sandbox: move out of internal

Signed-off-by: Ophestra <cat@gensokyo.uk>

cmd/fpkg/main.go

@@ -17,8 +17,8 @@ import (
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/app/shim"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/internal/sys"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 const shellPath = "/run/current-system/sw/bin/bash"

dbus/dbus_test.go

@@ -15,7 +15,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 func TestNew(t *testing.T) {

dbus/proc.go

@@ -14,9 +14,9 @@ import (
 	"syscall"
 
 	"git.gensokyo.uk/security/fortify/helper"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/ldd"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 // Start launches the D-Bus proxy.

helper/bwrap/config_test.go

@@ -7,7 +7,7 @@ import (
 
 	"git.gensokyo.uk/security/fortify/helper/bwrap"
 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 func TestConfig_Args(t *testing.T) {

helper/bwrap/seccomp.go

@@ -5,7 +5,7 @@ import (
 	"strconv"
 
 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 type SyscallPolicy struct {

helper/container.go

@@ -9,7 +9,7 @@ import (
 	"sync"
 
 	"git.gensokyo.uk/security/fortify/helper/proc"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 // New initialises a Helper instance with wt as the null-terminated argument writer.

helper/container_test.go

@@ -10,7 +10,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 func TestContainer(t *testing.T) {

internal/app/init0/main.go

@@ -11,7 +11,7 @@ import (
 
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 const (

internal/app/shim/main.go

@@ -16,7 +16,7 @@ import (
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 // everything beyond this point runs as unconstrained target user

internal/app/shim/manager.go

@@ -13,7 +13,7 @@ import (
 	"git.gensokyo.uk/security/fortify/helper/proc"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 // used by the parent process

internal/output.go

@@ -2,8 +2,8 @@ package internal
 
 import (
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 	"git.gensokyo.uk/security/fortify/system"
 )
 

internal/sys/std.go

@@ -15,7 +15,7 @@ import (
 	"git.gensokyo.uk/security/fortify/fst"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 // Std implements System using the standard library.

ldd/exec.go

@@ -8,7 +8,7 @@ import (
 	"os/exec"
 	"time"
 
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 const lddTimeout = 2 * time.Second

main.go

@@ -23,9 +23,9 @@ import (
 	"git.gensokyo.uk/security/fortify/internal/app/init0"
 	"git.gensokyo.uk/security/fortify/internal/app/shim"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/internal/state"
 	"git.gensokyo.uk/security/fortify/internal/sys"
+	"git.gensokyo.uk/security/fortify/sandbox"
 	"git.gensokyo.uk/security/fortify/system"
 )
 

sandbox/container.go

@@ -13,7 +13,7 @@ import (
 	"syscall"
 	"time"
 
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 type HardeningFlags uintptr

sandbox/container_test.go

@@ -14,9 +14,9 @@ import (
 	"git.gensokyo.uk/security/fortify/fst"
 	"git.gensokyo.uk/security/fortify/internal"
 	"git.gensokyo.uk/security/fortify/internal/fmsg"
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
 	"git.gensokyo.uk/security/fortify/ldd"
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 	check "git.gensokyo.uk/security/fortify/test/sandbox"
 )
 

sandbox/executable_test.go

@@ -4,7 +4,7 @@ import (
 	"os"
 	"testing"
 
-	"git.gensokyo.uk/security/fortify/internal/sandbox"
+	"git.gensokyo.uk/security/fortify/sandbox"
 )
 
 func TestExecutable(t *testing.T) {

sandbox/init.go

@@ -13,7 +13,7 @@ import (
 	"syscall"
 	"time"
 
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 const (

sandbox/seccomp/export_test.go

@@ -8,7 +8,7 @@ import (
 	"syscall"
 	"testing"
 
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 func TestExport(t *testing.T) {

sandbox/seccomp/seccomp_test.go

@@ -6,7 +6,7 @@ import (
 	"syscall"
 	"testing"
 
-	"git.gensokyo.uk/security/fortify/seccomp"
+	"git.gensokyo.uk/security/fortify/sandbox/seccomp"
 )
 
 func TestLibraryError(t *testing.T) {

system/output.go

@@ -1,6 +1,6 @@
 package system
 
-import "git.gensokyo.uk/security/fortify/internal/sandbox"
+import "git.gensokyo.uk/security/fortify/sandbox"
 
 var msg sandbox.Msg = new(sandbox.DefaultMsg)