kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity

Commit Graph

  • 1c692bfb79 container/init: call lockOSThread through dispatcher cat 2025-08-22 22:24:14 +09:00
  • 141a18999f container: move integration test helpers cat 2025-08-22 22:07:19 +09:00
  • afe23600d2 container/path: use syscall dispatcher cat 2025-08-22 22:00:40 +09:00
  • 09d2844981 container/init: wrap syscall helper functions cat 2025-08-21 21:59:07 +09:00
  • d500d6e559 system/dbus: share host net ns for abstract cat 2025-08-21 21:55:23 +09:00
  • 5b73316ae0 container/syscall: doc comments from manpages cat 2025-08-21 00:33:46 +09:00
  • 5d8a2199b6 container/init: op interface valid method cat 2025-08-21 00:18:50 +09:00
  • a1482ecdd0 container/inittmpfs: check path equivalence by value cat 2025-08-20 20:17:28 +09:00
  • a07f9ed84c container/initsymlink: check path equivalence by value cat 2025-08-20 20:03:02 +09:00
  • 51304b03af container/initremount: check path equivalence by value cat 2025-08-20 19:55:51 +09:00
  • c6397b941f container/initproc: check path equivalence by value cat 2025-08-20 19:29:45 +09:00
  • d65e5f817a container/initplace: check path equivalence by value cat 2025-08-20 19:19:27 +09:00
  • 696e593898 container/initoverlay: check path equivalence by value cat 2025-08-20 17:33:15 +09:00
  • 97ab24feef container/init: use absolute compare method cat 2025-08-20 17:14:36 +09:00
  • 31f0dd36df absolute: efficient equivalence check method cat 2025-08-20 17:06:38 +09:00
  • 9aec2f46fe container/initdev: check path equivalence by value cat 2025-08-20 02:55:45 +09:00
  • 022cc26b2e container/capability: check CAP_TO_INDEX and CAP_TO_MASK cat 2025-08-20 02:45:00 +09:00
  • b4c018da8f container/autoetc: do not bypass absolute check cat 2025-08-20 02:37:11 +09:00
  • 66f52407d3 container/initmkdir: check path equivalence by value cat 2025-08-20 02:32:22 +09:00
  • e463faf649 container/initbind: check path equivalence by value cat 2025-08-20 02:22:04 +09:00
  • 375acb476d container/autoroot: check host path equivalence by value cat 2025-08-20 02:03:18 +09:00
  • c81c9a9d75 container/init: split setup ops into individual files cat 2025-08-20 01:26:41 +09:00
  • 339e4080dc container/ops: move Op type to init file cat 2025-08-20 01:11:24 +09:00
  • e0533aaa68 container/autoroot: filter dentry with empty name cat 2025-08-20 01:03:49 +09:00
  • 13c7083bc0 container: ptrace protection via Yama LSM cat 2025-08-20 00:27:45 +09:00
  • 6947ff04e0 system/dbus/proc: host abstract only when not binding cat 2025-08-19 23:39:14 +09:00
  • 140fe21237 container/params: check setup/receive behaviour cat 2025-08-18 22:30:34 +09:00
  • f52d2c7db6 container/path: check create and mountinfo helpers cat 2025-08-18 21:30:28 +09:00
  • 3c9e547c4a cmd/hpkg: add deprecation notice cat 2025-08-18 17:00:27 +09:00
  • a3988c1a77 hst: rename net and abstract fields cat 2025-08-18 16:47:23 +09:00
  • 5db0714072 container: optionally isolate host abstract UNIX domain sockets via landlock netadr 2025-08-18 12:00:52 +09:00
  • 69a4ab8105 container: move PR_SET_NO_NEW_PRIVS to parent cat 2025-08-18 11:46:02 +09:00
  • 22d577ab49 test/sandbox: do not discard stderr getting hash cat 2025-08-18 11:36:13 +09:00
  • 83a1c75f1a app: set up acl on X11 socket cat 2025-08-18 02:24:56 +09:00
  • 0ac6e99818 container: start from locked thread cat 2025-08-17 17:26:20 +09:00
  • f35733810e container: check output helper functions cat 2025-08-17 02:59:37 +09:00
  • 9c1a5d43ba container: enforce nonrepeatable autoetc and autoroot cat 2025-08-17 01:43:11 +09:00
  • 8aa65f28c6 container: allow additional state between ops cat 2025-08-17 01:29:54 +09:00
  • f9edec7e41 hst: merge miscellaneous files cat 2025-08-16 02:32:57 +09:00
  • 305c600cf5 hst: move container type to config cat 2025-08-16 02:28:36 +09:00
  • 8dd3e1ee5d hst/fs: rename method Target to Path cat 2025-08-16 02:06:41 +09:00
  • 4ffeec3004 hst/enablement: editor friendly enablement adaptor cat 2025-08-15 04:57:37 +09:00
  • 9ed3ba85ea hst/fs: implement overlay fstype cat 2025-08-15 03:30:51 +09:00
  • 4433c993fa nix: check config via hakurei cat 2025-08-15 03:27:54 +09:00
  • 430991c39b hst/fs: remove type method cat 2025-08-15 00:37:07 +09:00
  • ba3227bf15 container: export overlay escape cat 2025-08-14 23:44:11 +09:00
  • 0e543a58b3 hst/fs: valid method on underlying interface cat 2025-08-14 21:36:22 +09:00
  • c989e7785a hst/info: include extra information cat 2025-08-14 19:52:03 +09:00
