetch $release/base.txz -o $bastille_base/cache/$release/base.txz
-    ### extract $release/base.txz to $bastille_base/release/$release
+    ## ensure required directories are in place
     if [ ! -d ${bastille_jailsdir} ]; then
         mkdir -p ${bastille_jailsdir}
     fi
     if [ ! -d ${bastille_logsdir} ]; then
         mkdir -p ${bastille_logsdir}
     fi
-    if [ ! -d ${bastille_cachedir}/${RELEASE} ]; then
-        mkdir -p ${bastille_cachedir}/${RELEASE}
+    if [ ! -d ${bastille_templatesdir} ]; then
+        mkdir -p ${bastille_templatesdir}
+    fi
+    if [ ! -d "${bastille_cachedir}/${RELEASE}" ]; then
+        mkdir -p "${bastille_cachedir}/${RELEASE}"
     fi
 
-    if [ ! -d ${bastille_releasesdir}/${RELEASE} ]; then
-        mkdir -p ${bastille_releasesdir}/${RELEASE}
+    ### create $bastille_base/release/$release directory
+    ### fetch $release/base.txz -o $bastille_base/cache/$release/base.txz
+    ### fetch $release/lib32.txz -o $bastille_base/cache/$release/lib32.txz
+    ### extract $release/base.txz to $bastille_base/release/$release
+    ### extract $release/lib32.txz to $bastille_base/release/$release
+    if [ ! -d "${bastille_releasesdir}/${RELEASE}" ]; then
+        mkdir -p "${bastille_releasesdir}/${RELEASE}"
         sh ${bastille_sharedir}/freebsd_dist_fetch.sh -r ${RELEASE} base lib32
 
         echo
         echo -e "${COLOR_GREEN}Extracting FreeBSD ${RELEASE} base.txz.${COLOR_RESET}"
-        /usr/bin/tar -C ${bastille_releasesdir}/${RELEASE} -xf ${bastille_cachedir}/${RELEASE}/base.txz
+        /usr/bin/tar -C "${bastille_releasesdir}/${RELEASE}" -xf "${bastille_cachedir}/${RELEASE}/base.txz"
 
         echo -e "${COLOR_GREEN}Extracting FreeBSD ${RELEASE} lib32.txz.${COLOR_RESET}"
-        /usr/bin/tar -C ${bastille_releasesdir}/${RELEASE} -xf ${bastille_cachedir}/${RELEASE}/lib32.txz
+        /usr/bin/tar -C "${bastille_releasesdir}/${RELEASE}" -xf "${bastille_cachedir}/${RELEASE}/lib32.txz"
 
-	    echo -e "${COLOR_GREEN}Bootstrap successful.${COLOR_RESET}"
-	    echo -e "${COLOR_GREEN}See 'bastille --help' for available commands.${COLOR_RESET}"
-	    echo
+        echo -e "${COLOR_GREEN}Bootstrap successful.${COLOR_RESET}"
+        echo -e "${COLOR_GREEN}See 'bastille --help' for available commands.${COLOR_RESET}"
+        echo
     else
         echo -e "${COLOR_RED}Bootstrap appears complete.${COLOR_RESET}"
-	exit 1
+        exit 1
     fi
 }
 
@@ -83,31 +89,34 @@ bootstrap() {
 case "${RELEASE}" in
 10.1-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 10.1-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 10.2-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 10.2-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 10.3-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 10.3-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 10.4-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 10.4-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 11.0-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 11.0-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 11.1-RELEASE)
     bootstrap
-    echo -e "${COLOR_RED}This release is End of Life. No security updates.${COLOR_RESET}"
+    echo -e "${COLOR_RED}WARNING: FreeBSD 11.1-RELEASE HAS PASSED ITS END-OF-LIFE DATE.${COLOR_RESET}"
 	;;
 11.2-RELEASE)
     bootstrap
 	;;
+12.0-RELEASE)
+    bootstrap
+	;;
 12.0-BETA1)
     bootstrap
     echo -e "${COLOR_RED}BETA releases are completely untested.${COLOR_RESET}"
@@ -124,8 +133,19 @@ case "${RELEASE}" in
     bootstrap
     echo -e "${COLOR_RED}BETA releases are completely untested.${COLOR_RESET}"
 	;;
+12.0-RC1)
+    bootstrap
+    echo -e "${COLOR_RED}RC releases are completely untested.${COLOR_RESET}"
+	;;
+12.0-RC2)
+    bootstrap
+    echo -e "${COLOR_RED}RC releases are completely untested.${COLOR_RESET}"
+	;;
+12.0-RC3)
+    bootstrap
+    echo -e "${COLOR_RED}RC releases are completely untested.${COLOR_RESET}"
+	;;
 *)
-    echo -e "${COLOR_RED}BETA releases are completely untested.${COLOR_RESET}"
     usage
     ;;
 esac

usr/local/share/bastille/cmd.sh

@@ -47,10 +47,10 @@ if [ $# -gt 2 ] || [ $# -lt 2 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/console.sh

