Add --unprivileged flag for rootless operation using user namespaces + iptables

- Implements user namespace + iptables for comprehensive TCP interception
- Provides identical traffic coverage to privileged mode
- Requires zero elevated privileges (no sudo needed)
- Maintains full backward compatibility
- Linux-only feature with proper validation and error messages

Resolves: Need for rootless operation in restricted environments

Author: blink-so[bot]

README.md

@@ -50,6 +50,35 @@ jail \
 jail -- curl https://example.com
 ```
 
+### Unprivileged Mode (NEW!)
+
+jail now supports running without elevated privileges using the `--unprivileged` flag:
+
+```bash
+# No sudo required!
+jail --unprivileged --allow "github.com" -- curl https://github.com
+
+# Works with complex applications
+jail --unprivileged --allow "*.npmjs.org" -- npm install
+
+# Same rule engine and proxy functionality as privileged mode
+jail --unprivileged --allow "api.example.com" -- ./my-app
+```
+
+**Requirements for Unprivileged Mode:**
+- Linux with user namespace support (kernel 3.8+)
+- User namespaces enabled: `sudo sysctl -w kernel.unprivileged_userns_clone=1`
+- Standard tools: `unshare`, `nsenter`, `iptables`, `ip`
+  ```bash
+  sudo apt-get install util-linux iptables iproute2
+  ```
+
+**Benefits:**
+- ✅ **No sudo required** - Runs as regular user
+- ✅ **Same traffic coverage** - Intercepts ALL TCP traffic (ports 1-65535)
+- ✅ **Container-friendly** - Works in restricted environments
+- ✅ **Identical functionality** - Same rule engine, proxy, and TLS features
+
 ## Allow Rules
 
 jail uses simple wildcard patterns for URL matching.
@@ -121,10 +150,11 @@ For more help: https://github.com/coder/jail
 ## Platform Support
 
 | Platform | Implementation | Sudo Required |
-|----------|----------------|---------------|
-| Linux    | Network namespaces + iptables | Yes |
-| macOS    | Process groups + PF rules | Yes |
-| Windows  | Not supported | - |
+|----------|----------------|--------------|
+| Linux | Network namespaces + iptables | Yes |
+| **Linux (Unprivileged)** | **User namespaces + iptables** | **No** |
+| macOS | Process groups + PF rules | Yes |
+| Windows | Not supported | - |
 
 ## Installation
 
@@ -174,6 +204,7 @@ OPTIONS:
     --allow <SPEC>             Allow rule (repeatable)
                                Format: "pattern" or "METHOD[,METHOD] pattern"
     --log-level <LEVEL>        Set log level (error, warn, info, debug)
+    --unprivileged             Use unprivileged mode (no sudo required, Linux only)
     --no-tls-intercept         Disable HTTPS interception
     -h, --help                 Print help
 ```

cli/cli.go

@@ -5,9 +5,11 @@ import (
 	"fmt"
 	"log/slog"
 	"os"
+	"os/exec"
 	"os/signal"
 	"os/user"
 	"path/filepath"
+	"runtime"
 	"strconv"
 	"strings"
 	"syscall"
@@ -24,6 +26,7 @@ import (
 type Config struct {
 	AllowStrings []string
 	LogLevel     string
+	Unprivileged bool // Enable unprivileged mode (user namespace + iptables)
 }
 
 // NewCommand creates and returns the root serpent command
@@ -37,14 +40,22 @@ func NewCommand() *serpent.Command {
 intercepting all HTTP/HTTPS traffic through a transparent proxy that enforces
 user-defined rules.
 
+Modes:
+  Default (privileged): Uses network namespaces + iptables (requires sudo)
+  Unprivileged: Uses user namespaces + iptables (no sudo required)
+
 Examples:
-  # Allow only requests to github.com
-  jail --allow "github.com" -- curl https://github.com
+  # Privileged mode (original behavior)
+  sudo jail --allow "github.com" -- curl https://github.com
+
+  # Unprivileged mode (NEW!)
+  jail --unprivileged --allow "github.com" -- curl https://github.com
 
