kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity

Commit Graph

  • 53571f030e app: embed appSeal in app struct cat 2025-02-19 01:10:37 +09:00
  • aa164081e1 app/seal: improve documentation cat 2025-02-19 01:04:14 +09:00
  • 9a10eeab90 app/seal: embed enablements cat 2025-02-19 00:41:51 +09:00
  • d1f83f40d6 helper/bwrap: rename Write to WriteFile cat 2025-02-19 00:33:34 +09:00
  • a748d40745 app: store values with string representation cat 2025-02-19 00:25:00 +09:00
  • 648e1d641a app: separate interface from implementation cat 2025-02-18 23:05:37 +09:00
  • 3c327084d3 fst: declare wrappers for sandbox config cat 2025-02-18 23:04:13 +09:00
  • ffaa12b9d8 sys: wrap log methods cat 2025-02-18 22:44:50 +09:00
  • bf95127332 fst: move App interface declaration cat 2025-02-18 22:36:45 +09:00
  • e0f321b2c4 sys: rename from linux cat 2025-02-18 18:47:48 +09:00
  • 2c9c7fee5b linux: wrap fsu lookup error cat 2025-02-18 17:36:58 +09:00
  • d0400f3c81 fmsg: PrintBaseError skip empty message cat 2025-02-18 17:01:26 +09:00
  • e9b0f9faef fmsg: export logBaseError function cat 2025-02-18 13:02:51 +09:00
  • e85be67fd9 acl: implement Update in C cat 2025-02-17 20:37:10 +09:00
  • 7e69893264 acl: rename UpdatePerms to Update cat 2025-02-17 20:33:18 +09:00
  • 38a3e6af03 system: make xcb internal cat 2025-02-17 19:07:53 +09:00
  • 90cb01b274 system: move out of internal cat 2025-02-17 19:00:43 +09:00
  • b1e1d5627e system: wrap console output functions cat 2025-02-17 17:54:28 +09:00
  • 3ae2ab652e system/wayland: sync file at caller specified address cat 2025-02-17 13:24:17 +09:00
  • db71fbe22b system/tmpfiles: fail gracefully in API misuse cat 2025-02-17 12:17:01 +09:00
  • 83e72c2b59 release: 0.2.15 cat 2025-02-17 00:13:04 +09:00
  • 82a072f641 system/tmpfiles: implement private tmpfiles cat 2025-02-17 00:07:52 +09:00
  • 60c10c3f4a nix: run integration tests with race detector cat 2025-02-16 20:58:08 +09:00
  • 468696f611 internal: beforeExit before reachable fatal calls cat 2025-02-16 19:02:52 +09:00
  • 29c38caac8 app/shim/manager: return error on bad fsu path cat 2025-02-16 18:59:45 +09:00
  • e599b5583d fmsg: implement suspend in writer cat 2025-02-16 17:26:09 +09:00
  • 33a4ab11c2 internal: move shim and init into app cat 2025-02-16 16:28:46 +09:00
  • 1fa5e992e4 helper/bwrap: expose address of DataConfig cat 2025-02-16 12:33:59 +09:00
  • c667b13a00 system: separate link Op implementation cat 2025-02-16 12:15:26 +09:00
  • 90b86a5531 release: 0.2.14 cat 2025-02-15 23:03:13 +09:00
  • f545e154f0 workflows: use native nix runner cat 2025-02-15 20:49:28 +09:00
  • 268a90f1a5 app: improve WAYLAND_DISPLAY correctness cat 2025-02-15 14:45:09 +09:00
  • 3054527ca5 fortify: prevent exit status 0 on app failure cat 2025-02-15 14:40:19 +09:00
  • ddb2f9c11b app: remove wayland socket hard link cat 2025-02-15 10:53:52 +09:00
  • 6ae02e72fa nix: test direct_wayland behaviour cat 2025-02-15 10:45:27 +09:00
  • 989fb5395f nix: remove unused configuration cat 2025-02-15 10:04:37 +09:00
  • f955b15b84 system: remove write mode tmpfiles cat 2025-02-15 03:22:20 +09:00
  • 0340c67995 app: port passwd and group files to copy cat 2025-02-15 03:19:06 +09:00
  • 72b0160aad helper/bwrap: implement file copy flags cat 2025-02-15 03:12:28 +09:00
  • ea8d1c07df priv/shim: move /sbin/init setup to app cat 2025-02-15 02:56:08 +09:00
  • a0062d8275 fmsg: resume on exit cat 2025-02-15 02:22:09 +09:00
  • 43d2e4f5d7 nix: sway increase resolution cat 2025-02-15 02:21:24 +09:00
  • be7d944b39 helper/bwrap: PositionalArg implement fmt.Stringer cat 2025-02-14 23:58:52 +09:00
  • ace97952cc helper/bwrap: merge Args and FDArgs cat 2025-02-14 18:13:06 +09:00
  • 73146ea7fa dbus: remove BwrapStatic method cat 2025-02-14 18:09:59 +09:00
  • 88040504b2 helper/bwrap: remove fmsg import cat 2025-02-14 18:05:00 +09:00
  • 1fd571d561 cmd/fsu: check parse behaviour cat 2025-02-14 16:43:55 +09:00
  • be30e2f11e cmd/fsu: revert offset in error message cat 2025-02-14 15:31:39 +09:00
  • aaebb8f3ab fortify: check print behaviour cat 2025-02-14 14:44:28 +09:00
  • 1f74b636d3 state/join: use Join method when available cat 2025-02-14 14:11:02 +09:00
