more fixes and improvements

Author: tschettervictor

usr/local/share/bastille/clone.sh

@@ -32,33 +32,48 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille clone TARGET NEW_NAME IP_ADDRESS"
-
+    error_notify "Usage: bastille clone [option(s)] TARGET NEW_NAME IP_ADDRESS"
     cat << EOF
     Options:
-    
-    -r | --restart   -- Start/Restart jail(s) on completion.
-    -f | --force     -- Stop the jail if it is running.
-                        Mandatory for UFS, optional for ZFS.
+
+    -l | --live    -- Clone a running jail. ZFS only.
+                      Jail must be running.
+                      Cannot be used with [-f|--force].
+    -f | --force   -- Stop the jail if it is running.
+                      Cannot be used with [-l|--live].
+    -s | --start   -- Start jail(s) when complete.
 
 EOF
     exit 1
 }
 
 # Handle options.
+LIVE=0
 FORCE=0
-RESTART=0
+START=0
 while [ "$#" -gt 0 ]; do
     case "${1}" in
         -h|--help|help)
             usage
             ;;
-        -r|--restart)
-            RESTART=1
-            shift
+        -l|--live)
+            if ! checkyesno bastille_zfs_enable; then
+                error_exit "[-l|--live] can only be used with ZFS."
+            else
+                LIVE=1
+                shift
+            fi
             ;;
         -f|--force)
-            FORCE=1
+            if [ "${LIVE}" -eq 1 ]; then
+                error_exit "[-f|--force] cannot be used with [-l|--live]."
+            else
+                FORCE=1
+                shift
+            fi
+            ;;
+        -s|--start)
+            START=1
             shift
             ;;
         -*)
@@ -161,8 +176,8 @@ update_jailconf_vnet() {
                     sed -i '' "s|e\([0-9]\{1,\}\)b_${NEWNAME}|e${uniq_epair_bridge}b_${NEWNAME}|g" "${JAIL_CONFIG}"
                     sed -i '' "s|epair\([0-9]\{1,\}\)|epair${uniq_epair_bridge}|g" "${JAIL_CONFIG}"
                     sed -i '' "s|exec.prestart += \"ifconfig e0a_bastille\([0-9]\{1,\}\).*description.*|exec.prestart += \"ifconfig e0a_${uniq_epair} description \\\\\"vnet host interface for Bastille jail ${NEWNAME}\\\\\"\";|" "${JAIL_CONFIG}"
-                    sed -i '' "s|ether.*:.*:.*:.*:.*:.*a|ether ${macaddr}a|" "${JAIL_CONFIG}"
-                    sed -i '' "s|ether.*:.*:.*:.*:.*:.*b|ether ${macaddr}b|" "${JAIL_CONFIG}"
+                    sed -i '' "s|ether.*:.*:.*:.*:.*:.*a |ether ${macaddr}a |" "${JAIL_CONFIG}"
+                    sed -i '' "s|ether.*:.*:.*:.*:.*:.*b |ether ${macaddr}b |" "${JAIL_CONFIG}"
                     break
                 fi
             fi
@@ -205,8 +220,13 @@ clone_jail() {
 
     if ! [ -d "${bastille_jailsdir}/${NEWNAME}" ]; then
         if checkyesno bastille_zfs_enable; then
-            check_target_is_stopped "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
-                bastille stop "${TARGET}"
+            if [ "${LIVE}" -eq 1 ]; then
+                check_target_is_running "${TARGET}" || error_exit "[-l|--live] can only be used with a running jail."
+            elif [ "${FORCE}" -eq 1 ]; then
+                check_target_is_stopped "${TARGET}" || bastille stop "${TARGET}"
+            else
+                error_notify "Jail is running."
+                error_exit "Use [-f|--force] to force stop the jail, or [-l|--live] (ZFS only) to clone a running jail."
             fi
             if [ -n "${bastille_zfs_zpool}" ]; then
                 # Replicate the existing container
@@ -226,10 +246,11 @@ clone_jail() {
             # Perform container file copy (archive mode)
             check_target_is_stopped "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
                 bastille stop "${TARGET}"
-                cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
             else
-                exit
+                error_notify "Jail is running."
+                error_exit "Use [-f|--force] to force stop the jail."
             fi
+            cp -a "${bastille_jailsdir}/${TARGET}" "${bastille_jailsdir}/${NEWNAME}"
         fi
     else
         error_exit "${NEWNAME} already exists."
@@ -245,6 +266,12 @@ clone_jail() {
     else
         info "Cloned '${TARGET}' to '${NEWNAME}' successfully."
     fi
+    if [ "${START}" -eq 1 ]; then
+        if [ "${LIVE}" -eq 0 ]; then
+            bastille start "${TARGET}"
+        fi
+        bastille start "${NEWNAME}"
+    fi
 }
 
 # Check if IP address is valid.

usr/local/share/bastille/cmd.sh

@@ -32,8 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille cmd TARGET command"
-
+    error_notify "Usage: bastille cmd TARGET command"
     cat << EOF
     Options:
 
@@ -77,15 +76,17 @@ RETURN=0
 set_target "${TARGET}"
 
 for _jail in ${JAILS}; do
-    # If target is stopped or not found, continue...
+
+    info "[${_jail}]:"
+
     check_target_is_running "${_jail}" || if [ "${FORCE}" -eq 1 ]; then
         bastille start "${_jail}"
-    else
-        continue
+    else   
+        error_notify "Jail is not running."
+        error_continue "Use [-f|--force] to force start the jail."
     fi
 
     COUNT=$(($COUNT+1))
-    info "[${_jail}]:"
     if grep -qw "linsysfs" "${bastille_jailsdir}/${_jail}/fstab"; then
         # Allow executing commands on Linux jails.
         echo "$@"
@@ -94,7 +95,7 @@ for _jail in ${JAILS}; do
         echo "$@"
         jexec -l -U root "${_jail}" "$@"
     fi
-    ERROR_CODE="$?"
+    ERROR_CODE=$?
     if [ "${ERROR_CODE}" -ne 0 ]; then
         warn "[${_jail}]: ${ERROR_CODE}"
     fi

usr/local/share/bastille/common.sh

@@ -82,7 +82,6 @@ warn() {
 check_target_exists() {
     local _TARGET="${1}"
     if [ ! -d "${bastille_jailsdir}"/"${_TARGET}" ]; then
-        error_notify "Jail not found \"${_TARGET}\""
         return 1
     else
         return 0
@@ -92,7 +91,6 @@ check_target_exists() {
 check_target_is_running() {
     local _TARGET="${1}"
     if [ ! "$(/usr/sbin/jls name | awk "/^${_TARGET}$/")" ]; then
-        error_notify "[${_TARGET}]: Not started. See 'bastille start ${_TARGET}'."
         return 1
     else
         return 0
@@ -102,7 +100,6 @@ check_target_is_running() {
 check_target_is_stopped() {
     local _TARGET="${1}"
     if [ "$(/usr/sbin/jls name | awk "/^${_TARGET}$/")" ]; then
-        error_notify "${_TARGET} is running. See 'bastille stop ${_TARGET}'."
         return 1
     else
         return 0
@@ -114,7 +111,7 @@ set_target() {
     if [ "${_TARGET}" = ALL ] || [ "${_TARGET}" = all ]; then
         target_all_jails
     else
-        check_target_exists "${_TARGET}" || exit
+        check_target_exists "${_TARGET}" || error_exit "Jail not found \"${_TARGET}\""
         JAILS="${_TARGET}"
         TARGET="${_TARGET}"
         export JAILS
@@ -127,7 +124,7 @@ set_target_single() {
     if [ "${_TARGET}" = ALL ] || [ "${_TARGET}" = all ]; then
         error_exit "[all|ALL] not supported with this command."
     else
-        check_target_exists "${_TARGET}" || exit
+        check_target_exists "${_TARGET}" || error_exit "Jail not found \"${_TARGET}\""
         JAILS="${_TARGET}"
         TARGET="${_TARGET}"
         export JAILS

usr/local/share/bastille/console.sh

@@ -32,8 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille console TARGET [user]"
-
+    error_notify "Usage: bastille console [option(s)] TARGET [user]"
     cat << EOF
     Options:
 
@@ -75,8 +74,9 @@ bastille_root_check
 set_target_single "${TARGET}"
 check_target_is_running "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
     bastille start "${TARGET}"
-else
-    exit
+else   
+    error_notify "Jail is not running."
+    error_continue "Use [-f|--force] to force start the jail."
 fi
 
 validate_user() {

usr/local/share/bastille/convert.sh

@@ -32,7 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille convert [option(s)] TARGET"
+    error_notify "Usage: bastille convert [option(s)] TARGET"
 
     cat << EOF
     Options:
@@ -73,8 +73,9 @@ bastille_root_check
 set_target_single "${TARGET}"
 check_target_is_stopped "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
     bastille stop "${TARGET}"
-else
-    exit
+else   
+    error_notify "Jail is running."
+    error_exit "Use [-f|--force] to force stop the jail."
 fi
 
 convert_symlinks() {

usr/local/share/bastille/cp.sh

@@ -32,8 +32,7 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille cp [option(s)] TARGET HOST_PATH JAIL_PATH"
-
+    error_notify "Usage: bastille cp [option(s)] TARGET HOST_PATH JAIL_PATH"
     cat << EOF
     Options:
 
