diff options
| author | Yuce Tekol <yucetekol@gmail.com> | 2019-05-05 08:52:05 +0300 |
|---|---|---|
| committer | Yuce Tekol <yucetekol@gmail.com> | 2019-05-05 08:52:05 +0300 |
| commit | 62068009edddfc54c5588f6894233bf8bbfa4f44 (patch) | |
| tree | 2ac936290a1dd39f38272ef6a190b313ea7cedde /openbsd/__init__.py | |
| parent | 255eb665172640f2315ca7e18d64c95927c6620a (diff) | |
| download | pyopenbsd-62068009edddfc54c5588f6894233bf8bbfa4f44.tar.gz | |
added doc strings
Diffstat (limited to 'openbsd/__init__.py')
| -rw-r--r-- | openbsd/__init__.py | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/openbsd/__init__.py b/openbsd/__init__.py index a688661..e73753b 100644 --- a/openbsd/__init__.py +++ b/openbsd/__init__.py @@ -9,6 +9,14 @@ _ffi = FFI() def pledge(promises=None, execpromises=None): + """Restrict system operations. + + `promises` is a space separated string or binary of promises or `None` for no restrictions. + `execpromises` has the same format as `promises` and contains promises when runing other binaries using `execve`, etc. + + See: https://man.openbsd.org/pledge.2 for more information. + """ + promises = _ffi.NULL if promises is None else _encode(promises) execpromises = _ffi.NULL if execpromises is None else _encode(execpromises) ret = _lib.pledge(promises, execpromises) @@ -18,6 +26,18 @@ def pledge(promises=None, execpromises=None): def unveil(path=None, permissions=None): + """Unveil parts of a restricted filesystem view. + + `path` may be a string or a binary. + `permissions` should be a combination of: + * `r`: Make path available for read operations. + * `w`: Make path available for write operations. + * `x`: Make path available for execute operations. + * `c`: Allow path to be created and removed. + + See: https://man.openbsd.org/unveil.2 for more information. + """ + path = _ffi.NULL if path is None else _encode(path) permissions = _ffi.NULL if permissions is None else _encode(permissions) ret = _lib.unveil(path, permissions) |