def save(self):
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
except Exception as e:
raise MiddlewareError(e.message)
if not jc.jc_path:
raise MiddlewareError(_("No jail root configured."))
jc_ipv4_netmask = 24
if jc.jc_ipv4_network:
parts = jc.jc_ipv4_network.split('/')
if len(parts) > 1:
jc_ipv4_netmask = parts[1]
jc_ipv6_prefix = 64
if jc.jc_ipv6_network:
parts = jc.jc_ipv6_network.split('/')
if len(parts) > 1:
jc_ipv6_prefix = parts[1]
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask',
jc_ipv4_netmask)
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix',
jc_ipv6_prefix)
jail_flags = WARDEN_FLAGS_NONE
jail_create_args = {}
jail_create_args['jail'] = jail_host
w = Warden()
# if self.cleaned_data['jail_source']:
# jail_flags |= WARDEN_CREATE_FLAGS_SRC
# if self.cleaned_data['jail_ports']:
# jail_flags |= WARDEN_CREATE_FLAGS_PORTS
if self.cleaned_data['jail_vanilla']:
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
template_create_args = {}
jail_type = self.cleaned_data['jail_type']
template = JailTemplate.objects.get(jt_name=jail_type)
template_create_args['nick'] = template.jt_name
template_create_args['tar'] = template.jt_url
template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \
WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \
WARDEN_TEMPLATE_CREATE_FLAGS_TAR
saved_template = template
template = None
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
createfile = "/var/tmp/.templatecreate"
if not template:
try:
cf = open(createfile, "a+")
cf.close()
w.template(**template_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
if not template:
self.errors['__all__'] = self.error_class(
[_('Unable to find template!')])
return
if template['type'] == 'Linux':
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
if template['arch'] == 'i386' and self.arch == 'x64':
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE
jail_create_args['template'] = template_create_args['nick']
if jail_ipv4:
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = "%s/%s" % (jail_ipv4, jail_ipv4_netmask)
if jail_ipv6:
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = "%s/%s" % (jail_ipv6, jail_ipv6_prefix)
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
jail_create_args['logfile'] = self.logfile
jail_create_args['flags'] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6',
'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6',
'jail_mac', 'jail_flags'):
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == 'jail_bridge_ipv4':
mask = self.cleaned_data.get('jail_bridge_ipv4_netmask',
jc_ipv4_netmask)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask)
elif key == 'jail_bridge_ipv6':
prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix',
jc_ipv6_prefix)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix)
elif key == 'jail_defaultrouter_ipv4':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args['defaultrouter-ipv4'] = val
elif key == 'jail_defaultrouter_ipv6':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args['defaultrouter-ipv6'] = val
elif key == 'jail_mac':
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = val
elif key == 'jail_flags':
jail_flags |= WARDEN_SET_FLAGS_FLAGS
jail_set_args['jflags'] = val
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_nat = self.cleaned_data.get('jail_nat', None)
jail_vnet = self.cleaned_data.get('jail_vnet', None)
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
# XXXX if NOT LINUX XXXX (revisit this)
if (saved_template.jt_arch != 'x86'
and saved_template.jt_os != 'Linux'):
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
def save(self):
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
except Exception as e:
raise MiddlewareError(e.message)
if not jc.jc_path:
raise MiddlewareError(_("No jail root configured."))
jc_ipv4_netmask = 24
if jc.jc_ipv4_network:
parts = jc.jc_ipv4_network.split('/')
if len(parts) > 1:
jc_ipv4_netmask = parts[1]
jc_ipv6_prefix = 64
if jc.jc_ipv6_network:
parts = jc.jc_ipv6_network.split('/')
if len(parts) > 1:
jc_ipv6_prefix = parts[1]
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask', jc_ipv4_netmask)
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix', jc_ipv6_prefix)
jail_flags = WARDEN_FLAGS_NONE
jail_create_args = {}
jail_create_args['jail'] = jail_host
w = Warden()
# if self.cleaned_data['jail_source']:
# jail_flags |= WARDEN_CREATE_FLAGS_SRC
# if self.cleaned_data['jail_ports']:
# jail_flags |= WARDEN_CREATE_FLAGS_PORTS
if self.cleaned_data['jail_vanilla']:
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
template_create_args = {}
jail_type = self.cleaned_data['jail_type']
template = JailTemplate.objects.get(jt_name=jail_type)
template_create_args['nick'] = template.jt_name
template_create_args['tar'] = template.jt_url
template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \
WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \
WARDEN_TEMPLATE_CREATE_FLAGS_TAR
saved_template = template
template = None
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
createfile = "/var/tmp/.templatecreate"
if not template:
try:
cf = open(createfile, "a+")
cf.close()
w.template(**template_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
if not template:
self.errors['__all__'] = self.error_class([
_('Unable to find template!')
