NAME

quickjail, quickshell — Utility to spawn transient single-command jails

SYNOPSIS

DESCRIPTION

The quickjail command is used to create transient single-command jails in a reasonably secure manner.

The key advantage to quickjail over jail(8) is the model that quickjail uses to execute command. quickjail will fork and execute command in a non-persistent jail, while jail(8) will mark the jail as persistent and remove the jail when the child process is gone. For some use-cases, this behavior is not ideal as it may potentially leave the jail behind depending on how the child command exits.

If a path param is specified to quickjail, then quickjail will chdir(2) to this path before creating the jail with the same path.

An optional flag, -c, is allowed if specified before any other parameters. The -c flag is otherwise ignored. This allows quickjail to maintain an interface compatible with jail(8) for the purposes of other tools, like bectl(8).

The quickshell command is a simplified interface to quickjail specifically for running a shell in the alien path. It defaults to sh(1), but that may be overridden by the QUICKSHELL environment variable.

If the -s argument is supplied to quickshell, then it will use the SHELL environment variable instead of QUICKSHELL.

quickshell explicitly does not use the user's current shell because it is assumed that the path we are creating a jail at does not have the user's current shell. This is the common case for the author of quickshell.

EXAMPLES

quickjail path=/mnt command=/bin/sh

quickjail name=qemu0 path=/mnt command=/bin/sh

quickshell /mnt

SEE ALSO

jail(8)

HISTORY

quickjail was a quick-and-dirty hack to facilitate the author's testing of qemu usermode emulation.

AUTHORS

quickjail was written by Kyle Evans <kevans@FreeBSD.org>.