maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity
1,026 Commits 2 Branches 12 Tags
12ab7ea3b465a130933efd9e7fe044f3636dc6ed
Commit Graph

109 Commits

Author SHA1 Message Date
Ophestra
5d18af0007 container/fhs: move pathname constants 
This allows referencing FHS pathnames without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 21:29:16 +09:00
Ophestra
0e6c1a5026 container/check: move absolute pathname 
This allows use of absolute pathname values without importing container.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-10-07 20:57:58 +09:00
Ophestra
afa1a8043e helper/proc: raise FulfillmentTimeout in tests 
This appears to be yet another source of spurious test failures.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-29 07:44:33 +09:00
Ophestra
46cd3a28c8 container: remove global msg 
This frees all container instances of side effects.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-29 06:11:47 +09:00
Ophestra
3f25c3f0af container: initialise cmd early 
This allows use of more cmd methods.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-09-13 20:01:33 +09:00
Ophestra
e99d7affb0 container: use absolute for pathname 
This is simultaneously more efficient and less error-prone. This change caused minor API changes in multiple other packages.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-11 04:56:42 +09:00
Ophestra
02271583fb container: remove PATH lookup behaviour 
This is way higher level than the container package and does not even work unless every path is mounted in the exact same location.

This behaviour causes nothing but confusion and problems,

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-09 19:08:54 +09:00
Ophestra
7b416d47dc container/ops: merge mqueue and dev Ops 
There is no reason to mount mqueue anywhere else, and these Ops usually follow each other. This change merges them. This helps decrease IPC overhead and also enables mounting dev readonly.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-08-03 19:13:46 +09:00
Ophestra
a1e5f020f4 container: improve doc comments 
Putting them on the builder methods is more useful.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-27 12:27:42 +09:00
Ophestra
e71ae3b8c5 container: remove custom cmd initialisation 
This part of the interface is very unintuitive and only used for testing, even in testing it is inelegant and can be done better.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-25 00:45:10 +09:00
Ophestra
9d7a19d162 container: use more reliable nonexistence 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-18 23:18:26 +09:00
Ophestra
d2f9a9b83b treewide: migrate to hakurei.app 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-03 03:30:39 +09:00
Ophestra
1b5ecd9eaf container: move out of toplevel 
This allows slightly easier use of the vanity url. This also provides some disambiguation between low level containers and hakurei app containers.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-03 02:59:43 +09:00
Ophestra
a1d98823f8 hakurei: move container toplevel 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 21:23:55 +09:00
Ophestra
eb22a8bcc1 cmd/hakurei: move to cmd 
Having it at the project root never made sense since the "ego" name was deprecated. This change finally addresses it.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 20:42:51 +09:00
Ophestra
87e008d56d treewide: rename to hakurei 
Fortify makes little sense for a container tool.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 04:57:41 +09:00
Ophestra
b7e991de5b nix: update flake lock 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-05 04:05:39 +09:00
Ophestra
78aaae7ee0 helper/args: copy args on wt creation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-27 18:22:07 +09:00
Ophestra
5c82f1ed3e helper/stub: output to stdout 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-27 17:25:10 +09:00
Ophestra
b39f3aeb59 helper: remove bubblewrap wrapper 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 05:35:02 +09:00
Ophestra
1b9408864f sandbox: pass cmd to cancel function 
This is not usually in scope otherwise.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 22:36:39 +09:00
Ophestra
24618ab9a1 sandbox: move out of internal 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:55:36 +09:00
Ophestra
9ce4706a07 sandbox: move params setup functions 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:48:32 +09:00
Ophestra
9a1f8e129f sandbox: wrap fmsg interface 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:44:07 +09:00
Ophestra
ee10860357 seccomp: install output atomically 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 01:10:27 +09:00
Ophestra
44277dc0f1 dbus: run in native sandbox 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 00:13:14 +09:00
Ophestra
42de09e896 helper: implement native container backend 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 02:57:46 +09:00
Ophestra
1576fea8a3 helper: raise WaitDelay during tests 
Helper runs very slowly with race detector. This prevents it from timing out.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 02:49:41 +09:00
Ophestra
273d97af85 ldd: lib paths resolve function 
This is what always happens right after a ldd call, so implement it here.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 01:20:09 +09:00
Ophestra
891316d924 helper/stub: copy args to stderr 
Some helpers are implemented via go test itself in tests, and as a result stdout gets clobbered.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 00:39:42 +09:00
Ophestra
6e7ddb2d2e helper: eliminate commandContext replacement 
This is done more cleanly by modifying Args in cmdF.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-16 00:01:25 +09:00
Ophestra
10a21ce3ef helper: expose extra files to direct 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 02:27:40 +09:00
Ophestra
0f1f0e4364 helper: combine helper ipc setup 
The two-step args call is no longer necessary since stat is passed on initialisation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 02:10:22 +09:00
Ophestra
f9bf20a3c7 helper: rearrange initialisation args 
This improves consistency across two different helper implementations.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 01:06:31 +09:00
Ophestra
73c1a83032 helper: move process wrapper to direct 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 00:33:25 +09:00
Ophestra
f443d315ad helper: clean up interface 
The helper interface was messy due to odd context acquisition order. That has changed, so this cleans it up.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 00:27:44 +09:00
Ophestra
9e18d1de77 helper/proc: pass extra files and start 
For integration with native container tooling.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 23:23:57 +09:00
Ophestra
2647a71be1 seccomp: move out of helper 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 22:42:40 +09:00
Ophestra
7c60a4d8e8 helper: embed context on creation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 18:30:22 +09:00
Ophestra
29c3f8becb helper/seccomp: improve error handling 
This passes both errno and libseccomp return value.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-12 15:52:48 +09:00
Ophestra
be16970e77 helper/seccomp: seccomp_load on negative fd 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-12 15:18:52 +09:00
Ophestra
61e58aa14d helper/proc: expose setup file 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-09 17:22:31 +09:00
Ophestra
39dc8e7bd8 dbus: set process group id 
This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-25 18:12:41 +09:00
Ophestra
eda4d612c2 fortify: keep external files alive 
This should eliminate sporadic failures, like the known double close in "seccomp".

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-23 03:24:37 +09:00
Ophestra
d1f83f40d6 helper/bwrap: rename Write to WriteFile 
In case this might want to be an io.Writer.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-19 00:34:19 +09:00
Ophestra
e599b5583d fmsg: implement suspend in writer 
This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-16 18:51:53 +09:00
Ophestra
1fa5e992e4 helper/bwrap: expose address of DataConfig 
This allows the caller to defer fulfilling its payload.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-16 12:33:59 +09:00
Ophestra
72b0160aad helper/bwrap: implement file copy flags 
These are significantly more efficient and less error-prone than mounting an external tmpfile. This should also reduce attack surface as the resulting files are private to its specific sandbox.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-15 03:13:15 +09:00
Ophestra
be7d944b39 helper/bwrap: PositionalArg implement fmt.Stringer 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-15 00:11:48 +09:00
Ophestra
ace97952cc helper/bwrap: merge Args and FDArgs 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-14 18:13:06 +09:00