hakurei

Author	SHA1	Message	Date
Ophestra	87e008d56d	treewide: rename to hakurei Fortify makes little sense for a container tool. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-25 04:57:41 +09:00
Ophestra	ef80b19f2f	treewide: switch to clang-format Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-18 13:45:34 +09:00
Ophestra	b7e991de5b	nix: update flake lock Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-05 04:05:39 +09:00
Ophestra	9967909460	sandbox: relative autoetc links This allows nested containers to use autoetc, and increases compatibility with other implementations. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-11 18:54:00 +09:00
Ophestra	c806f43881	sandbox: implement autoetc as setup op This significantly reduces setup op count and the readdir call now happens in the context of the init process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-10 18:54:25 +09:00
Ophestra	584405f7cc	sandbox/seccomp: rename flag type and constants The names are ambiguous. Rename them to make more sense. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-08 01:59:45 +09:00
Ophestra	f885dede9b	sandbox/seccomp: unexport println wrapper This is an implementation detail that was exported for the bwrap argument builder. The removal of that package allows it to be unexported. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-07 04:07:20 +09:00
Ophestra	0ba8be659f	sandbox: document less obvious parts of setup Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-01 01:21:04 +09:00
Ophestra	2a46f5bb12	sandbox/seccomp: update doc comment Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-30 23:00:20 +09:00
Ophestra	c13eb70d7d	sandbox/seccomp: add fortify default sample Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-28 02:02:02 +09:00
Ophestra	184e9db2b2	sandbox: support privileged container Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-27 19:40:19 +09:00
Ophestra	d613257841	sandbox/init: clear inheritable set Inheritable should not be able to affect anything regardless of its value, due to no_new_privs. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 07:46:13 +09:00
Ophestra	18644d90be	sandbox: wrap capset syscall Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 07:44:07 +09:00
Ophestra	52fcc48ac1	sandbox/init: drop capabilities During development the syscall filter caused me to make an incorrect assumption about SysProcAttr. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 06:32:08 +09:00
Ophestra	8b69bcd215	sandbox: cache kernel.cap_last_cap value Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 06:19:19 +09:00
Ophestra	985f9442e6	sandbox: copy symlink with magic prefix This does not dereference the symlink, but only reads one level of it. This is useful for symlink targets that are not yet known at the time the configuration is emitted. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-26 01:42:39 +09:00
Ophestra	971c79bb80	sandbox: remove hardcoded parent perm Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:49:51 +09:00
Ophestra	f86d868274	sandbox: wrap error with its own text message PathError has a pretty good text message, many of them are wrapped with its own text message. This change adds a function to do just that to improve readability. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:42:20 +09:00
Ophestra	33940265a6	sandbox: do not ensure symlink target This masks EEXIST on target and might clobber filesystems and lead to other confusing behaviour. Create its parent instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 19:30:53 +09:00
Ophestra	61dbfeffe7	sandbox/wl: move into sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 05:26:37 +09:00
Ophestra	5c4058d5ac	app: run in native sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 01:52:49 +09:00
Ophestra	ad3576c164	sandbox: resolve tty name Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 16:03:07 +09:00
Ophestra	a11237b158	sandbox/vfs: add doc comments Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 13:21:55 +09:00
Ophestra	40f00d570e	sandbox: set mkdir perm Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-24 12:51:39 +09:00
Ophestra	e8809125d4	sandbox: verify outcome via mountinfo This contains much more information than /proc/mounts and allows for more fields to be checked. This also removes the dependency on the test package. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 22:17:36 +09:00
Ophestra	75e0c5d406	test/sandbox: parse full test case This makes declaring multiple tests much cleaner. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 14:53:50 +09:00
Ophestra	770b37ae16	sandbox/vfs: match MS_NOSYMFOLLOW flag Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 13:57:30 +09:00
Ophestra	c638193268	sandbox: apply vfs options to bind mounts Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 05:27:57 +09:00
Ophestra	8c3a817881	sandbox/vfs: unfold mount hierarchy This presents all visible mount points under path. This is useful for applying extra vfs options to bind mounts. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 05:23:31 +09:00
Ophestra	e2fce321c1	sandbox/vfs: expose mountinfo line scanning Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-23 02:46:58 +09:00
Ophestra	d21d9c5b1d	sandbox/vfs: parse vfs options Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 17:12:10 +09:00
Ophestra	a70daf2250	sandbox: resolve inverted flags in op Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 12:58:38 +09:00
Ophestra	5098b12e4a	sandbox/vfs: count mountinfo entries Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 12:14:33 +09:00
Ophestra	9ddf5794dd	sandbox/vfs: implement proc_pid_mountinfo(5) parser Test cases are mostly taken from util-linux. This implementation is more correct and slightly faster than the one found in github:kubernetes/utils. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-21 00:35:49 +09:00
Ophestra	b74a08dda9	sandbox: prepare ops early Some setup code needs to run in host root. This change allows that to happen. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-18 02:17:46 +09:00
Ophestra	1b9408864f	sandbox: pass cmd to cancel function This is not usually in scope otherwise. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:36:39 +09:00
Ophestra	cc89dbdf63	sandbox: place files with content Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:13:22 +09:00
Ophestra	228f3301f2	sandbox: create directories Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 22:03:06 +09:00
Ophestra	07181138e5	sandbox/mount: pass absolute path This should never be used unless there is a good reason to, like using a file in the intermediate root. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:53:31 +09:00
Ophestra	816b372f14	sandbox: cancel process on serve error Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:49:45 +09:00
Ophestra	d7eddd54a2	sandbox: rename params struct Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 21:45:08 +09:00
Ophestra	af3619d440	sandbox: create symlinks Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 16:37:56 +09:00
Ophestra	528674cb6e	sandbox/init: fail early on nil op Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 16:17:03 +09:00
Ophestra	70c9757e26	sandbox/mount: rename device flag Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 16:10:55 +09:00
Ophestra	c83a7e2efc	sandbox: mount container /dev/mqueue Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 15:42:40 +09:00
Ophestra	904208b87f	sandbox: unwrap path string Mount proc and dev takes no additional parameters. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 15:33:20 +09:00
Ophestra	007b52d81f	sandbox/seccomp: check for both partial read outcomes This eliminates intermittent test failures. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 12:51:21 +09:00
Ophestra	24618ab9a1	sandbox: move out of internal Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 02:55:36 +09:00

48 Commits