BLACKSITE


	: 13.59.192.254
	: 103.154.184.216 / www.astitvaad.com
	: Linux vps.readyhost.in 4.18.0-553.6.1.el8.x86_64 #1 SMP Thu May 30 04:13:58 UTC 2024 x86_64
: /sbin/
files >> //sbin/jail-shell
 #!/bin/sh
#
# Copyright (C) 2017 Ruilin Peng (Nick) <pymumu@gmail.com>
#

umask 027
JAIL_SETUP_SCRIPT="/usr/local/jail-shell/bin/jail-shell-setup"
JAIL_CONFIG_FILE="/etc/jail-shell/jail-shell.conf"
CONF_PATH="/etc/jail-shell/jail-config"

showhelp()
{
	echo "Usage: jail-shell [user | jail | config ] [OPTION]"
	echo "Options:"
	echo " user [option]"
	echo "   -l | --list                      list jail users."
	echo "   -a | --add [user | group]        add a user or group to jail-shell, start with '@' means group."
	echo "   -d | --del [user | group]        del a user or group from jail-shell. start with '@' means group."
	echo "   -n | --namespace [namespace]     user namespace: mnt,pid,ipc,net,uts."
	echo "   -j | --jail [jail name ]         jail shell name."
	echo ""
	echo " jail [option]"
	echo "   -l | --list                      list jail names."
	echo "   -i | --install [jail name | all] install a jail shell."
	echo "   -r | --remove [jail name]        remove a jail shell."
	echo "   -c | --clean [jail name | all]   clean up a jail shell."
	echo "   -e | --edit [jail name]          create and or edit jail shell configuration."
	echo "   -d | --delete [jail name]        delete jail configuration."
	echo ""
	echo "example:"
	echo " user operation:"
	echo "   add user:  jail-shell user -a user -j jail -n mnt,pid"
	echo "   add group: jail-shell user -a @group -j jail -n mnt,pid"
	echo "   del user:  jail-shell -d user"
	echo " jail operation:"
	echo "   install jail: jail-shell jail -i jail"
	echo "   remove jail: jail-shell jail -r jail"
}

is_user_exist()
{
	echo "$1" | grep "@" > /dev/null 2>&1
	if [ $? -ne 0 ]; then
		id -u $1 >/dev/null 2>&1
		return $?
	fi

	GROUP="`echo $1 | sed 's/@//g'`"
	getent group $GROUP >/dev/null 2>&1
	if [ $? -ne 0 ]; then
		return 1
	fi

	return 0
}

is_user_added()
{
	user="$1"

	grep "^ *$user[[:space:]]" $JAIL_CONFIG_FILE >/dev/null 2>&1
	return $?
}

is_namespace_valid()
{
	local namespace=$1
	local ret=0
	OIFS=$IFS
	IFS=","
	for f in $namespace
	do
		case "$f" in
		mnt|ipc|net|pid|uts|none)
			continue
			;;
		* )
			ret=1
			break
			;;
		esac
			
	done
	IFS=$OIFS

	return $ret
}

is_jail_exist()
{
	local jail=$1
	JAIL_CFG="$CONF_PATH/${jail}.cfg"
	if [ ! -e $JAIL_CFG ]; then
		return 1
	fi	

	return 0	
}	

user()
{
	local act="none"
	local jail=""
	local namespace="mnt,pid"
	local user=""
	OPTS=`getopt -o la:d:n:j: --long list,add:del:namespace:jail: \
		-n  "" -- "$@"`

	if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi

	# Note the quotes around `$TEMP': they are essential!
	eval set -- "$OPTS"

	while true; do
		case "$1" in
		-l | --list)
			act="LIST"
			shift ;;
		-a | --add )
			act="ADD"
			user="$2"
			shift 2;;
		-d | --del)
			act="DEL"
			user="$2"
			shift 2;;
		-n | --namespace )
			namespace="$2"
			shift 2;;
		-j | --jail)
			jail="$2"
			shift 2;;
		-- ) shift; break ;;
		* ) break ;;
  		esac
	done

	if [ "$act" = "LIST" ]; then
		printf "%-24s %-24s %-24s\n" "[User/Group]" "[Jail]" "[Namespace]"
		while read USER JAIL NAMESPACE
		do
			case "$USER" in
			""|\#*)
				continue
				;;
			esac

			if [ -z "$NAMESPACE" ]; then
				continue
			fi
			printf "%-24s %-24s %-24s\n" "$USER" "$JAIL" "$NAMESPACE"
		done < $JAIL_CONFIG_FILE
	elif [ "$act" = "ADD" ]; then
		is_user_exist $user
		if [ $? -ne 0 ]; then
			echo "user or group $user doesn't exists."
			echo "please add user or group with 'useradd' or 'groupadd'  to system first."
			return 1
		fi

