def save(self): try: jc = JailsConfiguration.objects.order_by("-id")[0] except Exception as e: raise MiddlewareError(e.message) if not jc.jc_path: raise MiddlewareError(_("No jail root configured.")) jc_ipv4_netmask = 24 if jc.jc_ipv4_network: parts = jc.jc_ipv4_network.split('/') if len(parts) > 1: jc_ipv4_netmask = parts[1] jc_ipv6_prefix = 64 if jc.jc_ipv6_network: parts = jc.jc_ipv6_network.split('/') if len(parts) > 1: jc_ipv6_prefix = parts[1] jail_host = self.cleaned_data.get('jail_host') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask', jc_ipv4_netmask) jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix', jc_ipv6_prefix) jail_flags = WARDEN_FLAGS_NONE jail_create_args = {} jail_create_args['jail'] = jail_host w = Warden() # if self.cleaned_data['jail_source']: # jail_flags |= WARDEN_CREATE_FLAGS_SRC # if self.cleaned_data['jail_ports']: # jail_flags |= WARDEN_CREATE_FLAGS_PORTS if self.cleaned_data['jail_vanilla']: jail_flags |= WARDEN_CREATE_FLAGS_VANILLA template_create_args = {} jail_type = self.cleaned_data['jail_type'] template = JailTemplate.objects.get(jt_name=jail_type) template_create_args['nick'] = template.jt_name template_create_args['tar'] = template.jt_url template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \ WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \ WARDEN_TEMPLATE_CREATE_FLAGS_TAR saved_template = template template = None template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break createfile = "/var/tmp/.templatecreate" if not template: try: cf = open(createfile, "a+") cf.close() w.template(**template_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break if not template: self.errors['__all__'] = self.error_class( [_('Unable to find template!')]) return if template['type'] == 'Linux': jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL if template['arch'] == 'i386' and self.arch == 'x64': jail_flags |= WARDEN_CREATE_FLAGS_32BIT jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE jail_create_args['template'] = template_create_args['nick'] if jail_ipv4: jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = "%s/%s" % (jail_ipv4, jail_ipv4_netmask) if jail_ipv6: jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = "%s/%s" % (jail_ipv6, jail_ipv6_prefix) jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG jail_create_args['logfile'] = self.logfile jail_create_args['flags'] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', 'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac', 'jail_flags'): jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == 'jail_bridge_ipv4': mask = self.cleaned_data.get('jail_bridge_ipv4_netmask', jc_ipv4_netmask) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask) elif key == 'jail_bridge_ipv6': prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix', jc_ipv6_prefix) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix) elif key == 'jail_defaultrouter_ipv4': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args['defaultrouter-ipv4'] = val elif key == 'jail_defaultrouter_ipv6': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args['defaultrouter-ipv6'] = val elif key == 'jail_mac': jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = val elif key == 'jail_flags': jail_flags |= WARDEN_SET_FLAGS_FLAGS jail_set_args['jflags'] = val jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_nat = self.cleaned_data.get('jail_nat', None) jail_vnet = self.cleaned_data.get('jail_vnet', None) jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: # XXXX if NOT LINUX XXXX (revisit this) if (saved_template.jt_arch != 'x86' and saved_template.jt_os != 'Linux'): jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return
def save(self): try: jc = JailsConfiguration.objects.order_by("-id")[0] except Exception as e: raise MiddlewareError(e.message) if not jc.jc_path: raise MiddlewareError(_("No jail root configured.")) jc_ipv4_netmask = 24 if jc.jc_ipv4_network: parts = jc.jc_ipv4_network.split('/') if len(parts) > 1: jc_ipv4_netmask = parts[1] jc_ipv6_prefix = 64 if jc.jc_ipv6_network: parts = jc.jc_ipv6_network.split('/') if len(parts) > 1: jc_ipv6_prefix = parts[1] jail_host = self.cleaned_data.get('jail_host') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask', jc_ipv4_netmask) jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix', jc_ipv6_prefix) jail_flags = WARDEN_FLAGS_NONE jail_create_args = {} jail_create_args['jail'] = jail_host w = Warden() # if self.cleaned_data['jail_source']: # jail_flags |= WARDEN_CREATE_FLAGS_SRC # if self.cleaned_data['jail_ports']: # jail_flags |= WARDEN_CREATE_FLAGS_PORTS if self.cleaned_data['jail_vanilla']: jail_flags |= WARDEN_CREATE_FLAGS_VANILLA template_create_args = {} jail_type = self.cleaned_data['jail_type'] template = JailTemplate.objects.get(jt_name=jail_type) template_create_args['nick'] = template.jt_name template_create_args['tar'] = template.jt_url template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \ WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \ WARDEN_TEMPLATE_CREATE_FLAGS_TAR saved_template = template template = None template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break createfile = "/var/tmp/.templatecreate" if not template: try: cf = open(createfile, "a+") cf.close() w.template(**template_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break if not template: self.errors['__all__'] = self.error_class([ _('Unable to find template!') ]) return if template['type'] == 'Linux': jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL if template['arch'] == 'i386' and self.arch == 'x64': jail_flags |= WARDEN_CREATE_FLAGS_32BIT jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE jail_create_args['template'] = template_create_args['nick'] if jail_ipv4: jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = "%s/%s" % ( jail_ipv4, jail_ipv4_netmask ) if jail_ipv6: jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = "%s/%s" % ( jail_ipv6, jail_ipv6_prefix ) jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG jail_create_args['logfile'] = self.logfile jail_create_args['flags'] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ( 'jail_bridge_ipv4', 'jail_bridge_ipv6', 'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac' ): jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == 'jail_bridge_ipv4': mask = self.cleaned_data.get('jail_bridge_ipv4_netmask', jc_ipv4_netmask) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask) elif key == 'jail_bridge_ipv6': prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix', jc_ipv6_prefix) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix) elif key == 'jail_defaultrouter_ipv4': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args['defaultrouter-ipv4'] = val elif key == 'jail_defaultrouter_ipv6': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args['defaultrouter-ipv6'] = val elif key == 'jail_mac': jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = val jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_nat = self.cleaned_data.get('jail_nat', None) jail_vnet = self.cleaned_data.get('jail_vnet', None) jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: # XXXX if NOT LINUX XXXX (revisit this) if (saved_template.jt_arch != 'x86' and saved_template.jt_os != 'Linux'): jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return
def save(self): jc = self.jc if not jc.jc_path: raise MiddlewareError(_("No jail root configured.")) jc_ipv4_netmask = 24 if jc.jc_ipv4_network: parts = jc.jc_ipv4_network.split('/') if len(parts) > 1: jc_ipv4_netmask = parts[1] jc_ipv6_prefix = 64 if jc.jc_ipv6_network: parts = jc.jc_ipv6_network.split('/') if len(parts) > 1: jc_ipv6_prefix = parts[1] jail_host = self.cleaned_data.get('jail_host') jail_ipv4_dhcp = self.cleaned_data.get('jail_ipv4_dhcp') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv4_netmask = self.cleaned_data.get('jail_ipv4_netmask', jc_ipv4_netmask) jail_ipv6_autoconf = self.cleaned_data.get('jail_ipv6_autoconf') jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_ipv6_prefix = self.cleaned_data.get('jail_ipv6_prefix', jc_ipv6_prefix) jail_flags = WARDEN_FLAGS_NONE jail_flags |= WARDEN_CREATE_FLAGS_VANILLA jail_create_args = {} jail_create_args['jail'] = jail_host w = Warden() template_create_args = {} jail_type = self.cleaned_data['jail_type'] if not jail_type: jail_type = 'standard' # Don't backtrace if template doesn't exist try: template = JailTemplate.objects.get(jt_name=jail_type) except Exception as e: self.errors['__all__'] = self.error_class([str(e)]) return template_create_args['nick'] = template.jt_name template_create_args['tar'] = template.jt_url template_create_args['flags'] = WARDEN_TEMPLATE_FLAGS_CREATE | \ WARDEN_TEMPLATE_CREATE_FLAGS_NICK | \ WARDEN_TEMPLATE_CREATE_FLAGS_TAR if template.jt_mtree: template_create_args['mtree'] = template.jt_mtree template_create_args['flags'] = template_create_args['flags'] | \ WARDEN_TEMPLATE_CREATE_FLAGS_MTREE saved_template = template template = None