Several modifications to ports support

- ports are only mounted to a build chroot if it uses a buildbase - added building of a buildbase with jaildk base $name rw - added a separate internal rcd-function jaildk_rc_ports for mounting and umounting ports, which ONLY operates in buld mode - added som documentation about this in the README
2025-12-17 12:41:10 +01:00 · 2020-11-27 08:52:58 +01:00
parent fd855c560b
commit e6ab439f0f
2 changed files with 109 additions and 37 deletions
--- a/README.md
+++ b/README.md
@@ -122,6 +122,42 @@ vi /usr/local/etc/nginx/nginx.conf
 Since  the build  chroot  is  writable you  can  install packages  and
 configure everything as needed.

+### Using the ports collection
+
+There might be cases when using pre build binary packages are not your
+thing. In such a case you want to use the [FreeBSD Ports Collection](https://www.freebsd.org/ports/).
+
+*jaildk* supports this, here are the steps required:
+
+#### Create a buildbase
+
+A  normal base  directory cannot  be  used with  the ports  collection
+because  jaildk removes  libraries and  binaries for  security reasons
+from normal bases. To create a build base, execute:
+
+`jaildk base 12-RELEASE-build rw`
+
+Next, add  the following entry  to the  configuration of you  jail. To
+stay with our example, edit `/jail/etc/myjail/jail.conf` and add:
+
+`buildbase=12-RELEASE-build`
+
+Then install the build jail as usual:
+
+`jaildk build myjail`
+
+Finally, install the current ports collection:
+
+`jaildk fetch`
+
+Now you can enter the build jail and install ports the traditional way:
+
+```
+jaildk blogin myjail
+cd /usr/ports/shells/bash
+make config-recursive install clean
+```
+
 ### When done, install and start the jail

 ```
--- a/110
+++ b/110
@@ -1,6 +1,6 @@
 #!/bin/sh

-version=1.04
+version=1.05

 usage_jaildk() {
    beg=`tput -T ${TERM:-cons25} md`
@@ -95,13 +95,17 @@ jaildk_build() {
    base=$3
    version=$4

+    load-jail-config $jail
+
    if test -z "$mode"; then
        echo "Usage: $0 build <jail name> <start|stop|status> [<base>] [<version>]"
        exit 1
    fi

-    if test -z "$base"; then
-        # default: latest
+    if test -n "buildbase"; then
+        base="$j/$buildbase"
+    elif test -z "$base"; then
+        # not configured, use default: latest
        base=`ls $j/base | tail -1`
    fi

@@ -109,6 +113,37 @@ jaildk_build() {
    
 }

+jaildk_rc_ports() {
+    jail=$1
+    mode=$2
+    rw=$3
+    BASE=$4
+    VERSION=$5
+    rcscript=ports
+
+    load-jail-config $jail
+
+    if test -n "$buildbase" -a -n "$rw"; then
+        # we only support ports if a buildbase is configured
+        case $mode in
+            start)
+                if mount -v | grep -q " $j/build/$jail/usr/ports "; then
+                    bold "$j/build/$jail/usr/ports already mounted!"
+                else
+                    ex mount -t nullfs -o rw $j/ports/$version $j/build/$jail/usr/ports
+                fi
+                ;;
+            stop)
+                if mount -v | grep -q " $j/build/$jail/usr/ports "; then
+                    ex umount $j/build/$jail/usr/ports
+                else
+                    bold "$j/build/$jail/usr/ports not mounted!"
+                fi
+                ;;
+        esac
+    fi
+}
+
 jaildk_rc_mount() {
    jail=$1
    mode=$2
@@ -223,6 +258,7 @@ jaildk_install_usage() {
    err "Usage: $0 install <jail> [[<rc.d-script>] <start|stop|restart|status>]"
    err "If <rc.d-script> is 'all' every script will be executed in rc-order."
    err "If <rc.d-script> is not specified, just execute all scripts with <start>."
