18 Releases 18 Tags

RSS Feed

• v0.4.2 0cf0e18e35

  Compare

  v0.4.2 Stable

  cat released this 2026-05-10 16:17:48 +09:00 | 0 commits to master since this release

  Fixes

  • Abandon response on termination during testing of package container.

  Enhancements

  • Optionally suppress init verbosity in package container.
  • Replace capability checks during NixOS VM tests with native tests of
    package container.
  • Optionally map uid/gid 0 as init in package container.
  • Arrange for binfmt_misc registration in package container.

  ---

  Full Changelog: v0.4.1...v0.4.2

  Downloads

  • hakurei-v0.4.2-amd64.tar.gz
    4.5 MiB

    2026-05-10 16:25:13 +09:00
  • hakurei-v0.4.2-amd64.tar.gz.sha512
    158 B

    2026-05-10 16:25:13 +09:00
  • hakurei-v0.4.2-arm64.tar.gz
    4.1 MiB

    2026-05-10 16:49:16 +09:00
  • hakurei-v0.4.2-arm64.tar.gz.sha512
    158 B

    2026-05-10 16:49:15 +09:00
  • hakurei-v0.4.2-riscv64.tar.gz
    4.1 MiB

    2026-05-10 16:43:19 +09:00
  • hakurei-v0.4.2-riscv64.tar.gz.sha512
    160 B

    2026-05-10 16:43:18 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.4.1 337bf20f50

  Compare

  v0.4.1 Stable

  cat released this 2026-05-04 05:05:38 +09:00 | 47 commits to master since this release

  Fixes

  • Strings larger than a page is rejected by package container.

  Enhancements

  • Overlay mounts are now configured via fsconfig(2) in package container.

  Internal

  • Checksum helper command in cmd/mbf.
  • Pass preferred job count via internal/pkg.
  • Optionally open cache in cmd/mbf.
  • Artifact IR daemon in cmd/mbf.
  • Ongoing cures now supports fine-grained cancellation in internal/pkg.
  • LLVM toolchain is now built in a single artifact.
  • Binary stage0 distribution is shrunk to less than half its former size.
  • The stage0 toolchain is now functionally equivalent to all future stages and is able to cure artifacts without special cases.
  • Package status dashboard upstreamed in cmd/mbf.

  ---

  Full Changelog: v0.4.0...v0.4.1

  Downloads

  • hakurei-v0.4.1-amd64.tar.gz
    4.5 MiB

    2026-05-04 05:19:38 +09:00
  • hakurei-v0.4.1-amd64.tar.gz.sha512
    158 B

    2026-05-04 05:19:38 +09:00
  • hakurei-v0.4.1-arm64.tar.gz
    4.1 MiB

    2026-05-05 05:32:42 +09:00
  • hakurei-v0.4.1-arm64.tar.gz.sha512
    158 B

    2026-05-05 05:32:41 +09:00
  • hakurei-v0.4.1-riscv64.tar.gz
    4.1 MiB

    2026-05-10 13:51:47 +09:00
  • hakurei-v0.4.1-riscv64.tar.gz.sha512
    160 B

    2026-05-10 13:51:46 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.4.0 0b1009786f

  Compare

  v0.4.0 Stable

  cat released this 2026-04-11 10:49:43 +09:00 | 220 commits to master since this release

  Migration

  The cmd/hakurei command app, for starting containers from a configuration file, has been renamed to run. Additionally, dist/release.sh has been renamed to all.sh, however usage remains identical.

  API Changes

  • Remove compatibility wrappers for all deprecated APIs.
  • Package ext renamed from container/std.
  • Rename ScmpSyscall to SyscallNum.
  • Package vfs renamed from container/vfs.
  • Package check renamed from container/check.
  • Move syscall wrappers to package ext.
  • Package fhs renamed from container/fhs.
  • Move package container/stub internal.
  • Command run renamed to exec, and app to run in cmd/hakurei.
  • Remove setup helpers from package container.
  • Optionally reject insecure options in package hst.
  • Remove explicit enablements JSON adapter in package hst.
  • Unexport PR_SET_NO_NEW_PRIVS wrapper in package container.
  • Move landlock internal from package container.