template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break createfile = "/var/tmp/.templatecreate" if not template: # If for some reason warden does not list the template but the path # exists, we shall try to nuke it template_path = '{}/.warden-template-{}'.format(self.jc.jc_path, jail_type) if os.path.exists(template_path): try: notifier().destroy_zfs_dataset(template_path.replace('/mnt/', '')) except: pass try: shutil.rmtree(template_path) except OSError: pass try: cf = open(createfile, "a+") cf.close() w.template(**template_create_args) except Exception as e: log.debug('Failed to create template', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) if os.path.exists(createfile): os.unlink(createfile) return template_list_flags = {} template_list_flags['flags'] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t['nick'] == template_create_args['nick']: template = t break if not template: self.errors['__all__'] = self.error_class([ _('Unable to find template!') ]) return if template['type'] == 'Linux': jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL if template['arch'] == 'i386' and self.arch == 'x64': jail_flags |= WARDEN_CREATE_FLAGS_32BIT jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE jail_create_args['template'] = template_create_args['nick'] if jail_ipv4_dhcp: jail_ipv4 = "DHCP" if jail_ipv4: if jail_ipv4 != "DHCP": jail_ipv4 = "%s/%s" % (jail_ipv4, jail_ipv4_netmask) jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = jail_ipv4 if jail_ipv6_autoconf: jail_ipv6 = "AUTOCONF" if jail_ipv6: if jail_ipv6 != "AUTOCONF": jail_ipv6 = "%s/%s" % (jail_ipv6, jail_ipv6_prefix) jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = jail_ipv6 jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG jail_create_args['logfile'] = self.logfile jail_create_args['flags'] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: log.debug('Failed to create jail', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', 'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac', 'jail_iface', 'jail_flags'): jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == 'jail_bridge_ipv4': mask = self.cleaned_data.get('jail_bridge_ipv4_netmask', jc_ipv4_netmask) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = "%s/%s" % (val, mask) elif key == 'jail_bridge_ipv6': prefix = self.cleaned_data.get('jail_bridge_ipv6_prefix', jc_ipv6_prefix) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = "%s/%s" % (val, prefix) elif key == 'jail_defaultrouter_ipv4': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args['defaultrouter-ipv4'] = val elif key == 'jail_defaultrouter_ipv6': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args['defaultrouter-ipv6'] = val elif key == 'jail_mac': jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = val elif key == 'jail_iface': jail_flags |= WARDEN_SET_FLAGS_IFACE jail_set_args['iface'] = val elif key == 'jail_flags': jail_flags |= WARDEN_SET_FLAGS_FLAGS jail_set_args['jflags'] = val elif key == 'jail_mac': jail_mac_list = [jail.jail_mac for jail in Jails.objects.all()] mac_address = generate_randomMAC() while mac_address in jail_mac_list: mac_address = generate_randomMAC() jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = mac_address jail_set_args['flags'] = jail_flags try: # Do not try to set options if no other options other than # jail and flags were set. if len(jail_set_args) > 2: w.set(**jail_set_args) except Exception as e: log.debug('Failed to set jail arguments', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) return jail_nat = self.cleaned_data.get('jail_nat', None) jail_vnet = self.cleaned_data.get('jail_vnet', None) if jc.jc_ipv4_dhcp or jc.jc_ipv6_autoconf: jail_vnet = True jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: log.debug('Failed to set jail arguments', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) return jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: # XXXX if NOT LINUX XXXX (revisit this) if (saved_template.jt_arch != 'x86' and saved_template.jt_os != 'Linux'): jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: log.debug('Failed to set jail arguments', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([str(e)]) return try: w.start(jail=jail_host) except Exception as e: log.debug('Failed to start jail', exc_info=True) self.errors['__all__'] = self.error_class([str(e)]) return # Requery instance so we have everything up-to-date after save # See #14686 self.instance = Jails.objects.get(jail_host=jail_host) if self.instance: add_media_user_and_group(self.instance.jail_path)
