hakurei

Author	SHA1	Message	Date
cat	0c5409aec7	sandbox/seccomp: native rule type alias This makes it easier to keep API stable. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-02 00:00:08 +09:00
cat	1a8840bebc	sandbox/seccomp: resolve rules natively This enables loading syscall filter policies from external cross-platform config files. This also removes a significant amount of C code. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-01 22:11:32 +09:00
cat	1fb453dffe	sandbox/seccomp: extra constants These all resolve to pseudo syscall numbers in libseccomp, but are necessary anyway for other platforms. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-01 20:15:42 +09:00
cat	e03d702d08	sandbox/seccomp: implement syscall lookup This uses the Go map and is verified against libseccomp. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-01 00:35:27 +09:00
cat	241dc964a6	sandbox/seccomp: wire extra syscall These values are only useful for libseccomp. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-01 00:32:08 +09:00
cat	8ef71e14d5	sandbox/seccomp: emit syscall constants Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-30 20:34:33 +09:00
cat	972f4006f0	treewide: switch to hakurei.app Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-26 04:01:02 +09:00
cat	9a8a047908	sandbox/seccomp: syscall name lookup table The script is from Go source of same name. The result is checked against libseccomp. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-26 03:49:07 +09:00
cat	863bf69ad3	treewide: reapply clang-format Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-25 23:43:42 +09:00
cat	87e008d56d	treewide: rename to hakurei Fortify makes little sense for a container tool. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-25 04:57:41 +09:00
cat	ef80b19f2f	treewide: switch to clang-format Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-18 13:45:34 +09:00
cat	b7e991de5b	nix: update flake lock Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-05 04:05:39 +09:00
cat	9967909460	sandbox: relative autoetc links This allows nested containers to use autoetc, and increases compatibility with other implementations. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-11 18:54:00 +09:00
cat	c806f43881	sandbox: implement autoetc as setup op This significantly reduces setup op count and the readdir call now happens in the context of the init process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-10 18:54:25 +09:00
cat	584405f7cc	sandbox/seccomp: rename flag type and constants The names are ambiguous. Rename them to make more sense. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-08 01:59:45 +09:00
cat	f885dede9b	sandbox/seccomp: unexport println wrapper This is an implementation detail that was exported for the bwrap argument builder. The removal of that package allows it to be unexported. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-07 04:07:20 +09:00
cat	0ba8be659f	sandbox: document less obvious parts of setup Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-01 01:21:04 +09:00
cat	2a46f5bb12	sandbox/seccomp: update doc comment Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-30 23:00:20 +09:00
cat	c13eb70d7d	sandbox/seccomp: add fortify default sample Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-28 02:02:02 +09:00
cat	184e9db2b2	sandbox: support privileged container Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-27 19:40:19 +09:00
cat	d613257841	sandbox/init: clear inheritable set Inheritable should not be able to affect anything regardless of its value, due to no_new_privs. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 07:46:13 +09:00
cat	18644d90be	sandbox: wrap capset syscall Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 07:44:07 +09:00
cat	52fcc48ac1	sandbox/init: drop capabilities During development the syscall filter caused me to make an incorrect assumption about SysProcAttr. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 06:32:08 +09:00
cat	8b69bcd215	sandbox: cache kernel.cap_last_cap value Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 06:19:19 +09:00
cat	985f9442e6	sandbox: copy symlink with magic prefix This does not dereference the symlink, but only reads one level of it. This is useful for symlink targets that are not yet known at the time the configuration is emitted. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 01:42:39 +09:00
cat	971c79bb80	sandbox: remove hardcoded parent perm Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:49:51 +09:00
cat	f86d868274	sandbox: wrap error with its own text message PathError has a pretty good text message, many of them are wrapped with its own text message. This change adds a function to do just that to improve readability. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:42:20 +09:00
cat	33940265a6	sandbox: do not ensure symlink target This masks EEXIST on target and might clobber filesystems and lead to other confusing behaviour. Create its parent instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:30:53 +09:00
cat	61dbfeffe7	sandbox/wl: move into sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 05:26:37 +09:00
cat	5c4058d5ac	app: run in native sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 01:52:49 +09:00
cat	ad3576c164	sandbox: resolve tty name Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 16:03:07 +09:00
cat	a11237b158	sandbox/vfs: add doc comments Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 13:21:55 +09:00
cat	40f00d570e	sandbox: set mkdir perm Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 12:51:39 +09:00
cat	e8809125d4	sandbox: verify outcome via mountinfo This contains much more information than /proc/mounts and allows for more fields to be checked. This also removes the dependency on the test package. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 22:17:36 +09:00
cat	75e0c5d406	test/sandbox: parse full test case This makes declaring multiple tests much cleaner. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 14:53:50 +09:00
cat	770b37ae16	sandbox/vfs: match MS_NOSYMFOLLOW flag Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 13:57:30 +09:00
cat	c638193268	sandbox: apply vfs options to bind mounts Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 05:27:57 +09:00
cat	8c3a817881	sandbox/vfs: unfold mount hierarchy This presents all visible mount points under path. This is useful for applying extra vfs options to bind mounts. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 05:23:31 +09:00
cat	e2fce321c1	sandbox/vfs: expose mountinfo line scanning Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 02:46:58 +09:00
cat	d21d9c5b1d	sandbox/vfs: parse vfs options Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 17:12:10 +09:00
cat	a70daf2250	sandbox: resolve inverted flags in op Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 12:58:38 +09:00
cat	5098b12e4a	sandbox/vfs: count mountinfo entries Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 12:14:33 +09:00
cat	9ddf5794dd	sandbox/vfs: implement proc_pid_mountinfo(5) parser Test cases are mostly taken from util-linux. This implementation is more correct and slightly faster than the one found in github:kubernetes/utils. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 00:35:49 +09:00
cat	b74a08dda9	sandbox: prepare ops early Some setup code needs to run in host root. This change allows that to happen. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-18 02:17:46 +09:00
cat	1b9408864f	sandbox: pass cmd to cancel function This is not usually in scope otherwise. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:36:39 +09:00
cat	cc89dbdf63	sandbox: place files with content Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:13:22 +09:00
cat	228f3301f2	sandbox: create directories Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:03:06 +09:00
cat	07181138e5	sandbox/mount: pass absolute path This should never be used unless there is a good reason to, like using a file in the intermediate root. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:53:31 +09:00
cat	816b372f14	sandbox: cancel process on serve error Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:49:45 +09:00
cat	d7eddd54a2	sandbox: rename params struct Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:45:08 +09:00

1 2

57 Commits