@@ -77,7 +76,7 @@ set_target "${TARGET}"
 for _jail in ${JAILS}; do
     info "[${_jail}]:"
     bastille_jail_path="${bastille_jailsdir}/${_jail}/root"
-    cp "${OPTION}" "${CPSOURCE}" "${bastille_jail_path}${CPDEST}"
-    RETURN="$?"
-    return "${RETURN}"
+    if ! cp "${OPTION}" "${CPSOURCE}" "${bastille_jail_path}${CPDEST}"; then
+        error_continue "CP failed: ${CPSOURCE} -> ${bastille_jail_path}${CPDEST}"
+    fi
 done

usr/local/share/bastille/create.sh

@@ -506,6 +506,12 @@ create_jail() {
         fi
     fi
 
+    # Exit if jail was not started, which means something is wrong.
+    if ! check_target_is_running "${NAME}"; then
+        bastille destroy "${NAME}"
+        error_exit "[${NAME}]: Failed to create jail..."
+    fi
+
     if [ -n "${VNET_JAIL}" ]; then
         if [ -n "${bastille_template_vnet}" ]; then
             ## rename interface to generic vnet0

usr/local/share/bastille/destroy.sh

@@ -33,7 +33,6 @@
 
 usage() {
     error_notify "Usage: bastille destroy [option(s)] [JAIL|RELEASE]"
-
     cat << EOF
     Options:
 
@@ -50,10 +49,11 @@ destroy_jail() {
     bastille_jail_base="${bastille_jailsdir}/${TARGET}"            ## dir
     bastille_jail_log="${bastille_logsdir}/${TARGET}_console.log"  ## file
 
-    check_target_is_stopped "${TARGET}" || if [ "${FORCE}" -eq "1" ]; then
+    check_target_is_stopped "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
         bastille stop "${TARGET}"
-    else
-        exit
+    else   
+        error_notify "Jail is running."
+        error_exit "Use [-f|--force] to force stop the jail."
     fi
 
     if [ -d "${bastille_jail_base}" ]; then

usr/local/share/bastille/etcupdate.sh

@@ -31,12 +31,11 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_exit "Usage: bastille etcupdate [option(s)] [TARGET|bootstrap RELEASE]"
-
+    error_notify "Usage: bastille etcupdate [option(s)] [TARGET|bootstrap RELEASE]"
     cat << EOF
     Options:
 
-    -d | --dry-run | -- Only show output of what etcupdate will do.
+    -d | --dry-run   -- Only show output of what etcupdate will do.
 
 EOF
     exit 1
@@ -75,7 +74,7 @@ update_jail_etc() {
     fi
 }
 
-if [ "$#" -lt 2 ] || [ "$#" -gt 3 ]; then
+if [ $# -lt 2 ] || [ $# -gt 3 ]; then
     usage
 fi
 

usr/local/share/bastille/export.sh

@@ -37,7 +37,6 @@ usage() {
     # Valid compress/options for non ZFS configured systems are .tgz and .txz
     # If no compression option specified, user must redirect standard output
     error_notify "Usage: bastille export | option(s) | TARGET | PATH"
-
     cat << EOF
     Options:
 

usr/local/share/bastille/htop.sh

@@ -33,7 +33,6 @@
 
 usage() {
     error_exit "Usage: bastille htop [option(s)] TARGET"
-
     cat << EOF
     Options:
 
@@ -71,16 +70,18 @@ TARGET="${1}"
 
 bastille_root_check
 set_target_single "${TARGET}"
+
+info "[${TARGET}]:"
 check_target_is_running "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
     bastille start "${TARGET}"
-else
-    exit
+else   
+    error_notify "Jail is not running."
+    error_continue "Use [-f|--force] to force start the jail."
 fi
 
 bastille_jail_path="${bastille_jailsdir}/${TARGET}/root"
 if [ ! -x "${bastille_jail_path}/usr/local/bin/htop" ]; then
     error_notify "htop not found on ${TARGET}."
 elif [ -x "${bastille_jail_path}/usr/local/bin/htop" ]; then
-    info "[${TARGET}]:"
     jexec -l ${TARGET} /usr/local/bin/htop
 fi

usr/local/share/bastille/import.sh

@@ -35,7 +35,6 @@ usage() {
     # Build an independent usage for the import command
     # If no file/extension specified, will import from standard input
     error_notify "Usage: bastille import [option(s)] FILE"
-
     cat << EOF
     Options:
 

usr/local/share/bastille/limits.sh

@@ -33,8 +33,14 @@
 . /usr/local/etc/bastille/bastille.conf
 
 usage() {
-    error_notify "Usage: bastille limits TARGET OPTION VALUE"
+    error_notify "Usage: bastille limits [option(s)] TARGET OPTION VALUE"
     echo -e "Example: bastille limits JAILNAME memoryuse 1G"
+    cat << EOF
+    Options:
+
+    -f | --force -- Start the jail if it is stopped.
+
+EOF
     exit 1
 }
 
@@ -63,10 +69,12 @@ set_target "${TARGET}"
 for _jail in ${JAILS}; do
 
     info "[${_jail}]:"
-    check_target_is_running "${TARGET}" || if [ "${FORCE}" -eq 1 ]; then
+
+    check_target_is_running "${_jail}" || if [ "${FORCE}" -eq 1 ]; then
         bastille start "${_jail}"
-    else
-        exit
+    else   
+        error_notify "Jail is not running."
+        error_continue "Use [-f|--force] to force start the jail."
     fi
 
     _rctl_rule="jail:${_jail}:${OPTION}:deny=${VALUE}/jail"