Last active
April 6, 2021 13:53
-
-
Save Javinator9889/4f2426dd10a699e42a7fc67e8fa3f6c8 to your computer and use it in GitHub Desktop.
Setup jail - general script for setting up a chroot jail with SSH support built-in
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# exit on error | |
set -e | |
# define tput commands | |
# background color using ANSI escape | |
bgBlack=$(tput setab 0) # black | |
bgRed=$(tput setab 1) # red | |
bgGreen=$(tput setab 2) # green | |
bgYellow=$(tput setab 3) # yellow | |
bgBlue=$(tput setab 4) # blue | |
bgMagenta=$(tput setab 5) # magenta | |
bgCyan=$(tput setab 6) # cyan | |
bgWhite=$(tput setab 7) # white | |
# foreground color using ANSI escape | |
fgBLack=$(tput setaf 0) # black | |
fgRed=$(tput setaf 1) # red | |
fgGreen=$(tput setaf 2) # green | |
fgYellow=$(tput setaf 3) # yellow | |
fgBlue=$(tput setaf 4) # blue | |
fgMagenta=$(tput setaf 5) # magenta | |
fgCyan=$(tput setaf 6) # cyan | |
fgWhite=$(tput setaf 7) # white | |
# text editing options | |
txBold=$(tput bold) # bold | |
txHalf=$(tput dim) # half-bright | |
txUnderline=$(tput smul) # underline | |
txEndUnder=$(tput rmul) # exit underline | |
txReverse=$(tput rev) # reverse | |
txStandout=$(tput smso) # standout | |
txEndStand=$(tput rmso) # exit standout | |
txReset=$(tput sgr0) # reset attributes | |
function dir_exists { | |
if [ -d "$1" ]; then | |
printf "✅ Directory $1 found!\n" | |
else | |
printf "❗ Directory $1 not found! Creating...\n" 1>&2 | |
mkdir -vp $1 | |
fi | |
} | |
function tree_dir { | |
local exists=$(command -v tree) | |
if [ exists ]; then | |
tree -L 1 "$1" | |
fi | |
} | |
function create_node { | |
if [ ! -c "/dev/$1" ]; then | |
printf "❌ ${txBold}Character device \"/dev/$1\" does not exist!\n" 1>&2 | |
exit 1 | |
fi | |
local minor=$(stat -c %T "/dev/$1") | |
local major=$(stat -c %t "/dev/$1") | |
if [[ "$minor" -eq "0" && "$major" -eq "0" ]]; then | |
printf "❗ \"/dev/$1\" is not a character device\n" | |
else | |
if [ -z "$2" ]; then | |
printf "❌ ${txBold}Target character directory not provided!\n" 1>&2 | |
exit 1 | |
fi | |
local perms=$(stat -c %a "/dev/$1") | |
printf "\tCreating device \"$1\" with permissions ${perms}...\n" | |
if [ ! -c "$2/dev/$1" ]; then | |
mknod -m "$perms" "$2/dev/$1" c "$major" "$minor" | |
fi | |
fi | |
} | |
function usage { | |
printf "\t${txBold}Usage${txReset}: [sudo] ${txUnderline}$0 CHROOT_DIR${txReset}\n\n" 1>&2 | |
printf "\t>> Example: sudo ${txReverse}$0 /home/demo${txReset}\n" 1>&2 | |
exit 1 | |
} | |
[ $# -lt 1 ] && printf "❌ ${bgRed}Jail directory not supplied!${txReset}\n" 1>&2 && usage | |
if [ "$EUID" -ne "0" ]; then | |
printf "❌ ${bgRed}This script must be run with root privileges!${txReset}\n" 1>&2 | |
usage | |
exit 1 | |
fi | |
D="$1" | |
printf "${txBold}▶ [1/4] Checking prerequisites...${txReset}\n" | |
dir_exists "$D" | |
printf "Prerequisites checked ✅\n" | |
printf "${txBold}▶ [2/4] Creating directory structure...${txReset}\n" | |
mkdir -p $D/{etc,home,tmp,var/tmp,dev} | |
mkdir -p -m 1777 $D/{tmp,var/tmp} | |
tree_dir "$D" | |
printf "Directory structure completed ✅\n" | |
printf "${txBold}▶ [3/4] Creating character devices...${txReset}\n" | |
create_node "tty" "$D" | |
create_node "zero" "$D" | |
create_node "null" "$D" | |
create_node "random" "$D" | |
create_node "urandom" "$D" | |
tree_dir "$D/dev" | |
printf "Character devices created ✅\n" | |
printf "${txBold}▶ [4/4] Copying required folders and files...${txReset}\n" | |
cp -rvf --parents /lib/terminfo/x "$D" | |
cp -vf --parents /etc/{passwd,group,ld.so.cache,ld.so.conf,nsswitch.conf,hosts} "$D" | |
printf "Folders and files copied! ✅\n" | |
exit 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment