rosa/hakurei
6
4
Fork 2
Code Issues 10 Pull Requests 1 Actions Packages Projects Releases 19 Wiki Activity
2,025 Commits 3 Branches 19 Tags
62870d959e56e3cc03ad19d7c903b2765fa32445
Commit Graph

2025 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
cat 985f9442e6 sandbox: copy symlink with magic prefix
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m39s
Details
Test / Fpkg (push) Successful in 3m31s
Details
Test / Data race detector (push) Successful in 2m40s
Details
Test / Flake checks (push) Successful in 59s
Details 
This does not dereference the symlink, but only reads one level of it. This is useful for symlink targets that are not yet known at the time the configuration is emitted.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-26 01:42:39 +09:00
cat 67eb28466d nix: create opengl-driver symlink
Test / Create distribution (push) Successful in 25s
Details
Test / Fpkg (push) Successful in 33s
Details
Test / Fortify (push) Successful in 2m18s
Details
Test / Data race detector (push) Successful in 3m3s
Details
Test / Flake checks (push) Successful in 53s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 20:52:20 +09:00
cat c326c3f97d fst/sandbox: do not create /etc in advance
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m43s
Details
Test / Fpkg (push) Successful in 3m36s
Details
Test / Data race detector (push) Successful in 4m31s
Details
Test / Flake checks (push) Successful in 56s
Details 
This is now handled by the setup op. This also gets rid of the hardcoded /etc path.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 20:00:34 +09:00
cat 971c79bb80 sandbox: remove hardcoded parent perm
Test / Create distribution (push) Successful in 27s
Details
Test / Fortify (push) Successful in 2m43s
Details
Test / Fpkg (push) Successful in 3m41s
Details
Test / Data race detector (push) Successful in 4m32s
Details
Test / Flake checks (push) Successful in 59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 19:49:51 +09:00
cat f86d868274 sandbox: wrap error with its own text message
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m40s
Details
Test / Fpkg (push) Successful in 3m33s
Details
Test / Data race detector (push) Successful in 4m24s
Details
Test / Flake checks (push) Successful in 57s
Details 
PathError has a pretty good text message, many of them are wrapped with its own text message. This change adds a function to do just that to improve readability.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 19:42:20 +09:00
cat 33940265a6 sandbox: do not ensure symlink target
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m40s
Details
Test / Fpkg (push) Successful in 3m29s
Details
Test / Data race detector (push) Successful in 4m31s
Details
Test / Flake checks (push) Successful in 1m4s
Details 
This masks EEXIST on target and might clobber filesystems and lead to other confusing behaviour. Create its parent instead.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 19:30:53 +09:00
cat b39f3aeb59 helper: remove bubblewrap wrapper
Test / Create distribution (push) Successful in 19s
Details
Test / Fortify (push) Successful in 2m12s
Details
Test / Fpkg (push) Successful in 3m34s
Details
Test / Data race detector (push) Successful in 4m19s
Details
Test / Flake checks (push) Successful in 57s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 05:35:02 +09:00
cat 61dbfeffe7 sandbox/wl: move into sandbox
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m49s
Details
Test / Fpkg (push) Successful in 3m54s
Details
Test / Data race detector (push) Successful in 4m36s
Details
Test / Flake checks (push) Successful in 58s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 05:26:37 +09:00
cat 532feb4bfa app: merge shim into app package
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m48s
Details
Test / Fpkg (push) Successful in 3m39s
Details
Test / Data race detector (push) Successful in 4m35s
Details
Test / Flake checks (push) Successful in 56s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 05:21:47 +09:00
cat ec5e91b8c9 system: optimise string formatting
Test / Create distribution (push) Successful in 20s
Details
Test / Fpkg (push) Successful in 36s
Details
Test / Fortify (push) Successful in 42s
Details
Test / Data race detector (push) Successful in 43s
Details
Test / Flake checks (push) Successful in 1m10s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 04:42:30 +09:00
cat ee51320abf test: check revert type selection
Test / Create distribution (push) Successful in 20s
Details
Test / Fortify (push) Successful in 2m18s
Details
Test / Fpkg (push) Successful in 3m1s
Details
Test / Data race detector (push) Successful in 4m32s
Details
Test / Flake checks (push) Successful in 1m4s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 04:37:58 +09:00
cat 5c4058d5ac app: run in native sandbox
Test / Create distribution (push) Successful in 20s
Details
Test / Fortify (push) Successful in 2m5s
Details
Test / Fpkg (push) Successful in 3m0s
