migrate to git.ophivana.moe/security/fortify
All checks were successful
test / test (push) Successful in 14s

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
Ophestra 2024-10-20 19:50:13 +09:00
parent cdda33555c
commit 65af1684e3
Signed by: cat
SSH Key Fingerprint: SHA256:vQhTOP4tHcsFb0365dxe6HJBKpv7PZ0KZNFx2AjBnRI
49 changed files with 102 additions and 102 deletions

View File

@ -1,7 +1,7 @@
Fortify
=======
[![Go Reference](https://pkg.go.dev/badge/git.ophivana.moe/cat/fortify.svg)](https://pkg.go.dev/git.ophivana.moe/cat/fortify)
[![Go Reference](https://pkg.go.dev/badge/git.ophivana.moe/security/fortify.svg)](https://pkg.go.dev/git.ophivana.moe/security/fortify)
Lets you run graphical applications as another user in a confined environment with a nice NixOS
module to configure target users and provide launchers and desktop files for your privileged user.
@ -26,7 +26,7 @@ There are a few different things to set up for this to work:
If you have a flakes-enabled nix environment, you can try out the tool by running:
```shell
nix run git+https://git.ophivana.moe/cat/fortify -- -h
nix run git+https://git.ophivana.moe/security/fortify -- -h
```
## Module usage
@ -41,7 +41,7 @@ To use the module, import it into your configuration with
nixpkgs.url = "github:NixOS/nixpkgs/nixos-24.05";
fortify = {
url = "git+https://git.ophivana.moe/cat/fortify";
url = "git+https://git.ophivana.moe/security/fortify";
# Optional but recommended to limit the size of your system closure.
inputs.nixpkgs.follows = "nixpkgs";

View File

@ -6,10 +6,10 @@ import (
"fmt"
"os"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/internal"
"git.ophivana.moe/cat/fortify/internal/app"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/internal"
"git.ophivana.moe/security/fortify/internal/app"
"git.ophivana.moe/security/fortify/internal/system"
)
var (

View File

@ -9,7 +9,7 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/security/fortify/dbus"
)
func TestConfig_Args(t *testing.T) {

View File

@ -5,8 +5,8 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/helper"
)
func TestNew(t *testing.T) {

View File

@ -6,8 +6,8 @@ import (
"io"
"sync"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/helper"
"git.ophivana.moe/security/fortify/helper/bwrap"
)
// ProxyName is the file name or path to the proxy program.

View File

@ -9,9 +9,9 @@ import (
"strconv"
"strings"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/cat/fortify/ldd"
"git.ophivana.moe/security/fortify/helper"
"git.ophivana.moe/security/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/ldd"
)
// Start launches the D-Bus proxy and sets up the Wait method.

View File

@ -3,7 +3,7 @@ package dbus_test
import (
"sync"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/security/fortify/dbus"
)
var samples = []dbusTestCase{

View File

@ -3,7 +3,7 @@ package dbus_test
import (
"testing"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/helper"
)
func TestHelperChildStub(t *testing.T) {

View File

@ -5,8 +5,8 @@ import (
"fmt"
"os"
"git.ophivana.moe/cat/fortify/internal/app"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/app"
"git.ophivana.moe/security/fortify/internal/fmsg"
)
func logWaitError(err error) {

2
go.mod
View File

@ -1,3 +1,3 @@
module git.ophivana.moe/cat/fortify
module git.ophivana.moe/security/fortify
go 1.22

View File

@ -6,7 +6,7 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/helper"
)
func Test_argsFD_String(t *testing.T) {

View File

@ -7,7 +7,7 @@ import (
"strconv"
"sync"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/helper/bwrap"
)
// BubblewrapName is the file name or path to bubblewrap.

View File

@ -7,8 +7,8 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/helper"
"git.ophivana.moe/security/fortify/helper/bwrap"
)
func TestBwrap(t *testing.T) {

View File

@ -5,7 +5,7 @@ import (
"os"
"testing"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/helper"
)
func TestDirect(t *testing.T) {

View File

@ -6,7 +6,7 @@ import (
"testing"
"time"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/helper"
)
var (

View File

@ -10,7 +10,7 @@ import (
"syscall"
"testing"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/helper/bwrap"
)
// InternalChildStub is an internal function but exported because it is cross-package;

View File

@ -3,7 +3,7 @@ package helper_test
import (
"testing"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/security/fortify/helper"
)
func TestHelperChildStub(t *testing.T) {

