kat/hakurei
1
0
Fork 0
forked from rosa/hakurei
Code Pull Requests Activity

Commit Graph

  • ed10574dea state: store join util cat 2024-12-20 19:05:39 +09:00
  • 195b717e01 release: 0.2.5 cat 2024-12-20 00:28:48 +09:00
  • df6fc298f6 migrate to git.gensokyo.uk/security/fortify cat 2024-12-20 00:20:02 +09:00
  • eae3034260 state: expose aids and use instance id as key cat 2024-12-19 21:36:17 +09:00
  • 5ea7333431 fst: implement app id parser cat 2024-12-19 18:19:47 +09:00
  • f796622c35 state: rename simple store implementation cat 2024-12-19 11:48:48 +09:00
  • 5d25bee786 fortify: remove systemd check cat 2024-12-19 11:14:31 +09:00
  • b48ece3bb0 acl: use test-managed tmpdir cat 2024-12-19 11:08:13 +09:00
  • 9f95f60400 release: 0.2.4 cat 2024-12-18 23:52:52 +09:00
  • 90dd57f75d workflows: cache nix store cat 2024-12-18 23:20:25 +09:00
  • 141f2e3685 workflows: cache apt packages cat 2024-12-18 22:00:08 +09:00
  • 73aa285e8f workflows: upload nixos test output cat 2024-12-18 20:32:40 +09:00
  • 6e87fc02dd workflows: build and upload test distribution cat 2024-12-18 19:57:03 +09:00
  • 52f21a19f3 cmd/fshim: switch to setup pipe cat 2024-12-18 19:39:25 +09:00
  • 7be53a2438 cmd/fshim: switch to generic setup func cat 2024-12-18 17:20:31 +09:00
  • 7f29b37a32 proc: setup payload send cat 2024-12-18 17:20:01 +09:00
  • f69e8e753e cmd/finit: switch to generic receive func cat 2024-12-18 16:49:19 +09:00
  • ef8fd37e9d proc: setup payload receive cat 2024-12-18 16:48:41 +09:00
  • 2f676c9d6e fst: rename from fipc cat 2024-12-18 15:50:46 +09:00
  • bbace8f84b nix: increase cpu count cat 2024-12-18 15:32:52 +09:00
  • 2efedf56c0 nix: collect fortify ps output cat 2024-12-18 13:48:39 +09:00
  • b752ec4468 fipc: export config struct cat 2024-12-18 13:45:55 +09:00
  • 5d00805a7c nix: check acl rollback cat 2024-12-18 12:49:32 +09:00
  • 7b6052a473 nix: run Go tests in nixos cat 2024-12-17 21:16:55 +09:00
  • 38653c6ab5 release: 0.2.3 cat 2024-12-17 14:06:17 +09:00
  • b5cbbeab90 dist: generate distribution tarball cat 2024-12-17 14:02:54 +09:00
  • c3ba0c3cce nix: rename nixos test cat 2024-12-17 13:02:12 +09:00
  • b453f70ca2 cmd/fsu: check uid range before syscall cat 2024-12-17 13:01:36 +09:00
  • c2b178e626 xcb: refactor and clean up cat 2024-12-17 12:46:36 +09:00
  • aeda40fc92 nix: test x11 permissive defaults cat 2024-12-17 12:40:18 +09:00
  • 65dc39956f workflows: set action names cat 2024-12-17 11:06:23 +09:00
  • 35505c8a26 workflows: invoke nix flake checks cat 2024-12-16 23:18:17 +09:00
  • 3f993021f8 nix: permissive defaults nixos test cat 2024-12-16 22:56:10 +09:00
  • 4d3bd5338f nix: implement flake checks cat 2024-12-16 20:54:28 +09:00
  • 138666d753 nix: skip acl test cat 2024-12-16 19:29:01 +09:00
  • f4628e181b acl: create test file in tmpdir cat 2024-12-16 18:58:09 +09:00
  • c8a90666c5 acl: refactor and clean up cat 2024-12-16 18:27:19 +09:00
  • ee41b37606 acl: add tests cat 2024-12-16 15:57:00 +09:00
  • e3f1d7ba60 release: 0.2.2 cat 2024-12-07 21:47:22 +09:00
  • 39e3ac3ccd nix: require /etc/userdb nix-daemon cat 2024-12-07 21:07:57 +09:00
  • 33c95b80ca cmd/fuserdb: rename home directories cat 2024-12-07 20:23:46 +09:00
  • 40cc8a68d1 nix: rename home directories cat 2024-12-07 20:15:37 +09:00
  • f773c92411 system: prevent duplicate Wayland op cat 2024-12-07 19:45:37 +09:00
  • 16ab734fcd update README document cat 2024-12-06 17:04:36 +09:00
  • cc816a1aaa proc: cleaner extra files cat 2024-12-06 16:05:04 +09:00
  • b3ef53b193 app: integrate security-context-v1 cat 2024-12-06 04:25:33 +09:00
  • 8d0573405a helper/bwrap: implement sync fd cat 2024-12-06 04:21:37 +09:00
  • 38e92edb8e system/wayland: integrate security-context-v1 cat 2024-12-06 04:20:15 +09:00
  • 2d606b1f4b wl: implement security-context-v1 cat 2024-12-06 03:34:13 +09:00
  • 1b5b089c78 fortify: rename --dbus-id to --id cat 2024-12-06 03:26:09 +09:00
  • 6b8ddca7b4 nix: track nixos stable 24.11 cat 2024-12-06 00:44:04 +09:00
