File¶
The File sandbox type can be used for sandboxing users to filesystem paths. It has one required parameter, path
, which is the path in the filesystem where the users will be sandboxed to.
On Windows, sandbox paths can point to other servers or shares using UNC paths. For example: \\server\\share\\directory
. Users’ crdentialls will be passed through to authenticate against \\server\\share
.
For convenience, File sandbox configuration can be simplified into just a path. See Simplified form example.
Configuration Options¶
- type
- Type of the sandbox. For File type, set to
File
. - path
- Path where user should be sandboxed.
- userName
- Username to use for authentication
- password
- Password to use for authentication
- Share to authenticate against.
Note
When specifying shareName
, the path
parameter must include the share name that Jetstream authenticates against. See Windows Shares With Specific Credentials example.
Placeholders¶
When specifying path
for system sandbox or global sandbox, placeholders can be used to represent dynamic values. The valid placeholders are:
Placeholder | Replaced with |
---|---|
%u |
Fsername |
%d |
Domain |
%f |
Full username [1] |
%% |
% |
[1] | Full username may include \ or @ . Platform dependent. |
Tip
Path placeholders are also supported in the simplified form.
Examples¶
Simplified form¶
To sandbox all users into /data
directory using the command line:
admin@server# jetstream server --sandbox-dir /data
The equivalent of the above example using the API:
> api.server.setSandboxMapping("", {"": "/data"})
The equivalent of the above examples using the full File notation would be:
> api.server.setSandboxMapping("", {"": { "type": "File", "path": "/data"}})
Placeholders¶
> api.server.setSandboxMapping("", {"": { "type": "File", "path": "/home/%u"}})