@@ -42,15 +42,14 @@ help|-h|--help)
     ;;
 esac
 
-
 if [ $# -gt 1 ] || [ $# -lt 1 ]; then
     usage
 fi
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/cp.sh

@@ -47,15 +47,15 @@ if [ $# -gt 3 ] || [ $# -lt 3 ]; then
     usage
 fi
 
-if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
-fi
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
+fi
+if [ "$1" != 'ALL' ]; then
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do
-    bastille_jail_path="${bastille_jailsdir}/${_jail}/root"
+    bastille_jail_path="$(jls -j "${_jail}" path)"
     echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
     cp -a "$2" "${bastille_jail_path}/$3"
     echo

usr/local/share/bastille/create.sh

@@ -37,7 +37,7 @@ usage() {
 }
 
 running_jail() {
-    jls -N name | grep ${NAME}
+    jls name | grep -E "(^|\b)${NAME}($|\b)"
 }
 
 validate_ip() {
@@ -94,7 +94,6 @@ create_jail() {
 
     ## using relative paths here
     ## MAKE SURE WE'RE IN THE RIGHT PLACE
-    ## ro
     cd "${bastille_jail_path}"
     echo
     echo -e "${COLOR_GREEN}NAME: ${NAME}.${COLOR_RESET}"
@@ -125,8 +124,11 @@ create_jail() {
     cp -a "${bastille_releasesdir}/${RELEASE}/usr/obj" "${bastille_jail_path}"
     if [ "${RELEASE}" == "11.2-RELEASE" ]; then cp -a "${bastille_releasesdir}/${RELEASE}/usr/tests" "${bastille_jail_path}"; fi
 
-    ## rc.conf.local & resolv.conf
-    ## cron_flags="-J 60" ## cedwards 20181118
+    ## rc.conf.local
+    ##  + syslogd_flags="-ss"
+    ##  + sendmail_none="NONE"
+    ##  + cron_flags="-J 60" ## cedwards 20181118
+    ## resolv.conf
     if [ ! -f "${bastille_jail_rc_conf}" ]; then
         echo -e "syslogd_flags=\"-ss\"\nsendmail_enable=\"NONE\"" > ${bastille_jail_rc_conf}
 	echo -e "cron_flags=\"-J 60\"" >> ${bastille_jail_rc_conf}
@@ -157,12 +159,51 @@ IP="$3"
 
 ## verify release
 case "${RELEASE}" in
+10.1-RELEASE)
+    RELEASE="10.1-RELEASE"
+	;;
+10.2-RELEASE)
+    RELEASE="10.2-RELEASE"
+	;;
+10.3-RELEASE)
+    RELEASE="10.3-RELEASE"
+	;;
 10.4-RELEASE)
     RELEASE="10.4-RELEASE"
     ;;
+11.0-RELEASE)
+    RELEASE="11.0-RELEASE"
+    ;;
+11.1-RELEASE)
+    RELEASE="11.1-RELEASE"
+    ;;
 11.2-RELEASE)
     RELEASE="11.2-RELEASE"
     ;;
+12.0-RELEASE)
+    RELEASE="12.0-RELEASE"
+    ;;
+12.0-BETA1)
+    RELEASE="12.0-BETA1"
+    ;;
+12.0-BETA2)
+    RELEASE="12.0-BETA2"
+    ;;
+12.0-BETA3)
+    RELEASE="12.0-BETA3"
+    ;;
+12.0-BETA4)
+    RELEASE="12.0-BETA4"
+    ;;
+12.0-RC1)
+    RELEASE="12.0-RC1"
+    ;;
+12.0-RC2)
+    RELEASE="12.0-RC2"
+    ;;
+12.0-RC3)
+    RELEASE="12.0-RC3"
+    ;;
 *)
     echo -e "${COLOR_RED}Unknown Release.${COLOR_RESET}"
     usage
@@ -170,14 +211,15 @@ case "${RELEASE}" in
 esac
 
