maemachinebroke/hakurei
1
0
Fork 0
forked from security/hakurei
Code Pull Requests Activity
770 Commits 1 Branch 12 Tags
eb22a8bcc1ac03357d4073e5d3ed6d0ab5246a37
Commit Graph

770 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Ophestra
eb22a8bcc1 cmd/hakurei: move to cmd 
Having it at the project root never made sense since the "ego" name was deprecated. This change finally addresses it.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 20:42:51 +09:00
Ophestra
31aef905fa sandbox: expose seccomp interface 
There's no point in artificially limiting and abstracting away these options. The higher level hakurei package is responsible for providing a secure baseline and sane defaults. The sandbox package should present everything to the caller.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 04:47:13 +09:00
Ophestra
a6887f7253 sandbox/seccomp: import dot for syscall 
This significantly increases readability in some places.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 02:30:35 +09:00
Ophestra
69bd581af7 sandbox/seccomp: append suffix to ops 
This avoids clashes with stdlib names to allow for . imports.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 01:09:04 +09:00
Ophestra
26b7afc890 sandbox/seccomp: prepare -> export 
Export makes a lot more sense, and also matches the libseccomp function.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 00:32:48 +09:00
Ophestra
d5532aade0 sandbox/seccomp: native rule slice in helpers 
These helper functions took FilterPreset as input for ease of integration. This moves them to []NativeRule.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 00:22:27 +09:00
Ophestra
0c5409aec7 sandbox/seccomp: native rule type alias 
This makes it easier to keep API stable.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-02 00:00:08 +09:00
Ophestra
1a8840bebc sandbox/seccomp: resolve rules natively 
This enables loading syscall filter policies from external cross-platform config files.

This also removes a significant amount of C code.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-01 22:11:32 +09:00
Ophestra
1fb453dffe sandbox/seccomp: extra constants 
These all resolve to pseudo syscall numbers in libseccomp, but are necessary anyway for other platforms.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-01 20:15:42 +09:00
Ophestra
e03d702d08 sandbox/seccomp: implement syscall lookup 
This uses the Go map and is verified against libseccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-01 00:35:27 +09:00
Ophestra
241dc964a6 sandbox/seccomp: wire extra syscall 
These values are only useful for libseccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-07-01 00:32:08 +09:00
Ophestra
8ef71e14d5 sandbox/seccomp: emit syscall constants 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-30 20:34:33 +09:00
Ophestra
972f4006f0 treewide: switch to hakurei.app 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-26 04:01:02 +09:00
Ophestra
9a8a047908 sandbox/seccomp: syscall name lookup table 
The script is from Go source of same name. The result is checked against libseccomp.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-26 03:49:07 +09:00
Ophestra
863bf69ad3 treewide: reapply clang-format 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 23:43:42 +09:00
Ophestra
0e957cc9c1 release: 0.0.2 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 21:11:11 +09:00
Ophestra
aa454b158f cmd/planterette: remove hsu special case 
Remove special case and invoke hakurei out of process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 20:50:24 +09:00
Ophestra
7007bd6a1c workflows: port release workflow to github 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 20:17:53 +09:00
Ophestra
00efc95ee7 workflows: port test workflow to github 
This is a much less useful port of the test workflow and runs much slower due to runner limitations.

Still better than nothing though.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 19:37:45 +09:00
Ophestra
b380bb248c release: 0.0.1 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 05:05:06 +09:00
Ophestra
87e008d56d treewide: rename to hakurei 
Fortify makes little sense for a container tool.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-25 04:57:41 +09:00
Ophestra
3992073212 dist: move comp to dist 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-18 17:01:16 +09:00
Ophestra
ef80b19f2f treewide: switch to clang-format 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-18 13:45:34 +09:00
Ophestra
717771ae80 app: share runtime dir 
This allows apps with the same identity to access the same runtime dir.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-08 03:24:48 +09:00
Ophestra
bf5772bd8a nix: deduplicate home-manager merging 
This becomes a problem when extraHomeConfig defines nixos module options.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-08 01:12:18 +09:00
Ophestra
9a7c81a44e nix: go generate in src derivation 
This saves the generated files in the nix store and exposes them for use by external tools.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-07 03:10:36 +09:00
Ophestra
b7e991de5b nix: update flake lock 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-06-05 04:05:39 +09:00
Ophestra
6c1205106d release: 0.4.1 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-26 02:55:19 +09:00
Ophestra
2ffca6984a nix: use reverse-DNS style id as unique identifier 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-25 20:12:30 +09:00
Ophestra
dde2516304 dbus: handle bizarre dbus proxy behaviour 
There is a strange behaviour in xdg-dbus-proxy where if any interface string when stripped of a single ".*" suffix does not contain a '.' byte anywhere, the program will exit with code 1 without any output. This checks for such conditions to make the failure less confusing.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-25 19:50:06 +09:00
Ophestra
f30a439bcd nix: improve common usability 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-16 04:40:12 +09:00
Ophestra
008e9e7fc5 nix: update flake lock 2025-05-07 21:35:37 +09:00
Ophestra
23aefcd759 fortify: update help strings 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-05-07 19:06:36 +09:00
Ophestra
cb8b886446 nix: update flake lock 2025-04-22 22:23:21 +09:00
Ophestra
5979d8b1e0 dbus: clean up wrapper implementation 
The dbus proxy wrapper haven't been updated much ever since the helper interface was introduced.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-16 23:35:17 +09:00
Ophestra
e587112e63 test: check xdg-dbus-proxy termination 
This process runs outside the application container's pid namespace, so it is a good idea to check whether its lifecycle becomes decoupled from the application.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-15 20:45:31 +09:00
Ophestra
d6cf736abf release: 0.4.0 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-13 11:10:45 +09:00
Ophestra
15011c4173 app/instance/common: optimise ops allocation 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-13 03:49:07 +09:00
Ophestra
31b7ddd122 fst: improve config 
The config struct more or less "grew" to what it is today. This change moves things around to make more sense and fixes nonsensical comments describing obsolete behaviour.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-13 03:30:19 +09:00
Ophestra
c460892cbd fst: check template 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-12 18:00:25 +09:00
Ophestra
6309469e93 app/instance: wrap internal implementation 
This reduces the scope of the fst package, which was growing questionably large.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-12 13:56:41 +09:00
Ophestra
0d7c1a9a43 app: rename app implementation package 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-12 10:54:24 +09:00
Ophestra
ae6f5ede19 fst: mount passthrough /dev writable 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-11 20:01:54 +09:00
Ophestra
807d511c8b test/sandbox: check device outcome 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-11 19:55:16 +09:00
Ophestra
2f4f21fb18 fst: rename device field 
Dev is very ambiguous. Rename it here alongside upcoming config changes.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-11 19:32:15 +09:00
Ophestra
9967909460 sandbox: relative autoetc links 
This allows nested containers to use autoetc, and increases compatibility with other implementations.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-11 18:54:00 +09:00
Ophestra
c806f43881 sandbox: implement autoetc as setup op 
This significantly reduces setup op count and the readdir call now happens in the context of the init process.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-10 18:54:25 +09:00
Ophestra
584405f7cc sandbox/seccomp: rename flag type and constants 
The names are ambiguous. Rename them to make more sense.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-08 01:59:45 +09:00
Ophestra
50127ed5f9 fortify: print synthesised id in ps 
This is not the full synthesised id so it does not get too long.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-07 21:55:07 +09:00
Ophestra
b5eff27c40 fortify: check fst id string length 
This should never be a problem, however in case it happens printing a warning message is better than relying on the runtime to panic.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-04-07 21:39:46 +09:00