kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity
2,432 Commits 2 Branches 14 Tags
6c2f7089b65c5e3eb5c3e65210abc0147f97ff45
Commit Graph

53 Commits

Author SHA1 Message Date
cat 575ef307ad container: binfmt registration 
This arranges for binfmt entries to be registered for the container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-05-07 15:55:19 +09:00
cat d4144fcf7f container: optionally map uid/gid 0 as init 
Unfortunately required to work around flawed APIs like binfmt_misc.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-05-07 15:15:47 +09:00
cat 09d9f766a9 container: optionally suppress init verbosity 
This change also removes verbose output no longer considered useful.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-05-05 19:59:44 +09:00
cat b390640376 internal/landlock: relocate from package container 
This is not possible to use directly, so remove it from the public API.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-04-10 23:56:45 +09:00
cat ad2c9f36cd container: unexport PR_SET_NO_NEW_PRIVS wrapper 
This is subtle to use correctly. It also does not make sense as part of the container API.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-04-10 23:45:51 +09:00
cat 0558032c2d container: do not set static deadline 
This usually ends up in the buffer, or completes well before the deadline, however this can still timeout on a very slow system.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-04-07 17:00:20 +09:00
cat 062edb3487 container: remove setup pipe helper 
The API forces use of finalizer to close the read end of the setup pipe, which is no longer considered acceptable. Exporting this as part of package container also imposes unnecessary maintenance burden.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-04-07 16:05:33 +09:00
cat c758e762bd container: skip landlock on hostnet 
This overlaps with net namespace, so can be skipped without degrading security.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-04-07 14:36:44 +09:00
cat 722989c682 fhs: move from container 
This package is not container-specific.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-17 15:56:36 +09:00
cat 6d015a949e check: move from container 
This package is not container specific, and widely used across the project.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-17 15:39:03 +09:00
cat 0a12d456ce container: set CLOEXEC via close_range 
This is guarded behind the close_range build tag for now.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-17 14:19:00 +09:00
cat cd5959fe5a ext: isolate from container/std 
These are too general to belong in the container package. This targets the v0.4 release to reduce the wrapper maintenance burden.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-17 13:39:26 +09:00
cat 196b200d0f container: expose priority and SCHED_OTHER policy 
The more explicit API removes the arbitrary limit preventing use of SCHED_OTHER (referred to as SCHED_NORMAL in the kernel). This change also exposes priority value to set.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-12 01:14:03 +09:00
cat 1e8ac5f68e container: use policy name in log message 
This is more helpful than having the user resolve the integer.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-11 20:20:34 +09:00
cat fd515badff container: move scheduler policy constants to std 
This avoids depending on cgo.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-11 20:03:08 +09:00
cat 19a2737148 container: sched policy string representation 
This also uses priority obtained via sched_get_priority_min, and improves bounds checking.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-03-09 18:38:31 +09:00
cat c74c269b66 container: use /proc/self/exe directly 
This is a more reliable form of pathname to self and also cheaper than os.Executable.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-02-28 20:44:44 +09:00
cat cd9b534d6b container: improve documentation 
This change removes inconsistencies collected over time in this package.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-02-28 20:18:30 +09:00
cat a6160cd410 container: set scheduling policy 
This is thread-directed so cannot be done externally. The glibc wrapper exposes this behaviour so most multithreaded programs using this is straight up incorrect.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-02-26 16:29:47 +09:00
cat 2494ede106 container/init: configure interface lo 
This enables loopback networking when owning the net namespace.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2026-01-11 03:36:20 +09:00
cat 3d720ada92 container: optionally allow orphan 
This is required for the typical daemonise use case.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-12-27 09:12:02 +09:00
cat ac34635890 container: set FD_CLOEXEC on all open files 
While fd created from this side always has the FD_CLOEXEC flag, the same is not true for files left open by the parent. This change prevents those files from leaking into the container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-12 00:18:29 +09:00
cat fba201c995 container/std: relocate rule types 
This enables its use in hst for #15.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-05 06:00:39 +09:00
cat c1399f5030 std: rename from comp 
Seccomp lookup tables are going to be relocated here, and PNR constants.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-05 02:47:43 +09:00
cat ae66b3d2fb message: rename NewMsg to New 
Should have done this when relocating this from container. Now is a good time to rename it before v0.3.x.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-03 01:49:27 +09:00
cat 68ff0a2ba6 container/params: expose pipe 
This increases flexibility of how caller wants to handle the I/O. Also makes it no longer rely on finalizer.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-31 22:39:02 +09:00
cat 57231d4acf container/init: improve signal handling 
The SIGTERM signal is delivered in many other cases and can lead to strange behaviour. The unconditional resume of the logger also causes strange behaviour in the cancellation forwarding path. This change also passes through additional signals.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-23 08:02:03 +09:00
cat e94acc424c container/comp: rename from bits 
This package will also hold syscall lookup tables for seccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-21 20:54:03 +09:00
cat 87b5c30ef6 message: relocate from container 
This package is quite useful. This change allows it to be imported without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-09 05:18:19 +09:00
cat 5d18af0007 container/fhs: move pathname constants 
This allows referencing FHS pathnames without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:29:16 +09:00
cat 0e6c1a5026 container/check: move absolute pathname 
This allows use of absolute pathname values without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 20:57:58 +09:00
cat 3ce63e95d7 container: move seccomp preset bits 
This allows holding the bits without cgo.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 18:28:20 +09:00
cat 46cd3a28c8 container: remove global msg 
This frees all container instances of side effects.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-29 06:11:47 +09:00
cat 3f25c3f0af container: initialise cmd early 
This allows use of more cmd methods.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-13 20:01:33 +09:00
cat 780e3e5465 container/msg: optionally provide error messages 
This makes handling of fatal errors a lot less squirmy.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-31 11:57:59 +09:00
cat 712cfc06d7 container: wrap container init start errors 
This helps indicate the exact origin and nature of the error. This eliminates generic WrapErr from container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-30 23:44:48 +09:00
netadr 5db0714072 container: optionally isolate host abstract UNIX domain sockets via landlock 2025-08-18 16:28:14 +09:00
cat 69a4ab8105 container: move PR_SET_NO_NEW_PRIVS to parent 
This allows some LSM setup in the parent.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-18 11:46:02 +09:00
cat 0ac6e99818 container: start from locked thread 
This allows setup that relies on per-thread state like securebits and landlock, from the parent side.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-17 17:42:22 +09:00
cat e99d7affb0 container: use absolute for pathname 
This is simultaneously more efficient and less error-prone. This change caused minor API changes in multiple other packages.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-11 04:56:42 +09:00
cat 02271583fb container: remove PATH lookup behaviour 
This is way higher level than the container package and does not even work unless every path is mounted in the exact same location.