])
return
if template['type'] == 'Linux':
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
if template['arch'] == 'i386' and self.arch == 'x64':
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE
jail_create_args['template'] = template_create_args['nick']
if jail_ipv4:
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = "%s/%s" % (
jail_ipv4, jail_ipv4_netmask
)
if jail_ipv6:
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = "%s/%s" % (
jail_ipv6, jail_ipv6_prefix
)
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
jail_create_args['logfile'] = self.logfile
jail_create_args['flags'] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in (
'jail_bridge_ipv4', 'jail_bridge_ipv6', 'jail_defaultrouter_ipv4',
'jail_defaultrouter_ipv6', 'jail_mac'
):
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == 'jail_bridge_ipv4':
mask = self.cleaned_data.get('jail_bridge_ipv4_netmask', jc_ipv4_netmask)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask)
elif key == 'jail_bridge_ipv6':
prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix', jc_ipv6_prefix)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix)
elif key == 'jail_defaultrouter_ipv4':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args['defaultrouter-ipv4'] = val
elif key == 'jail_defaultrouter_ipv6':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args['defaultrouter-ipv6'] = val
elif key == 'jail_mac':
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = val
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_nat = self.cleaned_data.get('jail_nat', None)
jail_vnet = self.cleaned_data.get('jail_vnet', None)
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
# XXXX if NOT LINUX XXXX (revisit this)
if (saved_template.jt_arch != 'x86' and saved_template.jt_os != 'Linux'):
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
def save(self):
jc = self.jc
if not jc.jc_path:
raise MiddlewareError(_("No jail root configured."))
jc_ipv4_netmask = 24
if jc.jc_ipv4_network:
parts = jc.jc_ipv4_network.split('/')
if len(parts) > 1:
jc_ipv4_netmask = parts[1]
jc_ipv6_prefix = 64
if jc.jc_ipv6_network:
parts = jc.jc_ipv6_network.split('/')
if len(parts) > 1:
jc_ipv6_prefix = parts[1]
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4_dhcp = self.cleaned_data.get('jail_ipv4_dhcp')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask',
jc_ipv4_netmask)
jail_ipv6_autoconf = self.cleaned_data.get('jail_ipv6_autoconf')
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix',
jc_ipv6_prefix)
jail_flags = WARDEN_FLAGS_NONE
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
jail_create_args = {}
jail_create_args['jail'] = jail_host
w = Warden()
template_create_args = {}
jail_type = self.cleaned_data['jail_type']
if not jail_type:
jail_type = 'standard'
# Don't backtrace if template doesn't exist
try:
template = JailTemplate.objects.get(jt_name=jail_type)
except Exception as e:
self.errors['__all__'] = self.error_class([str(e)])
return
template_create_args['nick'] = template.jt_name
template_create_args['tar'] = template.jt_url
template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \
WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \
WARDEN_TEMPLATE_CREATE_FLAGS_TAR
if template.jt_mtree:
template_create_args['mtree'] = template.jt_mtree
template_create_args['flags'] = template_create_args['flags'] | \
WARDEN_TEMPLATE_CREATE_FLAGS_MTREE
saved_template = template
template = None
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
createfile = "/var/tmp/.templatecreate"
if not template:
# If for some reason warden does not list the template but the path
# exists, we shall try to nuke it
template_path = '{}/.warden-template-{}'.format(self.jc.jc_path, jail_type)
if os.path.exists(template_path):
try:
notifier().destroy_zfs_dataset(template_path.replace('/mnt/', ''))
except:
pass
try:
shutil.rmtree(template_path)
except OSError:
pass
try:
cf = open(createfile, "a+")
cf.close()
w.template(**template_create_args)
except Exception as e:
log.debug('Failed to create template', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
if os.path.exists(createfile):
os.unlink(createfile)
return
template_list_flags = {}
template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t['nick'] == template_create_args['nick']:
template = t
break
if not template:
self.errors['__all__'] = self.error_class([
_('Unable to find template!')
