freebsd.cr

Crystal bindings for FreeBSD security primitives.

freebsd

Crystal bindings for FreeBSD.

  • freebsd/capsicumCapsicum kernel capability mode (cap_enter, fd rights, pdfork process descriptors). Use this alone when you only need sandboxing without the libcasper service framework.

  • freebsd/casperlibcasper services built on top of freebsd/capsicum: DNS, file, net, syslog, pwd/grp/sysctl. Lets a sandboxed process delegate privileged work to a trusted helper. Includes transparent integrations for Crystal's stdlib (Socket::Addrinfo, File, Log).

  • freebsd/nvlist — libnv encoder/decoder. Named-value lists used internally by libcasper and the FreeBSD kernel for structured data exchange.

  • freebsd/privdrop — privilege-drop helpers (setuid, setgid, setgroups, initgroups, chroot) with correct-ordering documentation and environment scrubbing. Use before entering capability mode to relinquish root cleanly.

  • freebsd/auditlibbsm / OpenBSM audit event writer. Lets Crystal applications emit structured BSM audit records to FreeBSD's audit subsystem. Event types are mapped directly from OCSF class UIDs (bsm = ocsf_uid + 40000), with per-class activity enums and a write_activity API that resolves the event class automatically from the activity value.

Platform: FreeBSD primary, DragonFlyBSD best-effort. On other platforms the shard compiles cleanly but any call raises UnsupportedPlatformError.

Installation

Add to shard.yml:

dependencies:
  freebsd:
    github: threez/freebsd.cr

then shards install.

Sub-libraries

See each sub-library's README for full API documentation and examples:

Development

shards install
crystal spec

On non-FreeBSD hosts most specs are marked pending. To exercise the real bindings, run the suite on a FreeBSD 14/15 host or VM (FreeBSD 15 is used in development; FreeBSD 14 is also supported).

Contributing

  1. Fork it (https://github.com/threez/freebsd.cr/fork)
  2. Create your feature branch (git checkout -b my-new-feature)
  3. Commit your changes (git commit -am 'Add some feature')
  4. Push to the branch (git push origin my-new-feature)
  5. Open a Pull Request

Contributors

Repository

freebsd.cr

Owner
Statistic
  • 0
  • 0
  • 0
  • 0
  • 1
  • about 2 hours ago
  • May 20, 2026
License

MIT License

Links
Synced at

Wed, 20 May 2026 18:27:18 GMT

Languages
Crystal 99.86% Makefile 0.14%