  Fixes

  • Correctly describe --with-toolchain in cmd/mbf.
  • Use filepath in portable packages.
  • Ignore finished process in container init.
  • Optionally skip landlock on hostnet in package container.
  • Group-accessible permission bits in cmd/sharefs to work around vfs inode file attribute race.

  Enhancements

  • C integer limit values in package ext.
  • Optionally set FD_CLOEXEC via close_range (build tag: close_range).
  • Optionally suppress via assumed checksum in package internal/pkg.
  • Release script dist/release.sh replaced by cmd/dist.
  • Prefix configurable from environment via cmd/dist.
  • Conditionally skip root remount in package hst.
  • Add riscv64 stage0 tarball for Rosa OS.
  • Optionally transparently degrade in test suite.

  Internal

  • Generic netlink implementation in package internal/netlink.
  • Kobject uevent (with coldboot) implementation in package internal/uevent.
  • Export container params of KindExec and KindExecNet in package internal/pkg.
  • Move collection helper-artifact to package internal/pkg.
  • Retain session by default in cmd/mbf.
  • Alternative hsurc path for Rosa OS.
  • Cache now accepts flags in package internal/pkg.

  ---

  Full Changelog: v0.3.7...v0.4.0

  Downloads

  • hakurei-v0.4.0-amd64.tar.gz
    4.5 MiB

    2026-04-12 03:44:11 +09:00
  • hakurei-v0.4.0-amd64.tar.gz.sha512
    158 B

    2026-04-12 03:44:11 +09:00
  • hakurei-v0.4.0-arm64.tar.gz
    4.1 MiB

    2026-04-11 22:52:30 +09:00
  • hakurei-v0.4.0-arm64.tar.gz.sha512
    158 B

    2026-04-11 22:52:30 +09:00
  • hakurei-v0.4.0-riscv64.tar.gz
    4.1 MiB

    2026-04-15 00:57:21 +09:00
  • hakurei-v0.4.0-riscv64.tar.gz.sha512
    160 B

    2026-04-15 00:57:20 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.7 b208af8b85

  Compare

  v0.3.7 Stable

  cat released this 2026-03-15 21:04:55 +09:00 | 376 commits to master since this release

  Fixes

  • Update URLs for rename of organisation security to rosa.

  Enhancements

  • Text representation for scheduling policy constants.
  • Export scheduling constants in std.
  • Expose scheduling policy and priority in hst.

  Internal

  • Represent runtime dependencies in internal/rosa.

  ---

  Full Changelog: v0.3.6...v0.3.7

  Downloads

  • hakurei-v0.3.7-amd64.tar.gz
    8.5 MiB

    2026-04-12 03:40:25 +09:00
  • hakurei-v0.3.7-amd64.tar.gz.sha512
    158 B

    2026-04-12 03:40:25 +09:00
  • hakurei-v0.3.7-arm64.tar.gz
    7.7 MiB

    2026-03-16 09:24:17 +09:00
  • hakurei-v0.3.7-arm64.tar.gz.sha512
    158 B

    2026-03-16 09:24:16 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.6 bae45363bc

  Compare

  v0.3.6 Stable

  cat released this 2026-03-07 16:32:04 +09:00 | 431 commits to master since this release

  Fixes

  • Allow devel syscalls in internal/pkg.
  • Keep objects alive while stopping cleanups in internal/lockedfile.
  • Cancel on scanner error in internal/pkg.
  • Stricter checking in internal/pkg error filtering.

  Enhancements

  • Set scheduling policy in container.
  • Treat nil pathname as self in ldd.
  • Use /proc/self/exe directly in container.
  • Deprecate unused APIs and remove cmd/hpkg.

  Internal

  • Validate tar pathnames in internal/pkg.
  • Read buffer free list in internal/pkg.
  • Buffer tar reader in internal/pkg.
  • Significantly improve error resolution performance in internal/pkg.
  • Expose extra information for FileArtifact pipelines.
  • Mount tmpfs on /tmp in integration test to prevent spurious failures.
  • Match os package behaviour in container package error injection tests.
  • Export layer promotion in internal/pkg.
  • Raise string limit to 16 MiB in internal/pkg.
  • Supported artifacts in internal/pkg now saves logs.

