maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity
603 Commits 2 Branches 12 Tags
6e7ddb2d2ec6b163dc2c178bc4d73b5943f51206
Commit Graph

20 Commits

Author SHA1 Message Date
Ophestra
10a21ce3ef helper: expose extra files to direct 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 02:27:40 +09:00
Ophestra
0f1f0e4364 helper: combine helper ipc setup 
The two-step args call is no longer necessary since stat is passed on initialisation.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 02:10:22 +09:00
Ophestra
f9bf20a3c7 helper: rearrange initialisation args 
This improves consistency across two different helper implementations.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 01:06:31 +09:00
Ophestra
f443d315ad helper: clean up interface 
The helper interface was messy due to odd context acquisition order. That has changed, so this cleans it up.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-15 00:27:44 +09:00
Ophestra
9e18d1de77 helper/proc: pass extra files and start 
For integration with native container tooling.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 23:23:57 +09:00
Ophestra
7c60a4d8e8 helper: embed context on creation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 18:30:22 +09:00
Ophestra
39dc8e7bd8 dbus: set process group id 
This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-25 18:12:41 +09:00
Ophestra
ace97952cc helper/bwrap: merge Args and FDArgs 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-14 18:13:06 +09:00
Ophestra
fe7d208cf7 helper: use generic extra files interface 
This replaces the pipes object and integrates context into helper process lifecycle.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-13 23:34:15 +09:00
Ophestra
9a239fa1a5 helper/bwrap: integrate seccomp into helper interface 
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 01:52:57 +09:00
Ophestra
eb0ef2d115 helper/bwrap: generic extra file interface 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-20 00:20:04 +09:00
Ophestra
2f70506865 helper/bwrap: move sync to helper state 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-19 18:38:13 +09:00
Ophestra
715addaccd helper/bwrap: append --sync-fd before -- 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 12:30:03 +09:00
Ophestra
3e11ce6868 helper/bwrap: separate sequential/static args 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-15 13:07:06 +09:00
Ophestra Umiker
df6fc298f6 migrate to git.gensokyo.uk/security/fortify 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-20 00:20:02 +09:00
Ophestra Umiker
cc816a1aaa proc: cleaner extra files 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-06 16:05:04 +09:00
Ophestra Umiker
8d0573405a helper/bwrap: implement sync fd 
This is required by wayland security-context-v1.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-12-06 04:21:37 +09:00
Ophestra Umiker
65af1684e3 migrate to git.ophivana.moe/security/fortify 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-20 19:50:13 +09:00
Ophestra Umiker
8d82446d97 helper: remove unused bwrap config field 
This configuration is not saved anywhere, and does not need to be saved. Bwrap configuration information is already saved into p.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-12 00:55:14 +09:00
Ophestra Umiker
7c7999e9e5 helper: implementation of helper.Helper using bwrap 
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
 2024-10-08 18:02:38 +09:00