  • 95668ac998 nix: expose no_new_session in module cat 2024-11-28 00:19:06 +09:00
  • b291f0b710 app: add nixos-based config test case cat 2024-11-21 12:13:12 +09:00
  • 3a20b149ce update README document cat 2024-11-21 11:22:34 +09:00
  • 30b8bce90a fortify: zsh completion cat 2024-11-20 01:25:19 +09:00
  • de0d78daae release: 0.2.1 cat 2024-11-19 21:03:50 +09:00
  • 6bf33ce507 fortify: use resolved username cat 2024-11-19 21:03:09 +09:00
  • 9faf3b3596 app: validate username cat 2024-11-19 21:01:41 +09:00
  • d99c8b1fb4 release: 0.2.0 cat 2024-11-19 18:15:09 +09:00
  • 6e4870775f update README document cat 2024-11-19 18:14:06 +09:00
  • 0a546885e3 nix: update options doc cat 2024-11-19 18:12:35 +09:00
  • 653d69da0a nix: module descriptions cat 2024-11-19 18:10:57 +09:00
  • f8256137ae nix: separate module options from implementation cat 2024-11-19 17:08:22 +09:00
  • 54b47b0315 nix: copy pixmaps directory to share package cat 2024-11-18 14:46:08 +09:00
  • ae2628e57a cmd/fshim/ipc: install signal handler on shim start cat 2024-11-18 13:33:46 +09:00
  • c026a4b5dc fortify: permissive defaults resolve home directory from os cat 2024-11-18 13:01:07 +09:00
  • 748a0ae2c8 nix: wrap program from libexec cat 2024-11-18 12:58:47 +09:00
  • 8f3f0c7bbf nix: integrate dynamic users cat 2024-11-18 02:49:48 +09:00
  • 05b7dbf066 app: alternative inner home path cat 2024-11-18 00:18:21 +09:00
  • 866270ff05 fmsg: add to wg prior to enqueue cat 2024-11-17 23:50:02 +09:00
  • c1fad649e8 app/start: check for cleanup and abort condition cat 2024-11-17 23:41:52 +09:00
  • b5f01ef20b app: append # for ChangeHosts message with numerical uid cat 2024-11-17 23:40:37 +09:00
  • 2e23cef7bb cmd/fuserdb: generate group entries cat 2024-11-17 23:31:06 +09:00
  • 6a6d30af1f cmd/fuserdb: systemd userdb drop-in entries generator cat 2024-11-17 02:03:18 +09:00
  • df33123bd7 app: integrate fsu cat 2024-11-16 21:19:45 +09:00
  • 1a09b55bd4 nix: remove portal paths from default cat 2024-11-10 22:24:17 +09:00
  • 9a13b311ac app/config: rename map_real_uid from use_real_uid cat 2024-11-09 11:57:36 +09:00
  • 45fead18c3 cmd/fshim: set no_new_privs flag cat 2024-11-09 11:50:56 +09:00
  • 431aa32291 nix: remove absolute Exec paths cat 2024-11-08 02:05:47 +09:00
  • 3962705126 nix: keep fshim and finit names cat 2024-11-06 14:59:28 +09:00
  • ad80be721b nix: improve start script cat 2024-11-06 14:09:41 +09:00
  • f831948bca release: 0.1.0 cat 2024-11-06 04:37:43 +09:00
  • 2e31b3d3a1 update README document cat 2024-11-06 04:35:52 +09:00
  • 4d90e73366 nix: generate strict sandbox configuration cat 2024-11-06 04:25:15 +09:00
  • 3dfc1fcd56 app: support full /dev access cat 2024-11-06 03:49:39 +09:00
  • 89bafd0c22 fortify: root check before command handling cat 2024-11-05 12:57:03 +09:00
  • 861bb1274f fortify: override default usage function cat 2024-11-05 00:12:31 +09:00
  • 714818c8aa fortify: implement cleaner argument structure cat 2024-11-04 23:08:29 +09:00
  • 69cc64ef56 linux: provide access to stdout cat 2024-11-04 22:55:46 +09:00
  • fc25ac2523 app: separate auto etc from permissive defaults cat 2024-11-04 22:18:05 +09:00
  • d909b1190a app/config: UseRealUID as true in template cat 2024-11-04 19:45:31 +09:00
  • cfd05b10f1 release: 0.0.11 cat 2024-11-04 13:46:47 +09:00
  • aa067436a7 workflows: build all packages with full ldflags cat 2024-11-04 13:43:57 +09:00
  • d7df24c999 fmsg: drop messages when msgbuf is full during withhold cat 2024-11-04 12:56:19 +09:00
  • 88abcbe0b2 cmd/fsu: remove import of internal package cat 2024-11-04 12:32:14 +09:00
  • af15b1c048 app: support mapping target uid as privileged uid in sandbox cat 2024-11-04 03:15:39 +09:00
  • 7962681f4a app: format mapped uid instead of real uid cat 2024-11-04 00:49:32 +09:00
  • bfcce3ff75 system/dbus: buffer xdg-dbus-proxy messages cat 2024-11-03 03:07:02 +09:00
  • 8cd3651bb6 cmd/fshim/ipc: friendly setup timeout message cat 2024-11-03 02:03:30 +09:00
  • 422d8e00d5 fortify: replace direct syscall with prctl wrapper cat 2024-11-02 17:00:25 +09:00