kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity
1,160 Commits 2 Branches 14 Tags
9ac63aac0cb025d1de195dbc57d0c89ebd1d7cc5
Commit Graph

77 Commits

Author SHA1 Message Date
cat 9ac63aac0c hst/grp_pwd: add extra test cases 
Does not change coverage but this helps me crosscheck with my phone.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-05 01:42:42 +09:00
cat cb9ebf0e15 hst/grp_pwd: specify new uid format 
This leaves slots available for additional uid ranges in Rosa OS.

This breaks all existing installations! Users are required to fix ownership manually.

Closes #18.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-04 08:24:41 +09:00
cat 24435694a5 hst/config: make identifier omitempty 
This is an optional field. Serialise it as such.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-11-03 01:23:15 +09:00
cat 2442eda8d9 hst/instance: embed config struct 
This makes the resulting json easier to parse since it can now be deserialised into the config struct.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-24 00:42:16 +09:00
cat 05488bfb8f hst/instance: store priv side pid 
This can receive signals, so is more useful to the caller.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-23 23:19:55 +09:00
cat dd94818f20 hst/instance: define instance state 
This is now part of the hst API. This change also improves identifier generation and serialisation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-23 22:59:02 +09:00
cat e94acc424c container/comp: rename from bits 
This package will also hold syscall lookup tables for seccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-21 20:54:03 +09:00
cat b1a4d801be hst/container: flags string representation 
This is useful for a user-facing representation other than JSON. This also gets rid of the ugly, outdated flags string builder in cmd/hakurei.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-21 20:29:52 +09:00
cat 5063b774c1 hst: expose version string 
The hst API is tied to this version string.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-21 01:56:44 +09:00
cat 699c19e972 hst/container: optional runtime and tmpdir sharing 
Sharing and persisting these directories do not always make sense. Make it optional here.

Closes #16.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-19 04:11:38 +09:00
cat d87020f0ca hst/config: validate env early 
This should happen in hst since it requires no system state.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-19 02:39:49 +09:00
cat 425421d9b1 hst/container: rename constants 
The shim is an implementation detail and should not be mentioned in the API.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-16 00:27:00 +09:00
cat 5e0f15d76b hst/container: additional shim exit codes 
These are now considered stable, defined behaviour and can be used by external programs to determine shim outcome.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-15 22:09:33 +09:00
cat f95e0a7568 hst/config: hold acl struct by value 
Doc comments are also reworded for clarity.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-14 07:02:14 +09:00
cat 4c647add0d hst/container: pack boolean options 
The memory saving is relatively insignificant, however this increases serialisation efficiency.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-14 06:39:00 +09:00
cat a341466942 hst: separate container config 
The booleans are getting packed into a single field. This requires non-insignificant amount of code for JSON serialisation to stay compatible.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-14 04:23:05 +09:00
cat 7638a44fa6 treewide: parallel tests 
Most tests already had no global state, however parallel was never enabled. This change enables it for all applicable tests.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-13 04:38:48 +09:00
cat 8a91234cb4 hst: reword and improve doc comments 
This corrects minor mistakes in doc comments and adds them for undocumented constants.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-12 05:03:14 +09:00
cat f5a597c406 hst: rename /.hakurei constant 
This provides disambiguation from fhs.AbsTmp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 14:32:35 +09:00
cat 8874aaf81b hst: remove template bind nix store 
This does not add anything meaningful to the template, since there are already prior examples showing src-only bind ops. Remove this since it causes confusion by covering the previous mount point targeting /nix/store.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 13:59:10 +09:00
cat 04a27c8e47 hst: use plausible overlay template 
The current value is copied from a test case, and does not resemble its intended use case.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-11 13:51:08 +09:00
cat 776650af01 hst/config: negative WaitDelay bypasses default 
This behaviour might be useful, so do not lock it out. This change also fixes an oversight where the unchecked value is used to determine ForwardCancel.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-10 05:11:32 +09:00
cat 87b5c30ef6 message: relocate from container 
This package is quite useful. This change allows it to be imported without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-09 05:18:19 +09:00
cat 9b507715d4 hst/dbus: validate interface strings 
This is relocated to hst to validate early.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-08 04:57:22 +09:00
cat 12ab7ea3b4 hst/fs: access ops through interface 
This removes the final hakurei.app/container import from hst.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 23:59:48 +09:00
cat 1f0226f7e0 container/check: relocate overlay escape 
This is used in hst to format strings.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 23:56:19 +09:00
cat 584ce3da68 container/bits: move bind bits 
This allows referring to the bits without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:38:31 +09:00
cat 5d18af0007 container/fhs: move pathname constants 
This allows referencing FHS pathnames without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:29:16 +09:00
cat 0e6c1a5026 container/check: move absolute pathname 
This allows use of absolute pathname values without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 20:57:58 +09:00
cat d23b4dc9e6 hst/dbus: move dbus config struct 
This allows holding a xdg-dbus-proxy configuration without importing system/dbus.

