From afa76f6a9c196c61e840d5188495b764db8b2346 Mon Sep 17 00:00:00 2001 From: JRGTH Date: Thu, 4 Sep 2025 23:51:29 -0400 Subject: [PATCH] Update for recent bastille boot settings changes --- CHANGELOG | 1 + bastille-init | 21 ++++++++++--- gui/bastille_manager-lib.inc | 8 +++-- gui/bastille_manager_add.php | 31 ++++++++++--------- gui/bastille_manager_jconf.php | 54 +++++++++++++++++++--------------- gui/bastille_manager_util.php | 8 +++-- version | 2 +- 7 files changed, 74 insertions(+), 51 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 55c7620..7e64849 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -3,6 +3,7 @@ ====================== Version Description +1.1.45......Code update for recent bastille boot settings changes. 1.1.44......Fix bastille version display under maintenance tab. 1.1.43......Update: Finish adding support for 14.3 release. 1.1.42......Update: Add support for 14.3 release + add -a option for destroy. diff --git a/bastille-init b/bastille-init index 1a6320e..9ce7458 100644 --- a/bastille-init +++ b/bastille-init @@ -1139,6 +1139,7 @@ ext_start() # Start bastille jails. if [ -d "${CWDIR}/jails" ]; then JAIL_LIST=$(bastille list jail) + # This loop is for backward compatibility only. for jail in ${JAIL_LIST}; do if grep -qw "${jail}_AUTO_START=\"YES\"" ${CWDIR}${EXTCONF}; then if ! jls | sed "1 d" | awk '{print $3}' | grep -qw ${jail}; then @@ -1146,6 +1147,13 @@ ext_start() fi fi done + + # Required for embedded platforms. + if [ "${PRDPLATFORM}" = "x64-embedded" ]; then + if sysrc -qc bastille_enable=YES; then + service bastille start + fi + fi fi if [ $? -eq 0 ]; then @@ -1198,9 +1206,9 @@ rc_params() fi # Do't start containers by default. - if ! sysrc -qn bastille_enable >/dev/null 2>&1; then - sysrc bastille_enable="NO" >/dev/null 2>&1 - fi + #if ! sysrc -qn bastille_enable >/dev/null 2>&1; then + # sysrc bastille_enable="NO" >/dev/null 2>&1 + #fi # Check if sane ZFS is enabled in this setup. if [ "${bastille_zfs_enable}" = "YES" ]; then @@ -1225,6 +1233,9 @@ rc_params() else sysrc -f ${CWDIR}${EXTCONF} ZFS_SUPPORT="NO" >/dev/null 2>&1 fi + + # Enable bastille in /etc/rc.conf + sysrc bastille_enable="YES" >/dev/null 2>&1 } update_config() @@ -1308,7 +1319,9 @@ bastille_stop() { # Stop all bastille containers. echo "${PRDNAME} Extension: Stopping all containers..." - bastille stop ALL + if ! sysrc -qc bastille_enable=YES; then + bastille stop ALL + fi if [ $? -eq 0 ]; then exit 0 else diff --git a/gui/bastille_manager-lib.inc b/gui/bastille_manager-lib.inc index cdd0f26..b81545f 100644 --- a/gui/bastille_manager-lib.inc +++ b/gui/bastille_manager-lib.inc @@ -67,6 +67,7 @@ $tarballversion = "/usr/local/bin/bastille"; $bastille_version_min = exec("grep 'BASTILLE_VERSION=' $tarballversion | cut -d '\"' -f2 | tr -d '.'"); $host_version = exec("/bin/cat /etc/prd.version | tr -d '.'"); $linux_compat_support = exec("/usr/bin/grep 'LINUX_COMPAT_SUPPORT=' $configfile | /usr/bin/cut -d'\"' -f2"); +$jail_settings = "settings.conf"; // Ensure the root directory is configured. if ($rootfolder == "") @@ -253,10 +254,11 @@ function get_jail_infos() { $r['path'] = "-"; endif; // Display auto-start settings. - $jail_autostart = exec("/usr/bin/grep -w {$item}_AUTO_START $configfile | cut -d'=' -f2 | tr -d '\"'"); - if ($jail_autostart == 'YES') { + //$jail_autostart = exec("/usr/bin/grep -w {$item}_AUTO_START $configfile | cut -d'=' -f2 | tr -d '\"'"); + $jail_autostart = exec("/usr/bin/grep -w boot {$jail_dir}/{$item}/settings.conf | cut -d'=' -f2 | tr -d '\"'"); + if ($jail_autostart == 'on') { $r['boot'] = $img_path['ena']; - } elseif ($jail_autostart == 'NO') { + } elseif ($jail_autostart == 'off') { $r['boot'] = $img_path['dis']; } else { $r['boot'] = $img_path['dis']; diff --git a/gui/bastille_manager_add.php b/gui/bastille_manager_add.php index 65cad35..bf80cd4 100644 --- a/gui/bastille_manager_add.php +++ b/gui/bastille_manager_add.php @@ -113,10 +113,10 @@ if($_POST): // Just create an empty container with minimal jail.conf. $cmd = ("/usr/local/bin/bastille create -E {$jname}"); else: - if (isset($_POST['nowstart'])): - $cmd = ("/usr/local/bin/bastille create {$options} {$jname} {$release} {$ipaddr} {$interface} && /usr/local/bin/bastille start {$jname}"); - else: + if (isset($_POST['autostart'])): $cmd = ("/usr/local/bin/bastille create {$options} {$jname} {$release} {$ipaddr} {$interface}"); + else: + $cmd = ("/usr/local/bin/bastille create --no-boot {$options} {$jname} {$release} {$ipaddr} {$interface}"); endif; endif; @@ -124,16 +124,15 @@ if($_POST): if(get_all_release_list()): unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): - if (isset($_POST['autostart'])): - exec("/usr/sbin/sysrc -f {$configfile} {$jname}_AUTO_START=\"YES\""); - endif; + //if (isset($_POST['autostart'])): + // exec("/usr/sbin/sysrc -f {$configfile} {$jname}_AUTO_START=\"YES\""); + //endif; if(is_link($resolv_conf)): if(unlink($resolv_conf)): //exec("/usr/local/bin/bastille cp $jname $resolv_host etc"); copy($resolv_host, $resolv_conf); endif; endif; - //$savemsg .= gtext("Boot Environment created and activated successfully."); header('Location: bastille_manager_gui.php'); exit; else: @@ -163,7 +162,7 @@ function emptyjail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'show'); showElementById('bridgejail_tr', 'show'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); break; @@ -174,7 +173,7 @@ function emptyjail_change() { showElementById('thickjail_tr', 'hide'); showElementById('vnetjail_tr', 'hide'); showElementById('bridgejail_tr', 'hide'); - showElementById('nowstart_tr', 'hide'); + //showElementById('nowstart_tr', 'hide'); showElementById('autostart_tr', 'hide'); showElementById('linuxjail_tr', 'hide'); break; @@ -190,7 +189,7 @@ function linuxjail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'show'); showElementById('bridgejail_tr', 'show'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); showElementById('emptyjail_tr', 'show'); @@ -202,7 +201,7 @@ function linuxjail_change() { showElementById('thickjail_tr', 'hide'); showElementById('vnetjail_tr', 'hide'); showElementById('bridgejail_tr', 'hide'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('emptyjail_tr', 'hide'); break; @@ -218,7 +217,7 @@ function vnetjail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'show'); showElementById('bridgejail_tr', 'show'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); break; @@ -229,7 +228,7 @@ function vnetjail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'show'); showElementById('bridgejail_tr', 'hide'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); break; @@ -245,7 +244,7 @@ function bridgejail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'show'); showElementById('bridgejail_tr', 'show'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); break; @@ -256,7 +255,7 @@ function bridgejail_change() { showElementById('thickjail_tr', 'show'); showElementById('vnetjail_tr', 'hide'); showElementById('bridgejail_tr', 'show'); - showElementById('nowstart_tr', 'show'); + //showElementById('nowstart_tr', 'show'); showElementById('autostart_tr', 'show'); showElementById('linuxjail_tr', 'show'); break; @@ -320,7 +319,7 @@ $document->render(); html_checkbox2('linuxjail',gettext('Create a Linux container'),!empty($pconfig['linuxjail']) ? true : false,gettext('This will create a Linux container, this is highly experimental and for testing purposes.'),'',false,false,'linuxjail_change()'); endif; endif; - html_checkbox2('nowstart',gettext('Start after creation'),!empty($pconfig['nowstart']) ? true : false,gettext('Start the container after creation(May be overridden by later bastille releases).'),'',false); + //html_checkbox2('nowstart',gettext('Start after creation'),!empty($pconfig['nowstart']) ? true : false,gettext('Start the container after creation(May be overridden by later bastille releases).'),'',false); html_checkbox2('autostart',gettext('Auto start on boot'),!empty($pconfig['autostart']) ? true : false,gettext('Automatically start the container at boot time.'),'',false); ?> diff --git a/gui/bastille_manager_jconf.php b/gui/bastille_manager_jconf.php index dc76943..52c425f 100644 --- a/gui/bastille_manager_jconf.php +++ b/gui/bastille_manager_jconf.php @@ -62,10 +62,11 @@ endif; $pgtitle = [gtext('Extensions'),gtext('Bastille'),gtext('Configuration'), $container]; $jail_config = "$jail_dir/$container/jail.conf"; +$item = $pconfig['jailname']; // Get some jail system settings. $is_vnet = exec("/usr/bin/grep '.*vnet;' $jail_config"); -$pconfig['autostart'] = exec("/usr/bin/grep -w '{$container}_AUTO_START=\"YES\"' $bastille_config"); +$pconfig['autostart'] = exec("/usr/bin/grep -w 'boot=\"on\"' {$jail_dir}/{$item}/{$jail_settings}"); // Get some jail config parameters. // This could be done with a nice php preg loop in the future. @@ -124,17 +125,19 @@ if ($_POST): $input_errors[] = gtext("A valid hostname must be specified, it can't be left blank."); endif; - if(isset($_POST['ipv4'])): - if(!preg_match('/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/', $pconfig['ipv4'])): - $input_errors[] = gtext("A valid IPv4 address must be specified."); - endif; - endif; + // Disable this IP validation check since bastille jail.conf syntax has changed recently. + //if(isset($_POST['ipv4'])): + // if(!preg_match('/^(([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])\.){3}([0-9]|[1-9][0-9]|1[0-9]{2}|2[0-4][0-9]|25[0-5])(\/([0-9]|[1-2][0-9]|3[0-2]))?$/', $pconfig['ipv4'])): + // $input_errors[] = gtext("A valid IPv4 address must be specified."); + // endif; + //endif; - if(isset($_POST['ipv6'])): - if(!preg_match('/^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$))/', $pconfig['ipv6'])): - $input_errors[] = gtext("A valid IPv6 address must be specified."); - endif; - endif; + // Disable this IP validation check since bastille jail.conf syntax has changed recently. + //if(isset($_POST['ipv6'])): + // if(!preg_match('/^(([a-fA-F0-9:]+$)|([a-fA-F0-9:]+\/[0-9]{1,3}$))/', $pconfig['ipv6'])): + // $input_errors[] = gtext("A valid IPv6 address must be specified."); + // endif; + //endif; if(isset($_POST['securelevel'])): if(!preg_match('/^[0-3]$/', $pconfig['securelevel'])): @@ -249,7 +252,7 @@ if ($_POST): if (isset($_POST['ipv4']) && $_POST['ipv4']): if($jail_ipv4_def !== $jail_ipv4): - $cmd = "/usr/bin/sed -i '' 's|.*ip4.addr.*=.*;| ip4.addr = $jail_ipv4;|' $jail_config"; + $cmd = "/usr/bin/sed -i '' 's/.*ip4.addr.*=.*;/ ip4.addr = $jail_ipv4;/' $jail_config"; unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): //$savemsg .= gtext("IPv4 changed successfully."); @@ -261,7 +264,7 @@ if ($_POST): if (isset($_POST['ipv6']) && $_POST['ipv6']): if($jail_ipv6_def !== $jail_ipv6): - $cmd = "/usr/bin/sed -i '' 's|.*ip6.addr.*=.