mirror of
https://github.com/JRGTH/xigmanas-bastille-extension.git
synced 2025-12-11 17:31:09 +01:00
Compare commits
3 Commits
ae9c3b62e5
...
8a2e33b3b4
| Author | SHA1 | Date | |
|---|---|---|---|
|
8a2e33b3b4 | ||
|
|
ed3fc8b716 | ||
|
|
71ca5390d2 |
@@ -3,6 +3,9 @@
|
||||
======================
|
||||
Version Description
|
||||
|
||||
1.1.49......Disable basic interface to comply with bastille new syntax.
|
||||
1.1.48......Add action to set priority value from utilities.
|
||||
1.1.47......Cosmetic changes and improvements.
|
||||
1.1.46......Display jail IP using bastille list buil-in command.
|
||||
1.1.45......Code update for recent bastille boot settings changes.
|
||||
1.1.44......Fix bastille version display under maintenance tab.
|
||||
|
||||
@@ -243,11 +243,27 @@ function get_jail_infos() {
|
||||
elseif (!$r['rel']):
|
||||
$r['rel'] = "-";
|
||||
endif;
|
||||
// Display interfaces.
|
||||
$r['nic'] = exec("/usr/bin/grep -wE 'interface.*=.*;|vnet.interface.*=.*;' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'");
|
||||
if (!$r['nic']):
|
||||
$r['nic'] = "-";
|
||||
|
||||
// Display interface name for VNET jails.
|
||||
if (exec("/usr/bin/grep -w '.*vnet.interface.*=.*;' {$jail_dir}/{$item}/jail.conf")):
|
||||
$r['nic'] = exec("/usr/bin/grep -w '.*vnet.interface.*=.*;' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'");
|
||||
if (!$r['nic']):
|
||||
$r['nic'] = "-";
|
||||
endif;
|
||||
// Display interface name from the previous jail.conf syntax for simple shared IP jails.
|
||||
elseif (exec("/usr/bin/grep -w '.*interface.*=.*;' {$jail_dir}/{$item}/jail.conf")):
|
||||
$r['nic'] = exec("/usr/bin/grep -w '.*interface.*=.*;' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'");
|
||||
if (!$r['nic']):
|
||||
$r['nic'] = "-";
|
||||
endif;
|
||||
// Display interface name from the new jail.conf syntax for simple shared IP jails.
|
||||
elseif (exec("/usr/bin/grep -w '.*ip4.addr.*=.*|.*' {$jail_dir}/{$item}/jail.conf")):
|
||||
$r['nic'] = exec("/usr/bin/grep -w '.*ip4.addr.*=.*|.*' {$jail_dir}/{$item}/jail.conf | cut -d'|' -f1 | awk '{print $3}'");
|
||||
if (!$r['nic']):
|
||||
$r['nic'] = "-";
|
||||
endif;
|
||||
endif;
|
||||
|
||||
// Display path.
|
||||
$r['path'] = exec("/usr/bin/grep -w 'path' {$jail_dir}/{$item}/jail.conf | /usr/bin/awk '{print $3}' | /usr/bin/tr -d ';'");
|
||||
if (!$r['path']):
|
||||
|
||||
@@ -74,22 +74,24 @@ $pconfig['jname'] = "$container";
|
||||
$pconfig['hostname'] = exec("/usr/bin/grep '.*host.hostname.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['ipv4'] = exec("/usr/bin/grep '.*ip4.addr.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['ipv6'] = exec("/usr/bin/grep '.*ip6.addr.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['interface'] = exec("/usr/bin/grep '.*interface.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
//$pconfig['interface'] = exec("/usr/bin/grep '.*interface.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['securelevel'] = exec("/usr/bin/grep '.*securelevel.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['devfs_ruleset'] = exec("/usr/bin/grep '.*devfs_ruleset.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['enforce_statfs'] = exec("/usr/bin/grep '.*enforce_statfs.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['vnet_interface'] = exec("/usr/bin/grep '.*vnet.interface.*=' $jail_config | cut -d '=' -f2 | tr -d ' ;'");
|
||||
$pconfig['boot_prio'] = exec("/usr/local/bin/bastille config {$item} get priority");
|
||||
|
||||
// Set the jail config default parameters.
