This no longer exposes the pipewire socket to the container, and instead mediates access via pipewire-pulse. This makes insecure parts of the protocol inaccessible as explained in the doc comment in hst.
Closes#29.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This fully replaces PulseAudio with PipeWire and enforces the PulseAudio check and error message. The pipewire-pulse daemon is handled in the NixOS module.
Closes#26.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is cleaner and makes more sense. The longer LDFLAGS was never a valid concern since it is always inserted by a script.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This writes the 16-byte instance identifier to file descriptor specified by --identifier-fd if set, and closes the file.
This enables safely obtaining the new instance's identifier.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This leaves slots available for additional uid ranges in Rosa OS.
This breaks all existing installations! Users are required to fix ownership manually.
Closes#18.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The SharePath is a more stable path than RunDirPath, since it is available all the time and should remain consistent. This also fits better into the intended use case of XDG_RUNTIME_DIR.
Closes#17.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This reduces collision with local variable names, and generally makes sense for the new store package, since it no longer specifies the state struct.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is less error-prone and fits better into internal/app which already uses check.Absolute for all pathnames.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The upper half is now a nanosecond timestamp. Lower half is still random bytes, so use lower half for short identifier.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This allows holding a xdg-dbus-proxy configuration without importing system/dbus.
It also makes more sense in the project structure since the config struct is part of the hst API however the rest of the implementation is not.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This package is replaced by container/stub. Remove and replace it with unexported implementation for the upcoming test suite rewrite.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The whole RunState ugliness and the other horrendous error handling conditions for internal/app come from an old design proposal for maintaining all app containers under the same daemon process for a user. The proposal was ultimately rejected but the implementation remained. It is removed here to alleviate internal/app from much of its ugliness and unreadability.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This was a stopgap solution that lasted for way too long. This finally removes it and prepares internal/app for some major changes.
Signed-off-by: Ophestra <cat@gensokyo.uk>
There is no reason to give the home directory special treatment, as this behaviour can be quite confusing. The home directory also does not necessarily require its own mount point, it could be provided by a parent or simply be ephemeral.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Having the bit field value here (in decimal, no less) is unfriendly to text editors. Use a bunch of booleans here to improve ease of use.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is simultaneously more efficient and less error-prone. This change caused minor API changes in multiple other packages.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This increases readability since this can help disambiguate absolute paths from similarly named path segments.
Signed-off-by: Ophestra <cat@gensokyo.uk>
It is completely nonsensical and highly error-prone to have multiple implementations of this in the same build. This should be switched at compile time instead therefore the split packages are pointless.
Signed-off-by: Ophestra <cat@gensokyo.uk>
These packages loosely belong in the "system" package and "system" provides high level wrappers for all of them.
Signed-off-by: Ophestra <cat@gensokyo.uk>
The hakurei command is a bit ugly since it's also used for validating the command package. This alleviates some of the ugliness.
Signed-off-by: Ophestra <cat@gensokyo.uk>