])
return
if template['type'] == 'Linux':
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
if template['arch'] == 'i386' and self.arch == 'x64':
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE
jail_create_args['template'] = template_create_args['nick']
if jail_ipv4_dhcp:
jail_ipv4 = "DHCP"
if jail_ipv4:
if jail_ipv4 != "DHCP":
jail_ipv4 = "%s/%s" % (jail_ipv4, jail_ipv4_netmask)
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = jail_ipv4
if jail_ipv6_autoconf:
jail_ipv6 = "AUTOCONF"
if jail_ipv6:
if jail_ipv6 != "AUTOCONF":
jail_ipv6 = "%s/%s" % (jail_ipv6, jail_ipv6_prefix)
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = jail_ipv6
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
jail_create_args['logfile'] = self.logfile
jail_create_args['flags'] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
log.debug('Failed to create jail', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6',
'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6',
'jail_mac', 'jail_iface', 'jail_flags'):
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == 'jail_bridge_ipv4':
mask = self.cleaned_data.get('jail_bridge_ipv4_netmask',
jc_ipv4_netmask)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask)
elif key == 'jail_bridge_ipv6':
prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix',
jc_ipv6_prefix)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix)
elif key == 'jail_defaultrouter_ipv4':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args['defaultrouter-ipv4'] = val
elif key == 'jail_defaultrouter_ipv6':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args['defaultrouter-ipv6'] = val
elif key == 'jail_mac':
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = val
elif key == 'jail_iface':
jail_flags |= WARDEN_SET_FLAGS_IFACE
jail_set_args['iface'] = val
elif key == 'jail_flags':
jail_flags |= WARDEN_SET_FLAGS_FLAGS
jail_set_args['jflags'] = val
elif key == 'jail_mac':
jail_mac_list = [jail.jail_mac for jail in Jails.objects.all()]
mac_address = generate_randomMAC()
while mac_address in jail_mac_list:
mac_address = generate_randomMAC()
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = mac_address
jail_set_args['flags'] = jail_flags
try:
# Do not try to set options if no other options other than
# jail and flags were set.
if len(jail_set_args) > 2:
w.set(**jail_set_args)
except Exception as e:
log.debug('Failed to set jail arguments', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
return
jail_nat = self.cleaned_data.get('jail_nat', None)
jail_vnet = self.cleaned_data.get('jail_vnet', None)
if jc.jc_ipv4_dhcp or jc.jc_ipv6_autoconf:
jail_vnet = True
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
log.debug('Failed to set jail arguments', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
return
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
# XXXX if NOT LINUX XXXX (revisit this)
if (saved_template.jt_arch != 'x86' and
saved_template.jt_os != 'Linux'):
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
log.debug('Failed to set jail arguments', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([str(e)])
return
try:
w.start(jail=jail_host)
except Exception as e:
log.debug('Failed to start jail', exc_info=True)
self.errors['__all__'] = self.error_class([str(e)])
return
# Requery instance so we have everything up-to-date after save
# See #14686
self.instance = Jails.objects.get(jail_host=jail_host)
if self.instance:
add_media_user_and_group(self.instance.jail_path)
def save(self):
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if not jc.jc_path:
self.errors['__all__'] = self.error_class(
["No jail root configured."])
