hakurei

Author	SHA1	Message	Date
Ophestra	0bd9b9e8fe	test/sandbox: assert filesystem json Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-02 23:23:04 +09:00
Ophestra	39e32799b3	test/sandbox: compare filesystem hierarchy For checking deterministic aspects of fs outcome. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-02 22:59:04 +09:00
Ophestra	9953768de5	test: rename session message identifier Labelling this as sway is misleading. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-02 22:47:33 +09:00
Ophestra	0d3652b793	test/sandbox/assert: wrap printf Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-02 18:37:46 +09:00
Ophestra	d8e9d71f87	test/sandbox: check mount outcome Do this at the beginning of the test for early failure. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-28 15:56:15 +09:00
Ophestra	558974b996	test/sandbox: assert mntent json Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-28 15:40:58 +09:00
Ophestra	4de4049713	test/sandbox: wrap libc getmntent For checking mounts outcome. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-28 14:56:08 +09:00
Ophestra	2d4cabe786	nix: increase nixfmt max width Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-28 14:43:46 +09:00
Ophestra	80f9b62d25	app: print comp values early Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 22:27:55 +09:00
Ophestra	673b648bd3	cmd/fpkg: call app in-process Wrapping fortify is slow, painful and error-prone. Start apps in-process instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 19:51:44 +09:00
Ophestra	45ad788c6d	cmd/fsu: allow switch from fpkg Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 19:42:28 +09:00
Ophestra	56539d8db5	fortify: move internal commands up This improves readability. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 18:02:11 +09:00
Ophestra	840ceb615a	app: handle RunState errors Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 17:36:14 +09:00
Ophestra	741d011543	fortify: configure seccomp logger early Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 17:19:36 +09:00
Ophestra	d050b3de25	app: define errors in a separate file Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 17:12:02 +09:00
Ophestra	5de28800ad	test: verify fsu ppid check Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 16:51:57 +09:00
Ophestra	8e50293ab7	test: remove sway process check This eliminates the race where systemd restarts sway too quick. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 13:52:44 +09:00
Ophestra	12c6d66bfd	cmd/fpkg/test: nixos test fpkg install/start Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 13:12:16 +09:00
Ophestra	d7d2bd33ed	cmd/fpkg/build: expose nixos configuration This should be used sparingly as the NixOS closure is in the bootstrap store which compresses rather poorly. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:31:18 +09:00
Ophestra	c21a4cff14	nix: wrap fpkg This is usable on nixos now due to the static build. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:24:04 +09:00
Ophestra	4fa38d6063	cmd/fpkg: use fortify path from internal Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:16:35 +09:00
Ophestra	6d4ac3d9fd	internal: store fortify path in internal This now makes more sense due to the changes in build system. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:03:25 +09:00
Ophestra	a5d2f040fb	cmd/fpkg/build: run final build step in nix This used to be a script that had to be run outside of nix because the sandbox disallows access to nix store state. Turns out closureInfo is the proper way to do that. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 23:53:18 +09:00
Ophestra	c62689e17f	nix: interrupt via tty Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 18:20:47 +09:00
Ophestra	39dc8e7bd8	dbus: set process group id This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 18:12:41 +09:00
Ophestra	5a732d153e	nix: include fsu sources in dist build Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 01:32:47 +09:00
Ophestra	b4549c72be	nix: verify silent signal exit This catches errors in the cleanup process initiated by a signal. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 01:22:16 +09:00
Ophestra	1818dc3a4c	system/acl: do not fail gone revert target A removed file effectively already has its ACLs stripped, so failing this makes no sense. Still print a message to warn about it. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 01:11:05 +09:00
Ophestra	65094b63cd	system/dbus: filter context cancellation error This message would otherwise show up when alternative exit path is taken due to a signal. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 00:57:35 +09:00
Ophestra	f0a082ec84	fortify: improve handling of RevertErr All this error wrapping is getting a bit ridiculous and I might want to do something about that somewhere down the line. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 00:45:00 +09:00
Ophestra	751aa350ee	nix: exclude files ending in ".py" This reduces rebuilds when debugging nixos tests. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-24 17:41:56 +09:00
Ophestra	e6cd2bb2a8	cmd/fpkg: integrate command handler Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 23:25:12 +09:00
Ophestra	0fb72e5d99	cmd/fpkg/build: prepend extra nix flags Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 20:21:09 +09:00
Ophestra	71135f339a	release: 0.2.18 Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:52:33 +09:00
Ophestra	b6af8caffe	nix: clean up directory structure Tests for fpkg is going to be in ./cmd/fpkg, so this central tests directory is no longer necessary. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:48:01 +09:00
Ophestra	e1a3549ea0	workflows: separate nixos tests from flake check Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:34:42 +09:00
Ophestra	8bf162820b	nix: separate fsu from package This appears to be the only way to build them with different configuration. This enables static linking in the main package. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:13:37 +09:00
Ophestra	dccb366608	ldd: handle behaviour on static executable Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:02:33 +09:00
Ophestra	83c8f0488b	ldd: pass absolute path to bwrap Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 17:46:22 +09:00
Ophestra	478b27922c	fortify: handle errors via MustParse The errSuccess behaviour is kept for beforeExit. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 12:57:59 +09:00
Ophestra	ba1498cd18	command: filter parse errors Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 12:55:10 +09:00
Ophestra	eda4d612c2	fortify: keep external files alive This should eliminate sporadic failures, like the known double close in "seccomp". Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 03:24:37 +09:00
Ophestra	2e7e160683	release: 0.2.17 Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 02:59:31 +09:00
Ophestra	79957f8ea7	fortify: test help message This helps catch regressions in "command". Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 02:51:35 +09:00
Ophestra	7e52463445	fortify: integrate command handler Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 02:35:02 +09:00
Ophestra	89970f5197	command/flag: implement repeatable flag Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 02:25:31 +09:00
Ophestra	35037705a9	command/flag: implement integer flag Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 02:02:01 +09:00
Ophestra	647c6ea21b	command: hide internal commands This marks commands as internal via a magic usage string. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 01:36:48 +09:00
Ophestra	416d93e880	command: expose print help This is useful for custom help commands. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 01:17:57 +09:00
Ophestra	312753924b	command: root early handler func special case This allows for early initialisation with access to flags on the root node. This can be useful for configuring global state used by subcommands. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 00:55:18 +09:00

1 2 3 4 5 ...

616 Commits