 ## check for name/root/.bastille
-if [ -d "/usr/local/bastille/jails/${NAME}/root/.bastille" ]; then
+if [ -d "${bastille_jailsdir}/${NAME}/root/.bastille" ]; then
     echo -e "${COLOR_RED}Jail: ${NAME} already created. ${NAME}/root/.bastille exists.${COLOR_RESET}"
     exit 1
 fi
 
 ## check if a running jail matches name
 if running_jail ${NAME}; then
-    echo -e "${COLOR_RED}Running jail matches name.${COLOR_RESET}"
+    echo -e "${COLOR_RED}A running jail matches name.${COLOR_RESET}"
+    echo -e "${COLOR_RED}Jails must be stopped before they are destroyed.${COLOR_RESET}"
     exit 1
 fi
 

usr/local/share/bastille/destroy.sh

@@ -37,10 +37,10 @@ usage() {
 }
 
 destroy_jail() {
-    bastille_jail_base="${bastille_jailsdir}/${NAME}"  ## dir
+    bastille_jail_base="${bastille_jailsdir}/${NAME}"            ## dir
     bastille_jail_log="${bastille_logsdir}/${NAME}_console.log"  ## file
 
-    if [ $(jls -N name | grep ${NAME}) ]; then
+    if [ $(jls name | grep ${NAME}) ]; then
         echo -e "${COLOR_RED}Jail running.${COLOR_RESET}"
         echo -e "${COLOR_RED}See 'bastille stop ${NAME}'.${COLOR_RESET}"
         exit 1

usr/local/share/bastille/freebsd_dist_fetch.sh

@@ -1,6 +1,8 @@
 #!/bin/sh
 # https://pastebin.com/T6eThbKu
 
+. /usr/local/etc/bastille/bastille.conf
+
 DEVICE_SELF_SCAN_ALL=NO
 [ "$_SCRIPT_SUBR" ] || . /usr/share/bsdconfig/script.subr
 usage(){ echo "Usage: ${0##*/} [-r releaseName] [dists ...]" >&2; exit 1; }
@@ -18,7 +20,7 @@ mediaSetFTP
 mediaOpen
 set -e
 #debug=1
-REL_DIST=/usr/local/bastille/cache/$releaseName
+REL_DIST=${bastille_cachedir}/$releaseName
 download() # $src to $dest
 {
 	size=$( f_device_get device_media "$1" $PROBE_SIZE )

usr/local/share/bastille/htop.sh

@@ -48,21 +48,19 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do
-    if [ ! -x "${bastille_jailsdir}/${_jail}/root/usr/local/bin/htop" ]; then
+    bastille_jail_path=$(jls -j "${_jail}" path)
+    if [ ! -x "${bastille_jail_path}/usr/local/bin/htop" ]; then
         echo -e "${COLOR_RED}htop not found on ${_jail}.${COLOR_RESET}"
-    fi
-    if [ -x "${bastille_jailsdir}/${_jail}/root/usr/local/bin/htop" ]; then
+    elif [ -x "${bastille_jail_path}/usr/local/bin/htop" ]; then
         echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
         jexec -l ${_jail} /usr/local/bin/htop
     fi
     echo -e "${COLOR_RESET}"
 done
-
-TERM=${SAVED_TERM}

usr/local/share/bastille/list.sh

@@ -47,16 +47,16 @@ if [ $# -gt 0 ]; then
         usage
         ;;
     release|releases)
-        ls "${bastille_releasesdir}"
+        ls "${bastille_releasesdir}" | sed "s/\n//g"
         ;;
     template|templates)
-        ls "${bastille_templatesdir}"
+	ls "${bastille_templatesdir}" | sed "s/\n//g"
         ;;
     jail|jails)
-        ls "${bastille_jailsdir}"
+	ls "${bastille_jailsdir}" | sed "s/\n//g"
         ;;
     log|logs)
-        ls "${bastille_logsdir}"
+        ls "${bastille_logsdir}" | sed "s/\n//g"
         ;;
     *)
         usage

usr/local/share/bastille/pkg.sh

@@ -47,10 +47,10 @@ if [ $# -gt 2 ] || [ $# -lt 2 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/service.sh

@@ -47,11 +47,11 @@ if [ $# -gt 2 ] || [ $# -lt 2 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/start.sh