return
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_flags = WARDEN_FLAGS_NONE
jail_create_args = {}
jail_create_args['jail'] = jail_host
w = Warden()
if self.cleaned_data['jail_32bit']:
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
# if self.cleaned_data['jail_source']:
# jail_flags |= WARDEN_CREATE_FLAGS_SRC
# if self.cleaned_data['jail_ports']:
# jail_flags |= WARDEN_CREATE_FLAGS_PORTS
if self.cleaned_data['jail_vanilla']:
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_GENTOO_LINUX:
jail_flags |= WARDEN_CREATE_FLAGS_GENTOO_LINUX
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_DEBIAN_LINUX:
jail_flags |= WARDEN_CREATE_FLAGS_DEBIAN_LINUX
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_CENTOS_LINUX:
jail_flags |= WARDEN_CREATE_FLAGS_CENTOS_LINUX
# if self.cleaned_data['jail_archive']:
# if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL:
# jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE
# else:
# jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE
if jail_ipv4:
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = jail_ipv4
if jail_ipv6:
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = jail_ipv6
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
logfile = "/var/tmp/warden.log"
jail_create_args['logfile'] = logfile
jail_create_args['flags'] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', \
'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac'):
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == 'jail_bridge_ipv4':
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = val
elif key == 'jail_bridge_ipv6':
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = val
elif key == 'jail_defaultrouter_ipv4':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args['defaultrouter-ipv4'] = val
elif key == 'jail_defaultrouter_ipv6':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args['defaultrouter-ipv6'] = val
elif key == 'jail_mac':
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = val
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_nat = self.cleaned_data.get('jail_nat', None)
jail_vnet = self.cleaned_data.get('jail_vnet', None)
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
if (self.cleaned_data['jail_type'] != WARDEN_TYPE_GENTOO_LINUX and
self.cleaned_data['jail_type'] != WARDEN_TYPE_DEBIAN_LINUX
and
self.cleaned_data['jail_type'] != WARDEN_TYPE_CENTOS_LINUX
and not self.cleaned_data['jail_32bit']):
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
def save(self):
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if not jc.jc_path:
self.errors['__all__'] = self.error_class(
["No jail root configured."]
)
return
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_flags = WARDEN_FLAGS_NONE
jail_create_args = {}
jail_create_args['jail'] = jail_host
w = Warden()
if self.cleaned_data['jail_32bit']:
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
# if self.cleaned_data['jail_source']:
# jail_flags |= WARDEN_CREATE_FLAGS_SRC
# if self.cleaned_data['jail_ports']:
# jail_flags |= WARDEN_CREATE_FLAGS_PORTS
if self.cleaned_data['jail_vanilla']:
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_LINUXJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
jail_create_args['script'] = LINUXSCRIPT
# if self.cleaned_data['jail_archive']:
# if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL:
# jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE
# else:
# jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE
if jail_ipv4:
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = jail_ipv4
if jail_ipv6:
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = jail_ipv6
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
logfile = "%s/warden.log" % jc.jc_path
jail_create_args['logfile'] = logfile
jail_create_args['flags'] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', \
'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac'):
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == 'jail_bridge_ipv4':
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = val
elif key == 'jail_bridge_ipv6':
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = val
elif key == 'jail_defaultrouter_ipv4':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args['defaultrouter-ipv4'] = val
elif key == 'jail_defaultrouter_ipv6':
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args['defaultrouter-ipv6'] = val
elif key == 'jail_mac':
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args['mac'] = val
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_nat = self.cleaned_data.get('jail_nat', None)
jail_vnet = self.cleaned_data.get('jail_vnet', None)
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_set_args = {}
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
if (
self.cleaned_data['jail_type'] != WARDEN_TYPE_LINUXJAIL
and
not self.cleaned_data['jail_32bit']
):
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
def save(self):
try:
jc = JailsConfiguration.objects.order_by("-id")[0]
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if not jc.jc_path:
self.errors['__all__'] = self.error_class(["No jail root configured."])
