hakurei

Author	SHA1	Message	Date
Ophestra	7c063833e0	internal/sys: wrap getuid/getgid Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 17:10:03 +09:00
Ophestra	ef81828e0c	app: remove share method This is yet another implementation detail from before system.I, getting rid of this vastly cuts down on redundant seal state. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-19 16:20:25 +09:00
Ophestra	648e1d641a	app: separate interface from implementation Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:07:28 +09:00
Ophestra	3c327084d3	fst: declare wrappers for sandbox config Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 23:04:13 +09:00
Ophestra	e0f321b2c4	sys: rename from linux Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-18 18:47:48 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	9a239fa1a5	helper/bwrap: integrate seccomp into helper interface This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 01:52:57 +09:00
Ophestra	562f5ed797	fst: hide sockets exposed via Filesystem This is mostly useful for permissive defaults. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 10:13:18 +09:00
Ophestra	db03565614	fst: move sandbox struct to separate file Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 09:42:44 +09:00

9 Commits