py-jail
A native Python wrapper for FreeBSD jails using libc.
Usage
jail_set
>>> import jail
>>> jiov = jail.Jiov(dict(persist=None, jid=23, path="/rescue"))
>>> jail.dll.jail_set(jiov.pointer, len(jiov), 1)
23jail_remove
>>> import jail
>>> jiov = jail.Jiov(dict(persist=None, jid=23, path="/rescue"))
>>> jail.dll.jail_remove(23)
-1
>>> jail.dll.jail_set(jiov.pointer, len(jiov), 1)
23
>>> jail.dll.jail_set(jiov.pointer, len(jiov), 1)
-1
>>> jiov.errmsg.value
b'jail 23 already exists'
>>> jail.dll.jail_remove(23)
0
>>> jail.dll.jail_set(jiov.pointer, len(jiov), 1)
23Parameters
Networking
Non-VNET jails accept ip.addr and ip6.addr params.
Those can be defined from Python ipaddress.IPv4Address and ipaddress.IPv6Address.
ifconfig bridge create inet 192.168.1.42/24 inet6 add 2001:db8:10C::42/64import ipaddress
import jail
jiov = jail.Jiov({
"persist": None,
"jid": 23,
"path": "/rescue",
"ip4.addr": ipaddress.IPv4Address("192.168.1.42")
"ip6.addr": ipaddress.IPv6Address("2001:db8:10C::42")
})
jail.dll.jail_set(jiov.pointer, len(jiov), 1)Development
Unit Tests
Unit tests may run on FreeBSD or HardenedBSD.
Static Code Analysis
The project enforces PEP-8 code style and MyPy strong typing via flake8, that is required to pass before merging any changes. Together with Bandit checks for common security issues the static code analysis can be ran on Linux and BSD code execution.
make install-dev
make check
Releases
We try to manually keep a Changelog, following the style on changelog.md. New releases are tagged according to Semver, released on PyPi, and published as port.
To get a port published, we need to create a Bugzilla Issue in the Ports category