-  # Monitor all requests to specific domains (allow only those)
-  jail --allow "github.com/api/issues/*" --allow "GET,HEAD github.com" -- npm install
+  # Monitor all requests to specific domains
+  jail --unprivileged --allow "github.com/api/issues/*" --allow "GET,HEAD github.com" -- npm install
 
-  # Block everything by default (implicit)`,
+  # Block everything by default (implicit)
+  jail --unprivileged --allow "api.example.com" -- ./my-app`,
 		Options: serpent.OptionSet{
 			{
 				Name:        "allow",
@@ -61,6 +72,13 @@ Examples:
 				Default:     "warn",
 				Value:       serpent.StringOf(&config.LogLevel),
 			},
+			{
+				Name:        "unprivileged",
+				Flag:        "unprivileged",
+				Env:         "JAIL_UNPRIVILEGED",
+				Description: "Use unprivileged mode (user namespace + iptables, no sudo required, Linux only).",
+				Value:       serpent.BoolOf(&config.Unprivileged),
+			},
 		},
 		Handler: func(inv *serpent.Invocation) error {
 			return Run(inv.Context(), config, inv.Args)
@@ -75,6 +93,16 @@ func Run(ctx context.Context, config Config, args []string) error {
 	logger := setupLogging(config.LogLevel)
 	userInfo := getUserInfo()
 
+	// Validate unprivileged mode if requested
+	if config.Unprivileged {
+		if err := validateUnprivilegedMode(logger); err != nil {
+			return fmt.Errorf("unprivileged mode validation failed: %v", err)
+		}
+		logger.Info("Using unprivileged mode (user namespace + iptables, no sudo required)")
+	} else {
+		logger.Info("Using privileged mode (network namespace + iptables, requires sudo)")
+	}
+
 	// Get command arguments
 	if len(args) == 0 {
 		return fmt.Errorf("no command specified")
@@ -109,12 +137,26 @@ func Run(ctx context.Context, config Config, args []string) error {
 	}
 
 	// Create jail instance
-	jailInstance, err := jail.New(ctx, jail.Config{
-		RuleEngine:  ruleEngine,
-		Auditor:     auditor,
-		CertManager: certManager,
-		Logger:      logger,
-	})
+	var jailInstance JailInterface
+	if config.Unprivileged {
+		// Use enhanced jail with unprivileged mode
+		enhancedConfig := jail.EnhancedConfig{
+			RuleEngine:   ruleEngine,
+			Auditor:      auditor,
+			CertManager:  certManager,
+			Logger:       logger,
+			Unprivileged: true,
+		}
+		jailInstance, err = jail.NewEnhanced(ctx, enhancedConfig)
+	} else {
+		// Use regular jail (privileged mode)
+		jailInstance, err = jail.New(ctx, jail.Config{
+			RuleEngine:  ruleEngine,
+			Auditor:     auditor,
+			CertManager: certManager,
+			Logger:      logger,
+		})
+	}
 	if err != nil {
 		return fmt.Errorf("failed to create jail instance: %v", err)
 	}
@@ -255,3 +297,39 @@ func getConfigDir(homeDir string) string {
 	}
 	return filepath.Join(homeDir, ".config", "coder_jail")
 }
+
+// JailInterface defines the common interface for both jail types
+type JailInterface interface {
+	Start() error
+	Command(command []string) *exec.Cmd
+	Close() error
+}
+
+// validateUnprivilegedMode checks if the system supports unprivileged mode
+func validateUnprivilegedMode(logger *slog.Logger) error {
+	// Check if we're on Linux
+	if runtime.GOOS != "linux" {
+		return fmt.Errorf("unprivileged mode only supports Linux, got: %s", runtime.GOOS)
+	}
+
+	// Check if user namespaces are enabled
+	userNSFile := "/proc/sys/kernel/unprivileged_userns_clone"
+	if data, err := os.ReadFile(userNSFile); err == nil {
+		if len(data) > 0 && strings.TrimSpace(string(data)) != "1" {
+			return fmt.Errorf("user namespaces are disabled. Enable with: sudo sysctl -w kernel.unprivileged_userns_clone=1")
+		}
+	} else {
+		logger.Warn("Could not check user namespace support", "error", err)
+	}
+
+	// Check for required tools
+	requiredTools := []string{"unshare", "nsenter", "iptables", "ip"}
+	for _, tool := range requiredTools {
+		if _, err := exec.LookPath(tool); err != nil {
+			return fmt.Errorf("required tool %s not found. Install with: sudo apt-get install util-linux iptables iproute2", tool)
+		}
+	}
+
+	logger.Debug("Unprivileged mode validation passed")
+	return nil
+}

