e71ae3b8c5
container: remove custom cmd initialisation
...
This part of the interface is very unintuitive and only used for testing, even in testing it is inelegant and can be done better.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-25 00:45:10 +09:00
d2f9a9b83b
treewide: migrate to hakurei.app
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-03 03:30:39 +09:00
1b5ecd9eaf
container: move out of toplevel
...
This allows slightly easier use of the vanity url. This also provides some disambiguation between low level containers and hakurei app containers.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-03 02:59:43 +09:00
eec021cc4b
hakurei: move container helpers toplevel
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-02 21:31:29 +09:00
a1d98823f8
hakurei: move container toplevel
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-02 21:23:55 +09:00
31aef905fa
sandbox: expose seccomp interface
...
There's no point in artificially limiting and abstracting away these options. The higher level hakurei package is responsible for providing a secure baseline and sane defaults. The sandbox package should present everything to the caller.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-07-02 04:47:13 +09:00
87e008d56d
treewide: rename to hakurei
...
Fortify makes little sense for a container tool.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-06-25 04:57:41 +09:00
24618ab9a1
sandbox: move out of internal
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-17 02:55:36 +09:00
bc54db54d2
ldd: always copy stderr
...
Dropping the buffer on success is unhelpful and could hide some useful information.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-17 00:08:00 +09:00
bf07b7cd9e
ldd: mount /proc in container
...
This covers host /proc.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-17 00:01:03 +09:00
48feca800f
sandbox: check command function pointer
...
Setting default CommandContext on initialisation is somewhat of a footgun.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-16 23:29:14 +09:00
4bb5d9780f
ldd: run in native sandbox
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-14 17:55:55 +09:00
d22145a392
ldd: handle musl static behaviour
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-03-12 23:29:43 +09:00
39dc8e7bd8
dbus: set process group id
...
This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-25 18:12:41 +09:00
dccb366608
ldd: handle behaviour on static executable
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-23 18:02:33 +09:00
83c8f0488b
ldd: pass absolute path to bwrap
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-23 17:46:22 +09:00
fe7d208cf7
helper: use generic extra files interface
...
This replaces the pipes object and integrates context into helper process lifecycle.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-13 23:34:15 +09:00
5a64cdaf4f
ldd: enable syscall filter
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-01-22 02:00:49 +09:00
9a239fa1a5
helper/bwrap: integrate seccomp into helper interface
...
This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-01-22 01:52:57 +09:00
2f70506865
helper/bwrap: move sync to helper state
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-01-19 18:38:13 +09:00
df6fc298f6
migrate to git.gensokyo.uk/security/fortify
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-12-20 00:20:02 +09:00
65af1684e3
migrate to git.ophivana.moe/security/fortify
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-10-20 19:50:13 +09:00
73a698c7cb
ldd: run ldd with read-only filesystem and unshared net
...
This is only called on trusted programs, however extra hardening is never a bad idea.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-10-17 15:37:27 +09:00
d41b9d2d9c
ldd: separate Parse from Exec and trim space
...
Signed-off-by: Ophestra Umiker <cat@ophivana.moe >
2024-10-09 23:51:15 +09:00
