diff --git a/configs/etc/ctl.conf b/configs/etc/ctl.conf new file mode 100644 index 0000000..22ba50a --- /dev/null +++ b/configs/etc/ctl.conf @@ -0,0 +1,35 @@ +portal-group pg0 { + discovery-auth-group no-authentication + listen 0.0.0.0 + listen [::] +} + +target iqn.nas.ahlawat.com:lab13 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab13 + size 128G + } +} + +target iqn.nas.ahlawat.com:lab17 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab17 + size 128G + } +} + +target iqn.nas.ahlawat.com:lab18 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab18 + size 128G + } +} diff --git a/configs/etc/exports b/configs/etc/exports new file mode 100644 index 0000000..b8d7e71 --- /dev/null +++ b/configs/etc/exports @@ -0,0 +1,3 @@ +/mnt/ship/pxe/FreeBSD11 -alldirs -maproot=root +/mnt/ship/pxe/FreeBSD12 -alldirs -maproot=root +/mnt/ship/pxe/FreeBSD13 -alldirs -maproot=root diff --git a/configs/pxe/.ssh/authorized_keys b/configs/pxe/.ssh/authorized_keys new file mode 100644 index 0000000..3caee76 --- /dev/null +++ b/configs/pxe/.ssh/authorized_keys @@ -0,0 +1 @@ +ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDAGJkR8PJBp68y44o4H44HueSGYbyg1+8VJP43YEj4M7ssKagMTH5QQEifU1gepdLgoK7mr+9yLpNXUlzT56FOcpQ3cyjPtp58N3384FrewAgiyA2dqwSxN/UsPXXA5F88HxcuhKXfEZgugC92W3LL8/U8dC/nSwj1hFVjWf75OpXqTjJFaBKhVYDjo75OfkzIwWQLmrFO/VF9TmA41eRn/yXZs+S504iVV+0dK6MgkN5FJoPj+XsKNr1pgQTIn63AtdLB2wW4gafWTQI6SMBYUPkfcrFdLR73+g2+IOSiLdB37us2XXtwHw1shJwLlz0j+1EVjZjOFAWILDNwrzJt ahlawat@ahlawat.com diff --git a/configs/pxe/ctl.conf b/configs/pxe/ctl.conf new file mode 100644 index 0000000..22ba50a --- /dev/null +++ b/configs/pxe/ctl.conf @@ -0,0 +1,35 @@ +portal-group pg0 { + discovery-auth-group no-authentication + listen 0.0.0.0 + listen [::] +} + +target iqn.nas.ahlawat.com:lab13 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab13 + size 128G + } +} + +target iqn.nas.ahlawat.com:lab17 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab17 + size 128G + } +} + +target iqn.nas.ahlawat.com:lab18 { +# auth-group no-authentication + portal-group pg0 + chap user secretsecret + lun 0 { + path /dev/zvol/ship/raw/lab18 + size 128G + } +} diff --git a/configs/pxe/exports b/configs/pxe/exports new file mode 100644 index 0000000..b8d7e71 --- /dev/null +++ b/configs/pxe/exports @@ -0,0 +1,3 @@ +/mnt/ship/pxe/FreeBSD11 -alldirs -maproot=root +/mnt/ship/pxe/FreeBSD12 -alldirs -maproot=root +/mnt/ship/pxe/FreeBSD13 -alldirs -maproot=root diff --git a/configs/pxe/fstab.11 b/configs/pxe/fstab.11 new file mode 100644 index 0000000..e51246c --- /dev/null +++ b/configs/pxe/fstab.11 @@ -0,0 +1,3 @@ +# Device Mountpoint FStype Options Dump Pass# +192.168.0.10:/mnt/ship/pxe/FreeBSD11 / nfs rw 0 0 +fdescfs /dev/fd fdescfs rw 0 0 diff --git a/configs/pxe/fstab.12 b/configs/pxe/fstab.12 new file mode 100644 index 0000000..b9cdc6b --- /dev/null +++ b/configs/pxe/fstab.12 @@ -0,0 +1,3 @@ +# Device Mountpoint FStype Options Dump Pass# +192.168.0.10:/mnt/ship/pxe/FreeBSD12 / nfs rw 0 0 +fdescfs /dev/fd fdescfs rw 0 0 diff --git a/configs/pxe/fstab.13 b/configs/pxe/fstab.13 new file mode 100644 index 0000000..6ffff01 --- /dev/null +++ b/configs/pxe/fstab.13 @@ -0,0 +1,3 @@ +# Device Mountpoint FStype Options Dump Pass# +192.168.0.10:/mnt/ship/pxe/FreeBSD13 / nfs rw 0 0 +fdescfs /dev/fd fdescfs rw 0 0 diff --git a/configs/pxe/iscsi.conf.13 b/configs/pxe/iscsi.conf.13 new file mode 100644 index 0000000..f2d208e --- /dev/null +++ b/configs/pxe/iscsi.conf.13 @@ -0,0 +1,7 @@ +t0 { + TargetAddress = 192.168.0.10 + TargetName = iqn.nas.ahlawat.com:lab13 + AuthMethod = CHAP + chapIName = user + chapSecret = secretsecret +} diff --git a/configs/pxe/iscsi.conf.17 b/configs/pxe/iscsi.conf.17 new file mode 100644 index 0000000..b304b9d --- /dev/null +++ b/configs/pxe/iscsi.conf.17 @@ -0,0 +1,7 @@ +t0 { + TargetAddress = 192.168.0.10 + TargetName = iqn.nas.ahlawat.com:lab17 + AuthMethod = CHAP + chapIName = user + chapSecret = secretsecret +} diff --git a/configs/pxe/iscsi.conf.18 b/configs/pxe/iscsi.conf.18 new file mode 100644 index 0000000..c339b3f --- /dev/null +++ b/configs/pxe/iscsi.conf.18 @@ -0,0 +1,7 @@ +t0 { + TargetAddress = 192.168.0.10 + TargetName = iqn.nas.ahlawat.com:lab18 + AuthMethod = CHAP + chapIName = user + chapSecret = secretsecret +} diff --git a/configs/pxe/rc.conf b/configs/pxe/rc.conf new file mode 100644 index 0000000..1fa850e --- /dev/null +++ b/configs/pxe/rc.conf @@ -0,0 +1,6 @@ +rpc_lockd_enable="YES" +rpc_statd_enable="YES" +sshd_enable="YES" +iscsid_enable="YES" +iscsictl_enable="YES" +iscsictl_flags="-Aa" diff --git a/configs/pxe/resolv.conf b/configs/pxe/resolv.conf new file mode 100644 index 0000000..d340533 --- /dev/null +++ b/configs/pxe/resolv.conf @@ -0,0 +1,8 @@ +# Generated by resolvconf +search ahlawat.com +nameserver 192.168.0.5 +nameserver 2603:3024:3f6:e1::5 +nameserver 2603:3024:3f6:e2::5 +nameserver 2603:3024:3f6:e5::5 +nameserver 2603:3024:3f6:e9::5 + diff --git a/configs/pxe/sshd_config b/configs/pxe/sshd_config new file mode 100644 index 0000000..b8f8fe0 --- /dev/null +++ b/configs/pxe/sshd_config @@ -0,0 +1,121 @@ +# $OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $ +# $FreeBSD: head/crypto/openssh/sshd_config 357926 2020-02-14 19:06:59Z emaste $ + +# This is the sshd server system-wide configuration file. See +# sshd_config(5) for more information. + +# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin + +# The strategy used for options in the default sshd_config shipped with +# OpenSSH is to specify options with their default value where +# possible, but leave them commented. Uncommented options override the +# default value. + +# Note that some of FreeBSD's defaults differ from OpenBSD's, and +# FreeBSD has a few additional options. + +#Port 22 +#AddressFamily any +#ListenAddress 0.0.0.0 +#ListenAddress :: + +#HostKey /etc/ssh/ssh_host_rsa_key +#HostKey /etc/ssh/ssh_host_ecdsa_key +#HostKey /etc/ssh/ssh_host_ed25519_key + +# Ciphers and keying +#RekeyLimit default none + +# Logging +#SyslogFacility AUTH +#LogLevel INFO + +# Authentication: + +#LoginGraceTime 2m +PermitRootLogin yes +#StrictModes yes +#MaxAuthTries 6 +#MaxSessions 10 + +#PubkeyAuthentication yes + +# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2 +# but this is overridden so installations will only check .ssh/authorized_keys +AuthorizedKeysFile .ssh/authorized_keys + +#AuthorizedPrincipalsFile none + +#AuthorizedKeysCommand none +#AuthorizedKeysCommandUser nobody + +# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts +#HostbasedAuthentication no +# Change to yes if you don't trust ~/.ssh/known_hosts for +# HostbasedAuthentication +#IgnoreUserKnownHosts no +# Don't read the user's ~/.rhosts and ~/.shosts files +#IgnoreRhosts yes + +# Change to yes to enable built-in password authentication. +#PasswordAuthentication no +#PermitEmptyPasswords no + +# Change to no to disable PAM authentication +#ChallengeResponseAuthentication yes + +# Kerberos options +#KerberosAuthentication no +#KerberosOrLocalPasswd yes +#KerberosTicketCleanup yes +#KerberosGetAFSToken no + +# GSSAPI options +#GSSAPIAuthentication no +#GSSAPICleanupCredentials yes + +# Set this to 'no' to disable PAM authentication, account processing, +# and session processing. If