From 098995539d1c11fbb8091263eeb25dd91badad1e Mon Sep 17 00:00:00 2001
From: David Wilson <dw@botanicus.net>
Date: Fri, 27 Apr 2018 06:21:10 +0100
Subject: [PATCH] ansible: implement FreeBSD jail support.

---
 ansible_mitogen/connection.py                 | 17 ++++++
 .../plugins/connection/mitogen_jail.py        | 56 +++++++++++++++++++
 ansible_mitogen/strategy.py                   |  2 +-
 docs/ansible.rst                              | 25 +++++----
 4 files changed, 89 insertions(+), 11 deletions(-)
 create mode 100644 ansible_mitogen/plugins/connection/mitogen_jail.py

diff --git a/ansible_mitogen/connection.py b/ansible_mitogen/connection.py
index 70b4aae9..761eb8ea 100644
--- a/ansible_mitogen/connection.py
+++ b/ansible_mitogen/connection.py
@@ -88,6 +88,18 @@ def _connect_docker(spec):
     }
 
 
+def _connect_jail(spec):
+    return {
+        'method': 'jail',
+        'kwargs': {
+            'username': spec['remote_user'],
+            'container': spec['remote_addr'],
+            'python_path': spec['python_path'],
+            'connect_timeout': spec['ansible_ssh_timeout'] or spec['timeout'],
+        }
+    }
+
+
 def _connect_lxc(spec):
     return {
         'method': 'lxc',
@@ -115,6 +127,7 @@ def _connect_sudo(spec):
 
 CONNECTION_METHOD = {
     'docker': _connect_docker,
+    'jail': _connect_jail,
     'local': _connect_local,
     'lxc': _connect_lxc,
     'lxd': _connect_lxc,
@@ -515,3 +528,7 @@ class LxcConnection(Connection):
 
 class LxdConnection(Connection):
     transport = 'lxd'
+
+
+class JailConnection(Connection):
+    transport = 'jail'
diff --git a/ansible_mitogen/plugins/connection/mitogen_jail.py b/ansible_mitogen/plugins/connection/mitogen_jail.py
new file mode 100644
index 00000000..24fcb91f
--- /dev/null
+++ b/ansible_mitogen/plugins/connection/mitogen_jail.py
@@ -0,0 +1,56 @@
+# Copyright 2017, David Wilson
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# 3. Neither the name of the copyright holder nor the names of its contributors
+# may be used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+import os.path
+import sys
+
+#
+# This is not the real Connection implementation module, it simply exists as a
+# proxy to the real module, which is loaded using Python's regular import
+# mechanism, to prevent Ansible's PluginLoader from making up a fake name that
+# results in ansible_mitogen plugin modules being loaded twice: once by
+# PluginLoader with a name like "ansible.plugins.connection.mitogen", which is
+# stuffed into sys.modules even though attempting to import it will trigger an
+# ImportError, and once under its canonical name, "ansible_mitogen.connection".
+#
+# Therefore we have a proxy module that imports it under the real name, and
+# sets up the duff PluginLoader-imported module to just contain objects from
+# the real module, so duplicate types don't exist in memory, and things like
+# debuggers and isinstance() work predictably.
+#
+
+try:
+    import ansible_mitogen
+except ImportError:
+    base_dir = os.path.dirname(__file__)
+    sys.path.insert(0, os.path.abspath(os.path.join(base_dir, '../../..')))
+    del base_dir
+
+from ansible_mitogen.connection import JailConnection as Connection
+del os
+del sys
diff --git a/ansible_mitogen/strategy.py b/ansible_mitogen/strategy.py
index 05febb85..44d08566 100644
--- a/ansible_mitogen/strategy.py
+++ b/ansible_mitogen/strategy.py
@@ -68,7 +68,7 @@ def wrap_connection_loader__get(name, play_context, new_stdin, **kwargs):
     'mitogen' connection type, passing the original transport name into it as
     an argument, so that it can emulate the original type.
     """
-    if name in ('ssh', 'local', 'docker', 'lxc', 'lxd'):
+    if name in ('ssh', 'local', 'docker', 'lxc', 'lxd', 'jail'):
         name = 'mitogen_' + name
     return connection_loader__get(name, play_context, new_stdin, **kwargs)
 
diff --git a/docs/ansible.rst b/docs/ansible.rst
index ebd3846a..47342a60 100644
--- a/docs/ansible.rst
+++ b/docs/ansible.rst
@@ -116,8 +116,8 @@ Noteworthy Differences
 * The ``sudo`` become method is available and ``su`` is planned. File bugs to
   register interest in additional methods.
 
-* The ``docker``, ``local``, ``lxc`` and ``ssh`` connection types are
-  available, with more planned. File bugs to register interest.
+* The ``docker``, ``jail``, ``local``, ``lxc``, ``lxd`` and ``ssh`` connection
+  types are available, with more planned. File bugs to register interest.
 
 * Local commands execute in a reuseable interpreter created identically to
   interpreters on targets. Presently one interpreter per ``become_user``
@@ -467,24 +467,29 @@ Sudo
 Docker
 ~~~~~~
 
-Docker support is fairly new, expect increased surprises for now.
-
-* ``ansible_host``: Name of Docker container.
+* ``ansible_host``: Name of Docker container (default: inventory hostname).
 * ``ansible_user``: Name of user within the container to execute as.
 
 
+FreeBSD Jails
+~~~~~~~~~~~~~
+
+* ``ansible_host``: Name of Jail container (default: inventory hostname).
+* ``ansible_user``: Name of user within the jail to execute as.
+
+
 LXC
 ~~~
 
-LXC support is fairly new, expect increased surprises for now. Both ``lxc`` and
-``lxd`` connection plug-ins are hijacked, however the resulting implementation
-always uses the ``lxc-attach`` command line tool rather than th LXC Python
-bindings.
+Both ``lxc`` and ``lxd`` connection plug-ins are hijacked, however the
+resulting implementation always uses the ``lxc-attach`` command line tool
+rather than the LXC Python bindings, as is usual with the Ansible ``lxd``
+plug-in.
 
 Consequently the ``lxc-attach`` command is required to be available on the host
 machine.
 
-* ``ansible_host``: Name of LXC container.
+* ``ansible_host``: Name of LXC container (default: inventory hostname).
 
 
 Debugging