hakurei

Author	SHA1	Message	Date
Ophestra	fb8abf63db	nix: update flake lock Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 23:14:16 +09:00
Ophestra	63802c5f0d	nix: nixos test create parent directory This tests directory creation in shim. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 22:36:53 +09:00
Ophestra	aff80b6b00	cmd/fpkg: optional network access when invoking with nix daemon This is useful for building nixGL. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 18:32:44 +09:00
Ophestra	a98a176907	cmd/fpkg: bind and document more gpu devices Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 18:25:26 +09:00
Ophestra	5302879b88	cmd/fpkg: improve readability of fortify invocations Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 17:55:56 +09:00
Ophestra	891b3cbde7	cmd/fpkg: compare all three store paths Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 17:10:41 +09:00
Ophestra	c795293f36	cmd/fpkg: clean up broken links before activation Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 15:21:40 +09:00
Ophestra	42e1043300	nix: set home-manager user information Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 15:11:36 +09:00
Ophestra	5416b07daa	nix: remove unused argument 'self' Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 14:49:55 +09:00
Ophestra	e57a0e9bf2	nix: rename fortifyBundle to buildPackage Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 14:35:37 +09:00
Ophestra	ab48706ebe	dist: install fpkg to /usr/bin This is a high level user-facing tool. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 01:04:53 +09:00
Ophestra	c1a459a0b1	cmd/fpkg/start: correct drop to shell wording Activation no longer happens during application startup. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 00:56:14 +09:00
Ophestra	5125e96ecf	nix: generate application package build script This takes some metadata, sandbox options, a launch script and a list of home-manager modules. The result needs to be executed in an environment with nix daemon access, and it produces the final package file. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 00:42:21 +09:00
Ophestra	e0e2f40e84	cmd/fpkg: app bundle helper This helper program creates fortify configuration for running an application bundle. The activate action wraps a home-manager activation package and ensures each generation gets activated once. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 13:21:49 +09:00
Ophestra	bf8094c6ca	internal: include path to fortify main program Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 12:48:48 +09:00
Ophestra	2e3bb1893e	release: 0.2.8 This release mostly fixes bugs uncovered when running fortify on a generic linux distribution. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 01:09:47 +09:00
Ophestra	9b206072fa	cmd/fshim: ensure data directory Ensuring home directory in shim causes the directory to be owned by the target user. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 14:39:01 +09:00
Ophestra	b9e2003d5b	app: ensure extra paths The primary use case for extra perms is app-specific state directories, which may or may not exist (first run of any app). Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 14:07:49 +09:00
Ophestra	66ec0d882f	dist: build with -trimpath Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 13:44:05 +09:00
Ophestra	847b667489	app: extra acl entries from configuration Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 13:23:27 +09:00
Ophestra	c70f0612ad	fortify/print: skip nil filesystem entries This fixes a panic when displaying configurations with nil filesystem entries. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 12:14:42 +09:00
Ophestra	85e5b097fd	fst/config: add template etc entry Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 12:05:32 +09:00
Ophestra	0107620d8c	app: merge share methods This significantly increases readability and makes order of ops more obvious. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 11:12:35 +09:00
Ophestra	fc26659ea1	fst/config: autoetc read custom path Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 18:57:44 +09:00
Ophestra	1f173a469c	system/dbus: fix inverted system bus state Debug message and socket cleanup gets missed due to this value being inverted. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 18:38:11 +09:00
Ophestra	2fdbd6a4dd	fst/config: alternative /etc directory This is useful for static /etc directories provided by self-contained application packages, or in cases where autoetc is useful for paths other than /etc. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 18:06:26 +09:00
Ophestra	aef847b5ae	helper/bwrap: fix typo in --dir config builder Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 15:34:43 +09:00
Ophestra	0a2aa5823b	cmd/fshim: bind finit inside sandbox The outer finit executable is normally inaccessible inside the sandbox. This was obscured by the current Nix-based setup exposing /nix/store to the sandbox. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 14:44:57 +09:00
Ophestra	b956ce4052	ldd: trim leading and trailing white spaces from name Glibc emits ldd output with \t prefix for formatting. Remove that here. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 16:53:01 +09:00
Ophestra	dc579dc610	dbus/run: bind ldd entry absolute name The ld.so entry has an absolute name. They are usually symlinks so binding path does not guarantee ld.so availability under its expected path in the mount namespace. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 16:36:03 +09:00
Ophestra	ade57c39af	ldd: add fhs glibc test case Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 16:33:02 +09:00
Ophestra	614ad86a5b	dbus: fail on LookPath error An absolute path to xdg-dbus-proxy is required. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 16:08:48 +09:00
Ophestra	831dc6a181	dist: create checksum in dist directory This makes verification easier. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 15:14:35 +09:00
Ophestra	c67b8ab9ac	fst/config: improve correctness of comments The meanings of many of these fields have changed since they were added. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 00:45:29 +09:00
Ophestra	7c5aaa38e2	dist: include zsh completion Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-25 23:41:54 +09:00
Ophestra	b52b1a5f90	dist/install: do not replace existing fsurc Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-25 23:37:15 +09:00
Ophestra	9fc82d67b7	fortify/parse: accept config stream fd Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-23 20:09:07 +09:00
Ophestra	70bffeaa1e	fortify: clean up config loading Move duplicate code to function. Also handle - as config from stdin. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-23 17:57:54 +09:00
Ophestra	c109ac2653	release: 0.2.7 Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 13:34:50 +09:00
Ophestra	58f8731b2e	nix: include fortify show output Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 13:28:21 +09:00
Ophestra	8a9ba5e0ad	fortify: show short mode omit filesystems Filesystem information can be quite noisy in permissive defaults. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 13:20:33 +09:00
Ophestra	f608f28a6a	app: mount /dev/kvm in permissive defaults Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 12:37:24 +09:00
Ophestra	aecfae1874	fortify: sort by time of start Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 12:06:54 +09:00
Ophestra	27f2b53d18	fortify: sort ps output This ensures consistency between runs. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 11:59:53 +09:00
Ophestra	5838963265	nix: test dbus via notify-send Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 11:31:12 +09:00
Ophestra	e8594cf670	fortify: print short instance id in non-json short mode Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 11:02:19 +09:00
Ophestra	5c73acb56f	release: 0.2.6 Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 01:18:21 +09:00
Ophestra	76ca2a92ee	nix: check state store contents Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-22 01:10:48 +09:00
Ophestra	f2869c4235	fortify: serialise ps with string as key Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-21 23:52:48 +09:00
Ophestra	bf11241649	fortify: zsh complete show instance list Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-21 21:13:53 +09:00

1 2 3 4 5 ...

362 Commits