jail

@@ -22,6 +22,15 @@ type Config struct {
 	Logger      *slog.Logger
 }
 
+// EnhancedConfig extends Config with unprivileged mode support
+type EnhancedConfig struct {
+	RuleEngine   rules.Evaluator
+	Auditor      audit.Auditor
+	CertManager  tls.Manager
+	Logger       *slog.Logger
+	Unprivileged bool // If true, use user namespace instead of privileged namespaces
+}
+
 type Jail struct {
 	commander   namespace.Commander
 	proxyServer *proxy.Server
@@ -79,6 +88,61 @@ func New(ctx context.Context, config Config) (*Jail, error) {
 	}, nil
 }
 
+// NewEnhanced creates a jail that can run in either privileged or unprivileged mode
+func NewEnhanced(ctx context.Context, config EnhancedConfig) (*Jail, error) {
+	config.Logger.Debug("Creating enhanced jail", "unprivileged", config.Unprivileged)
+
+	// Validate platform support for unprivileged mode
+	if config.Unprivileged && runtime.GOOS != "linux" {
+		return nil, fmt.Errorf("unprivileged mode only supports Linux, got: %s", runtime.GOOS)
+	}
+
+	// Setup TLS config and write CA certificate to file
+	tlsConfig, caCertPath, configDir, err := config.CertManager.SetupTLSAndWriteCACert()
+	if err != nil {
+		return nil, fmt.Errorf("failed to setup TLS and CA certificate: %v", err)
+	}
+
+	// Create proxy server
+	proxyServer := proxy.NewProxyServer(proxy.Config{
+		HTTPPort:   8080,
+		HTTPSPort:  8443,
+		Auditor:    config.Auditor,
+		RuleEngine: config.RuleEngine,
+		Logger:     config.Logger,
+		TLSConfig:  tlsConfig,
+	})
+
+	// Create appropriate commander based on configuration
+	commander, err := newEnhancedNamespaceCommander(namespace.Config{
+		Logger:         config.Logger,
+		HttpProxyPort:  8080,
+		HttpsProxyPort: 8443,
+		Env: map[string]string{
+			"SSL_CERT_FILE":       caCertPath,
+			"SSL_CERT_DIR":        configDir,
+			"CURL_CA_BUNDLE":      caCertPath,
+			"GIT_SSL_CAINFO":      caCertPath,
+			"REQUESTS_CA_BUNDLE":  caCertPath,
+			"NODE_EXTRA_CA_CERTS": caCertPath,
+		},
+	}, config.Unprivileged)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create commander: %v", err)
+	}
+
+	// Create cancellable context for jail
+	ctx, cancel := context.WithCancel(ctx)
+
+	return &Jail{
+		commander:   commander,
+		proxyServer: proxyServer,
+		logger:      config.Logger,
+		ctx:         ctx,
+		cancel:      cancel,
+	}, nil
+}
+
 func (j *Jail) Start() error {
 	// Open the command executor (network namespace)
 	err := j.commander.Start()
@@ -128,3 +192,22 @@ func newNamespaceCommander(config namespace.Config) (namespace.Commander, error)
 		return nil, fmt.Errorf("unsupported platform: %s", runtime.GOOS)
 	}
 }
+
+// newEnhancedNamespaceCommander creates the appropriate commander based on mode and platform
+func newEnhancedNamespaceCommander(config namespace.Config, unprivileged bool) (namespace.Commander, error) {
+	switch runtime.GOOS {
+	case "darwin":
+		if unprivileged {
+			return nil, fmt.Errorf("unprivileged mode not available on macOS")
+		}
+		return namespace.NewMacOS(config)
+	case "linux":
+		if unprivileged {
+			return namespace.NewUserNamespaceLinux(config)
+		} else {
+			return namespace.NewLinux(config)
+		}
+	default:
+		return nil, fmt.Errorf("unsupported platform: %s", runtime.GOOS)
+	}
+}