maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity
750 Commits 1 Branch 12 Tags
87e008d56de974947ebb99c2cc40b25d3c2cf43e
Commit Graph

45 Commits

Author SHA1 Message Date
Ophestra
87e008d56d treewide: rename to hakurei 
Fortify makes little sense for a container tool.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 04:57:41 +09:00
Ophestra
f30a439bcd nix: improve common usability 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-16 04:40:12 +09:00
Ophestra
31b7ddd122 fst: improve config 
The config struct more or less "grew" to what it is today. This change moves things around to make more sense and fixes nonsensical comments describing obsolete behaviour.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-13 03:30:19 +09:00
Ophestra
6309469e93 app/instance: wrap internal implementation 
This reduces the scope of the fst package, which was growing questionably large.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-12 13:56:41 +09:00
Ophestra
0d7c1a9a43 app: rename app implementation package 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-12 10:54:24 +09:00
Ophestra
2f4f21fb18 fst: rename device field 
Dev is very ambiguous. Rename it here alongside upcoming config changes.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-11 19:32:15 +09:00
Ophestra
584405f7cc sandbox/seccomp: rename flag type and constants 
The names are ambiguous. Rename them to make more sense.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-08 01:59:45 +09:00
Ophestra
e9a7cd526f app: improve shim process management 
This ensures a signal gets delivered to the process instead of relying on parent death behaviour.

SIGCONT was chosen as it is the only signal an unprivileged process is allowed to send to processes with different credentials.

A custom signal handler is installed because the Go runtime does not expose signal information other than which signal was received, and shim must check pid to ensure reasonable behaviour.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-07 03:55:17 +09:00
Ophestra
4036da3b5c fst: optional configured shell path 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-31 21:27:31 +09:00
Ophestra
532feb4bfa app: merge shim into app package 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 05:21:47 +09:00
Ophestra
ec5e91b8c9 system: optimise string formatting 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 04:42:30 +09:00
Ophestra
5c4058d5ac app: run in native sandbox 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 01:52:49 +09:00
Ophestra
24618ab9a1 sandbox: move out of internal 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:55:36 +09:00
Ophestra
9a1f8e129f sandbox: wrap fmsg interface 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 02:44:07 +09:00
Ophestra
ee10860357 seccomp: install output atomically 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 01:10:27 +09:00
Ophestra
2647a71be1 seccomp: move out of helper 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-14 22:42:40 +09:00
Ophestra
4133b555ba internal/app: rename init to init0 
This makes way for the new container init.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-13 21:57:54 +09:00
Ophestra
61e58aa14d helper/proc: expose setup file 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-09 17:22:31 +09:00
Ophestra
9e15898c8f internal/prctl: rename prctl wrappers 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-07 22:56:35 +09:00
Ophestra
2d4cabe786 nix: increase nixfmt max width 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-28 14:43:46 +09:00
Ophestra
673b648bd3 cmd/fpkg: call app in-process 
Wrapping fortify is slow, painful and error-prone. Start apps in-process instead.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 19:51:44 +09:00
Ophestra
12c6d66bfd cmd/fpkg/test: nixos test fpkg install/start 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 13:12:16 +09:00
Ophestra
d7d2bd33ed cmd/fpkg/build: expose nixos configuration 
This should be used sparingly as the NixOS closure is in the bootstrap store which compresses rather poorly.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 12:31:18 +09:00
Ophestra
4fa38d6063 cmd/fpkg: use fortify path from internal 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-26 12:16:35 +09:00
Ophestra
a5d2f040fb cmd/fpkg/build: run final build step in nix 
This used to be a script that had to be run outside of nix because the sandbox disallows access to nix store state. Turns out closureInfo is the proper way to do that.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-25 23:53:18 +09:00
Ophestra
e6cd2bb2a8 cmd/fpkg: integrate command handler 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-23 23:25:12 +09:00
Ophestra
0fb72e5d99 cmd/fpkg/build: prepend extra nix flags 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-23 20:21:09 +09:00
Ophestra
eb0c16dd8c cmd/fpkg: rename buildPackage file 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-21 18:13:34 +09:00
Ophestra
4fa1e97026 cmd/fpkg: rename shell to shellPath 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-21 17:50:20 +09:00
Ophestra
90cb01b274 system: move out of internal 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-17 19:00:43 +09:00
Ophestra
e599b5583d fmsg: implement suspend in writer 
This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-02-16 18:51:53 +09:00
Ophestra
580128922b cmd/fpkg: expose syscall policy options 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-22 12:01:30 +09:00
Ophestra
7baca66a56 proc: remove duplicate compile-time fortify reference 
This is no longer needed since shim and init are now part of the main program.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-18 11:59:33 +09:00
Ophestra
ea8f228af3 proc/priv/shim: merge shim into main program 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-01-17 23:43:32 +09:00
Ophestra
22a4b99674 cmd/fpkg/install: deduplicate nix store 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-30 02:25:04 +09:00
Ophestra
1464ef774b cmd/fpkg: expose nixGL wrappers 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-30 02:02:20 +09:00
Ophestra
66ba4cea5c cmd/fpkg: remove workDir acl from activation 
Activation does not require access to workDir, and by this point all information is available in dataHome.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 23:48:45 +09:00
Ophestra
f8d0786509 cmd/fpkg: include nixGL source in inner store 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 23:37:11 +09:00
Ophestra
aff80b6b00 cmd/fpkg: optional network access when invoking with nix daemon 
This is useful for building nixGL.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 18:32:44 +09:00
Ophestra
a98a176907 cmd/fpkg: bind and document more gpu devices 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 18:25:26 +09:00
Ophestra
5302879b88 cmd/fpkg: improve readability of fortify invocations 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 17:55:56 +09:00
Ophestra
891b3cbde7 cmd/fpkg: compare all three store paths 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 17:10:41 +09:00
Ophestra
c795293f36 cmd/fpkg: clean up broken links before activation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 15:21:40 +09:00
Ophestra
c1a459a0b1 cmd/fpkg/start: correct drop to shell wording 
Activation no longer happens during application startup.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-29 00:56:14 +09:00
Ophestra
e0e2f40e84 cmd/fpkg: app bundle helper 
This helper program creates fortify configuration for running an application bundle. The activate action wraps a home-manager activation package and ensures each generation gets activated once.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2024-12-26 13:21:49 +09:00