Details
Test / Data race detector (push) Successful in 4m12s
Details
Test / Flake checks (push) Successful in 1m4s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 01:52:49 +09:00
cat e732dca762 wl: fix sync pipe keepalive
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m30s
Details
Test / Fpkg (push) Successful in 3m36s
Details
Test / Data race detector (push) Successful in 4m14s
Details
Test / Flake checks (push) Successful in 59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 01:33:37 +09:00
cat a9adcd914b fortify/parse: omit try fd fallthrough message
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m33s
Details
Test / Fpkg (push) Successful in 3m28s
Details
Test / Data race detector (push) Successful in 4m12s
Details
Test / Flake checks (push) Successful in 57s
Details 
This reduces noise in verbose output.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-25 01:21:11 +09:00
cat 3dd4ff29c8 test/sandbox: check mount table length
Test / Create distribution (push) Successful in 26s
Details
Test / Fpkg (push) Successful in 37s
Details
Test / Fortify (push) Successful in 2m20s
Details
Test / Data race detector (push) Successful in 2m51s
Details
Test / Flake checks (push) Successful in 1m0s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 16:36:53 +09:00
cat 61d86c5e10 test/sandbox: fix stdout tty check
Test / Create distribution (push) Successful in 27s
Details
Test / Fpkg (push) Successful in 37s
Details
Test / Fortify (push) Successful in 2m22s
Details
Test / Data race detector (push) Successful in 2m57s
Details
Test / Flake checks (push) Successful in 56s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 16:23:50 +09:00
cat d097eaa28f test/sandbox: unquote fail messages
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m31s
Details
Test / Fpkg (push) Successful in 3m22s
Details
Test / Data race detector (push) Successful in 4m22s
Details
Test / Flake checks (push) Successful in 57s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 16:03:53 +09:00
cat ad3576c164 sandbox: resolve tty name
Test / Create distribution (push) Successful in 19s
Details
Test / Fortify (push) Successful in 2m17s
Details
Test / Fpkg (push) Successful in 3m15s
Details
Test / Data race detector (push) Successful in 4m10s
Details
Test / Flake checks (push) Successful in 56s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 16:03:07 +09:00
cat b989a4601a test/sandbox: fail on mismatched mount entry
Test / Create distribution (push) Successful in 26s
Details
Test / Fpkg (push) Successful in 34s
Details
Test / Fortify (push) Successful in 2m26s
Details
Test / Data race detector (push) Successful in 2m47s
Details
Test / Flake checks (push) Successful in 57s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 13:43:32 +09:00
cat a11237b158 sandbox/vfs: add doc comments
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m42s
Details
Test / Fpkg (push) Successful in 3m40s
Details
Test / Data race detector (push) Successful in 4m15s
Details
Test / Flake checks (push) Successful in 55s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 13:21:55 +09:00
cat 40f00d570e sandbox: set mkdir perm
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m34s
Details
Test / Fpkg (push) Successful in 3m26s
Details
Test / Data race detector (push) Successful in 4m7s
Details
Test / Flake checks (push) Successful in 57s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 12:51:39 +09:00
cat 0eb1bc6301 test/sandbox: verify outcome via mountinfo
Test / Fpkg (push) Successful in 36s
Details
Test / Create distribution (push) Successful in 4m56s
Details
Test / Fortify (push) Successful in 6m33s
Details
Test / Data race detector (push) Successful in 7m3s
Details
Test / Flake checks (push) Successful in 54s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-24 01:42:38 +09:00
cat 1eb837eab8 test/sandbox: warn about misuse in doc comment
Test / Create distribution (push) Successful in 26s
Details
Test / Fpkg (push) Successful in 34s
Details
Test / Fortify (push) Successful in 2m16s
Details
Test / Data race detector (push) Successful in 2m45s
Details
Test / Flake checks (push) Successful in 59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 23:28:28 +09:00
cat 0a4e633db2 nix: filter test from source
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m42s
Details
Test / Fpkg (push) Successful in 3m52s
Details
Test / Data race detector (push) Successful in 4m19s
Details
Test / Flake checks (push) Successful in 54s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 22:20:19 +09:00
cat e8809125d4 sandbox: verify outcome via mountinfo
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m39s
Details
Test / Fpkg (push) Successful in 3m29s
Details
Test / Data race detector (push) Successful in 4m17s
Details
Test / Flake checks (push) Successful in 1m6s
Details 
