diff options
author | Mahrud Sayrafi <root@eve> | 2013-01-18 05:04:46 -0800 |
---|---|---|
committer | Mahrud Sayrafi <root@eve> | 2013-01-18 05:04:46 -0800 |
commit | 87c07dcd1ac6ec54e9ef63327a84d391c64b4368 (patch) | |
tree | 4970ea534c515f4ba47bba00d606267938d278ca | |
download | jux-jail.git-87c07dcd1ac6ec54e9ef63327a84d391c64b4368.tar.gz jux-jail.git-87c07dcd1ac6ec54e9ef63327a84d391c64b4368.tar.xz jux-jail.git-87c07dcd1ac6ec54e9ef63327a84d391c64b4368.zip |
Initial Commit for Jail Maker
This is the basis for a new makefile for a new generation light chroot
environment based on Fedora.
Syntax:
makelist PACKAGE [PACKAGE ...]
e.g: makelist cpp gcc gcc-c++
e.g: makelist fpc
then:
makejail
-rw-r--r-- | TODO | 1 | ||||
-rw-r--r-- | c-cpp_list_sample | 52 | ||||
-rw-r--r-- | makejail.sh | 81 | ||||
-rw-r--r-- | makelist.sh | 33 |
4 files changed, 167 insertions, 0 deletions
@@ -0,0 +1 @@ + * somehow only fetch the libraries not binaries, etc. (except for gcc, etc.) diff --git a/c-cpp_list_sample b/c-cpp_list_sample new file mode 100644 index 0000000..9950a9b --- /dev/null +++ b/c-cpp_list_sample @@ -0,0 +1,52 @@ +audit-libs +basesystem +bash +binutils +chkconfig +cloog-ppl +coreutils +cpp +cracklib +cracklib-dicts +filesystem +gcc +gcc-c++ +glibc +glibc-common +glibc-devel +glibc-headers +gmp +grep +gzip +info +kernel-headers +libacl +libattr +libcap +libdb +libgcc +libgomp +libmpc +libpwquality +libselinux +libsepol +libstdc++ +libstdc++-devel +mpfr +ncurses +ncurses-base +ncurses-libs +nspr +nss-softokn +nss-softokn-freebl +nss-util +pam +pcre +popt +ppl +ppl-pwl +readline +setup +sqlite +tzdata +zlib diff --git a/makejail.sh b/makejail.sh new file mode 100644 index 0000000..1f1fdbc --- /dev/null +++ b/makejail.sh @@ -0,0 +1,81 @@ +#!/bin/bash + +set -e + +function get_repo_online { + yum reinstall -y --downloadonly --downloaddir=repo `cat list` +} + +function get_repo_dvd { + mkdir repo + for i in `cat list` + do + package=`find iso | grep $i | cut -d'/' -f4 | grep ^$i-[1234567890]` + cp iso/Packages/*/$i repo + done +} + +function makejail { + get_repo_$method + + mkdir root + cd root + + for i in `ls ../repo` + do + rpm2cpio ../repo/$i | cpio -idm + done + + echo "Removing a couple of files that are useless for all intents and purposes of a jail ..." + rm -rf usr/lib/locale usr/share/{cracklib,doc,i18n,info,locale,man,zoneinfo} + + echo "Starting to reset SELinux contexts of the chroot environment ..." + setfiles -p -r . /etc/selinux/targeted/contexts/files/file_contexts . + + cd .. + echo "done" +} + + +if [ ! -e list ] +then + echo "Run \`make list\` first." + exit +fi + +echo " +Two sources for the required packages are available: + + 1. Online Fedora repositories (default) (Internet required, ~65MB will be downloaded) + tip: if you want to use local repositories, follow the steps required to add them + to yum repositories at /etc/yum.repos.d/ + + 2. Use an already downloaded Fedora iso or mounted DVD (arch doesn't matter). +" + +read -p "Which method? (1/2) (default: 1) " ask + +if [[ "$ask" == *2* && "$ask" != *1* ]] +then + echo "DVD method chosen ..." + method="dvd" + read -p "Where is the DVD/iso mounted?" src + if [ -d "$src" ] + then + if [ "$src" != "iso" ] + then + ln -s $i iso + fi + else + echo "error: cannot access $src: No such directory" + exit + fi +elif [[ "$ask" == *2* && "$ask" == *1* ]] +then + echo "error: couldn't detect your choice (contained both '1' and '2')" +else + echo "Online method chosen ..." + method="online" +fi + +makejail $method diff --git a/makelist.sh b/makelist.sh new file mode 100644 index 0000000..f3be987 --- /dev/null +++ b/makelist.sh @@ -0,0 +1,33 @@ +#!/bin/bash + +# Warning: make sure you don't have Adobe linux repository enabled. +# That stupid sh*t has some of the needed glibc libraries in it! +# Can cause problems. + +function makelist { + if [[ -z "$@" ]] + then + echo "syntax: makelist PACKAGE [PACKAGE ...]" + echo " e.g: makelist cpp gcc gcc-c++" + echo " e.g: makelist fpc" + exit + fi + + $HASH=/tmp/.makelist_HASH + + echo $@ | sed "s/ /\n/g" >> list + cat list | sort | uniq | sponge list + + yum deplist `cat list` > deps + cat deps | grep provider | awk {'print $2'} | cut -d'.' -f1 >> list + cat list | sort | uniq | sponge list + if [ `cat list | md5sum | awk {'print $1'}` == "`cat $HASH 2> /dev/null`" ] + then + exit + else + cat list | md5sum | awk {'print $1'} > $HASH + makelist `cat list` + fi +} + +makelist $@ |