Reply
 
Thread Tools Display Modes
  #1  
Old 11-07-2012, 07:04 AM
jaxxed jaxxed is offline
Member
 
Join Date: Jul 2012
Posts: 42
Thanks: 2
Thanked 4 Times in 4 Posts
Default Warden mishandles jails with similar IPs
In the script handling between warden the FBSD jail system, warden makes a sense in recognizing jails that have similar IPs, in cases where a regular expression pattern that matches one, will also match the other.

For example:
Code:
[james@silver] ~> sudo warden list
IP                        HOST            AUTOSTART       STATUS     TYPE
---------------------------------------------------------------------------------
10.0.100.10              portsjail       Disabled        Running    portjail 
10.0.100.102              wunderkraut     Disabled        Running    portjail
[james@silver] ~> jls
   JID  IP Address      Hostname                      Path
     9  10.0.100.102    wunderkraut                   /usr/jails/10.0.100.102
The offending code is in checkstatus.sh
Code:
#chackstatus.sh:41
# Check if the jail is active
jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
if [ "$?" = "0" -o "$hasmount" = "1" ]; then
  exit 0
else
  exit 1
fi
The Grep pattern obviously needs some kind of whitespace check on the end.

I tried to play with it to provide a patch, but my RE obviously sucks too much. I tried the following:
Code:
jls | grep "/usr/jails/10.0.100.102/s"
jls | grep "/usr/jails/10.0.100.102/t"
jls | grep "/usr/jails/10.0.100.102/s+"
jls | grep "/usr/jails/10.0.100.102/t+"
jls | grep "/usr/jails/10.0.100.102[[:space]]"
But none worked.
Reply With Quote
  #2  
Old 11-07-2012, 08:15 AM
jaxxed jaxxed is offline
Member
 
Join Date: Jul 2012
Posts: 42
Thanks: 2
Thanked 4 Times in 4 Posts
Default
Here is a list of greps that may be affected:

Code:
[james@silver] /usr/local/share/warden/scripts/backend> egrep -nR 'grep' * | grep JDIR
checkstatus.sh:42:jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
chrootjail.sh:35:jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
chrootjail.sh:43:JID="`jls | grep ${JDIR}/${IP} | tr -s " " | cut -d " " -f 2`"
details.sh:38:   diskUsage=`df -m | grep -w ${tank}${JDIR}/${IP} | awk '{print $3}'`
startjail.sh:40:jls | grep ${JDIR}/${IP} >/dev/null 2>/dev/null
startjail.sh:140:JID="`jls | grep ${JDIR}/${IP} | tr -s " " | cut -d " " -f 2`"
stopjail.sh:45:JID="`jls | grep ${JDIR}/${IP} | tr -s " " | cut -d " " -f 2`"
It seems to me that most of these should be using the a checkstatus function
Reply With Quote
  #3  
Old 11-07-2012, 03:31 PM
kmoore134's Avatar
kmoore134 kmoore134 is offline
Administrator
 
Join Date: May 2005
Location: Knoxville, TN
Posts: 2,568
Thanks: 0
Thanked 163 Times in 127 Posts
Default Warden mishandles jails with similar IPs
Thanks for catching that! Fixed in SVN.
__________________
----
Kris Moore
PC-BSD Founder
Reply With Quote
Reply

Tags
warden

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 10:57 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.