1#!/bin/sh 2 3# Bastille jail startup script 4# 5# PROVIDE: bastille 6# REQUIRE: NETWORKING 7# KEYWORD: shutdown 8 9# Add the following to /etc/rc.conf[.local] to enable this service 10# 11# bastille_enable (bool): Set to NO by default. 12# Set it to YES to enable bastille. 13# bastille_list (string): Set to "ALL" by default. 14# Space separated list of jails to start. 15# 16 17. /etc/rc.subr 18 19name=bastille 20rcvar=${name}_enable 21 22: ${bastille_enable:=NO} 23: ${bastille_list:="ALL"} 24 25command=/usr/local/bin/${name} 26start_cmd="bastille_start" 27stop_cmd="bastille_stop" 28restart_cmd="bastille_stop && bastille_start" 29 30bastille_start() 31{ 32 if [ -z "${bastille_list}" ]; then 33 echo "bastille_list is undefined" 34 return 1 35 fi 36 37 local _jail 38 39 for _jail in ${bastille_list}; do 40 echo "Starting Bastille Container: ${_jail}" 41 ${command} start ${_jail} 42 done 43} 44 45bastille_stop() 46{ 47 if [ -z "${bastille_list}" ]; then 48 echo "bastille_list is undefined" 49 return 1 50 fi 51 52 local _jail 53 54 for _jail in ${bastille_list}; do 55 echo "Stopping Bastille Container: ${_jail}" 56 ${command} stop ${_jail} 57 done 58} 59 60load_rc_config ${name} 61run_rc_command "$1" 62