This no longer exposes the pipewire socket to the container, and instead mediates access via pipewire-pulse. This makes insecure parts of the protocol inaccessible as explained in the doc comment in hst.
Closes#29.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is a private work directory owned by the specific shim. Useful for sockets owned by this instance of the shim and requires no direct assistance from the priv-side process.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is unfortunately the only possible setup to securely expose PipeWire to the container. Further explanation explained in the doc comment and #29.
This will be implemented in a future commit.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This method can result in an error targeting it, so it is handled here. This change also causes a call to Create to also Core::Sync, as it should have done.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This proxy can be destroyed by sending a Core::Destroy targeting it. This change implements the Destroy method by embedding destructible.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This change reorders and groups struct elements. This improves readability since this struct holds a lot of state loosely related to each other.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This change also implements pending destructible check on Sync. Destruction method should always be implemented as a wrapper of destructible.destroy.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Nothing uses this right now, this would have to be called by wrapper methods on Registry that would search the objects
Signed-off-by: Ophestra <cat@gensokyo.uk>
This now calls unmarshalCheckTypeBounds to advance to the next message. Additionally, handling for None value is relocated to a function for reuse by other types.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Receiving this event indicates something has gone terribly wrong somehow, and ignoring Core::BoundProps causes inconsistent state anyway.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is emitted by the server when a proxy id is removed for any reason. Currently, the only path for this to be emitted is when a global object is destroyed while some proxy is still bound to it.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This flushes message buffer before queueing the event expecting the error. Since this is quite useful and relatively complex, it is relocated to a method of Context.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This requires error handling infrastructure in Core that does not yet exist, so it is not exported for now. It has been manually tested via linkname against PipeWire.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is emitted by PipeWire when a global object disappears, because PipeWire insists that all clients that had called Core::GetRegistry must constantly sync its local registry state with the remote.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Due to the special nature of the init process, direct use of wait outside the wait4 loop is racy. This change copies the wstatus from wait4 loop state instead.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Due to the special nature of the init process, regular wait calls are unavailable. This change provides infrastructure to access wait4 loop state from Op.
Signed-off-by: Ophestra <cat@gensokyo.uk>
Remote sequence sometimes start with a non-zero value, and keeps the same value for a while before going back to zero. Conditions for reproducing this behaviour is not yet known. This change works around this behaviour.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This fully replaces PulseAudio with PipeWire and enforces the PulseAudio check and error message. The pipewire-pulse daemon is handled in the NixOS module.
Closes#26.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is slightly counterintuitive, but it turned out well under this framework since the daemon backs its target file.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is very simple and takes almost no inputs. This is not yet hooked up to anything to prevent breaking any existing behaviour.
Signed-off-by: Ophestra <cat@gensokyo.uk>
This is at a point considered to be already "within" the container. Daemons internal to the container can be started here.
Signed-off-by: Ophestra <cat@gensokyo.uk>