It also makes more sense in the project structure since the config struct is part of the hst API however the rest of the implementation is not.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 19:03:51 +09:00
cat 2489766efe hst/config: identity bounds check early 
This makes sense to do here instead of in internal/app.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 17:58:28 +09:00
cat 9e48d7f562 hst/config: move container fields from toplevel 
This change also moves pd behaviour to cmd/hakurei, as this does not belong in the hst API.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 04:24:45 +09:00
cat ae7b343cde hst: reword and move constants 
These values are considered part of the stable, exported API, so move them to hst.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 17:40:32 +09:00
cat 16f9001f5f hst/config: update doc comments 
Some information here are horribly out of date. This change updates and improves all doc comments.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 04:12:53 +09:00
cat 80ad2e4e23 internal/app: do not offset base value 
This value is applied to the shim, it is incorrect to offset the base value as well.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-05 03:59:52 +09:00
cat 1ba1cb8865 hst/config: remove seccomp bit fields 
These serve little purpose and are not friendly for use from other languages.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-29 07:07:16 +09:00
cat 44ba7a5f02 hst/enablement: move bits from system 
This is part of the hst API, should not be in the implementation package.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-29 06:34:29 +09:00
cat 8690419c2d hst: replace internal/app error 
This turns out to still be quite useful across internal/app and its relatives. Perhaps a cleaner replacement for baseError.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-15 01:44:43 +09:00
cat da0459aca1 internal/app: update doc comments 
A lot of these comments are quite old and have not been updated to reflect changes.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-28 00:45:57 +09:00
cat 4cf694d2b3 hst: use hsu userid for share path suffix 
The privileged user is identifier to hakurei through its hsu userid. Using the kernel uid here makes little sense and is a leftover design choice from before hsu was implemented.

Closes #7.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-26 02:16:33 +09:00
cat c9facb746b hst/config: remove data field, rename dir to home 
There is no reason to give the home directory special treatment, as this behaviour can be quite confusing. The home directory also does not necessarily require its own mount point, it could be provided by a parent or simply be ephemeral.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-26 00:56:10 +09:00
cat 878b66022e hst/fsbind: optional ensure source 
This exposes the BindEnsure flag of BindMountOp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-26 00:50:23 +09:00
cat c328b584c0 hst/fslink: improve string representation 
This shortens the representation of most common use cases and generally improves readability.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 22:52:48 +09:00
cat 9585b35d5b hst/config: remove symlink field 
Closes #6.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 22:23:54 +09:00
cat 26cafe3e80 hst/fs: implement link fstype 
Symlinks do not require special treatment, and doing this allows placing links in order.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 21:57:38 +09:00
cat 125f150784 hst/fs: update doc comments 
The Type method no longer exists on the interface. Update doc comments to reflect that.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 21:11:39 +09:00
cat 0dcac55a0c hst/config: remove container etc field 
This no longer needs special treatment since it can be specified as a generic filesystem entry.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 19:24:33 +09:00
cat 6d202d73b4 hst/fsbind: optional autoetc behaviour 
This generalises the special field allowing any special behaviour to be matched from target.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 18:38:19 +09:00
cat 1438096339 hst/config: handle filesystem entry targeting root 
This allows any fstype supported by hst to be directly mounted on sysroot. A special case in internal/app applies the matching entry early and excludes it from path hiding.

Closes #5.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 17:52:57 +09:00
cat 059164d4fa hst/fsbind: optional autoroot behaviour 
This allows autoroot to be configured via Filesystem.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-25 17:44:12 +09:00