Prepare for FreeBSD sandboxing support

This is the utility changes from #9968, which were easier to rebase
first.

I (@Ericson2314) didn't write this code; I just rebased it.

Co-Authored-By: Artemis Tosini <me@artem.ist>
Co-Authored-By: Audrey Dutcher <audrey@rhelmot.io>

src/libutil/freebsd/freebsd-jail.cc

@@ -0,0 +1,52 @@
+#ifdef __FreeBSD__
+#  include "nix/util/freebsd-jail.hh"
+
+#  include <sys/resource.h>
+#  include <sys/param.h>
+#  include <sys/jail.h>
+#  include <sys/mount.h>
+
+#  include "nix/util/error.hh"
+#  include "nix/util/util.hh"
+
+namespace nix {
+
+AutoRemoveJail::AutoRemoveJail()
+    : del{false}
+{
+}
+
+AutoRemoveJail::AutoRemoveJail(int jid)
+    : jid(jid)
+    , del(true)
+{
+}
+
+AutoRemoveJail::~AutoRemoveJail()
+{
+    try {
+        if (del) {
+            if (jail_remove(jid) < 0) {
+                throw SysError("Failed to remove jail %1%", jid);
+            }
+        }
+    } catch (...) {
+        ignoreExceptionInDestructor();
+    }
+}
+
+void AutoRemoveJail::cancel()
+{
+    del = false;
+}
+
+void AutoRemoveJail::reset(int j)
+{
+    del = true;
+    jid = j;
+}
+
+//////////////////////////////////////////////////////////////////////
+
+}
+#endif

src/libutil/freebsd/include/nix/util/freebsd-jail.hh

@@ -0,0 +1,20 @@
+#pragma once
+///@file
+
+#include "nix/util/types.hh"
+
+namespace nix {
+
+class AutoRemoveJail
+{
+    int jid;
+    bool del;
+public:
+    AutoRemoveJail(int jid);
+    AutoRemoveJail();
+    ~AutoRemoveJail();
+    void cancel();
+    void reset(int j);
+};
+
+}

src/libutil/freebsd/include/nix/util/meson.build

@@ -0,0 +1,7 @@
+# Public headers directory
+
+include_dirs += include_directories('../..')
+
+headers += files(
+  'freebsd-jail.hh',
+)

src/libutil/freebsd/meson.build

@@ -0,0 +1,5 @@
+sources += files(
+  'freebsd-jail.cc',
+)
+
+subdir('include/nix/util')