diff options
| author | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-06-09 15:27:17 +0100 |
|---|---|---|
| committer | Sam Thursfield <sam.thursfield@codethink.co.uk> | 2015-06-09 15:27:17 +0100 |
| commit | 2e588565656d82689fed541a690d2c9a2e545dc1 (patch) | |
| tree | 507000bfc47d868b2848a84d659c0c73d4d5d72c /sandboxlib/__init__.py | |
| parent | b814d929ffba615faab7e7cbd09ecb4a01e2f50c (diff) | |
| parent | e961f82127860d8efd3cfd9aa10f2cd4820d74f6 (diff) | |
| download | sandboxlib-0.3.0.tar.gz | |
Merge branch '0.3.0'0.3.0
Diffstat (limited to 'sandboxlib/__init__.py')
| -rw-r--r-- | sandboxlib/__init__.py | 34 |
1 files changed, 11 insertions, 23 deletions
diff --git a/sandboxlib/__init__.py b/sandboxlib/__init__.py index c568357..8179d72 100644 --- a/sandboxlib/__init__.py +++ b/sandboxlib/__init__.py @@ -33,30 +33,18 @@ class ProgramNotFound(Exception): pass -def maximum_possible_isolation(): - '''Describe the 'tightest' isolation possible with a specific backend. +def degrade_config_for_capabilities(in_config, warn=True): + '''Alter settings in 'in_config' that a given backend doesn't support. - This function returns a dict, with the following keys: + This function is provided for users who want to be flexible about which + sandbox implementation they use, and who don't mind if not all of the + isolation that they requested is actually possible. - - mounts - - network + This is not a general purpose 'check your config' function. Any unexpected + keys or values in ``in_config`` will just be ignored. - Each key maps to a parameter of the run_sandbox() function, and each - value is a valid value for that parameter. - - Example result: - - { - 'mounts': 'undefined' - 'network': 'isolated' - } - - You can pass the result directly to a run_sandbox() function directly, - using the `**` operator to turn it into keyword arguments as in the - following example: - - isolation_settings = maximum_possible_isolation() - run_sandbox(root_path, ['echo', 'hello'], **isolation_settings) + If 'warn' is True, each change the function makes is logged using + warnings.warn(). ''' raise NotImplementedError() @@ -135,14 +123,14 @@ def run_sandbox_with_redirection(command, **sandbox_config): raise NotImplementedError() -def sandbox_module_for_platform(): +def executor_for_platform(): '''Returns an execution module that will work on the current platform.''' log = logging.getLogger("sandboxlib") backend = None - if platform.uname() == 'Linux': + if platform.uname()[0] == 'Linux': log.info("Linux detected, looking for 'linux-user-chroot'.") try: program = sandboxlib.linux_user_chroot.linux_user_chroot_program() |