return
jail_host = self.cleaned_data.get('jail_host')
jail_ipv4 = self.cleaned_data.get('jail_ipv4')
jail_ipv6 = self.cleaned_data.get('jail_ipv6')
jail_flags = WARDEN_FLAGS_NONE
jail_create_args = { }
jail_create_args['jail'] = jail_host
w = Warden()
# if self.cleaned_data['jail_32bit']:
# jail_flags |= WARDEN_CREATE_FLAGS_32BIT
if self.cleaned_data['jail_source']:
jail_flags |= WARDEN_CREATE_FLAGS_SRC
if self.cleaned_data['jail_ports']:
jail_flags |= WARDEN_CREATE_FLAGS_PORTS
if self.cleaned_data['jail_vanilla']:
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL
elif self.cleaned_data['jail_type'] == WARDEN_TYPE_LINUXJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
jail_create_args['script'] = LINUXSCRIPT
if self.cleaned_data['jail_archive']:
if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL:
jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE
else:
jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE
if jail_ipv4:
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args['ipv4'] = jail_ipv4
if jail_ipv6:
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args['ipv6'] = jail_ipv6
jail_create_args['flags'] = jail_flags
try:
w.create(**jail_create_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
jail_set_args = { }
jail_set_args['jail'] = jail_host
jail_flags = WARDEN_FLAGS_NONE
jail_bridge_ipv4 = self.cleaned_data.get('jail_bridge_ipv4')
jail_bridge_ipv6 = self.cleaned_data.get('jail_bridge_ipv6')
if jail_bridge_ipv4:
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args['bridge-ipv4'] = jail_bridge_ipv4
if jail_bridge_ipv6:
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args['bridge-ipv6'] = jail_bridge_ipv6
jail_set_args['flags'] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
if self.cleaned_data['jail_autostart']:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors['__all__'] = self.error_class([_(e.message)])
return
def save(self):
jc = self.jc
if not jc.jc_path:
raise MiddlewareError(_("No jail root configured."))
jc_ipv4_netmask = 24
if jc.jc_ipv4_network:
parts = jc.jc_ipv4_network.split("/")
if len(parts) > 1:
jc_ipv4_netmask = parts[1]
jc_ipv6_prefix = 64
if jc.jc_ipv6_network:
parts = jc.jc_ipv6_network.split("/")
if len(parts) > 1:
jc_ipv6_prefix = parts[1]
jail_host = self.cleaned_data.get("jail_host")
jail_ipv4_dhcp = self.cleaned_data.get("jail_ipv4_dhcp")
jail_ipv4 = self.cleaned_data.get("jail_ipv4")
jail_ipv4_netmask = self.cleaned_data.get("jail_ipv4_netmask", jc_ipv4_netmask)
jail_ipv6_autoconf = self.cleaned_data.get("jail_ipv6_autoconf")
jail_ipv6 = self.cleaned_data.get("jail_ipv6")
jail_ipv6_prefix = self.cleaned_data.get("jail_ipv6_prefix", jc_ipv6_prefix)
jail_flags = WARDEN_FLAGS_NONE
jail_flags |= WARDEN_CREATE_FLAGS_VANILLA
jail_create_args = {}
jail_create_args["jail"] = jail_host
w = Warden()
template_create_args = {}
jail_type = self.cleaned_data["jail_type"]
if not jail_type:
jail_type = "standard"
template = JailTemplate.objects.get(jt_name=jail_type)
template_create_args["nick"] = template.jt_name
template_create_args["tar"] = template.jt_url
template_create_args["flags"] = (
WARDEN_TEMPLATE_FLAGS_CREATE | WARDEN_TEMPLATE_CREATE_FLAGS_NICK | WARDEN_TEMPLATE_CREATE_FLAGS_TAR
)
if template.jt_mtree:
template_create_args["mtree"] = template.jt_mtree
template_create_args["flags"] = template_create_args["flags"] | WARDEN_TEMPLATE_CREATE_FLAGS_MTREE
saved_template = template
template = None
template_list_flags = {}
template_list_flags["flags"] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t["nick"] == template_create_args["nick"]:
template = t
break
createfile = "/var/tmp/.templatecreate"
if not template:
try:
cf = open(createfile, "a+")
cf.close()
w.template(**template_create_args)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
template_list_flags = {}
template_list_flags["flags"] = WARDEN_TEMPLATE_FLAGS_LIST
templates = w.template(**template_list_flags)
for t in templates:
if t["nick"] == template_create_args["nick"]:
template = t
break
if not template:
self.errors["__all__"] = self.error_class([_("Unable to find template!")])
