Add FreeBSD jail support.

docs/api.rst

@@ -704,7 +704,10 @@ Router Class
         Accepts all parameters accepted by :py:meth:`local`, in addition to:
 
         :param str container:
-            Existing container to connect to. Defaults to ``None``.
+            Existing container to connect to. Defaults to :data:`None`.
+        :param str username:
+            Username within the container to :func:`setuid` to. Defaults to
+            :data:`None`, which Docker interprets as ``root``.
         :param str image:
             Image tag to use to construct a temporary container. Defaults to
             ``None``.
@@ -712,6 +715,22 @@ Router Class
             Filename or complete path to the Docker binary. ``PATH`` will be
             searched if given as a filename. Defaults to ``docker``.
 
+    .. method:: jail (container, jexec_path=None, \**kwargs)
+
+        Construct a context on the local machine within a FreeBSD jail. The
+        ``jexec`` program must be available.
+
+        Accepts all parameters accepted by :py:meth:`local`, in addition to:
+
+        :param str container:
+            Existing container to connect to. Defaults to :data:`None`.
+        :param str username:
+            Username within the container to :func:`setuid` to. Defaults to
+            :data:`None`, which ``jexec`` interprets as ``root``.
+        :param str jexec_path:
+            Filename or complete path to the ``jexec`` binary. ``PATH`` will be
+            searched if given as a filename. Defaults to ``/usr/sbin/jexec``.
+
     .. method:: lxc (container, lxc_attach_path=None, \**kwargs)
 
         Construct a context on the local machine within an LXC container. The

mitogen/core.py

@@ -488,6 +488,7 @@ class Importer(object):
             'docker',
             'fakessh',
             'fork',
+            'jail',
             'lxc',
             'master',
             'parent',

mitogen/jail.py

@@ -0,0 +1,63 @@
+# Copyright 2017, David Wilson
+#
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions are met:
+#
+# 1. Redistributions of source code must retain the above copyright notice,
+# this list of conditions and the following disclaimer.
+#
+# 2. Redistributions in binary form must reproduce the above copyright notice,
+# this list of conditions and the following disclaimer in the documentation
+# and/or other materials provided with the distribution.
+#
+# 3. Neither the name of the copyright holder nor the names of its contributors
+# may be used to endorse or promote products derived from this software without
+# specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
+# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE
+# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
+# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+# POSSIBILITY OF SUCH DAMAGE.
+
+import logging
+
+import mitogen.core
+import mitogen.parent
+
+
+LOG = logging.getLogger(__name__)
+
+
+class Stream(mitogen.parent.Stream):
+    create_child_args = {
+        'merge_stdio': True
+    }
+
+    container = None
+    username = None
+    jexec_path = '/usr/sbin/jexec'
+
+    def construct(self, container, jexec_path=None, username=None, **kwargs):
+        super(Stream, self).construct(**kwargs)
+        self.container = container
+        self.username = username
+        if jexec_path:
+            self.jexec_path = jexec_path
+
+    def connect(self):
+        super(Stream, self).connect()
+        self.name = 'jail.' + self.container
+
+    def get_boot_command(self):
+        bits = [self.jexec_path]
+        if self.username:
+            bits += ['-U', self.username]
+        bits += [self.container]
+        return bits + super(Stream, self).get_boot_command()

mitogen/lxc.py

@@ -49,8 +49,7 @@ class Stream(mitogen.parent.Stream):
 
     def construct(self, container, lxc_attach_path=None, **kwargs):
         super(Stream, self).construct(**kwargs)
-        if container:
-            self.container = container
+        self.container = container
         if lxc_attach_path:
             self.lxc_attach_path = lxc_attach_apth
 

mitogen/parent.py

@@ -1008,24 +1008,27 @@ class Router(mitogen.core.Router):
         self._context_by_id[context.context_id] = context
         return context
 
-    def lxc(self, **kwargs):
-        return self.connect('lxc', **kwargs)
-
     def docker(self, **kwargs):
         return self.connect('docker', **kwargs)
 
-    def local(self, **kwargs):
-        return self.connect('local', **kwargs)
-
     def fork(self, **kwargs):
         return self.connect('fork', **kwargs)
 
-    def sudo(self, **kwargs):
-        return self.connect('sudo', **kwargs)
+    def jail(self, **kwargs):
+        return self.connect('jail', **kwargs)
+
+    def local(self, **kwargs):
+        return self.connect('local', **kwargs)
+
+    def lxc(self, **kwargs):
+        return self.connect('lxc', **kwargs)
 
     def ssh(self, **kwargs):
         return self.connect('ssh', **kwargs)
 
+    def sudo(self, **kwargs):
+        return self.connect('sudo', **kwargs)
+
 
 class ProcessMonitor(object):
     def __init__(self):