sandbox: move out of internal

Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-17 02:55:36 +09:00
parent 9ce4706a07
commit 24618ab9a1
37 changed files with 24 additions and 24 deletions
@@ -17,8 +17,8 @@ import (
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/app/shim"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/internal/sys"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 const shellPath = "/run/current-system/sw/bin/bash"
@@ -15,7 +15,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 func TestNew(t *testing.T) {
@@ -14,9 +14,9 @@ import (
 	"syscall"

 	"git.gensokyo.uk/security/fortify/helper"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/ldd"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 // Start launches the D-Bus proxy.
@@ -7,7 +7,7 @@ import (

 	"git.gensokyo.uk/security/fortify/helper/bwrap"
 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 func TestConfig_Args(t *testing.T) {
@@ -5,7 +5,7 @@ import (
 	"strconv"

 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 type SyscallPolicy struct {
@@ -9,7 +9,7 @@ import (
 	"sync"

 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 // New initialises a Helper instance with wt as the null-terminated argument writer.
@@ -10,7 +10,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 func TestContainer(t *testing.T) {
@@ -11,7 +11,7 @@ import (

 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 const (
@@ -16,7 +16,7 @@ import (
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 // everything beyond this point runs as unconstrained target user
@@ -13,7 +13,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper/proc"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 // used by the parent process
@@ -2,8 +2,8 @@ package internal

 import (
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 	"git.gensokyo.uk/security/fortify/system"
 )

@@ -15,7 +15,7 @@ import (
 	"git.gensokyo.uk/security/fortify/fst"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 // Std implements System using the standard library.
@@ -8,7 +8,7 @@ import (
 	"os/exec"
 	"time"

-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 const lddTimeout = 2 * time.Second
@@ -23,9 +23,9 @@ import (
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/app/shim"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/internal/state"
 	"git.gensokyo.uk/security/fortify/internal/sys"
+	"git.gensokyo.uk/security/fortify/sandbox"
 	"git.gensokyo.uk/security/fortify/system"
 )

@@ -13,7 +13,7 @@ import (
 	"syscall"
 	"time"

-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 type HardeningFlags uintptr
@@ -14,9 +14,9 @@ import (
 	"git.gensokyo.uk/security/fortify/fst"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/ldd"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 	check "git.gensokyo.uk/security/fortify/test/sandbox"
 )

@@ -4,7 +4,7 @@ import (
 	"os"
 	"testing"

-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )

 func TestExecutable(t *testing.T) {
@@ -13,7 +13,7 @@ import (
 	"syscall"
 	"time"

-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 const (
@@ -8,7 +8,7 @@ import (
 	"syscall"
 	"testing"

-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 func TestExport(t *testing.T) {
@@ -6,7 +6,7 @@ import (
 	"syscall"
 	"testing"

-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )

 func TestLibraryError(t *testing.T) {
@@ -1,6 +1,6 @@
 package system

-import "git.gensokyo.uk/security/fortify/internal/sandbox"
+import "git.gensokyo.uk/security/fortify/sandbox"

 var msg sandbox.Msg = new(sandbox.DefaultMsg)