21 Releases 21 Tags

RSS Feed

• v0.3.3 8cb0b433b2

  Compare

  v0.3.3 Stable

  cat released this 2025-12-15 20:34:45 +09:00 | 1194 commits to master since this release

  Security

  This release mitigates vulnerabilities in PipeWire SecurityContext. It is highly recommended to upgrade to this release as soon as possible.

  The SecurityContext machinery is fatally flawed, it blindly sets read and execute bits on all objects for clients with the lowest achievable privilege level (by setting PW_KEY_ACCESS to "restricted"). This enables them to call any method targeting any object, and since Registry::Destroy checks for the read and execute bit, allows the destruction of any object other than PW_ID_CORE as well. This behaviour is implemented separately in media-session and wireplumber, with the wireplumber implementation in Lua via an embedded Lua vm. In all known setups, wireplumber is in use, and there is no known way to change its behaviour and set permissions differently without replacing the Lua script. Also, since PipeWire relies on these permissions to work, reducing them is not possible.

  Currently, the only other sandboxed use case is flatpak, which is not aware of PipeWire and blindly exposes the bare PulseAudio socket to the container (behaves like DirectPulse). This socket is backed by the pipewire-pulse compatibility daemon, which obtains client pid via the SO_PEERCRED option. The PipeWire daemon, pipewire-pulse daemon and the session manager daemon then separately performs the /.flatpak-info hack described in #21. Under such use case, since the client has no direct access to PipeWire, insecure parts of the protocol are obscured by pipewire-pulse simply not implementing them, and thus hiding the flaws described above.

  Hakurei does not rely on the /.flatpak-info hack. Instead, a socket is sets up via SecurityContext. A pipewire-pulse server connected through it achieves the same permissions as flatpak does via the /.flatpak-info hack and is maintained for the life of the container.

  As of this release, upstream has not responded to the ticket regarding these flaws, and it is highly unlikely that a fix is possible without breaking the entire protocol.

  Fixes

  • Implement all reachable events in internal/pipewire.
  • Treat unknown opcodes as fatal in internal/pipewire.
  • Treat invalid proxy acknowledgement as fatal in internal/pipewire.
  • Correctly handle nil values in POD format in internal/pipewire.

  Enhancements

  • Package internal/pipewire now handles directed Core::Error events as part of the exported methods.
  • The error string for an unsupported type error is used as the error message directly, which cleans up the resulting output.

  Internal

  • Distribution tarballs are now built using newer versions of compiler and libraries.
  • Implement local and remote object destruction in internal/pipewire.
  • Move Core methods under the Core type in internal/pipewire.
  • Synchronise stubbed wait4 loop after call to notify in container.
  • Shim now supports an optional private working directory.

  ---

  Full Changelog: v0.3.2...v0.3.3

  Downloads

  • hakurei-v0.3.3.tar.gz
    3.9 MiB

    2026-04-12 03:18:38 +09:00
  • hakurei-v0.3.3.tar.gz.sha512
    152 B

    2026-04-12 03:18:39 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.2 ccc0d98bd7

  Compare

  v0.3.2 Stable

  cat released this 2025-12-09 08:12:52 +09:00 | 1221 commits to master since this release

  Security

  This release introduces support for PipeWire SecurityContext. It is highly recommended to upgrade to this release as soon as possible.

  Legacy flatpak-like PulseAudio behaviour is now disabled by default and produces an error message. To make PulseAudio available in the container, use the hst filesystem type "daemon" and point it to pipewire-pulse within the container. An example of this can be found in the NixOS module.

  Fixes

  • Package ldd cancels ldd process on decoding error.

  Enhancements

  • Package ldd checks for absolute pathname.
  • Output of the cmd/hakurei sub-command show is reordered to improve readability.
  • Container init now supports spawning daemon processes.
  • PipeWire SecurityContext is now supported and can be enabled via the hst.EPipeWire enablement bit.
  • Container daemons are exposed via the hst filesystem types.

  Internal

  • Move multiple packages to internal. Wrappers are maintained until v0.4.0.
  • Implement PipeWire protocol native at internal/pipewire.
  • Package ldd now decodes from an io.Reader stream.
  • Package container now comes with a testable example.
  • Releases are now built using clang.
  • Error handling for libwayland-client is significantly improved.
  • Container ops are now able to access wait4 loop state.