*;| ip6.addr = $jail_ipv6;|' $jail_config"; + $cmd = "/usr/bin/sed -i '' 's/.*ip6.addr.*=.*;/ ip6.addr = $jail_ipv6;/' $jail_config"; unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): //$savemsg .= gtext("IPv6 changed successfully."); @@ -336,11 +339,12 @@ if ($_POST): endif; if (isset($_POST['autostart']) && $_POST['autostart']): - if($jail_name_def !== $jail_name): - // Remove obsolete variable. - exec("/usr/sbin/sysrc -f $configfile -x {$jail_name_def}_AUTO_START"); - endif; - $cmd = ("/usr/sbin/sysrc -f $configfile {$jail_name}_AUTO_START=\"YES\""); + //if($jail_name_def !== $jail_name): + // // Remove obsolete variable. + // exec("/usr/sbin/sysrc -f $configfile -x {$jail_name_def}_AUTO_START"); + //endif; + //$cmd = ("/usr/sbin/sysrc -f $configfile {$jail_name}_AUTO_START=\"YES\""); + $cmd = ("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} boot=\"on\""); unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): //$savemsg .= gtext("Autostart changed successfully."); @@ -348,12 +352,13 @@ if ($_POST): $input_errors[] = gtext("Failed to enable autostart."); endif; else: - if($jail_name_def !== $jail_name): - // Remove obsolete variable. - exec("/usr/sbin/sysrc -f $configfile -x {$jail_name_def}_AUTO_START"); - endif; - if(exec("/usr/sbin/sysrc -f $configfile -qn {$jail_name}_AUTO_START")): - $cmd = ("/usr/sbin/sysrc -f $configfile -x {$jail_name}_AUTO_START"); + //if($jail_name_def !== $jail_name): + // // Remove obsolete variable. + // exec("/usr/sbin/sysrc -f $configfile -x {$jail_name_def}_AUTO_START"); + //endif; + if(exec("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} -qn boot")): + //$cmd = ("/usr/sbin/sysrc -f $configfile -x {$jail_name}_AUTO_START"); + $cmd = ("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} boot=\"off\""); unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): //$savemsg .= gtext("Autostart changed successfully."); @@ -442,6 +447,7 @@ endif; . gtext('For additional information about the jail configuration file, check the FreeBSD documentation') . '.'; html_remark("note", gtext('Note'), $helpinghand); + html_remark("note", gtext("Warning"), sprintf(gtext("Please be careful here as no input validation will be performed."))); ?> diff --git a/gui/bastille_manager_util.php b/gui/bastille_manager_util.php index b4db349..52ccc84 100644 --- a/gui/bastille_manager_util.php +++ b/gui/bastille_manager_util.php @@ -284,7 +284,8 @@ if($_POST): $container['jailname'] = $_POST['jailname']; $confirm_name = $pconfig['confirmname']; $item = $container['jailname']; - $cmd = ("/usr/sbin/sysrc -f {$configfile} {$item}_AUTO_START=\"YES\""); + //$cmd = ("/usr/sbin/sysrc -f {$configfile} {$item}_AUTO_START=\"YES\""); + $cmd = ("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} boot=\"on\""); unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): header('Location: bastille_manager_gui.php'); @@ -303,8 +304,9 @@ if($_POST): $container['jailname'] = $_POST['jailname']; $confirm_name = $pconfig['confirmname']; $item = $container['jailname']; - if(exec("/usr/sbin/sysrc -f $configfile -qn {$item}_AUTO_START")): - $cmd = ("/usr/sbin/sysrc -f $configfile -x {$item}_AUTO_START"); + if(exec("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} -qn boot")): + //$cmd = ("/usr/sbin/sysrc -f $configfile -x {$item}_AUTO_START"); + $cmd = ("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} boot=\"off\""); unset($output,$retval);mwexec2($cmd,$output,$retval); if($retval == 0): header('Location: bastille_manager_gui.php'); diff --git a/version b/version index 633becb..1027df1 100644 --- a/version +++ b/version @@ -1 +1 @@ -1.1.44 +1.1.45