def save(self): try: jc = JailsConfiguration.objects.order_by("-id")[0] except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if not jc.jc_path: self.errors['__all__'] = self.error_class( ["No jail root configured."]) return jail_host = self.cleaned_data.get('jail_host') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_flags = WARDEN_FLAGS_NONE jail_create_args = {} jail_create_args['jail'] = jail_host w = Warden() if self.cleaned_data['jail_32bit']: jail_flags |= WARDEN_CREATE_FLAGS_32BIT # if self.cleaned_data['jail_source']: # jail_flags |= WARDEN_CREATE_FLAGS_SRC # if self.cleaned_data['jail_ports']: # jail_flags |= WARDEN_CREATE_FLAGS_PORTS if self.cleaned_data['jail_vanilla']: jail_flags |= WARDEN_CREATE_FLAGS_VANILLA if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_GENTOO_LINUX: jail_flags |= WARDEN_CREATE_FLAGS_GENTOO_LINUX elif self.cleaned_data['jail_type'] == WARDEN_TYPE_DEBIAN_LINUX: jail_flags |= WARDEN_CREATE_FLAGS_DEBIAN_LINUX elif self.cleaned_data['jail_type'] == WARDEN_TYPE_CENTOS_LINUX: jail_flags |= WARDEN_CREATE_FLAGS_CENTOS_LINUX # if self.cleaned_data['jail_archive']: # if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL: # jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE # else: # jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE if jail_ipv4: jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = jail_ipv4 if jail_ipv6: jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = jail_ipv6 jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG logfile = "/var/tmp/warden.log" jail_create_args['logfile'] = logfile jail_create_args['flags'] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', \ 'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac'): jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == 'jail_bridge_ipv4': jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = val elif key == 'jail_bridge_ipv6': jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = val elif key == 'jail_defaultrouter_ipv4': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args['defaultrouter-ipv4'] = val elif key == 'jail_defaultrouter_ipv6': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args['defaultrouter-ipv6'] = val elif key == 'jail_mac': jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = val jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_nat = self.cleaned_data.get('jail_nat', None) jail_vnet = self.cleaned_data.get('jail_vnet', None) jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: if (self.cleaned_data['jail_type'] != WARDEN_TYPE_GENTOO_LINUX and self.cleaned_data['jail_type'] != WARDEN_TYPE_DEBIAN_LINUX and self.cleaned_data['jail_type'] != WARDEN_TYPE_CENTOS_LINUX and not self.cleaned_data['jail_32bit']): jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return
def save(self): try: jc = JailsConfiguration.objects.order_by("-id")[0] except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if not jc.jc_path: self.errors['__all__'] = self.error_class( ["No jail root configured."] ) return jail_host = self.cleaned_data.get('jail_host') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_flags = WARDEN_FLAGS_NONE jail_create_args = {} jail_create_args['jail'] = jail_host w = Warden() if self.cleaned_data['jail_32bit']: jail_flags |= WARDEN_CREATE_FLAGS_32BIT # if self.cleaned_data['jail_source']: # jail_flags |= WARDEN_CREATE_FLAGS_SRC # if self.cleaned_data['jail_ports']: # jail_flags |= WARDEN_CREATE_FLAGS_PORTS if self.cleaned_data['jail_vanilla']: jail_flags |= WARDEN_CREATE_FLAGS_VANILLA if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_LINUXJAIL: jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL jail_create_args['script'] = LINUXSCRIPT # if self.cleaned_data['jail_archive']: # if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL: # jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE # else: # jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE if jail_ipv4: jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = jail_ipv4 if jail_ipv6: jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = jail_ipv6 jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG logfile = "%s/warden.log" % jc.jc_path jail_create_args['logfile'] = logfile jail_create_args['flags'] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ('jail_bridge_ipv4', 'jail_bridge_ipv6', \ 'jail_defaultrouter_ipv4', 'jail_defaultrouter_ipv6', 'jail_mac'): jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == 'jail_bridge_ipv4': jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = val elif key == 'jail_bridge_ipv6': jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = val elif key == 'jail_defaultrouter_ipv4': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args['defaultrouter-ipv4'] = val elif key == 'jail_defaultrouter_ipv6': jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args['defaultrouter-ipv6'] = val elif key == 'jail_mac': jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args['mac'] = val jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_nat = self.cleaned_data.get('jail_nat', None) jail_vnet = self.cleaned_data.get('jail_vnet', None) jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_set_args = {} jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: if ( self.cleaned_data['jail_type'] != WARDEN_TYPE_LINUXJAIL and not self.cleaned_data['jail_32bit'] ): jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return
def save(self): try: jc = JailsConfiguration.objects.order_by("-id")[0] except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if not jc.jc_path: self.errors['__all__'] = self.error_class(["No jail root configured."]) return jail_host = self.cleaned_data.get('jail_host') jail_ipv4 = self.cleaned_data.get('jail_ipv4') jail_ipv6 = self.cleaned_data.get('jail_ipv6') jail_flags = WARDEN_FLAGS_NONE jail_create_args = { } jail_create_args['jail'] = jail_host w = Warden() # if self.cleaned_data['jail_32bit']: # jail_flags |= WARDEN_CREATE_FLAGS_32BIT if self.cleaned_data['jail_source']: jail_flags |= WARDEN_CREATE_FLAGS_SRC if self.cleaned_data['jail_ports']: jail_flags |= WARDEN_CREATE_FLAGS_PORTS if self.cleaned_data['jail_vanilla']: jail_flags |= WARDEN_CREATE_FLAGS_VANILLA if self.cleaned_data['jail_type'] == WARDEN_TYPE_PORTJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PORTJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_PLUGINJAIL: jail_flags |= WARDEN_CREATE_FLAGS_PLUGINJAIL elif self.cleaned_data['jail_type'] == WARDEN_TYPE_LINUXJAIL: jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL jail_create_args['script'] = LINUXSCRIPT if self.cleaned_data['jail_archive']: if jail_flags & WARDEN_CREATE_FLAGS_LINUXJAIL: jail_flags |= WARDEN_CREATE_FLAGS_LINUXARCHIVE else: jail_flags |= WARDEN_CREATE_FLAGS_ARCHIVE if jail_ipv4: jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args['ipv4'] = jail_ipv4 if jail_ipv6: jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args['ipv6'] = jail_ipv6 jail_create_args['flags'] = jail_flags try: w.create(**jail_create_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return jail_set_args = { } jail_set_args['jail'] = jail_host jail_flags = WARDEN_FLAGS_NONE jail_bridge_ipv4 = self.cleaned_data.get('jail_bridge_ipv4') jail_bridge_ipv6 = self.cleaned_data.get('jail_bridge_ipv6') if jail_bridge_ipv4: jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args['bridge-ipv4'] = jail_bridge_ipv4 if jail_bridge_ipv6: jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args['bridge-ipv6'] = jail_bridge_ipv6 jail_set_args['flags'] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return if self.cleaned_data['jail_autostart']: try: w.auto(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors['__all__'] = self.error_class([_(e.message)]) return
def save(self): jc = self.jc if not jc.jc_path: raise MiddlewareError(_("No jail root configured.")) jc_ipv4_netmask = 24 if jc.jc_ipv4_network: parts = jc.jc_ipv4_network.split("/") if len(parts) > 1: jc_ipv4_netmask = parts[1] jc_ipv6_prefix = 64 if jc.jc_ipv6_network: parts = jc.jc_ipv6_network.split("/") if len(parts) > 1: jc_ipv6_prefix = parts[1] jail_host = self.cleaned_data.get("jail_host") jail_ipv4_dhcp = self.cleaned_data.get("jail_ipv4_dhcp") jail_ipv4 = self.cleaned_data.get("jail_ipv4") jail_ipv4_netmask = self.cleaned_data.get("jail_ipv4_netmask", jc_ipv4_netmask) jail_ipv6_autoconf = self.cleaned_data.get("jail_ipv6_autoconf") jail_ipv6 = self.cleaned_data.get("jail_ipv6") jail_ipv6_prefix = self.cleaned_data.get("jail_ipv6_prefix", jc_ipv6_prefix) jail_flags = WARDEN_FLAGS_NONE jail_flags |= WARDEN_CREATE_FLAGS_VANILLA jail_create_args = {} jail_create_args["jail"] = jail_host w = Warden() template_create_args = {} jail_type = self.cleaned_data["jail_type"] if not jail_type: jail_type = "standard" template = JailTemplate.objects.get(jt_name=jail_type) template_create_args["nick"] = template.jt_name template_create_args["tar"] = template.jt_url template_create_args["flags"] = ( WARDEN_TEMPLATE_FLAGS_CREATE | WARDEN_TEMPLATE_CREATE_FLAGS_NICK | WARDEN_TEMPLATE_CREATE_FLAGS_TAR ) if template.jt_mtree: template_create_args["mtree"] = template.jt_mtree template_create_args["flags"] = template_create_args["flags"] | WARDEN_TEMPLATE_CREATE_FLAGS_MTREE saved_template = template template = None template_list_flags = {} template_list_flags["flags"] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t["nick"] == template_create_args["nick"]: template = t break createfile = "/var/tmp/.templatecreate" if not template: try: cf = open(createfile, "a+") cf.close() w.template(**template_create_args) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return template_list_flags = {} template_list_flags["flags"] = WARDEN_TEMPLATE_FLAGS_LIST templates = w.template(**template_list_flags) for t in templates: if t["nick"] == template_create_args["nick"]: template = t break if not template: self.errors["__all__"] = self.error_class([_("Unable to find template!")]) return if template["type"] == "Linux": jail_flags |= WARDEN_CREATE_FLAGS_LINUXJAIL if template["arch"] == "i386" and self.arch == "x64": jail_flags |= WARDEN_CREATE_FLAGS_32BIT jail_flags |= WARDEN_CREATE_FLAGS_TEMPLATE jail_create_args["template"] = template_create_args["nick"] if jail_ipv4_dhcp: jail_ipv4 = "DHCP" if jail_ipv4: if jail_ipv4 != "DHCP": jail_ipv4 = "%s/%s" % (jail_ipv4, jail_ipv4_netmask) jail_flags |= WARDEN_CREATE_FLAGS_IPV4 jail_create_args["ipv4"] = jail_ipv4 if jail_ipv6_autoconf: jail_ipv6 = "AUTOCONF" if jail_ipv6: if jail_ipv6 != "AUTOCONF": jail_ipv6 = "%s/%s" % (jail_ipv6, jail_ipv6_prefix) jail_flags |= WARDEN_CREATE_FLAGS_IPV6 jail_create_args["ipv6"] = jail_ipv6 jail_flags |= WARDEN_CREATE_FLAGS_LOGFILE jail_flags |= WARDEN_CREATE_FLAGS_SYSLOG jail_create_args["logfile"] = self.logfile jail_create_args["flags"] = jail_flags createfile = "/var/tmp/.jailcreate" try: cf = open(createfile, "a+") cf.close() w.create(**jail_create_args) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) if os.path.exists(createfile): os.unlink(createfile) return if os.path.exists(createfile): os.unlink(createfile) for key in ( "jail_bridge_ipv4", "jail_bridge_ipv6", "jail_defaultrouter_ipv4", "jail_defaultrouter_ipv6", "jail_mac", "jail_iface", "jail_flags", ): jail_set_args = {} jail_set_args["jail"] = jail_host jail_flags = WARDEN_FLAGS_NONE val = self.cleaned_data.get(key, None) if val: if key == "jail_bridge_ipv4": mask = self.cleaned_data.get("jail_bridge_ipv4_netmask", jc_ipv4_netmask) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV4 jail_set_args["bridge-ipv4"] = "%s/%s" % (val, mask) elif key == "jail_bridge_ipv6": prefix = self.cleaned_data.get("jail_bridge_ipv6_prefix", jc_ipv6_prefix) jail_flags |= WARDEN_SET_FLAGS_BRIDGE_IPV6 jail_set_args["bridge-ipv6"] = "%s/%s" % (val, prefix) elif key == "jail_defaultrouter_ipv4": jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV4 jail_set_args["defaultrouter-ipv4"] = val elif key == "jail_defaultrouter_ipv6": jail_flags |= WARDEN_SET_FLAGS_DEFAULTROUTER_IPV6 jail_set_args["defaultrouter-ipv6"] = val elif key == "jail_mac": jail_flags |= WARDEN_SET_FLAGS_MAC jail_set_args["mac"] = val elif key == "jail_iface": jail_flags |= WARDEN_SET_FLAGS_IFACE jail_set_args["iface"] = val elif key == "jail_flags": jail_flags |= WARDEN_SET_FLAGS_FLAGS jail_set_args["jflags"] = val jail_set_args["flags"] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) return jail_nat = self.cleaned_data.get("jail_nat", None) jail_vnet = self.cleaned_data.get("jail_vnet", None) if jc.jc_ipv4_dhcp or jc.jc_ipv6_autoconf: jail_vnet = True jail_set_args = {} jail_set_args["jail"] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_nat: jail_flags |= WARDEN_SET_FLAGS_NAT_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_NAT_DISABLE jail_set_args["flags"] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) return jail_set_args = {} jail_set_args["jail"] = jail_host jail_flags = WARDEN_FLAGS_NONE if jail_vnet: # XXXX if NOT LINUX XXXX (revisit this) if saved_template.jt_arch != "x86" and saved_template.jt_os != "Linux": jail_flags |= WARDEN_SET_FLAGS_VNET_ENABLE else: jail_flags |= WARDEN_SET_FLAGS_VNET_DISABLE jail_set_args["flags"] = jail_flags try: w.set(**jail_set_args) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) return if self.cleaned_data["jail_autostart"]: try: w.auto(jail=jail_host) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) return try: w.start(jail=jail_host) except Exception as e: self.errors["__all__"] = self.error_class([_(e.message)]) return