  ---

  Full Changelog: v0.3.1...v0.3.2

  Downloads

  • hakurei-v0.3.2.tar.gz
    3.8 MiB

    2026-04-12 03:12:15 +09:00
  • hakurei-v0.3.2.tar.gz.sha512
    152 B

    2026-04-12 03:12:15 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.1 17ffdb2dcf

  Compare

  v0.3.1 Stable

  cat released this 2025-11-12 00:53:14 +09:00 | 1353 commits to master since this release

  Fixes

  • Format group lookup error message correctly.
  • Reject impossible user-supplied fd numbers.
  • Close initial process extra files on termination, which also keeps them alive until then.
  • Close container/init setup pipe before fork/exec of initial process.

  Enhancements

  • Expose current instance identifier via the --identifier-fd flag.
  • Set FD_CLOEXEC on files left open by the parent.

  Internal

  • Separate seccomp numbers from syscall numbers to prevent inadvertent use of PNRs.

  ---

  Full Changelog: v0.3.0...v0.3.1

  Downloads

  • hakurei-v0.3.1.tar.gz
    3.7 MiB

    2026-04-12 03:06:05 +09:00
  • hakurei-v0.3.1.tar.gz.sha512
    152 B

    2026-04-12 03:06:06 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.3.0 34ccda84b2

  Compare

  v0.3.0 Stable

  cat released this 2025-11-06 01:37:15 +09:00 | 1364 commits to master since this release

  Migration

  The cmd/hsu uid format has changed and is now stabilised in package hst. Existing installations need to migrate by manually running chown recursively over existing application data directories. The uid format can be found in hst/grp_pwd.go.

  Additionally, TMPDIR and XDG_RUNTIME_DIR sharing between containers under the same identity is now optional and defaults to off. This is not an implementation detail. Some applications use TMPDIR for communication and state tracking. Chromium is a good example of this. Test your apps, if they malfunction, set share_runtime or share_tmpdir to true depending on the cause.

  API Changes

  • Remove raw seccomp flags from package hst.
  • All boolean fields in ContainerConfig are packed into a single integer. Does not break json.
  • Package system now operates exclusively on absolute pathnames.
  • ProxyDBus no longer returns function to dump buffer.
  • Wayland no longer returns the security context close file.
  • Container related fields are moved from the top level Config struct to ContainerConfig.
  • Pathnames, bits, seccomp types are relocated from package container.
  • Cross-platform json adaptor provided for seccomp types.
  • Message and check types are relocated from package container.
  • The wait_delay field now takes a negative value. Such a value is equivalent to zero and bypasses default.
  • Rename hst.AbsTmp to hst.AbsPrivateTmp.
  • Remove PlaceP method from package container.
  • Remove system/tmpfiles as it is no longer used.
  • Hold hst.ExtraPermConfig by value instead of address.
  • Instance state now embeds hst.Config.
  • State store entries are prefixed with a versioned header encoding the enablements byte.
  • container/params now exposes the write end of setup pipe.
  • hakurei --json ps serialises to an array instead of a map.
  • Rename NewMsg to New in package message.

  Fixes

  • Do not incorrectly offset shim timeout base value.
  • Apply configured filesystems late, enabling system mount points to be covered.
  • Check nscd socket for path hiding instead of only for pd.
  • Use correct well-known address for dbus fallback.
  • Fix synchronisation order in container and helper tests.
  • Do not leak state (outside of dispatcher) in system builder methods.
  • Ignore nondeterministic mount point in vm test.
  • Fix occasional incorrect reporting of wstatus in container/init.
  • Use EOF as failsafe in internal/outcome/shim.
  • Fallback runtime dir is no longer rooted in the fallback rundir.
  • State is now tracked in TMPDIR, aligning better with use case detailed in the XDG basedir spec.
  • Make application identifier string omitempty.
  • Handle nil hst.Config address in cmd/hakurei/print.