This contains much more information than /proc/mounts and allows for more fields to be checked. This also removes the dependency on the test package.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 22:17:36 +09:00
cat 806ce18c0a test/sandbox: check mapuid outcome
Test / Create distribution (push) Successful in 27s
Details
Test / Fpkg (push) Successful in 37s
Details
Test / Fortify (push) Successful in 2m23s
Details
Test / Data race detector (push) Successful in 2m50s
Details
Test / Flake checks (push) Successful in 55s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 17:56:07 +09:00
cat b71d2bf534 test/sandbox: check tty outcome
Test / Create distribution (push) Successful in 25s
Details
Test / Fpkg (push) Successful in 34s
Details
Test / Fortify (push) Successful in 2m21s
Details
Test / Data race detector (push) Successful in 2m48s
Details
Test / Flake checks (push) Successful in 54s
Details 
This makes no difference currently but has different behaviour in the native sandbox.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 17:28:57 +09:00
cat 46059b1840 test/sandbox: print mismatching file content
Test / Create distribution (push) Successful in 25s
Details
Test / Fpkg (push) Successful in 34s
Details
Test / Fortify (push) Successful in 2m3s
Details
Test / Data race detector (push) Successful in 2m32s
Details
Test / Flake checks (push) Successful in 51s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 17:24:52 +09:00
cat d2c329bcea test: format path aid offsets
Test / Create distribution (push) Successful in 26s
Details
Test / Fpkg (push) Successful in 36s
Details
Test / Fortify (push) Successful in 2m12s
Details
Test / Data race detector (push) Successful in 2m41s
Details
Test / Flake checks (push) Successful in 51s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 17:21:14 +09:00
cat 2d379b5a38 test/sandbox: pass want file as argument
Test / Create distribution (push) Successful in 25s
Details
Test / Fpkg (push) Successful in 33s
Details
Test / Fortify (push) Successful in 2m7s
Details
Test / Data race detector (push) Successful in 2m36s
Details
Test / Flake checks (push) Successful in 49s
Details 
This avoids building the check program multiple times.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 15:00:59 +09:00
cat 75e0c5d406 test/sandbox: parse full test case
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m37s
Details
Test / Fpkg (push) Successful in 3m52s
Details
Test / Data race detector (push) Successful in 4m12s
Details
Test / Flake checks (push) Successful in 50s
Details 
This makes declaring multiple tests much cleaner.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 14:53:50 +09:00
cat 770b37ae16 sandbox/vfs: match MS_NOSYMFOLLOW flag
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m27s
Details
Test / Fpkg (push) Successful in 3m33s
Details
Test / Data race detector (push) Successful in 4m10s
Details
Test / Flake checks (push) Successful in 52s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 13:57:30 +09:00
cat c638193268 sandbox: apply vfs options to bind mounts
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m41s
Details
Test / Fpkg (push) Successful in 3m45s
Details
Test / Data race detector (push) Successful in 4m11s
Details
Test / Flake checks (push) Successful in 56s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 05:27:57 +09:00
cat 8c3a817881 sandbox/vfs: unfold mount hierarchy
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m33s
Details
Test / Fpkg (push) Successful in 3m31s
Details
Test / Data race detector (push) Successful in 4m11s
Details
Test / Flake checks (push) Successful in 53s
Details 
This presents all visible mount points under path. This is useful for applying extra vfs options to bind mounts.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 05:23:31 +09:00
cat e2fce321c1 sandbox/vfs: expose mountinfo line scanning
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m38s
Details
Test / Fpkg (push) Successful in 3m30s
Details
Test / Data race detector (push) Successful in 4m9s
Details
Test / Flake checks (push) Successful in 51s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-23 02:46:58 +09:00
cat 241702ae3a go: 1.23
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m48s
Details
Test / Data race detector (push) Successful in 4m22s
Details
Test / Fpkg (push) Successful in 1h28m30s
Details
Test / Flake checks (push) Successful in 49s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-22 18:20:06 +09:00
cat d21d9c5b1d sandbox/vfs: parse vfs options
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m36s
Details
Test / Fpkg (push) Successful in 3m20s
Details
Test / Data race detector (push) Successful in 4m4s
Details
Test / Flake checks (push) Successful in 50s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 17:12:10 +09:00
cat a70daf2250 sandbox: resolve inverted flags in op
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m5s
Details
Test / Data race detector (push) Successful in 2m30s
Details
Test / Fpkg (push) Successful in 2m48s
Details
