clone.sh: include note about initial size when appropriate
[girocco.git] / chrootsetup_freebsd.sh
blobf23fc31da978c34e96150e409fca842064907545
1 # chrootsetup_freebsd.sh
3 # This file SHOULD NOT be executable! It is sourced by jailsetup.sh and
4 # SHOULD NOT be executed directly!
6 # On entry the current directory will be set to the top of the chroot
7 # This script must perform platform-specific chroot setup which includes
8 # creating any dev device entries, setting up proc (if needed), setting
9 # up lib64 (if needed) as well as installing a basic set of whatever libraries
10 # are needed for a chroot to function on this platform.
12 # This script must also define a pull_in_bin function that may be called to
13 # install an executable together with any libraries it depends on into the
14 # chroot.
16 # Finally this script must install a suitable nc.openbsd compatible version of
17 # netcat into the chroot jail that's available as nc.openbsd and which supports
18 # connects to unix sockets.
20 # We are designed to set up the chroot based on binaries from
21 # amd64 FreeBSD 8; some things may need slight modifications if
22 # being run on a different distribution.
24 # We require update_pwd_db to be set to work properly on FreeBSD
25 [ -n "$cfg_update_pwd_db" -a "$cfg_update_pwd_db" != "0" ] || {
26 echo 'error: Config.pm must set $update_pwd_db to 1 to use a FreeBSD jail' >&2
27 exit 1
30 chroot_dir="`pwd`"
32 mkdir -p dev proc
33 chown 0:0 dev proc
35 # Extra directories
36 mkdir -p libexec
38 cp_p() {
39 # use cpio to avoid setting flags
40 (cd "$(dirname "$1")" && echo "$(basename "$1")" | \
41 cpio -p -m -u "$chroot_dir/${2%/*}" 2>/dev/null)
42 if [ "${2%/*}" != "${2%/}" ]; then
43 mv -f "$chroot_dir/${2%/*}/$(basename "$1")" \
44 "$chroot_dir/${2%/*}/$(basename "$2")"
48 # Bring in basic libraries:
49 rm -f lib/* libexec/*
50 # ld-elf.so.1:
51 # use cpio to avoid setting flags
52 (cd /libexec; echo ld-elf.so.1 | cpio -p -m "$chroot_dir/libexec" 2>/dev/null)
54 pull_in_lib() {
55 [ -f "$1" ] || return
56 dst="${2%/}/$(basename "$1")"
57 if [ ! -e "$dst" ] || [ "$1" -nt "$dst" ]; then
58 cp_p "$1" "$dst"
59 for llib in $(ldd "$1" | grep '=>' | awk '{print $3}'); do
60 (pull_in_lib "$llib" lib)
61 done
66 # pull_in_bin takes two arguments:
67 # 1: the full path to a binary to pull in (together with any library dependencies)
68 # 2: the destination directory relative to the current directory to copy it to
69 # for example, "pull_in_bin /bin/sh bin" will install the shell into the chroot bin directory
70 # IMPORTANT: argument 1 must be a machine binary, NOT a shell script or other interpreted text
71 # IMPORTANT: text scripts can simply be copied in or installed as they don't have libraries to copy
72 # NOTE: it's expected that calling this function on a running chroot may cause temporary disruption
73 pull_in_bin() {
74 bin="$1"; dst="$2"
75 cp -p "$bin" "${dst%/}/"
76 # ...and all the dependencies.
77 for lib in $(ldd "$bin" | grep '=>' | awk '{print $3}'); do
78 pull_in_lib "$lib" lib
79 done
82 # A catch all that needs to be called after everything's been pulled in
83 chroot_update_permissions() {
84 # Be paranoid
85 [ -n "$chroot_dir" -a "$chroot_dir" != "/" ] || { echo bad '$chroot_dir' >&2; exit 2; }
86 cd "$chroot_dir" || { echo bad '$chroot_dir' >&2; exit 2; }
87 chown -R 0:0 bin lib sbin var libexec
88 # bootstrap the master.passwd database
89 rm -f etc/master.passwd etc/pwd.db etc/spwd.db
90 awk -F ':' '{ print $1 ":" $2 ":" $3 ":" $4 "::0:0:" $5 ":" $6 ":" $7 }' < etc/passwd > etc/master.passwd
91 PW_SCAN_BIG_IDS=1 pwd_mkdb -d etc etc/master.passwd 2>/dev/null
92 chown $cfg_mirror_user:$cfg_owning_group etc/master.passwd etc/pwd.db etc/spwd.db
93 chmod 0664 etc/master.passwd etc/pwd.db etc/spwd.db
96 # the nc.openbsd compatible utility is available as /usr/bin/nc
97 pull_in_bin /usr/bin/nc bin
98 mv -f bin/nc bin/nc.openbsd