this is enabled, PAM authentication will +# be allowed through the ChallengeResponseAuthentication and +# PasswordAuthentication. Depending on your PAM configuration, +# PAM authentication via ChallengeResponseAuthentication may bypass +# the setting of "PermitRootLogin without-password". +# If you just want the PAM account and session checks to run without +# PAM authentication, then enable this but set PasswordAuthentication +# and ChallengeResponseAuthentication to 'no'. +#UsePAM yes + +#AllowAgentForwarding yes +#AllowTcpForwarding yes +#GatewayPorts no +#X11Forwarding yes +#X11DisplayOffset 10 +#X11UseLocalhost yes +#PermitTTY yes +#PrintMotd yes +#PrintLastLog yes +#TCPKeepAlive yes +#PermitUserEnvironment no +#Compression delayed +#ClientAliveInterval 0 +#ClientAliveCountMax 3 +#UseDNS yes +#PidFile /var/run/sshd.pid +#MaxStartups 10:30:100 +#PermitTunnel no +#ChrootDirectory none +#UseBlacklist no +#VersionAddendum FreeBSD-20200214 + +# no default banner path +#Banner none + +# override default of no subsystems +Subsystem sftp /usr/libexec/sftp-server + +# Example of overriding settings on a per-user basis +#Match User anoncvs +# X11Forwarding no +# AllowTcpForwarding no +# PermitTTY no +# ForceCommand cvs server diff --git a/jails/config/auto/portfolio b/jails/config/auto/portfolio index 00b625e..f7983d9 100755 --- a/jails/config/auto/portfolio +++ b/jails/config/auto/portfolio @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh - # the two lines below are not just comments but required by rcorder; service -e # PROVIDE: portfolio # REQUIRE: NETWORKING DAEMON diff --git a/jails/config/auto/producthunt b/jails/config/auto/producthunt index 1c3297a..f728221 100755 --- a/jails/config/auto/producthunt +++ b/jails/config/auto/producthunt @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh - # the two lines below are not just comments but required by rcorder; service -e # PROVIDE: producthunt # REQUIRE: NETWORKING DAEMON diff --git a/jails/config/book/cps b/jails/config/book/cps index fc9423a..3465783 100755 --- a/jails/config/book/cps +++ b/jails/config/book/cps @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh - # the two lines below are not just comments but required by rcorder; service -e # PROVIDE: cpsserver # REQUIRE: NETWORKING DAEMON diff --git a/jails/config/calibre/.keep b/jails/config/calibre/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/jails/config/cam/camserver b/jails/config/cam/camserver index c3c5dd3..174104f 100644 --- a/jails/config/cam/camserver +++ b/jails/config/cam/camserver @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh - # the two lines below are not just comments but required by rcorder; service -e # PROVIDE: camserver # REQUIRE: NETWORKING SERVERS DAEMON ldconfig resolv @@ -27,12 +27,12 @@ restart_cmd="camserver_restart" camserver_start() { - $camserver startserver -b -c /mnt/config/secret/motioneye/motioneye.conf + $camserver startserver -b -c /mnt/config/secret/motioneye/motioneye.conf } camserver_stop() { - $camserver stopserver + $camserver stopserver } camserver_restart() { diff --git a/jails/config/cert/.keep b/jails/config/cert/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/jails/config/common/snip-sendmail.sh b/jails/config/common/snip-sendmail.sh index 9faa859..c92b4a1 100755 --- a/jails/config/common/snip-sendmail.sh +++ b/jails/config/common/snip-sendmail.sh @@ -1,3 +1,5 @@ +#! /usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#! /usr/local/bin/bash # smart_host - mail - is the mail server's dns name # TO_IDENT sets O Timeout.ident=0s - to stop sendmail from making ident