64b6dc41ba
nix: split integration test
...
For adding tests for fpkg.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-21 17:05:17 +09:00
c64b8163e7
app: separate instance from process state
...
This works better for the implementation.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-21 16:06:24 +09:00
9d9a165379
release: 0.2.16
...
Mostly refactor and cleanup, but also contains major fix to process lifecycle management.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 23:39:16 +09:00
d0dff1cac9
wl: check against null character
...
Wayland library takes null terminated strings.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 23:35:49 +09:00
3c80fd2b0f
app: defer system.I revert
...
Just returning an error after a successful call of commit will leave garbage behind with no way for the caller to clean them. This change ensures revert is always called after successful commit with at least per-process state enabled.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 21:12:11 +09:00
ef81828e0c
app: remove share method
...
This is yet another implementation detail from before system.I, getting rid of this vastly cuts down on redundant seal state.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 16:20:25 +09:00
2978a6f046
app: separate appSeal finalise method
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 12:33:51 +09:00
dfd9467523
app: merge seal with sys
...
The existence of the appSealSys struct was an implementation detail obsolete since system.I was integrated in 084cd84f36cat@gensokyo.uk >
2025-02-19 01:36:29 +09:00
53571f030e
app: embed appSeal in app struct
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 01:10:37 +09:00
aa164081e1
app/seal: improve documentation
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 01:04:14 +09:00
9a10eeab90
app/seal: embed enablements
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 00:41:51 +09:00
d1f83f40d6
helper/bwrap: rename Write to WriteFile
...
In case this might want to be an io.Writer.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 00:34:19 +09:00
a748d40745
app: store values with string representation
...
Improves code readability without changing memory layout.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-19 00:25:00 +09:00
648e1d641a
app: separate interface from implementation
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 23:07:28 +09:00
3c327084d3
fst: declare wrappers for sandbox config
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 23:04:13 +09:00
ffaa12b9d8
sys: wrap log methods
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 22:52:09 +09:00
bf95127332
fst: move App interface declaration
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 22:36:45 +09:00
e0f321b2c4
sys: rename from linux
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 18:47:48 +09:00
2c9c7fee5b
linux: wrap fsu lookup error
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 17:39:53 +09:00
d0400f3c81
fmsg: PrintBaseError skip empty message
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 17:01:26 +09:00
e9b0f9faef
fmsg: export logBaseError function
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-18 13:02:51 +09:00
e85be67fd9
acl: implement Update in C
...
The original implementation was effectively just writing C in Go.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 21:39:14 +09:00
7e69893264
acl: rename UpdatePerms to Update
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 20:33:18 +09:00
38a3e6af03
system: make xcb internal
...
This package is hauntingly ugly. Move this to internal until it is removed or replaced.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 19:07:53 +09:00
90cb01b274
system: move out of internal
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 19:00:43 +09:00
b1e1d5627e
system: wrap console output functions
...
This eliminates all fmsg imports from internal/system.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 18:17:55 +09:00
3ae2ab652e
system/wayland: sync file at caller specified address
...
Storing this in sys is incredibly ugly: sys should be stateless and Ops must keep track of their state.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 13:24:17 +09:00
db71fbe22b
system/tmpfiles: fail gracefully in API misuse
...
Panicking here leaves garbage behind. Not ideal if this package is going to be exported.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 12:17:01 +09:00
83e72c2b59
release: 0.2.15
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 00:13:04 +09:00
82a072f641
system/tmpfiles: implement private tmpfiles
...
These are only available within the mount namespace and should significantly reduce attack surface.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-17 00:07:52 +09:00
60c10c3f4a
nix: run integration tests with race detector
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 20:58:08 +09:00
468696f611
internal: beforeExit before reachable fatal calls
...
These are the only two calls to log.Fatal* reachable during suspended output. Call fmsg.BeforeExit here to catch that.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 19:03:34 +09:00
29c38caac8
app/shim/manager: return error on bad fsu path
...
This results in a graceful failure that does not leave garbage behind.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 18:59:45 +09:00
e599b5583d
fmsg: implement suspend in writer
...
This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 18:51:53 +09:00
33a4ab11c2
internal: move shim and init into app
...
This structure makes more sense, as both processes are part of an app's lifecycle.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 16:28:46 +09:00
1fa5e992e4
helper/bwrap: expose address of DataConfig
...
This allows the caller to defer fulfilling its payload.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 12:33:59 +09:00
c667b13a00
system: separate link Op implementation
...
This Op would still be useful after replacing the Tmpfiles interface, so isolate it here.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-16 12:15:26 +09:00
90b86a5531
release: 0.2.14
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 23:05:02 +09:00
f545e154f0
workflows: use native nix runner
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 22:58:04 +09:00
268a90f1a5
app: improve WAYLAND_DISPLAY correctness
...
This now has identical behaviour as wayland C library.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 14:45:09 +09:00
3054527ca5
fortify: prevent exit status 0 on app failure
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 14:40:19 +09:00
ddb2f9c11b
app: remove wayland socket hard link
...
This Op was not doing anything useful.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 10:54:00 +09:00
6ae02e72fa
nix: test direct_wayland behaviour
...
This should never be used outside tests unless you absolutely know what you're doing or are using GNOME.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 10:45:27 +09:00
989fb5395f
nix: remove unused configuration
...
User setup no longer depends on userdb.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 10:10:42 +09:00
f955b15b84
system: remove write mode tmpfiles
...
This interface is ugly and bug-prone. This change removes its write mode which has been obsoleted by CopyBind.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 03:22:20 +09:00
0340c67995
app: port passwd and group files to copy
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 03:19:06 +09:00
72b0160aad
helper/bwrap: implement file copy flags
...
These are significantly more efficient and less error-prone than mounting an external tmpfile. This should also reduce attack surface as the resulting files are private to its specific sandbox.
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 03:13:15 +09:00
ea8d1c07df
priv/shim: move /sbin/init setup to app
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 03:06:10 +09:00
a0062d8275
fmsg: resume on exit
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 02:22:09 +09:00
43d2e4f5d7
nix: sway increase resolution
...
Signed-off-by: Ophestra <cat@gensokyo.uk >
2025-02-15 02:21:24 +09:00
