hakurei

Author	SHA1	Message	Date
Ophestra	4bb5d9780f	ldd: run in native sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 17:55:55 +09:00
Ophestra	f41fd94628	sandbox: write uid/gid map as init This avoids PR_SET_DUMPABLE in the parent process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 17:42:22 +09:00
Ophestra	94895bbacb	sandbox: invert seccomp ruleset defaults Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 02:38:32 +09:00
Ophestra	f332200ca4	sandbox: mount container /dev Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 02:18:44 +09:00
Ophestra	9b1a60b5c9	sandbox: native container tooling This should eventually replace bwrap. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-13 21:36:26 +09:00