  ---

  Full Changelog: v0.3.5...v0.3.6

  Downloads

  • hakurei-v0.3.6-amd64.tar.gz
    8.3 MiB

    2026-04-12 03:38:34 +09:00
  • hakurei-v0.3.6-amd64.tar.gz.sha512
    158 B

    2026-04-12 03:38:34 +09:00
  • hakurei-v0.3.6-arm64.tar.gz
    7.7 MiB

    2026-03-08 02:22:04 +09:00
  • hakurei-v0.3.6-arm64.tar.gz.sha512
    158 B

    2026-03-08 02:22:03 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.5 9fb0b2452e

  Compare

  v0.3.5 Stable

  cat released this 2026-02-09 00:11:20 +09:00 | 604 commits to master since this release

  Fixes

  • Filter host-dependent mount options in test cases.

  Enhancements

  • Include target in dist filename.
  • Add riscv64 constants.

  Internal

  • Allow multiarch in execArtifact.
  • Set project-specific User-Agent in httpArtifact.
  • Artifact IR is now standardised for internal/pkg.

  ---

  Full Changelog: v0.3.4...v0.3.5

  Downloads

  • hakurei-v0.3.5-amd64.tar.gz
    8.4 MiB

    2026-04-12 03:35:58 +09:00
  • hakurei-v0.3.5-amd64.tar.gz.sha512
    158 B

    2026-04-12 03:35:58 +09:00
  • hakurei-v0.3.5-arm64.tar.gz
    7.7 MiB

    2026-02-09 00:31:14 +09:00
  • hakurei-v0.3.5-arm64.tar.gz.sha512
    158 B

    2026-02-09 00:31:13 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.4 d61faa09eb

  Compare

  v0.3.4 Stable

  cat released this 2026-01-27 03:56:06 +09:00 | 691 commits to master since this release

  Fixes

  • Treat internal/pipewire network errors as fatal.

  Enhancements

  • No longer poll possibly blocking calls in internal/pipewire.
  • Shared permissionless filesystem via cmd/sharefs.
  • Intern checked absolute pathnames.

  Internal

  • Handle socket fd directly in internal/pipewire.
  • Hakurei is now fully self-hosted via internal/rosa.

  ---

  Full Changelog: v0.3.3...v0.3.4

  Downloads

  • hakurei-v0.3.4.tar.gz
    8.4 MiB

    2026-04-12 03:25:12 +09:00
  • hakurei-v0.3.4.tar.gz.sha512
    152 B

    2026-04-12 03:25:12 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.3 8cb0b433b2

  Compare

  v0.3.3 Stable

  cat released this 2025-12-15 20:34:45 +09:00 | 880 commits to master since this release

  Security

  This release mitigates vulnerabilities in PipeWire SecurityContext. It is highly recommended to upgrade to this release as soon as possible.

  The SecurityContext machinery is fatally flawed, it blindly sets read and execute bits on all objects for clients with the lowest achievable privilege level (by setting PW_KEY_ACCESS to "restricted"). This enables them to call any method targeting any object, and since Registry::Destroy checks for the read and execute bit, allows the destruction of any object other than PW_ID_CORE as well. This behaviour is implemented separately in media-session and wireplumber, with the wireplumber implementation in Lua via an embedded Lua vm. In all known setups, wireplumber is in use, and there is no known way to change its behaviour and set permissions differently without replacing the Lua script. Also, since PipeWire relies on these permissions to work, reducing them is not possible.

  Currently, the only other sandboxed use case is flatpak, which is not aware of PipeWire and blindly exposes the bare PulseAudio socket to the container (behaves like DirectPulse). This socket is backed by the pipewire-pulse compatibility daemon, which obtains client pid via the SO_PEERCRED option. The PipeWire daemon, pipewire-pulse daemon and the session manager daemon then separately performs the /.flatpak-info hack described in #21. Under such use case, since the client has no direct access to PipeWire, insecure parts of the protocol are obscured by pipewire-pulse simply not implementing them, and thus hiding the flaws described above.