  • 332d90d6c7 container/path: remove unused path cat 2025-08-14 05:00:09 +09:00
  • 99ac96511b hst/fs: interface filesystem config cat 2025-08-12 04:38:45 +09:00
  • e99d7affb0 container: use absolute for pathname cat 2025-08-11 02:52:32 +09:00
  • 41ac2be965 container/absolute: wrap safe stdlib functions cat 2025-08-10 03:10:13 +09:00
  • 02271583fb container: remove PATH lookup behaviour cat 2025-08-09 19:08:54 +09:00
  • ef54b2cd08 container/absolute: early absolute pathname check cat 2025-08-09 17:50:03 +09:00
  • 82608164f6 container/params: remove confusingly named error cat 2025-08-09 17:36:36 +09:00
  • edd6f2cfa9 container: document ambient capabilities cat 2025-08-08 02:11:55 +09:00
  • acffa76812 container/ops: implement overlay op cat 2025-08-08 01:50:38 +09:00
  • 8da76483e6 container/path: fix typo "paths" cat 2025-08-08 01:32:48 +09:00
  • 534c932906 container: test case runtime initialisation cat 2025-08-08 01:03:35 +09:00
  • fee10fed4d container: test bypass output buffer on verbose cat 2025-08-08 00:57:27 +09:00
  • a4f7e92e1c test/interactive: helper scripts for tracing cat 2025-08-08 00:49:11 +09:00
  • f1a53d6116 container: raise CAP_DAC_OVERRIDE cat 2025-08-08 00:43:19 +09:00
  • b353c3deea nix: make src overlay writable cat 2025-08-07 18:07:19 +09:00
  • fde5f1ca64 container: buffer test output cat 2025-08-07 02:55:58 +09:00
  • 4d0bdd84b5 container: test respect verbose flag cat 2025-08-07 02:50:00 +09:00
  • 72a931a71a nix: interactive nixos vm cat 2025-08-05 21:31:36 +09:00
  • 9a25542c6d container/init: use mount string constants cat 2025-08-04 04:00:05 +09:00
  • c6be82bcf9 container/path: fhs path constants cat 2025-08-03 20:46:41 +09:00
  • 38245559dc container/ops: mount dev readonly cat 2025-08-03 19:18:53 +09:00
  • 7b416d47dc container/ops: merge mqueue and dev Ops cat 2025-08-03 18:34:55 +09:00
  • 15170735ba container/mount: move tmpfs sysroot prefixing to caller cat 2025-08-03 18:06:41 +09:00
  • 6a3886e9db container/op: unexport bind resolved source field cat 2025-08-03 17:57:37 +09:00
  • ff66296378 container/mount: mount data escape helper function cat 2025-08-03 15:35:32 +09:00
  • 347a79df72 container: improve clone flags readability cat 2025-08-02 18:19:44 +09:00
  • 0f78864a67 container/mount: export mount string constants cat 2025-08-02 17:15:41 +09:00
  • b32b1975a8 hst/container: remove cover cat 2025-08-02 00:34:52 +09:00
  • 2b1eaa62f1 update github notice cat 2025-08-02 00:20:46 +09:00
  • f13dca184c release: 0.1.3 v0.1.3 cat 2025-08-02 00:02:54 +09:00
  • 3b8a3d3b00 app: remount root readonly cat 2025-08-01 23:54:33 +09:00
  • c5d24979f5 container/ops: expose remount as Op cat 2025-08-01 23:48:02 +09:00
  • 1dc780bca7 container/mount: separate remount from bind cat 2025-08-01 23:32:38 +09:00
  • ec33061c92 nix: remove nscd cover cat 2025-08-01 22:04:58 +09:00
  • af0899de96 hst/container: mount tmpfs via magic src string cat 2025-08-01 21:23:52 +09:00
  • 547a2adaa4 container/mount: pass tmpfs flags cat 2025-08-01 18:58:42 +09:00
  • c02948e155 cmd/hakurei: print autoroot configuration cat 2025-08-01 04:29:01 +09:00
  • 387b86bcdd app: integrate container autoroot cat 2025-08-01 04:10:33 +09:00
  • 4e85643865 container: implement autoroot as setup op cat 2025-08-01 04:04:36 +09:00
  • 987981df73 test/sandbox: check pd behaviour cat 2025-08-01 02:11:19 +09:00
  • f14e7255be container/ops: use correct flags value in bind string cat 2025-08-01 00:54:08 +09:00
  • a8a79a8664 cmd/hpkg: rename from planterette cat 2025-07-31 23:57:11 +09:00
  • 3ae0cec000 test: increase vm memory cat 2025-07-31 22:08:01 +09:00
  • 4e518f11d8 container/ops: autoetc implementation to separate file cat 2025-07-31 19:54:03 +09:00
  • cb513bb1cd release: 0.1.2 v0.1.2 cat 2025-07-29 03:11:33 +09:00
  • f7bd28118c hst: configurable wait delay cat 2025-07-29 03:06:49 +09:00
  • 940ee00ffe container/init: configurable lingering process wait delay cat 2025-07-29 02:38:17 +09:00
  • b43d104680 app: integrate interrupt forwarding cat 2025-07-29 02:21:12 +09:00
  • ddf48a6c22 app/shim: implement signal handler outcome in Go cat 2025-07-28 23:38:28 +09:00
  • a0f499e30a app/shim: separate signal handler implementation cat 2025-07-28 21:52:53 +09:00
  • d6b07f12ff container: forward context cancellation cat 2025-07-28 01:44:31 +09:00
  • 65fe09caf9 container: check cancel signal delivery cat 2025-07-28 01:04:29 +09:00