		is_user_added $user
		if [ $? -eq 0 ]; then
			echo "user or group $user exists."
			return 1
		fi

		is_namespace_valid $namespace
		if [ $? -ne 0 ]; then
			echo "namespace is invalid."
			return 1
		fi

		if [ -z "$jail" ]; then
			echo "please input jail name"
			return 1
		fi

		is_jail_exist $jail
		if [ $? -ne 0 ]; then
			echo "jail $jail is not exist."
			return 1
		fi

		printf "%-24s %-24s %-24s\n" "$user" "$jail" "$namespace" >> $JAIL_CONFIG_FILE
		if [ $? -ne 0 ]; then
			echo "add config failed."
			return 1
		fi
		return 0
	elif [ "$act" = "DEL" ]; then
		is_user_exist $user
		if [ $? -ne 0 ]; then
			echo "user $user doesn't exist."
			return 1
		fi
		
		sed -i "/^ *$user[[:space:]]/d" $JAIL_CONFIG_FILE
		if [ $? -ne 0 ]; then
			echo "delete user failed."
			return 1
		fi

		return 0

	else 
		showhelp
		return 1
	fi
}

jail()
{
	local act="none"
	local jail=""
	OPTS=`getopt -o li:r:c:e:d: --long list,install:,remove:,clean:edit:,delete: \
		-n  "" -- "$@"`

	if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi

	# Note the quotes around `$TEMP': they are essential!
	eval set -- "$OPTS"

	while true; do
		case "$1" in
		-l | --list )
			$JAIL_SETUP_SCRIPT --list 
			return $?
			shift ;;
		-i | --install)
			$JAIL_SETUP_SCRIPT --install $2
		   	return $?
			shift 2;;
		-r | --remove)
			$JAIL_SETUP_SCRIPT --remove $2
		   	return $?
			shift 2;;
		-c | --clean)
			$JAIL_SETUP_SCRIPT --clean $2
		   	return $?
			shift 2;;
		-e | --edit)
			JAIL="$2"
			JAIL_CFG="$CONF_PATH/${JAIL}.cfg"
			JAIL_SAMPLE=""
			if [ ! -f "$JAIL_CFG" ]; then
				if [ -h "/bin" ]; then
					JAIL_SAMPLE="$CONF_PATH/jail-bin-symbolic-link.cfg.sample" 
				else 
					JAIL_SAMPLE="$CONF_PATH/jail.cfg.sample" 
				fi
				
				cp $JAIL_SAMPLE $JAIL_CFG -a
				if [ $? -ne 0 ]; then
					echo "copy sample at $CONF_PATH failed."
					return 1
				fi
	
				
			fi

			vi $JAIL_CFG

			# File is not edited.
			if [ ! -z "$JAIL_SAMPLE" ]; then
				if [ "`stat -c %Y $JAIL_SAMPLE`" = "`stat -c %Y $JAIL_CFG`" ]; then
					rm $JAIL_CFG	
					echo "Jail not saved, you can run vi command :w! to save."
					return 1
				fi
			fi

			echo "please run 'jail-shell jail -i $JAIL' to install jail."

			return 0
			shift 2;;
		-d | --delete)
			JAIL="$2"
			JAIL_CFG="$CONF_PATH/${JAIL}.cfg"
			is_jail_exist $JAIL
			if [ $? -ne 0 ]; then
				echo "jail $JAIL doesn't exist."
				return 1
			fi

			$JAIL_SETUP_SCRIPT --remove $2 >/dev/null 2>&1

			rm -f $JAIL_CFG
			if [ $? -ne 0 ]; then
				echo "delete jail configuration failed."
				return 1
			fi

			echo "delete $JAIL success."

			return 0
			shift 2;;
		-- ) shift; break ;;
		* ) break ;;
  		esac
	done

	showhelp
	
	return $?
}

config()
{
	OPTS=`getopt -o h --long help \
		-n  "" -- "$@"`

	if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi

	# Note the quotes around `$TEMP': they are essential!
	eval set -- "$OPTS"

	while true; do
		case "$1" in
		-h | --help )
			showhelp
			return 0
			shift ;;
		-- ) shift; break ;;
		* ) break ;;
  		esac
	done
}

main()
{
	local mode="$1"

	if [ $# -lt 1 ]; then
		showhelp
		return $?
	fi

	shift 1

	case "$mode" in
	user)
		user $@
		return $?
		;;
	jail)
		jail $@
		return $?
		;;
	config)
		config $@
		return $?
		;;
	help)
		showhelp
		return $?
		;;
	*)
		showhelp
		return $?
		;;
	esac
}

main $@
exit $?