  • e431ab3c24 app: check username length against LOGIN_NAME_MAX cat 2025-02-14 12:44:55 +09:00
  • 3fba33687b fortify: print line after ps output cat 2025-02-14 12:23:20 +09:00
  • 820f48ef94 release: 0.2.13 cat 2025-02-13 23:39:29 +09:00
  • fe7d208cf7 helper: use generic extra files interface cat 2025-02-13 23:15:34 +09:00
  • 60c2873750 helper/proc: cancel ec on parent ctx cat 2025-02-13 23:08:28 +09:00
  • d1d20c06fb helper/seccomp: use sync.Once for closeWrite cat 2025-02-13 22:49:16 +09:00
  • 1e6a059668 helper/seccomp: benchmark exporter cat 2025-02-13 22:37:51 +09:00
  • 318df0f7e1 nix: test syscall filter cat 2025-02-13 22:01:16 +09:00
  • 58eb8f971d proc/pipe: implement args and stat file cat 2025-02-13 19:57:24 +09:00
  • 0a1d7c01cd helper/proc: count dispatched errs cat 2025-02-13 19:55:37 +09:00
  • 60ca1c6c55 helper/proc: store file addresses in linked list cat 2025-02-13 17:42:12 +09:00
  • 099da78af5 helper/seccomp: eliminate data race on pfd cat 2025-02-13 10:40:51 +09:00
  • 18466cfd02 helper/proc: declare generic extra files interface cat 2025-02-11 16:34:47 +09:00
  • e14923ae53 helper/proc: move package out of internal cat 2025-02-08 13:03:45 +09:00
  • 7aff3ead3a nix: vm test remove unnecessary setup cat 2025-02-07 22:29:56 +09:00
  • 72fb13dccc dbus: lock for read in public args interface cat 2025-02-07 13:42:17 +09:00
  • a48386bd56 system/dbus: dump messages on early fault cat 2025-02-07 13:20:56 +09:00
  • 2e52191404 system/dbus: dump method prints msgbuf cat 2025-02-07 13:16:54 +09:00
  • 568d7758d5 helper/seccomp: panic on invalid closeWrite use cat 2025-02-07 12:58:20 +09:00
  • 5b7b3fa9a4 helper/seccomp: implement reader interface via pipe cat 2025-02-03 18:10:29 +09:00
  • d58fb8c6ee workflows: fix nix store cache cat 2025-02-01 21:05:18 +09:00
  • 5808fe61c3 nix: vm test set sway background cat 2025-01-25 22:28:04 +09:00
  • f338d3bb4b nix: update flake lock cat 2025-01-25 19:46:33 +09:00
  • 8d04dd72f1 nix: mount nvidia devices cat 2025-01-25 18:05:18 +09:00
  • 21735a8abe release: 0.2.12 cat 2025-01-25 13:40:48 +09:00
  • 34272672b1 nix: verify silent output when not running with -v cat 2025-01-25 13:38:18 +09:00
  • 7b96cd6ded helper/seccomp: do not call F_println if not verbose cat 2025-01-25 13:19:38 +09:00
  • 163f15e93f helper/seccomp: separate seccomp package cat 2025-01-25 12:59:11 +09:00
  • 016da20443 nix: expose compat flag in nixos module cat 2025-01-25 12:42:48 +09:00
  • 37780456a7 helper: block more unusual/privileged syscalls cat 2025-01-25 12:35:47 +09:00
  • efacaa40fa nix: set deny_devel correctly cat 2025-01-24 00:50:35 +09:00
  • ad6d0ee55f workflows: rename integration test artifact cat 2025-01-24 00:30:39 +09:00
  • cf791469d8 workflows: gc store and purge old caches cat 2025-01-24 00:25:57 +09:00
  • be14421775 workflows: merge test build job into test cat 2025-01-24 00:22:44 +09:00
  • 045983d7f4 wl: separate inline C cat 2025-01-23 22:06:29 +09:00
  • 7106b00968 release: 0.2.11 cat 2025-01-23 20:49:49 +09:00
  • 96d5d8a396 nix: apply shared home config to reserved aid cat 2025-01-23 20:48:04 +09:00
  • 8a00a83c71 nix: expose syscall filter policy cat 2025-01-23 17:24:42 +09:00
  • 134247b57d nix: configure target users via nixos cat 2025-01-23 17:04:19 +09:00
  • b5bb7654da nix: redirect sway output to journal cat 2025-01-23 16:08:22 +09:00
  • cc1efa22e2 fst: add missing fields to template cat 2025-01-22 12:09:25 +09:00
  • 580128922b cmd/fpkg: expose syscall policy options cat 2025-01-22 12:01:30 +09:00
  • 23e1152baa app/share: clean BaseError message cat 2025-01-22 11:54:16 +09:00
  • 8c51012ef5 dbus: enable syscall filter cat 2025-01-22 02:01:01 +09:00
  • 5a64cdaf4f ldd: enable syscall filter cat 2025-01-22 02:00:49 +09:00
  • a30f5e1226 fortify: set up seccomp verbose logging early cat 2025-01-22 01:58:54 +09:00
  • 9a239fa1a5 helper/bwrap: integrate seccomp into helper interface cat 2025-01-22 01:51:10 +09:00
  • 82029948e6 proc: append to ExtraFiles slice pointer cat 2025-01-21 12:51:39 +09:00
  • dfcdc5ce20 state: store config in separate gob stream cat 2025-01-21 12:10:58 +09:00
  • fa0616b274 fortify: print permissive defaults warning early cat 2025-01-21 11:59:15 +09:00