  Enhancements

  • Package hst now builds without cgo.
  • Significantly improve hst doc comments.
  • Stable enablements bits, instance state, exit codes, uid format in hst.
  • Validate hst.Config early and export validation function.
  • Optionally share TMPDIR and XDG_RUNTIME_DIR between containers under the same identity.
  • Dump system/dbus buffer internally.
  • Hang up system/wayland security context internally.
  • Only minimal pathnames required for hst.Paths are sent.
  • Outcome finalisation is fully modularised and tested.
  • Container is now finalised on the shim side, significantly reducing transfer size.
  • Outcome finalisation no longer clobbers supplied hst.Config.
  • Use more plausible overlay mount configuration in hst.Template.
  • Remove confusing or redundant/noisy entries in hst.Template.
  • Eliminate the self pipe and copy seccomp program into managed memory.
  • Emulate pam_systemd XDG_SESSION_TYPE behaviour according to enablement bits.
  • Hakurei version is now exposed via hst.
  • Print cleaner json error messages from cmd/hakurei.
  • Improve cmd/hakurei container flags string representation.
  • Export prctl wrapper.
  • Improve signal handling in container/init.
  • Do not suspend output in container/init and internal/outcome/shim.
  • Store priv-side pid in state store entries.
  • Measure duration of finalise and each process state.

  Internal

  • Almost all tests are parallelised.
  • Remove internal/hlog.
  • Remove global Msg implementation from container.
  • Package internal/app is renamed to internal/outcome and cleaned up, with some of its code relocated to independent packages.
  • Permissive defaults behaviour is eliminated and relocated to cmd/hakurei run command.
  • Clean up legacy internal/outcome integration tests.
  • Check against setgid bit in cmd/hsu.
  • Use much less ambiguous names which are set by the linker.
  • The internal/store interface is significantly improved, with much better efficiency and lower lock contention.
  • The lockedfile package is relocated from the tool chain, and can be used by project internals going forward.

  ---

  Full Changelog: v0.2.2...v0.3.0

  Downloads

  • hakurei-v0.3.0.tar.gz
    3.7 MiB

    2026-04-12 02:58:26 +09:00
  • hakurei-v0.3.0.tar.gz.sha512
    152 B

    2026-04-12 02:58:27 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.2.2 ad1bc6794f

  Compare

  v0.2.2 Stable

  cat released this 2025-09-28 21:58:19 +09:00 | 1536 commits to master since this release

  Fixes

  • Handle goexit events more gracefully in container/stub.
  • Mount /dev/shm early to avoid covering mount points from hst.
  • Compensate parent WaitDelay value for shim timeout.
  • Check for nil dbus configuration in hakurei run.

  Enhancements

  • Initialise exec.Cmd early to expose additional methods.
  • Leave $DISPLAY intact to work around buggy X clients.
  • Wrap errno values returned by the mount syscall.
  • Return dedicated error types for repeated nonrepeatable ops and ops in an invalid state.
  • Remove generic error wrapping from internal/hlog.
  • Significantly improve verbose reporting in container/init.
  • Move internal/app error to hst.
  • Return hsurc userid from cmd/hsu.

  Internal

  • Use default value of NAME_REGEX from adduser for username check.
  • Remove internal/app interfaces.
  • Do not return from shim start.
  • Significant cleanups in internal/app.
  • Replace internal/sys with container/stub.
  • Full test coverage has been achieved in system setup code.
  • Move suspendable writer to container, in preparation for internal/hlog removal in v0.3.x.
  • Use explicitly shared path in vm tests.
  • Assert certain writable paths in vm tests.

  ---

  Full Changelog: v0.2.1...v0.2.2

  Downloads

  • hakurei-v0.2.2.tar.gz
    3.8 MiB

    2026-04-12 02:41:35 +09:00
  • hakurei-v0.2.2.tar.gz.sha512
    152 B

    2026-04-12 02:41:35 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.2.1 9d932d1039

  Compare

  v0.2.1 Stable

  cat released this 2025-08-26 03:33:45 +09:00 | 1612 commits to master since this release

  Fixes

  • Mount writable tmpfs on /dev/shm.

  ---

  Full Changelog: v0.2.0...v0.2.1

  Downloads

  • hakurei-v0.2.1.tar.gz
    3.8 MiB

    2026-04-12 02:14:52 +09:00
  • hakurei-v0.2.1.tar.gz.sha512
    152 B

    2026-04-12 02:14:53 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.2.0 07194c74cb

  Compare

  v0.2.0 Stable

  cat released this 2025-08-26 02:23:59 +09:00 | 1614 commits to master since this release

  API Changes

  • Remove cover field from hst/container.
  • Remove symlink field from hst/container.
  • Field data has been renamed to home.
  • field dir has been removed since it is made redundant by filesystem.
  • All pathname fields now take the *container.Absolute type. Does not break json.
  • The filesystem field now accepts many types of supported filesystems.
  • Container root behaviour is now configured through the filesystem field.
  • Autoetc behaviour is now accessible through a special bind type filesystem.
  • Autoroot behaviour is now accessible through a special bind type filesystem.
  • The enablement flags are now represented in json as boolean fields.
  • Net and Abstract fields have been renamed. Does not break json.
  • Autoroot prefix has been removed.
  • Share path now uses hsu userid.