+    err "Available rc.d-scripts: $RCSCRIPTS"
    exit 1
 }
        
@@ -261,7 +297,7 @@ jaildk_install() {
    die_if_not_exist $jail

    if test "$rcd" = "all"; then
-        rcscripts="jaildk_rc_mount"
+        rcscripts="$RCSCRIPTS"
    else
        rcscripts="jaildk_rc_${rcd}"
        if ! type "$rcscripts" > /dev/null 2>&1; then
@@ -275,24 +311,12 @@ jaildk_install() {
            ;;
        stop)
            bold "Unstalling jail $jail"
-            if mount -v | grep " $j/build/$jail/usr/ports " > /dev/null ; then
-                if [ ! -z $rw ]; then
-                    echo "mount - umount $j/build/$jail/usr/ports"
-                    umount $j/build/$jail/usr/ports
-                fi
-            else
-                bold "$j/build/$jail/usr/ports not mounted!"
-            fi
            ;;
    esac

    for rcscript in $rcscripts; do
        $rcscript $jail $mode $rw $base $version
    done
-    if [ $mode = "start" ]; then
-        ex mount -t nullfs -o rw $j/ports/$version $run/$jail/usr/ports
-    fi
-
 }

 jaildk_uninstall() {
@@ -316,10 +340,13 @@ jaildk_uninstall() {

 jaildk_base() {
    base=$1
-    if echo "$base" | egrep -vq "^/"; then
-        basedir=$j/base/$base
-    else
-        basedir=$base
+    rw=$2
+
+    if test -z "$base"; then
+        err "Usage: $0 base <basename|basedir> [<rw>]"
+        err "If the <rw> has been set, the base will not cleaned up"
+        err "and will contain compilers and other build stuff. Use"
+        err "this if you want to use the ports collection."
    fi

    removelist="tests
@@ -382,8 +409,11 @@ rescue
 media
 mnt
 boot"
-    if test -z "$basedir"; then
-        die "Usage: $0 base <base dir>"
+
+    if echo "$base" | egrep -vq "^/"; then
+        basedir=$j/base/$base
+    else
+        basedir=$base
    fi

    if test -d "$basedir"; then
@@ -392,12 +422,15 @@ boot"
    else
        ex mkdir -p $basedir
        DISTRIBUTIONS="base.txz" bsdinstall jail $basedir
-        for file in $removelist; do
-            ex rm -rf $basedir/$file
-        done

-        ex mkdir -p $basedir/usr/ports
-        
+        if test -n "$rw"; then
+            for file in $removelist; do
+                ex rm -rf $basedir/$file
+            done
+
+            ex mkdir -p $basedir/usr/ports
+        fi
+
        ex rm -rf $basedir/var/db
        ex ln -s /usr/local/db $basedir/var/db
    fi
@@ -906,7 +939,7 @@ endif
    esac
 }

-jaildk_fetch() {
+jaildk_fetch_ports() {
    version=`date +%Y%m%d`
    if [ -d "$j/ports/$version" ]; then
        echo "Ports dir $version already exist. Do you want to recreate it? [y/N]"
@@ -914,7 +947,7 @@ jaildk_fetch() {
        case $yesno in
            y|Y|yes|YES)
                rm -rf $j/ports/$version
-                jaildk_fetch_exec
+                jaildk_fetch_ports_exec
                ;;
        esac
    else
@@ -922,14 +955,14 @@ jaildk_fetch() {
    fi
 }

-jaildk_fetch_exec() {
-            fetch -o $j/ports/$version.tar.gz http://ftp.freebsd.org/pub/FreeBSD/ports/ports/ports.tar.gz
-            mkdir -p $j/ports/$version
-            tar xzfC $j/ports/$version.tar.gz $j/ports/$version
-            cd $j/ports/$version/
-            mv ports/* .
-            cd -
-            rm -rf $j/ports/$version.tar.gz  $j/ports/$version/ports
+jaildk_fetch_ports_exec() {
+    fetch -o $j/ports/$version.tar.gz http://ftp.freebsd.org/pub/FreeBSD/ports/ports/ports.tar.gz
+    mkdir -p $j/ports/$version
+    tar xzfC $j/ports/$version.tar.gz $j/ports/$version
+    cd $j/ports/$version/
+    mv ports/* .
+    cd -
+    rm -rf $j/ports/$version.tar.gz  $j/ports/$version/ports
 }

 ##########################
@@ -939,6 +972,9 @@ jaildk_fetch_exec() {
 # will be modified during installation
 JAILDIR=/jail

+# install modules
+RCSCRIPTS="jaildk_rc_mount jaildk_rc_ports"
+
 # globals
 j=$JAILDIR
 rcdir=$j/bin