|
||||
$jail_name_def = $pconfig['jname'];
|
||||
$jail_hostname_def = $pconfig['hostname'];
|
||||
$jail_ipv4_def = $pconfig['ipv4'];
|
||||
$jail_ipv6_def = $pconfig['ipv6'];
|
||||
$jail_interface_def = $pconfig['interface'];
|
||||
//$jail_interface_def = $pconfig['interface'];
|
||||
$jail_securelevel_def = $pconfig['securelevel'];
|
||||
$jail_devfs_ruleset_def = $pconfig['devfs_ruleset'];
|
||||
$jail_enforce_statfs_def = $pconfig['enforce_statfs'];
|
||||
$jail_vnet_interface_def = $pconfig['vnet_interface'];
|
||||
$jail_boot_prio_def = $pconfig['boot_prio'];
|
||||
|
||||
// Check if is a Linux jail.
|
||||
$is_linux_jail = exec("/usr/bin/grep linsysfs {$jail_dir}/{$jail_name_def}/fstab");
|
||||
@@ -178,9 +180,9 @@ if ($_POST):
|
||||
if(isset($pconfig['ipv6'])):
|
||||
$jail_ipv6 = $pconfig['ipv6'];
|
||||
endif;
|
||||
if(isset($pconfig['interface'])):
|
||||
$jail_interface = $pconfig['interface'];
|
||||
endif;
|
||||
//if(isset($pconfig['interface'])):
|
||||
// $jail_interface = $pconfig['interface'];
|
||||
//endif;
|
||||
if(isset($pconfig['securelevel'])):
|
||||
$jail_securelevel = $pconfig['securelevel'];
|
||||
endif;
|
||||
@@ -193,6 +195,9 @@ if ($_POST):
|
||||
if(isset($pconfig['vnet_interface'])):
|
||||
$jail_vnet_interface = $pconfig['vnet_interface'];
|
||||
endif;
|
||||
if(isset($pconfig['boot_prio'])):
|
||||
$jail_boot_prio = $pconfig['boot_prio'];
|
||||
endif;
|
||||
|
||||
// Check if the config has changed for each parameter.
|
||||
// This could be done with a nice foreach loop in the future.
|
||||
@@ -208,9 +213,9 @@ if ($_POST):
|
||||
if(isset($_POST['ipv6']) && ($jail_ipv6_def !== $jail_ipv6)):
|
||||
$is_changed = "1";
|
||||
endif;
|
||||
if(isset($_POST['interface']) && ($jail_interface_def !== $jail_interface)):
|
||||
$is_changed = "1";
|
||||
endif;
|
||||
//if(isset($_POST['interface']) && ($jail_interface_def !== $jail_interface)):
|
||||
// $is_changed = "1";
|
||||
//endif;
|
||||
// Don't check "securelevel" if Linux jail.
|
||||
if(!$is_linux_jail):
|
||||
if($jail_securelevel_def !== $jail_securelevel):
|
||||
@@ -235,6 +240,7 @@ if ($_POST):
|
||||
// Skip jail running check.
|
||||
$retval = "1";
|
||||
endif;
|
||||
|
||||
if($retval == 0):
|
||||
$input_errors[] = gtext("This jail is running, please stop it before making jail.conf changes.");
|
||||
else:
|
||||
@@ -274,19 +280,19 @@ if ($_POST):
|
||||
endif;
|
||||
endif;
|
||||
|
||||
if (isset($_POST['interface']) && $_POST['interface']):
|
||||
if($jail_interface_def !== $jail_interface):
|
||||
if ($_POST['interface'] !== 'Config'):
|
||||
$cmd = "/usr/bin/sed -i '' 's|.*interface.*=.*;| interface = $jail_interface;|' $jail_config";
|
||||
unset($output,$retval);mwexec2($cmd,$output,$retval);
|
||||
if($retval == 0):
|
||||
//$savemsg .= gtext("Interface changed successfully.");
|
||||
else:
|
||||
$input_errors[] = gtext("Failed to save interface.");
|
||||
endif;
|
||||
endif;
|
||||
endif;
|
||||
endif;
|
||||
//if (isset($_POST['interface']) && $_POST['interface']):
|
||||
// if($jail_interface_def !== $jail_interface):
|
||||
// if ($_POST['interface'] !== 'Config'):
|
||||
// $cmd = "/usr/bin/sed -i '' 's|.*interface.*=.*;| interface = $jail_interface;|' $jail_config";
|
||||
// unset($output,$retval);mwexec2($cmd,$output,$retval);
|
||||
// if($retval == 0):
|
||||
// //$savemsg .= gtext("Interface changed successfully.");
|
||||
// else:
|
||||
// $input_errors[] = gtext("Failed to save interface.");
|
||||
// endif;
|
||||
// endif;
|
||||
// endif;
|
||||
//endif;
|
||||
|
||||
if (isset($_POST['vnet_interface']) && $_POST['vnet_interface']):
|
||||
if($jail_vnet_interface_def !== $jail_vnet_interface):
|
||||
@@ -368,6 +374,18 @@ if ($_POST):
|
||||
endif;
|
||||
endif;
|
||||
|
||||
if (isset($_POST['boot_prio']) || $_POST['boot_prio']):
|
||||
if($jail_boot_prio_def !== $jail_boot_prio):
|
||||
$cmd = "/usr/local/bin/bastille config {$item} set priority $jail_boot_prio";
|
||||
unset($output,$retval);mwexec2($cmd,$output,$retval);
|
||||
if($retval == 0):
|
||||