Test / Flake checks (push) Successful in 48s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 12:58:38 +09:00
cat 632b18addd test/sandbox: rename misleading bind destination
Test / Create distribution (push) Successful in 25s
Details
Test / Fpkg (push) Successful in 34s
Details
Test / Fortify (push) Successful in 2m15s
Details
Test / Data race detector (push) Successful in 2m49s
Details
Test / Flake checks (push) Successful in 59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 12:56:11 +09:00
cat a57a7a6a16 test/sandbox: check type handling host_passthrough
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m30s
Details
Test / Fpkg (push) Successful in 3m30s
Details
Test / Data race detector (push) Successful in 4m20s
Details
Test / Flake checks (push) Successful in 52s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 12:21:08 +09:00
cat 5098b12e4a sandbox/vfs: count mountinfo entries
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m39s
Details
Test / Fpkg (push) Successful in 3m37s
Details
Test / Data race detector (push) Successful in 4m10s
Details
Test / Flake checks (push) Successful in 52s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 12:14:33 +09:00
cat 9ddf5794dd sandbox/vfs: implement proc_pid_mountinfo(5) parser
Test / Create distribution (push) Successful in 28s
Details
Test / Fortify (push) Successful in 2m43s
Details
Test / Fpkg (push) Successful in 3m38s
Details
Test / Data race detector (push) Successful in 4m11s
Details
Test / Flake checks (push) Successful in 53s
Details 
Test cases are mostly taken from util-linux. This implementation is more correct and slightly faster than the one found in github:kubernetes/utils.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-21 00:35:49 +09:00
cat b74a08dda9 sandbox: prepare ops early
Test / Create distribution (push) Successful in 24s
Details
Test / Fortify (push) Successful in 2m27s
Details
Test / Fpkg (push) Successful in 3m33s
Details
Test / Data race detector (push) Successful in 4m9s
Details
Test / Flake checks (push) Successful in 53s
Details 
Some setup code needs to run in host root. This change allows that to happen.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-18 02:17:46 +09:00
cat 1b9408864f sandbox: pass cmd to cancel function
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m35s
Details
Test / Fpkg (push) Successful in 3m36s
Details
Test / Data race detector (push) Successful in 4m11s
Details
Test / Flake checks (push) Successful in 49s
Details 
This is not usually in scope otherwise.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 22:36:39 +09:00
cat cc89dbdf63 sandbox: place files with content
Test / Create distribution (push) Successful in 24s
Details
Test / Fortify (push) Successful in 2m35s
Details
Test / Fpkg (push) Successful in 3m35s
Details
Test / Data race detector (push) Successful in 4m7s
Details
Test / Flake checks (push) Successful in 47s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 22:13:22 +09:00
cat 228f3301f2 sandbox: create directories
Test / Create distribution (push) Successful in 24s
Details
Test / Fortify (push) Successful in 2m29s
Details
Test / Fpkg (push) Successful in 3m30s
Details
Test / Data race detector (push) Successful in 4m2s
Details
Test / Flake checks (push) Successful in 48s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 22:03:06 +09:00
cat 07181138e5 sandbox/mount: pass absolute path
Test / Create distribution (push) Successful in 24s
Details
Test / Fortify (push) Successful in 2m31s
Details
Test / Fpkg (push) Successful in 3m24s
Details
Test / Data race detector (push) Successful in 4m6s
Details
Test / Flake checks (push) Successful in 48s
Details 
This should never be used unless there is a good reason to, like using a file in the intermediate root.

Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 21:53:31 +09:00
cat 816b372f14 sandbox: cancel process on serve error
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m32s
Details
Test / Fpkg (push) Successful in 3m28s
Details
Test / Data race detector (push) Successful in 4m4s
Details
Test / Flake checks (push) Successful in 49s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 21:49:45 +09:00
cat d7eddd54a2 sandbox: rename params struct
Test / Create distribution (push) Successful in 25s
Details
Test / Fortify (push) Successful in 2m33s
Details
Test / Fpkg (push) Successful in 3m27s
Details
Test / Data race detector (push) Successful in 4m3s
Details
Test / Flake checks (push) Successful in 59s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 21:45:08 +09:00
cat 7c063833e0 internal/sys: wrap getuid/getgid
Test / Create distribution (push) Successful in 26s
Details
Test / Fortify (push) Successful in 2m34s
Details
Test / Fpkg (push) Successful in 3m26s
Details
Test / Data race detector (push) Successful in 4m8s
Details
Test / Flake checks (push) Successful in 50s
Details 
Signed-off-by: Ophestra <cat@gensokyo.uk>
 2025-03-17 17:10:03 +09:00