@@ -48,22 +48,19 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(find ${bastille_jailsdir} -d 1 | awk -F / '{ print $6 }')
+    JAILS=$(/usr/local/bin/bastille list jails)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(find ${bastille_jailsdir} -d 1 | awk -F / '{ print $6 }' | grep $1)
-fi
-
-if [ $(jls -N name | ${NAME}) ]; then
-    echo -e "${COLOR_RED}${NAME} already running.${COLOR_RESET}"
-    exit 1
+    JAILS=$(/usr/local/bin/bastille list jails | grep "$1")
 fi
 
 for _jail in ${JAILS}; do
-    echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
-    jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail}
+    if [ $(jls name | grep ${_jail}) ]; then
+        echo -e "${COLOR_RED}[${_jail}]: Already started.${COLOR_RESET}"
+    elif [ ! $(jls name | grep ${_jail}) ]; then
+        echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
+        jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -c ${_jail}
+        pfctl -f /etc/pf.conf
+    fi
     echo
 done
-
-## HUP the firewall
-pfctl -f /etc/pf.conf

usr/local/share/bastille/stop.sh

@@ -48,17 +48,15 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do
     echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
     jail -f "${bastille_jailsdir}/${_jail}/jail.conf" -r ${_jail}
+    pfctl -f /etc/pf.conf
     echo
 done
-
-## HUP the firewall
-pfctl -f /etc/pf.conf

usr/local/share/bastille/sysrc.sh

@@ -47,11 +47,11 @@ if [ $# -gt 2 ] || [ $# -lt 2 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do

usr/local/share/bastille/template.sh

@@ -48,69 +48,87 @@ if [ $# -gt 2 ] || [ $# -lt 2 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
+## global variables
 TEMPLATE=$2
 bastille_template=${bastille_templatesdir}/${TEMPLATE}
+bastille_template_INCLUDE=${bastille_template}/INCLUDE
+bastille_template_PRE=${bastille_template}/PRE
+bastille_template_CONFIG=${bastille_template}/CONFIG
+bastille_template_FSTAB=${bastille_template}/FSTAB
+bastille_template_PF=${bastille_template}/PF
+bastille_template_PKG=${bastille_template}/PKG
+bastille_template_SYSRC=${bastille_template}/SYSRC
+bastille_template_CMD=${bastille_template}/CMD
 
 for _jail in ${JAILS}; do
+    ## jail-specific variables. 
+    bastille_jail_path=$(jls -j "${_jail}" path)
+
     echo -e "${COLOR_GREEN}[${_jail}]:${COLOR_RESET}"
 
+    ## INCLUDE
+    if [ -s "${bastille_template_INCLUDE}" ]; then
+        echo -e "${COLOR_GREEN}Detected INCLUDE.${COLOR_RESET}"
+        while read _include; do
+            echo -e "${COLOR_GREEN}${_include}${COLOR_RESET}"
+        done < "${bastille_template_INCLUDE}"
+    fi
+
     ## pre
-    if [ -s "${bastille_template}/PRE" ]; then
+    if [ -s "${bastille_template_PRE}" ]; then
         echo -e "${COLOR_GREEN}Executing PRE-command(s).${COLOR_RESET}"
-        jexec -l ${_jail} /bin/sh < "${bastille_template}/PRE"
+        jexec -l ${_jail} /bin/sh < "${bastille_template_PRE}"
     fi
 
     ## config
-    if [ -s "${bastille_template}/CONFIG" ]; then
+    if [ -s "${bastille_template_CONFIG}" ]; then
         echo -e "${COLOR_GREEN}Copying files...${COLOR_RESET}"
-        for _dir in $(cat "${bastille_template}/CONFIG"); do
-            cp -a "${bastille_template}/${_dir}" "${bastille_jailsdir}/${_jail}/root"
-        done
+        while read _dir; do
+            cp -a "${bastille_template}/${_dir}" "${bastille_jail_path}"
+        done < ${bastille_template_CONFIG}
         echo -e "${COLOR_GREEN}Copy complete.${COLOR_RESET}"
     fi
 
     ## fstab
-    if [ -s "${bastille_template}/FSTAB" ]; then
-        bastille_templatefstab=$(cat "${bastille_template}/FSTAB")
+    if [ -s "${bastille_template_FSTAB}" ]; then
+        bastille_templatefstab=$(cat "${bastille_template_FSTAB}")
         echo -e "${COLOR_GREEN}Updating fstab.${COLOR_RESET}"
         echo -e "${COLOR_GREEN}NOT YET IMPLEMENTED.${COLOR_RESET}"
     fi
 