  Fixes

  • Unexport internal container state.
  • Package container no longer attempts to look up executable file from name.
  • Set up acl on X server socket.
  • Check container setup op equivalence by value.
  • Validate container setup ops early.

  Enhancements

  • Export mount string constants.
  • Export FHS pathname constants
  • Mount mqueue as part of /dev.
  • Mount container /dev read only.
  • High-level API for overlay mounts in container.
  • The hakurei show command now exposes more information.
  • Optionally isolate host abstract UNIX domain sockets via landlock.
  • Ptrace protection via Yama LSM.

  Internal

  • Move tmpfs pathname prefixing to caller.
  • Expose interactive testing vm for tracing.
  • Reduce noise in non-verbose tests and test failures.
  • CAP_DAC_OVERRIDE is now raised for container/init.
  • Container setup ops are now able to share global state.
  • Enforce nonrepeatable autoetc and autoroot.
  • Container now spawns on a locked thread tied to its lifecycle.
  • Full test coverage has been achieved in container setup code.
  • NixOS module config validation is now implemented via hakurei show.
  • Output of initial hakurei run in vm tests is no longer discarded.

  ---

  Full Changelog: v0.1.3...v0.2.0

  Downloads

  • hakurei-v0.2.0.tar.gz
    3.8 MiB

    2026-04-12 02:11:38 +09:00
  • hakurei-v0.2.0.tar.gz.sha512
    152 B

    2026-04-12 02:11:38 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.1.3 f13dca184c

  Compare

  v0.1.3 Stable

  cat released this 2025-08-02 00:02:54 +09:00 | 1712 commits to master since this release

  Fixes

  • Remount container / read-only.
  • Remove hard coded nscd cover from NixOS module.

  Enhancements

  • Expose additional tmpfs flags.
  • Expose remount behaviour.
  • Relocate autoroot behaviour to package container.
  • Display autoroot information in hakurei show.
  • Expose tmpfs in hst.

  Internal

  • Increase test vm memory allocation.
  • Rename obsolete hpkg package.
  • Cover hakurei run behaviour in tests.
  • Remount can now be called independently from bind.

  ---

  Full Changelog: v0.1.2...v0.1.3

  Downloads

  • hakurei-v0.1.3.tar.gz
    3.7 MiB

    2026-04-12 02:07:44 +09:00
  • hakurei-v0.1.3.tar.gz.sha512
    152 B

    2026-04-12 02:07:44 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.1.2 cb513bb1cd

  Compare

  v0.1.2 Stable

  cat released this 2025-07-29 03:11:33 +09:00 | 1727 commits to master since this release

  Enhancements

  • Per-container configurable lingering process wait delay.
  • Optionally forward container context cancellation to the initial process.
  • Expose signal forwarding behaviour in hst.

  Internal

  • Use more reliable nonexistence.
  • Improve container testing setup.
  • Move shim signal handler outcome to Go.

  ---

  Full Changelog: v0.1.1...v0.1.2

  Downloads

  • hakurei-v0.1.2.tar.gz
    3.7 MiB

    2026-04-12 01:46:31 +09:00
  • hakurei-v0.1.2.tar.gz.sha512
    152 B

    2026-04-12 01:46:31 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)
• v0.1.1 6ba19a7ba5

  Compare

  v0.1.1 Stable

  cat released this 2025-07-09 05:42:31 +09:00 | 1740 commits to master since this release

  Fixes

  • Fix prctl typo in container/init.
  • Add testtool build tag for test/sandbox.

  Enhancements

  • Add aarch64 constants.

  Internal

  • Remove split internal/app implementation.
  • Use /proc/self for initial filesystem setup.
  • Improve seccomp test case representation.
  • Check seccomp state on all vm test cases.

  ---

  Full Changelog: v0.1.0...v0.1.1

  Downloads

  • hakurei-v0.1.1.tar.gz
    3.7 MiB

    2026-04-12 01:37:09 +09:00
  • hakurei-v0.1.1.tar.gz.sha512
    152 B

    2026-04-12 01:37:09 +09:00
  • Source Code (ZIP)
  • Source Code (TAR.GZ)