return
if template["type"] == "Linux":
jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL
if template["arch"] == "i386" and self.arch == "x64":
jail_flags |= WARDEN_CREATE_FLAGS_32BIT
jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE
jail_create_args["template"] = template_create_args["nick"]
if jail_ipv4_dhcp:
jail_ipv4 = "DHCP"
if jail_ipv4:
if jail_ipv4 != "DHCP":
jail_ipv4 = "%s/%s" % (jail_ipv4, jail_ipv4_netmask)
jail_flags |= WARDEN_CREATE_FLAGS_IPV4
jail_create_args["ipv4"] = jail_ipv4
if jail_ipv6_autoconf:
jail_ipv6 = "AUTOCONF"
if jail_ipv6:
if jail_ipv6 != "AUTOCONF":
jail_ipv6 = "%s/%s" % (jail_ipv6, jail_ipv6_prefix)
jail_flags |= WARDEN_CREATE_FLAGS_IPV6
jail_create_args["ipv6"] = jail_ipv6
jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE
jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG
jail_create_args["logfile"] = self.logfile
jail_create_args["flags"] = jail_flags
createfile = "/var/tmp/.jailcreate"
try:
cf = open(createfile, "a+")
cf.close()
w.create(**jail_create_args)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
if os.path.exists(createfile):
os.unlink(createfile)
return
if os.path.exists(createfile):
os.unlink(createfile)
for key in (
"jail_bridge_ipv4",
"jail_bridge_ipv6",
"jail_defaultrouter_ipv4",
"jail_defaultrouter_ipv6",
"jail_mac",
"jail_iface",
"jail_flags",
):
jail_set_args = {}
jail_set_args["jail"] = jail_host
jail_flags = WARDEN_FLAGS_NONE
val = self.cleaned_data.get(key, None)
if val:
if key == "jail_bridge_ipv4":
mask = self.cleaned_data.get("jail_bridge_ipv4_netmask", jc_ipv4_netmask)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4
jail_set_args["bridge-ipv4"] = "%s/%s" % (val, mask)
elif key == "jail_bridge_ipv6":
prefix = self.cleaned_data.get("jail_bridge_ipv6_prefix", jc_ipv6_prefix)
jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6
jail_set_args["bridge-ipv6"] = "%s/%s" % (val, prefix)
elif key == "jail_defaultrouter_ipv4":
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4
jail_set_args["defaultrouter-ipv4"] = val
elif key == "jail_defaultrouter_ipv6":
jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6
jail_set_args["defaultrouter-ipv6"] = val
elif key == "jail_mac":
jail_flags |= WARDEN_SET_FLAGS_MAC
jail_set_args["mac"] = val
elif key == "jail_iface":
jail_flags |= WARDEN_SET_FLAGS_IFACE
jail_set_args["iface"] = val
elif key == "jail_flags":
jail_flags |= WARDEN_SET_FLAGS_FLAGS
jail_set_args["jflags"] = val
jail_set_args["flags"] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
return
jail_nat = self.cleaned_data.get("jail_nat", None)
jail_vnet = self.cleaned_data.get("jail_vnet", None)
if jc.jc_ipv4_dhcp or jc.jc_ipv6_autoconf:
jail_vnet = True
jail_set_args = {}
jail_set_args["jail"] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_nat:
jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE
jail_set_args["flags"] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
return
jail_set_args = {}
jail_set_args["jail"] = jail_host
jail_flags = WARDEN_FLAGS_NONE
if jail_vnet:
# XXXX if NOT LINUX XXXX (revisit this)
if saved_template.jt_arch != "x86" and saved_template.jt_os != "Linux":
jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE
else:
jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE
jail_set_args["flags"] = jail_flags
try:
w.set(**jail_set_args)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
return
if self.cleaned_data["jail_autostart"]:
try:
w.auto(jail=jail_host)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
return
try:
w.start(jail=jail_host)
except Exception as e:
self.errors["__all__"] = self.error_class([_(e.message)])
return