//$savemsg .= gtext("Priority changed successfully.");
|
||||
else:
|
||||
$input_errors[] = gtext("Failed to save priority .");
|
||||
endif;
|
||||
endif;
|
||||
endif;
|
||||
|
||||
if (isset($_POST['jname']) && $_POST['jname']):
|
||||
if($jail_name_def !== $jail_name):
|
||||
$cmd = "/usr/local/bin/bastille rename $jail_name_def $jail_name";
|
||||
@@ -405,7 +423,6 @@ endif;
|
||||
$a_action = $l_interfaces;
|
||||
html_titleline2(gtext("Jail Configuration"));
|
||||
html_inputbox("jname", gtext("Name"), $pconfig['jname'], gtext("Set the desired jail name, for example: jail_1. Warning: renaming a jail will also rename the directory/dataset."), true, 40);
|
||||
|
||||
html_inputbox("hostname", gtext("Hostname"), $pconfig['hostname'], gtext("Set the desired jail hostname, for example: jail.com, not to be confused with the jail name."), true, 40);
|
||||
if ($jail_ipv4_def):
|
||||
html_inputbox("ipv4", gtext("IPv4"), $pconfig['ipv4'], gtext("Set the desired jail IPv4 address, for example: 192.168.1.100, or 192.168.1.100/24."), true, 40);
|
||||
@@ -413,9 +430,9 @@ endif;
|
||||
if ($jail_ipv6_def):
|
||||
html_inputbox("ipv6", gtext("IPv6"), $pconfig['ipv6'], gtext("Set the desired jail IPv4 address, for example: 2001:cdba::3257:9652, or 2001:cdba::3257:9652/64."), true, 40);
|
||||
endif;
|
||||
if (!$is_vnet):
|
||||
html_combobox('interface', gtext('Interface'),$pconfig['interface'], $a_action, gtext("Set the network interface available from the dropdown menu, usually should not be changed unless replacing/renaming interface or moving jail from host."), true, false, 'action_change()');
|
||||
endif;
|
||||
//if (!$is_vnet):
|
||||
// html_combobox('interface', gtext('Interface'),$pconfig['interface'], $a_action, gtext("Set the network interface available from the dropdown menu, usually should not be changed unless replacing/renaming interface or moving jail from host."), true, false, 'action_change()');
|
||||
//endif;
|
||||
if(!$is_linux_jail):
|
||||
html_inputbox("securelevel", gtext("securelevel"), $pconfig['securelevel'], gtext("The value of the jail's kern.securelevel. A jail never has a lower securelevel than its parent system, but by setting this parameter it may have a higher one, default is 2."), false, 20);
|
||||
endif;
|
||||
@@ -424,13 +441,14 @@ endif;
|
||||
html_inputbox("enforce_statfs", gtext("enforce_statfs"), $pconfig['enforce_statfs'], gtext("This determines what information processes in a jail are able to get about mount points. Affects the behaviour of the following syscalls: statfs, fstatfs, getfsstat and fhstatfs, default is 2."), false, 20);
|
||||
//endif;
|
||||
if ($is_vnet):
|
||||
html_inputbox("vnet_interface", gtext("VNET Interface"), $pconfig['vnet_interface'], gtext("Set the VNET interface manually, usually should not be changed unless renaming the interface or moving jail from host."), false, 20);
|
||||
html_inputbox("vnet_interface", gtext("VNET Interface"), $pconfig['vnet_interface'], gtext("Set the VNET interface manually, usually should not be changed unless renaming the interface or moving jail from host, Note: manual edit of the jail rc.conf file may be required."), false, 20);
|
||||
endif;
|
||||
?>
|
||||
<?php
|
||||
html_separator2();
|
||||
html_titleline2(gtext("Misc Configuration"));
|
||||
html_checkbox2('autostart',gtext('Autoboot'),!empty($pconfig['autostart']) ? true : false,gtext('Autoboot this jail after system reboot.'),'',false);
|
||||
html_inputbox("boot_prio", gtext("Priority"), $pconfig['boot_prio'], gtext("Set the priority value of the jail. Affects the boot order behaviour."), false, 20);
|
||||
//html_checkbox2('force_edit',gtext('Force edit'),!empty($pconfig['force_edit']) ? true : false,gtext('Automatically stop and start this jail if is already running.'),'',false);
|
||||
?>
|
||||
</table>
|
||||
|
||||
@@ -318,6 +318,31 @@ if($_POST):
|
||||
endif;
|
||||
break;
|
||||
|
||||
case 'priority':
|
||||
// Input validation required
|
||||
if(empty($input_errors)):
|
||||
$container = [];
|
||||
$container['uuid'] = $_POST['uuid'];
