Delete dynamic ruleset, obtained from /var/run/jail.$InternalName.conf
This commit is contained in:
36
cmd/stop.go
36
cmd/stop.go
@ -9,6 +9,7 @@ import (
|
||||
"regexp"
|
||||
// "reflect"
|
||||
"strings"
|
||||
"strconv"
|
||||
)
|
||||
|
||||
// TODO : Use SYS_RCTL_GET_RACCT syscall
|
||||
@ -82,7 +83,8 @@ func destroyVNetInterfaces(jail *Jail) error {
|
||||
for _, i := range strings.Split(jail.Config.Ip4_addr, ",") {
|
||||
iname := fmt.Sprintf("%s.%d", strings.Split(i, "|")[0], jail.JID)
|
||||
fmt.Printf("%s: ", iname)
|
||||
_, err := executeCommand(fmt.Sprintf("ifconfig %s destroy >/dev/null", iname))
|
||||
_, err := executeCommand(fmt.Sprintf("ifconfig %s destroy", iname))
|
||||
//_, err := executeScript(fmt.Sprintf("ifconfig %s destroy >/dev/null 2>&1", iname))
|
||||
if err != nil {
|
||||
return err
|
||||
} else {
|
||||
@ -99,16 +101,17 @@ func destroyVNetInterfaces(jail *Jail) error {
|
||||
// or else it will require a restart of "devfs" service.
|
||||
// But, stoppign the jail already removes this >1000 ID.
|
||||
// So no need to call this function.
|
||||
func deleteDevfsRuleset(jail *Jail) error {
|
||||
func deleteDevfsRuleset(ruleset int) error {
|
||||
cmd := "devfs rule showsets"
|
||||
out, err := executeCommand(cmd)
|
||||
if err != nil {
|
||||
return errors.New(fmt.Sprintf("ERROR listing rulesets: %s", err.Error()))
|
||||
}
|
||||
|
||||
|
||||
rs := strconv.Itoa(ruleset)
|
||||
for _, r := range strings.Split(out, "\n") {
|
||||
if r == jail.Config.Devfs_ruleset {
|
||||
cmd := fmt.Sprintf("devfs rule -s %s delset", jail.Config.Devfs_ruleset)
|
||||
if r == rs {
|
||||
cmd := fmt.Sprintf("devfs rule -s %d delset", ruleset)
|
||||
_, err := executeCommand(cmd)
|
||||
return err
|
||||
}
|
||||
@ -189,8 +192,6 @@ func StopJail(args []string) {
|
||||
var cj *Jail
|
||||
|
||||
for _, j := range args {
|
||||
fmt.Printf("> Stopping jail %s\n", j)
|
||||
|
||||
for _, rj := range gJails {
|
||||
if rj.Name == j {
|
||||
cj = &rj
|
||||
@ -205,7 +206,9 @@ func StopJail(args []string) {
|
||||
fmt.Printf("Jail %s is not running!\n", cj.Name)
|
||||
continue
|
||||
}
|
||||
|
||||
|
||||
fmt.Printf("> Stopping jail %s\n", j)
|
||||
|
||||
out, err := executeCommand(fmt.Sprintf("rctl jail:%s", cj.InternalName))
|
||||
if err == nil && len(out) > 0 {
|
||||
fmt.Printf(" > Remove RCTL rules:\n")
|
||||
@ -256,14 +259,21 @@ func StopJail(args []string) {
|
||||
fmt.Printf(" > Destroy VNet interfaces: OK\n")
|
||||
}
|
||||
}
|
||||
|
||||
/*fmt.Printf(" > Remove devfsruleset %s:\n", cj.Config.Devfs_ruleset)
|
||||
err = deleteDevfsRuleset(cj)
|
||||
|
||||
// Get currently used ruleset from /var/run/jail.$internal_name.conf
|
||||
ruleset, err := getValueFromRunningConfig(cj.InternalName, "devfs_ruleset")
|
||||
if err != nil {
|
||||
fmt.Printf("ERROR getting current devfs ruleset: %s\n", err.Error())
|
||||
return
|
||||
}
|
||||
rsi, _ := strconv.Atoi(ruleset)
|
||||
fmt.Printf(" > Remove devfs ruleset %d: \n", rsi)
|
||||
err = deleteDevfsRuleset(rsi)
|
||||
if err != nil {
|
||||
fmt.Printf("ERROR: %s\n", err.Error())
|
||||
} else {
|
||||
fmt.Printf(" > Remove devfsruleset %s: OK\n", cj.Config.Devfs_ruleset)
|
||||
}*/
|
||||
fmt.Printf(" > Remove devfsruleset %d: OK\n", rsi)
|
||||
}
|
||||
|
||||
fmt.Printf(" > Stop jail %s:\n", cj.Name)
|
||||
err = stopJail(cj)
|
||||
|
||||
Reference in New Issue
Block a user