From 3af9b5907759fd86ab8e43565abf714d7bbea523 Mon Sep 17 00:00:00 2001 From: Christer Edwards Date: Fri, 25 Oct 2019 19:32:52 -0600 Subject: [PATCH 1/3] update version to 0.4.20191025 --- usr/local/bin/bastille | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/usr/local/bin/bastille b/usr/local/bin/bastille index d3d2d47e..991c30c7 100755 --- a/usr/local/bin/bastille +++ b/usr/local/bin/bastille @@ -69,7 +69,7 @@ bastille_perms_check . /usr/local/etc/bastille/bastille.conf ## version -BASTILLE_VERSION="0.4.20190714" +BASTILLE_VERSION="0.4.20191025" usage() { cat << EOF From 341469a1db747cc87319631623fff807d82c7fe6 Mon Sep 17 00:00:00 2001 From: Christer Edwards Date: Fri, 25 Oct 2019 19:33:16 -0600 Subject: [PATCH 2/3] added previously undocumented networking config options --- usr/local/etc/bastille/bastille.conf | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/usr/local/etc/bastille/bastille.conf b/usr/local/etc/bastille/bastille.conf index 7524c23d..556dcfca 100644 --- a/usr/local/etc/bastille/bastille.conf +++ b/usr/local/etc/bastille/bastille.conf @@ -28,3 +28,10 @@ bastille_zfs_zpool="" ## default: "" bastille_zfs_prefix="bastille" ## default: "${bastille_zfs_zpool}/bastille" bastille_zfs_mountpoint=${bastille_prefix} ## default: "${bastille_prefix}" bastille_zfs_options="-o compress=lz4 -o atime=off" ## default: "-o compress=lz4 -o atime=off" + +## Networking +bastille_jail_loopback="lo1" ## default: "lo1" +bastille_jail_interface="bastille0" ## default: "bastille0" +bastille_jail_external="" ## default: "" +bastille_jail_addr="10.17.89.10" ## default: "10.17.89.10" +bastille_jail_gateway="" ## default: "" From 487d2aba434f3da6b73c1af9a38742b3a549ef09 Mon Sep 17 00:00:00 2001 From: Christer Edwards Date: Fri, 25 Oct 2019 19:33:35 -0600 Subject: [PATCH 3/3] add support for 11.3-RELEASE, 12.1-RC1, 12.1-RC2, 12.1-RELEASE --- usr/local/share/bastille/bootstrap.sh | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/usr/local/share/bastille/bootstrap.sh b/usr/local/share/bastille/bootstrap.sh index 45a75bd3..d2e64fec 100644 --- a/usr/local/share/bastille/bootstrap.sh +++ b/usr/local/share/bastille/bootstrap.sh @@ -362,15 +362,15 @@ HW_MACHINE_ARCH=$(sysctl hw.machine_arch | awk '{ print $2 }') # Filter sane release names case "${1}" in -11.3-RELEASE) +11.2-RELEASE) RELEASE="${1}" - UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/11.3-RELEASE" + UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/11.2-RELEASE" bootstrap_directories bootstrap_release ;; -11.2-RELEASE) +11.3-RELEASE) RELEASE="${1}" - UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/11.2-RELEASE" + UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/11.3-RELEASE" bootstrap_directories bootstrap_release ;; @@ -380,6 +380,24 @@ case "${1}" in bootstrap_directories bootstrap_release ;; +12.1-RC1) + RELEASE="${1}" + UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/12.1-RC1" + bootstrap_directories + bootstrap_release + ;; +12.1-RC2) + RELEASE="${1}" + UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/12.1-RC2" + bootstrap_directories + bootstrap_release + ;; +12.1-RELEASE) + RELEASE="${1}" + UPSTREAM_URL="http://ftp.freebsd.org/pub/FreeBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/12.1-RELEASE" + bootstrap_directories + bootstrap_release + ;; 11-stable-LAST) RELEASE="${1}" UPSTREAM_URL="https://installer.hardenedbsd.org/pub/HardenedBSD/releases/${HW_MACHINE}/${HW_MACHINE_ARCH}/hardenedbsd-11-stable-LAST"