Re: Using the jail Module with (Base-)Lua on FreeBSD

Reply: Alex Arslan : "Re: Using the jail Module with (Base-)Lua on FreeBSD"
In reply to: Matthias Petermann : "Using the jail Module with (Base-)Lua on FreeBSD"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Dave Cottlehuber <dch_at_skunkwerks.at>
Date: Sun, 29 Dec 2024 22:13:59 UTC

On Sun, 29 Dec 2024, at 11:26, Matthias Petermann wrote:
> Dear FreeBSD Community,
>
> I am currently working on a FreeBSD system where I am managing multiple 
> Jails using Bastille. Here's a snapshot of the active Jails for context:
>
> ```
> user@microserver:~ $ jls
>     JID  IP Address      Hostname                      Path
>       1  10.0.0.1        dns /usr/local/bastille/jails/dns/root
>       2  10.0.0.10       redmine /usr/local/bastille/jails/redmine/root
>       ... (truncated for brevity) ...
>      63  10.0.0.18       webproxy /usr/local/bastille/jails/webproxy/root
> ```
>
> I attempted to use the jail module with Lua (via /usr/libexec/flua), but 
> I encountered issues when trying to load or interact with it. Below are 
> the steps and results:
>
> ```
> user@microserver:~ $ /usr/libexec/flua
> Lua 5.4.6  Copyright (C) 1994-2023 Lua.org, PUC-Rio
>> package.cpath
> /usr/lib/flua/?.so;/usr/lib/flua/loadall.so;./?.so
>> local jail = require("jail")
>> print(jail)
> nil
>> jail.list()
> stdin:1: attempt to index a nil value (global 'jail')
> stack traceback:
>          stdin:1: in main chunk
>          [C]: in ?
>> local path = package.searchpath("jail", package.path)
>> print(path)
> nil
>> local path = package.searchpath("jail", package.cpath)
>> print(path)
> nil
> ```
>
> It seems that the jail module is not accessible through Lua’s require() 
> function, and package.searchpath doesn't locate it either in 
> package.path or package.cpath.
>
> Questions:
>
> - Is the jail module supposed to be available by default in 
> /usr/libexec/flua?

yes, but I had the same error you did during interactive flua,
it runs just fine from scripts. Perhaps somebody else can
explain the difference, and if the jail module can be used from
plain lua in ports or not.

> - If not, what are the steps to install or enable it?

https://gist.github.com/dch/ec05fa084a58040d4d5760447cd31d0d has a couple of examples in it.

$./jls.lua | column -t
1    100.64.66.115   ci           ci                        /jails/instances/14.2-RELEASE-amd64-amd64/ci
2    100.64.24.38    jenkins      jenkins                   /jails/instances/14.2-RELEASE-amd64-amd64/jenkins
3    100.64.0.3      couchdb      couchdb                   /jails/instances/14.2-RELEASE-amd64-amd64/couchdb
...
147  100.64.146.97   zonemaster   zonemaster.skunkwerks.at  /jails/instances/14.2-RELEASE-amd64-amd64/zonemaster

I'm not an idiomatic lua user, but the gist should be there.

`man 3lua jail` or https://man.freebsd.org/cgi/man.cgi?query=jail&sektion=3lua 
has docs, I did not find these easy to locate originally. See intro(3lua) as well.

A+
Dave