This behaviour causes nothing but confusion and problems,

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-09 19:08:54 +09:00
cat edd6f2cfa9 container: document ambient capabilities 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-08 02:11:55 +09:00
cat f1a53d6116 container: raise CAP_DAC_OVERRIDE 
This is required for upperdir and workdir checks in overlayfs.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-08 00:43:19 +09:00
cat c6be82bcf9 container/path: fhs path constants 
This increases readability since this can help disambiguate absolute paths from similarly named path segments.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-03 21:16:45 +09:00
cat 347a79df72 container: improve clone flags readability 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-02 18:19:44 +09:00
cat 940ee00ffe container/init: configurable lingering process wait delay 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-29 02:38:17 +09:00
cat d6b07f12ff container: forward context cancellation 
This allows container processes to exit gracefully.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-28 01:45:38 +09:00
cat 65fe09caf9 container: check cancel signal delivery 
This change also makes some parts of the test more robust.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-28 01:04:29 +09:00
cat a1e5f020f4 container: improve doc comments 
Putting them on the builder methods is more useful.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-27 12:27:42 +09:00
cat e71ae3b8c5 container: remove custom cmd initialisation 
This part of the interface is very unintuitive and only used for testing, even in testing it is inelegant and can be done better.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-25 00:45:10 +09:00