The run command was a legacy holdover from very early days and is only useful for testing and demonstration these days. This change also renames it to exec.
Signed-off-by: Ophestra <cat@gensokyo.uk>
These are too general to belong in the container package. This targets the v0.4 release to reduce the wrapper maintenance burden.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This no longer exposes the pipewire socket to the container, and instead mediates access via pipewire-pulse. This makes insecure parts of the protocol inaccessible as explained in the doc comment in hst.
Closes#29.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This fully replaces PulseAudio with PipeWire and enforces the PulseAudio check and error message. The pipewire-pulse daemon is handled in the NixOS module.
Closes#26.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is cleaner and makes more sense. The longer LDFLAGS was never a valid concern since it is always inserted by a script.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This writes the 16-byte instance identifier to file descriptor specified by --identifier-fd if set, and closes the file.
This enables safely obtaining the new instance's identifier.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This leaves slots available for additional uid ranges in Rosa OS.
This breaks all existing installations! Users are required to fix ownership manually.
Closes#18.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The SharePath is a more stable path than RunDirPath, since it is available all the time and should remain consistent. This also fits better into the intended use case of XDG_RUNTIME_DIR.
Closes#17.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This reduces collision with local variable names, and generally makes sense for the new store package, since it no longer specifies the state struct.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is less error-prone and fits better into internal/app which already uses check.Absolute for all pathnames.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The upper half is now a nanosecond timestamp. Lower half is still random bytes, so use lower half for short identifier.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This allows holding a xdg-dbus-proxy configuration without importing system/dbus.
It also makes more sense in the project structure since the config struct is part of the hst API however the rest of the implementation is not.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This package is replaced by container/stub. Remove and replace it with unexported implementation for the upcoming test suite rewrite.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The whole RunState ugliness and the other horrendous error handling conditions for internal/app come from an old design proposal for maintaining all app containers under the same daemon process for a user. The proposal was ultimately rejected but the implementation remained. It is removed here to alleviate internal/app from much of its ugliness and unreadability.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This was a stopgap solution that lasted for way too long. This finally removes it and prepares internal/app for some major changes.
Signed-off-by: Ophestra <cat@gensokyo.uk>
