container: remove global msg

This frees all container instances of side effects.

Signed-off-by: Ophestra <cat@gensokyo.uk>

cmd/hakurei/main.go

@@ -13,8 +13,6 @@ import (
 	"syscall"
 
 	"hakurei.app/container"
-	"hakurei.app/internal"
-	"hakurei.app/internal/hlog"
 )
 
 var (
@@ -24,20 +22,20 @@ var (
 	license string
 )
 
-func init() { hlog.Prepare("hakurei") }
+// earlyHardeningErrs are errors collected while setting up early hardening feature.
+type earlyHardeningErrs struct{ yamaLSM, dumpable error }
 
 func main() {
 	// early init path, skips root check and duplicate PR_SET_DUMPABLE
-	container.TryArgv0(hlog.Output{}, hlog.Prepare, internal.InstallOutput)
+	container.TryArgv0(nil)
 
-	if err := container.SetPtracer(0); err != nil {
-		hlog.Verbosef("cannot enable ptrace protection via Yama LSM: %v", err)
-		// not fatal: this program runs as the privileged user
-	}
+	log.SetPrefix("hakurei: ")
+	log.SetFlags(0)
+	msg := container.NewMsg(log.Default())
 
-	if err := container.SetDumpable(container.SUID_DUMP_DISABLE); err != nil {
-		log.Printf("cannot set SUID_DUMP_DISABLE: %s", err)
-		// not fatal: this program runs as the privileged user
+	early := earlyHardeningErrs{
+		yamaLSM:  container.SetPtracer(0),
+		dumpable: container.SetDumpable(container.SUID_DUMP_DISABLE),
 	}
 
 	if os.Geteuid() == 0 {
@@ -48,10 +46,10 @@ func main() {
 		syscall.SIGINT, syscall.SIGTERM)
 	defer stop() // unreachable
 
-	buildCommand(ctx, os.Stderr).MustParse(os.Args[1:], func(err error) {
-		hlog.Verbosef("command returned %v", err)
+	buildCommand(ctx, msg, &early, os.Stderr).MustParse(os.Args[1:], func(err error) {
+		msg.Verbosef("command returned %v", err)
 		if errors.Is(err, errSuccess) {
-			hlog.BeforeExit()
+			msg.BeforeExit()
 			os.Exit(0)
 		}
 		// this catches faulty command handlers that fail to return before this point