  Hakurei does not rely on the /.flatpak-info hack. Instead, a socket is sets up via SecurityContext. A pipewire-pulse server connected through it achieves the same permissions as flatpak does via the /.flatpak-info hack and is maintained for the life of the container.

  As of this release, upstream has not responded to the ticket regarding these flaws, and it is highly unlikely that a fix is possible without breaking the entire protocol.

  Fixes

  • Implement all reachable events in internal/pipewire.
  • Treat unknown opcodes as fatal in internal/pipewire.
  • Treat invalid proxy acknowledgement as fatal in internal/pipewire.
  • Correctly handle nil values in POD format in internal/pipewire.

  Enhancements

  • Package internal/pipewire now handles directed Core::Error events as part of the exported methods.
  • The error string for an unsupported type error is used as the error message directly, which cleans up the resulting output.

  Internal

  • Distribution tarballs are now built using newer versions of compiler and libraries.
  • Implement local and remote object destruction in internal/pipewire.
  • Move Core methods under the Core type in internal/pipewire.
  • Synchronise stubbed wait4 loop after call to notify in container.
  • Shim now supports an optional private working directory.

  ---

  Full Changelog: v0.3.2...v0.3.3

  Downloads

  • hakurei-v0.3.3.tar.gz
    3.9 MiB

    2026-04-12 03:18:38 +09:00
  • hakurei-v0.3.3.tar.gz.sha512
    152 B

    2026-04-12 03:18:39 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.2 ccc0d98bd7

  Compare

  v0.3.2 Stable

  cat released this 2025-12-09 08:12:52 +09:00 | 907 commits to master since this release

  Security

  This release introduces support for PipeWire SecurityContext. It is highly recommended to upgrade to this release as soon as possible.

  Legacy flatpak-like PulseAudio behaviour is now disabled by default and produces an error message. To make PulseAudio available in the container, use the hst filesystem type "daemon" and point it to pipewire-pulse within the container. An example of this can be found in the NixOS module.

  Fixes

  • Package ldd cancels ldd process on decoding error.

  Enhancements

  • Package ldd checks for absolute pathname.
  • Output of the cmd/hakurei sub-command show is reordered to improve readability.
  • Container init now supports spawning daemon processes.
  • PipeWire SecurityContext is now supported and can be enabled via the hst.EPipeWire enablement bit.
  • Container daemons are exposed via the hst filesystem types.

  Internal

  • Move multiple packages to internal. Wrappers are maintained until v0.4.0.
  • Implement PipeWire protocol native at internal/pipewire.
  • Package ldd now decodes from an io.Reader stream.
  • Package container now comes with a testable example.
  • Releases are now built using clang.
  • Error handling for libwayland-client is significantly improved.
  • Container ops are now able to access wait4 loop state.

  ---

  Full Changelog: v0.3.1...v0.3.2

  Downloads

  • hakurei-v0.3.2.tar.gz
    3.8 MiB

    2026-04-12 03:12:15 +09:00
  • hakurei-v0.3.2.tar.gz.sha512
    152 B

    2026-04-12 03:12:15 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.1 17ffdb2dcf

  Compare

  v0.3.1 Stable

  cat released this 2025-11-12 00:53:14 +09:00 | 1039 commits to master since this release

  Fixes

  • Format group lookup error message correctly.
  • Reject impossible user-supplied fd numbers.
  • Close initial process extra files on termination, which also keeps them alive until then.
  • Close container/init setup pipe before fork/exec of initial process.

  Enhancements

  • Expose current instance identifier via the --identifier-fd flag.
  • Set FD_CLOEXEC on files left open by the parent.

  Internal

  • Separate seccomp numbers from syscall numbers to prevent inadvertent use of PNRs.

  ---

  Full Changelog: v0.3.0...v0.3.1

  Downloads

  • hakurei-v0.3.1.tar.gz
    3.7 MiB

    2026-04-12 03:06:05 +09:00
  • hakurei-v0.3.1.tar.gz.sha512
    152 B

    2026-04-12 03:06:06 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)