|
||||
$container['jailname'] = $_POST['jailname'];
|
||||
$set_priority = $pconfig['prioritynumber'];
|
||||
$item = $container['jailname'];
|
||||
if(exec("/usr/sbin/sysrc -f {$jail_dir}/{$item}/{$jail_settings} -qn priority")):
|
||||
if (is_numeric($set_priority)):
|
||||
$cmd = ("/usr/local/bin/bastille config {$item} set priority {$set_priority}");
|
||||
unset($output,$retval);mwexec2($cmd,$output,$retval);
|
||||
if($retval == 0):
|
||||
header('Location: bastille_manager_gui.php');
|
||||
exit;
|
||||
else:
|
||||
$input_errors[] = gtext("Failed to set priority.");
|
||||
endif;
|
||||
else:
|
||||
$input_errors[] = gtext("Priority value must be a number.");
|
||||
endif;
|
||||
endif;
|
||||
endif;
|
||||
break;
|
||||
|
||||
case 'fstab':
|
||||
// Input validation not required
|
||||
if(empty($input_errors)):
|
||||
@@ -458,33 +483,44 @@ function action_change() {
|
||||
showElementById('backup_tr', 'show');
|
||||
showElementById('format_tr', 'show');
|
||||
showElementById('safemode_tr', 'show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "clone":
|
||||
showElementById('newname_tr','show');
|
||||
showElementById('newipaddr_tr','show');
|
||||
showElementById('clonestop_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "update":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('update_base_tr','show');
|
||||
showElementById('update_jail_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "base":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('jail_release_tr', 'show');
|
||||
showElementById('release_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "autoboot":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('auto_boot_tr', 'show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "noauto":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('no_autoboot_tr', 'show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "priority":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('prioritynumber_tr','show');
|
||||
break;
|
||||
case "fstab":
|
||||
showElementById('confirmname_tr','hide');
|
||||
@@ -495,15 +531,18 @@ function action_change() {
|
||||
showElementById('readonly_tr','show');
|
||||
showElementById('createdir_tr','show');
|
||||
showElementById('automount_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "delete":
|
||||
showElementById('confirmname_tr','show');
|
||||
showElementById('nowstop_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
case "advanced":
|
||||
showElementById('confirmname_tr','hide');
|
||||
showElementById('nowstop_tr','hide');
|
||||
showElementById('advanced_tr','show');
|
||||
showElementById('prioritynumber_tr','hide');
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
@@ -577,6 +616,7 @@ $document->render();
|
||||
'base' => gettext('Release'),
|
||||
'autoboot' => gettext('Autoboot'),
|
||||
'noauto' => gettext('Noauto'),
|
||||
'priority' => gettext('Priority'),
|
||||
'fstab' => gettext('Fstab'),
|
||||
'delete' => gettext('Destroy'),
|
||||
'advanced' => gettext('Advanced'),
|
||||
@@ -605,6 +645,7 @@ $document->render();
|
||||
html_checkbox2('safemode',gettext('Safe ZFS export'),!empty($pconfig['safemode']) ? true : false,gettext('Safely stop and start a ZFS jail before the exporting process, this has no effect on .TGZ/TXZ since the jail should be stopped regardless.'),'',false);
|
||||
endif;
|
||||
html_inputbox2('confirmname',gettext('Enter name for confirmation'),!empty($pconfig['confirmname']),'',true,30);
|
||||
html_inputbox2('prioritynumber',gettext('Enter priority value'),!empty($pconfig['prioritynumber']),'',true,30);
|
||||
html_checkbox2('nowstop',gettext('Stop container'),!empty($pconfig['nowstop']) ? true : false,gettext('Stop the container if running before deletion.'),'',false);
|
||||
html_inputbox2('newname',gettext('Enter a name for the new container'),!empty($pconfig['newname']),'',true,30);
|
||||
html_inputbox2('newipaddr',gettext('Enter a IP address for the new container'),!empty($pconfig['newipaddr']),'',true,30);
|
||||
|
||||
Reference in New Issue
Block a user