     ## pf
-    if [ -s "${bastille_template}/PF" ]; then
-        bastille_templatepf=$(cat "${bastille_template}/PF")
+    if [ -s "${bastille_template_PF}" ]; then
+        bastille_templatepf=$(cat "${bastille_template_PF}")
         echo -e "${COLOR_GREEN}Generating PF profile.${COLOR_RESET}"
         echo -e "${COLOR_GREEN}NOT YET IMPLEMENTED.${COLOR_RESET}"
     fi
 
     ## pkg (bootstrap + pkg)
-    if [ -s "${bastille_template}/PKG" ]; then
-        bastille_templatepkg=$(cat "${bastille_template}/PKG")
+    if [ -s "${bastille_template_PKG}" ]; then
         echo -e "${COLOR_GREEN}Installing packages.${COLOR_RESET}"
-        jexec -l ${_jail} env ASSUME_ALWAYS_YES="YES" /usr/sbin/pkg bootstrap
-        jexec -l ${_jail} env ASSUME_ALWAYS_YES="YES" /usr/sbin/pkg audit -F
-        jexec -l ${_jail} env ASSUME_ALWAYS_YES="YES" /usr/sbin/pkg install ${bastille_templatepkg}
+        jexec -l "${_jail}" env ASSUME_ALWAYS_YES=YES /usr/sbin/pkg bootstrap
+        jexec -l "${_jail}" /usr/sbin/pkg audit -F
+        jexec -l "${_jail}" /usr/sbin/pkg install $(cat ${bastille_template_PKG})
     fi
 
     ## sysrc
-    if [ -s "${bastille_template}/SYSRC" ]; then
+    if [ -s "${bastille_template_SYSRC}" ]; then
         echo -e "${COLOR_GREEN}Updating services.${COLOR_RESET}"
-        IFS=''
         while read _sysrc; do
             jexec -l ${_jail} /usr/sbin/sysrc "${_sysrc}"
-        done < "${bastille_template}/SYSRC"
+        done < "${bastille_template_SYSRC}"
     fi
 
     ## cmd
-    if [ -s "${bastille_template}/CMD" ]; then
+    if [ -s "${bastille_template_CMD}" ]; then
         echo -e "${COLOR_GREEN}Executing final command(s).${COLOR_RESET}"
-        jexec -l ${_jail} /bin/sh < "${bastille_template}/CMD"
+        jexec -l ${_jail} /bin/sh < "${bastille_template_CMD}"
     fi
     echo -e "${COLOR_GREEN}Template Complete.${COLOR_RESET}"
     echo

usr/local/share/bastille/top.sh

@@ -47,11 +47,11 @@ if [ $# -gt 1 ] || [ $# -lt 1 ]; then
 fi
 
 if [ "$1" = 'ALL' ]; then
-    JAILS=$(jls -N name)
+    JAILS=$(jls name)
 fi
 
 if [ "$1" != 'ALL' ]; then
-    JAILS=$(jls -N name | grep "$1")
+    JAILS=$(jls name | grep -E "(^|\b)${1}($|\b)")
 fi
 
 for _jail in ${JAILS}; do
@@ -59,5 +59,3 @@ for _jail in ${JAILS}; do
     jexec -l ${_jail} /usr/bin/top
     echo -e "${COLOR_RESET}"
 done
-
-TERM=${SAVED_TERM}

usr/local/share/bastille/update.sh

@@ -49,9 +49,6 @@ fi
 
 RELEASE=$1
 
-echo -e "${COLOR_GREEN}Targeting specified release.${COLOR_RESET}"
-echo -e "${RELEASE}"
-echo
 if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then
     freebsd-update -b "${bastille_releasesdir}/${RELEASE}" fetch install --currently-running ${RELEASE}
 else

usr/local/share/bastille/upgrade.sh

@@ -50,9 +50,6 @@ fi
 RELEASE=$1
 NEWRELEASE=$2
 
-echo -e "${COLOR_RED}Targeting specified release.${COLOR_RESET}"
-echo -e "${RELEASE} => ${NEWRELEASE}"
-echo
 if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then
     freebsd-update -b "${bastille_releasesdir}/${RELEASE}" -r ${NEWRELEASE} upgrade
 else

usr/local/share/bastille/verify.sh

@@ -49,9 +49,6 @@ fi
 
 RELEASE=$1
 
-echo -e "${COLOR_RED}Targeting specified release.${COLOR_RESET}"
-echo -e "${RELEASE}"
-echo
 if [ -d "${bastille_releasesdir}/${RELEASE}" ]; then
     freebsd-update -b "${bastille_releasesdir}/${RELEASE}" IDS
 else