connections echo "define(\`SMART_HOST', \`mail')" >> /etc/mail/$HOSTNAME.mc diff --git a/jails/config/common/vncserver b/jails/config/common/vncserver index e125c15..2652394 100644 --- a/jails/config/common/vncserver +++ b/jails/config/common/vncserver @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh - # the two lines below are not just comments but required by rcorder; service -e # PROVIDE: vncserver # REQUIRE: NETWORKING SERVERS DAEMON ldconfig resolv diff --git a/jails/config/hub/smb4.conf b/jails/config/hub/smb4.conf index a933fc3..e4af145 100644 --- a/jails/config/hub/smb4.conf +++ b/jails/config/hub/smb4.conf @@ -36,20 +36,20 @@ sync always = no workgroup = HUBX_Group -[stmp] - path = /tmp - directory mask = 0700 - create mask = 0400 - writeable = yes - valid users = p +#[stmp] +# path = /tmp +# directory mask = 0700 +# create mask = 0400 +# writeable = yes +# valid users = p -[usb] - path = /mnt/usb - read only = yes -# valid users = p - browseable = yes - dos filemode = yes - guest ok = yes +#[usb] +# path = /mnt/usb +# read only = yes +## valid users = p +# browseable = yes +# dos filemode = yes +# guest ok = yes [sw] path = /mnt/sw @@ -57,6 +57,12 @@ valid users = p browseable = yes +[imax-4k] + path = /mnt/imax-4k + read only = yes + valid users = p + browseable = yes + [movies-4k] path = /mnt/movies-4k read only = yes @@ -86,3 +92,15 @@ read only = yes valid users = p browseable = yes + +[tor-trgs] + path = /mnt/tor-trgs + read only = yes + valid users = p + browseable = yes + +[conf] + path = /mnt/conf + read only = yes + valid users = p + browseable = yes diff --git a/jails/config/hub/sshd_config b/jails/config/hub/sshd_config index a0b92bc..2cdfe38 100644 --- a/jails/config/hub/sshd_config +++ b/jails/config/hub/sshd_config @@ -33,7 +33,7 @@ # Authentication: #LoginGraceTime 2m -PermitRootLogin yes +PermitRootLogin no #StrictModes yes MaxAuthTries 2 MaxSessions 2 @@ -50,16 +50,16 @@ AuthorizedKeysFile .ssh/authorized_keys #AuthorizedKeysCommandUser nobody # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts -#HostbasedAuthentication no +HostbasedAuthentication no # Change to yes if you don't trust ~/.ssh/known_hosts for # HostbasedAuthentication #IgnoreUserKnownHosts no # Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes +IgnoreRhosts yes # Change to yes to enable built-in password authentication. PasswordAuthentication no -#PermitEmptyPasswords no +PermitEmptyPasswords no # Change to no to disable PAM authentication ChallengeResponseAuthentication no @@ -97,8 +97,8 @@ ChallengeResponseAuthentication no #TCPKeepAlive yes #PermitUserEnvironment no #Compression delayed -#ClientAliveInterval 0 -#ClientAliveCountMax 3 +ClientAliveInterval 300 +ClientAliveCountMax 1 #UseDNS yes #PidFile /var/run/sshd.pid #MaxStartups 10:30:100 @@ -119,3 +119,5 @@ Subsystem sftp /usr/libexec/sftp-server # AllowTcpForwarding no # PermitTTY no # ForceCommand cvs server + +AllowUsers p diff --git a/jails/config/ibm/create_tuns.sh b/jails/config/ibm/create_tuns.sh index 338ce63..ac37b16 100755 --- a/jails/config/ibm/create_tuns.sh +++ b/jails/config/ibm/create_tuns.sh @@ -1,3 +1,5 @@ +#!/bin/sh +# # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,9 +8,6 @@ # # -#!/bin/sh -# - ifconfig tun181 create #ifconfig bridge1 addm tap181 up #ifconfig tap181 up diff --git a/jails/config/ibm/ibm.sh b/jails/config/ibm/ibm.sh index 327966d..90b69dc 100755 --- a/jails/config/ibm/ibm.sh +++ b/jails/config/ibm/ibm.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./ibm.sh under tmux ifconfig tun186 create diff --git a/jails/config/ibm/startemu.sh b/jails/config/ibm/startemu.sh index 846138e..b2d085f 100755 --- a/jails/config/ibm/startemu.sh +++ b/jails/config/ibm/startemu.sh @@ -1,3 +1,5 @@ +#!