The more explicit API removes the arbitrary limit preventing use of SCHED_OTHER (referred to as SCHED_NORMAL in the kernel). This change also exposes priority value to set.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This no longer exposes the pipewire socket to the container, and instead mediates access via pipewire-pulse. This makes insecure parts of the protocol inaccessible as explained in the doc comment in hst.
Closes#29.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Due to the special nature of the init process, direct use of wait outside the wait4 loop is racy. This change copies the wstatus from wait4 loop state instead.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This fully replaces PulseAudio with PipeWire and enforces the PulseAudio check and error message. The pipewire-pulse daemon is handled in the NixOS module.
Closes#26.
Signed-off-by: Ophestra <cat@gensokyo.uk>
While fd created from this side always has the FD_CLOEXEC flag, the same is not true for files left open by the parent. This change prevents those files from leaking into the container.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This writes the 16-byte instance identifier to file descriptor specified by --identifier-fd if set, and closes the file.
This enables safely obtaining the new instance's identifier.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This leaves slots available for additional uid ranges in Rosa OS.
This breaks all existing installations! Users are required to fix ownership manually.
Closes#18.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Wanted to do this for a long time, since the key is redundant. This also makes it easier to migrate to the new store interface.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The hst package only deals with data serialisation, however since many parts of hakurei make use of C libraries in some way it can be easy to inadvertently depend on cgo.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This package is replaced by container/stub. Remove and replace it with unexported implementation for the upcoming test suite rewrite.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Since this is going to be placed in a shared directory, it needs to be unique to the identity. Instead of trying to figure out identity from mountinfo, just have the test script pass hardcoded values.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The privileged user is identifier to hakurei through its hsu userid. Using the kernel uid here makes little sense and is a leftover design choice from before hsu was implemented.
Closes#7.
Signed-off-by: Ophestra <cat@gensokyo.uk>
There is no reason to give the home directory special treatment, as this behaviour can be quite confusing. The home directory also does not necessarily require its own mount point, it could be provided by a parent or simply be ephemeral.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is the first hakurei run in the test, if the container outright fails to start this is often where it happens, so throwing away the output is very unhelpful.
Signed-off-by: Ophestra <cat@gensokyo.uk>
