yo/gocage
1
0
Fork 0
Code Issues Pull Requests Projects Releases 1 Wiki Activity

WIP on rollback, started "gocage console", default values for jail properties to stay compatible with iocage

Browse Source
This commit is contained in:
yo
2022-04-05 20:58:11 +02:00
parent 4aa1c81fea
commit 0053fd6c8b
4 changed files with 255 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

145
cmd/utils.go
View File

@ -11,8 +11,153 @@ import (
"reflect"
"strings"
"strconv"
"io/ioutil"
)
/*****************************************************************************
* Mandatory constructor for JailConfig type. It set default values
*****************************************************************************/
func NewJailConfig() JailConfig {
var jc JailConfig
hostid, err := ioutil.ReadFile("/etc/hostid")
if err != nil {
hostid = []byte("12345678-abcd-ef98-7654-321012345678")
}
jc.Allow_chflags = 0
jc.Allow_mlock = 0
jc.Allow_mount = 0
jc.Allow_mount_devfs = 0
jc.Allow_mount_fusefs = 0
jc.Allow_mount_nullfs = 0
jc.Allow_mount_procfs = 0
jc.Allow_mount_tmpfs = 0
jc.Allow_mount_zfs = 0
jc.Allow_quotas = 0
jc.Allow_raw_sockets = 0
jc.Allow_socket_af = 0
jc.Allow_set_hostname = 1
jc.Allow_sysvipc = 0
jc.Allow_tun = 0
jc.Allow_vmm = 0
jc.Assign_localhost = 0
jc.Available = "readonly"
jc.Basejail = 0
jc.Bpf = 0
jc.Boot = 0
jc.Children_max = "0"
jc.Comment = "none"
jc.Compression = "lz4"
jc.Compressratio = "readonly"
jc.Coredumpsize = "off"
jc.Count = "1"
jc.Cpuset = "off"
jc.Cputime = "off"
jc.Datasize = "off"
jc.Dedup = "off"
jc.Defaultrouter = "auto"
jc.Defaultrouter6 = "auto"
jc.Depends = "none"
jc.Devfs_ruleset = "4"
jc.Dhcp = 0
jc.Enforce_statfs = "2"
jc.Exec_clean = 1
jc.Exec_created = "/usr/bin/true"
jc.Exec_jail_user = "root"
jc.Exec_fib = "0"
jc.Exec_poststart = "/usr/bin/true"
jc.Exec_poststop = "/usr/bin/true"
jc.Exec_prestart = "/usr/bin/true"
jc.Exec_prestop = "/usr/bin/true"
jc.Exec_system_jail_user = "0"
jc.Exec_system_user = "root"
jc.Exec_start = "/bin/sh /etc/rc"
jc.Exec_stop = "/bin/sh /etc/rc.shutdown"
jc.Exec_timeout = "60"
jc.Hostid = string(hostid)
jc.Hostid_strict_check = 0
jc.Host_time = 1
jc.Interfaces = "vnet0:bridge0"
jc.Ip4_addr = "none"
jc.Ip4_saddrsel = "1"
jc.Ip4 = "new"
jc.Ip6_addr = "none"
jc.Ip6_saddrsel = "1"
jc.Ip6 = "new"
jc.Ip_hostname = 0
jc.Jailtype = "jail"
jc.Jail_zfs = 0
jc.Jail_zfs_mountpoint = "none"
jc.Last_started = "none"
jc.Localhost_ip = "none"
jc.Login_flags = "-f root"
jc.Maxproc = "off"
jc.Min_dyn_devfs_ruleset = "1000"
jc.Memoryuse = "off"
jc.Memorylocked = "off"
jc.Mountpoint = "readonly"
jc.Mount_devfs = 1
jc.Mount_fdescfs = 1
jc.Mount_procfs = 0
jc.Mount_linprocfs = 0
jc.Msgqqueued = "off"
jc.Msgqsize = "off"
jc.Nat = 0
jc.Nat_backend = "ipfw"
jc.Nat_forwards = "none"
jc.Nat_interface = "none"
jc.Nat_prefix = "172.16"
jc.Nmsgq = "off"
jc.Notes = "none"
jc.Nsem = "off"
jc.Nsemop = "off"
jc.Nshm = "off"
jc.Nthr = "off"
jc.Openfiles = "off"
jc.Origin = "readonly"
jc.Owner = "root"
jc.Pcpu = "off"
jc.Plugin_name = "none"
jc.Plugin_repository = "none"
jc.Priority = "99"
jc.Pseudoterminals = "off"
jc.Quota = "none"
jc.Readbps = "off"
jc.Readiops = "off"
jc.Reservation = "none"
jc.Resolver = "/etc/resolv.conf"
jc.Rlimits = "off"
jc.Rtsold = 0
jc.Securelevel = "2"
jc.Shmsize = "off"
jc.Stacksize = "off"
jc.Stop_timeout = "30"
jc.Sync_state = "none"
jc.Sync_target = "none"
jc.Sync_tgt_zpool = "none"
jc.Sysvmsg = "new"
jc.Sysvsem = "new"
jc.Sysvshm = "new"
jc.Swapuse = "off"
jc.Template = 0
jc.Used = "readonly"
jc.Vmemoryuse = "off"
jc.Vnet = 0
jc.Vnet0_mac = "none"
jc.Vnet1_mac = "none"
jc.Vnet2_mac = "none"
jc.Vnet3_mac = "none"
jc.Vnet_default_interface = "auto"
jc.Vnet_interfaces = "none"
jc.Wallclock = "off"
jc.Writebps = "off"
jc.Writeiops = "off"
return jc
}
/*****************************************************************************
*
* Command execution