/bin/sh +# # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh -# session="emu_tmux" # set up tmux diff --git a/jails/config/plex/plexconnect b/jails/config/plex/plexconnect index 5f1eb4b..c5eadad 100755 --- a/jails/config/plex/plexconnect +++ b/jails/config/plex/plexconnect @@ -1,3 +1,5 @@ +#!/bin/sh +# # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh -# # PROVIDE: plexconnect # REQUIRE: DAEMON # KEYWORD: shutdown diff --git a/jails/config/test/.keep b/jails/config/test/.keep deleted file mode 100644 index e69de29..0000000 diff --git a/jails/config/vm/create_taps.sh b/jails/config/vm/create_taps.sh index bd4aec6..94c50e7 100755 --- a/jails/config/vm/create_taps.sh +++ b/jails/config/vm/create_taps.sh @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,9 +8,6 @@ # # -#!/bin/sh -# - ifconfig tap81 create ifconfig bridge1 addm tap81 up ifconfig tap81 up diff --git a/jails/config/vm/freebsd.sh b/jails/config/vm/freebsd.sh index 259bcca..575a8d5 100755 --- a/jails/config/vm/freebsd.sh +++ b/jails/config/vm/freebsd.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./freebsd.sh under tmux # clean cached state diff --git a/jails/config/vm/pbx.sh b/jails/config/vm/pbx.sh index aa99c67..2abb563 100755 --- a/jails/config/vm/pbx.sh +++ b/jails/config/vm/pbx.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./pbx.sh under tmux # clean cached state diff --git a/jails/config/vm/r-windows.sh b/jails/config/vm/r-windows.sh index dd2bb11..53b6042 100755 --- a/jails/config/vm/r-windows.sh +++ b/jails/config/vm/r-windows.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./r-windows.sh under tmux # clean cached state diff --git a/jails/config/vm/startvms.sh b/jails/config/vm/startvms.sh index 293dd47..f1f4252 100755 --- a/jails/config/vm/startvms.sh +++ b/jails/config/vm/startvms.sh @@ -1,3 +1,5 @@ +#!/bin/sh + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,8 +8,6 @@ # # -#!/bin/sh -# session="vm_tmux" # set up tmux diff --git a/jails/config/vm/ubuntu.sh b/jails/config/vm/ubuntu.sh index 09153ff..d06b62b 100755 --- a/jails/config/vm/ubuntu.sh +++ b/jails/config/vm/ubuntu.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./ubuntu.sh under tmux # clean cached state diff --git a/jails/config/vm/w2019.sh b/jails/config/vm/w2019.sh index 0253ef9..2bea793 100755 --- a/jails/config/vm/w2019.sh +++ b/jails/config/vm/w2019.sh @@ -1,3 +1,5 @@ +#!/usr/local/bin/bash + # Copyright (c) 2018-2020, diyIT.org # All rights reserved. # @@ -6,7 +8,6 @@ # # -#!/usr/local/bin/bash # ./w2019.sh under tmux # clean cached state diff --git a/jails/create.sh b/jails/create.sh index 9526726..5c34f98 100755 --- a/jails/create.sh +++ b/jails/create.sh @@ -99,6 +99,7 @@ iocage exec $JAIL "[ -f /mnt/config/nanorc ] && cp /mnt/config/nanorc /usr/local iocage exec $JAIL "cp -r /mnt/common/nano /usr/local/etc/" #iocage exec $JAIL "passwd root" +iocage exec $JAIL "chsh -s /usr/sbin/nologin toor" iocage exec $JAIL "pw usermod -n root -s /usr/local/bin/bash -c jail-$JAIL" iocage exec $JAIL "[ -f /mnt/config/.bash_profile ] && cp /mnt/config/.bash_profile /root/ || cp /mnt/common/.bash_profile /root/" diff --git a/jails/update.sh b/jails/update.sh index 1925f3f..67c0245 100755 --- a/jails/update.sh +++ b/jails/update.sh @@ -27,7 +27,8 @@ update_jail () iocage update $JAIL iocage exec $JAIL "pkg upgrade -f -y" - iocage exec $JAIL "mergemaster" + iocage exec $JAIL "rm -rf /var/tmp/temproot*" + iocage exec $JAIL "mergemaster -a" iocage exec $JAIL "freebsd-version"