View File

@ -4,9 +4,9 @@ import (
"encoding/gob"
"os"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/internal/system"
)
func init() {

View File

@ -4,7 +4,7 @@ import (
"os/exec"
"strings"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
func (a *app) commandBuilderMachineCtl(shimEnv string) (args []string) {

View File

@ -3,7 +3,7 @@ package app
import (
"os"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
const (

View File

@ -8,12 +8,12 @@ import (
"path"
"strconv"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/internal"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/state"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/internal"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/state"
"git.ophivana.moe/security/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/verbose"
)
const (

View File

@ -3,9 +3,9 @@ package app
import (
"path"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/internal/system"
)
const (

View File

@ -5,9 +5,9 @@ import (
"os"
"path"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/system"
)
const (

View File

@ -7,8 +7,8 @@ import (
"os"
"path"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/system"
)
const (

View File

@ -3,8 +3,8 @@ package app
import (
"path"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/system"
)
const (

View File

@ -4,8 +4,8 @@ import (
"os"
"path"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/system"
)
const (

View File

@ -11,12 +11,12 @@ import (
"strings"
"time"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/shim"
"git.ophivana.moe/cat/fortify/internal/state"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/helper"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/shim"
"git.ophivana.moe/security/fortify/internal/state"
"git.ophivana.moe/security/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// Start starts the fortified child

View File

@ -3,11 +3,11 @@ package app
import (
"os/user"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/cat/fortify/internal"
"git.ophivana.moe/cat/fortify/internal/state"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/internal"
"git.ophivana.moe/security/fortify/internal/state"
"git.ophivana.moe/security/fortify/internal/system"
)
// appSeal seals the application with child-related information

View File

@ -7,7 +7,7 @@ import (
"strconv"
"sync"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// state that remain constant for the lifetime of the process

View File

@ -13,7 +13,7 @@ import (
"syscall"
"time"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
const (

View File

@ -11,9 +11,9 @@ import (
"strconv"
"syscall"
"git.ophivana.moe/cat/fortify/helper"
init0 "git.ophivana.moe/cat/fortify/internal/init"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/helper"
init0 "git.ophivana.moe/security/fortify/internal/init"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// everything beyond this point runs as target user

View File

@ -8,8 +8,8 @@ import (
"os"
"syscall"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// called in the parent process

View File

@ -1,6 +1,6 @@
package shim
import "git.ophivana.moe/cat/fortify/helper/bwrap"
import "git.ophivana.moe/security/fortify/helper/bwrap"
const EnvShim = "FORTIFY_SHIM"

View File

@ -10,8 +10,8 @@ import (
"text/tabwriter"
"time"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// MustPrintLauncherStateSimpleGlobal prints active launcher states of all simple stores

View File

@ -3,7 +3,7 @@ package state
import (
"time"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/system"
)
type Store interface {

View File

@ -4,9 +4,9 @@ import (
"fmt"
"slices"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// UpdatePerm appends an ephemeral acl update Op.

View File

@ -3,7 +3,7 @@ package system
import (
"testing"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/security/fortify/acl"
)
func TestUpdatePerm(t *testing.T) {

View File

@ -5,9 +5,9 @@ import (
"fmt"
"os"
"git.ophivana.moe/cat/fortify/dbus"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/dbus"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/verbose"
)
var (

View File

@ -5,8 +5,8 @@ import (
"fmt"
"os"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// Ensure the existence and mode of a directory.

View File

@ -4,7 +4,7 @@ import (
"strconv"
"testing"
"git.ophivana.moe/cat/fortify/internal/system"
"git.ophivana.moe/security/fortify/internal/system"
)
func TestNew(t *testing.T) {

View File

@ -7,9 +7,9 @@ import (
"os"
"strconv"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/acl"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/verbose"
)
// CopyFile registers an Op that copies path dst from src.

View File

@ -4,7 +4,7 @@ import (
"strconv"
"testing"
"git.ophivana.moe/cat/fortify/acl"
"git.ophivana.moe/security/fortify/acl"
)
func TestCopyFile(t *testing.T) {

View File

@ -3,9 +3,9 @@ package system
import (
"fmt"
"git.ophivana.moe/cat/fortify/internal/fmsg"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/cat/fortify/xcb"
"git.ophivana.moe/security/fortify/internal/fmsg"
"git.ophivana.moe/security/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/xcb"
)
// ChangeHosts appends an X11 ChangeHosts command Op.

View File

@ -7,7 +7,7 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
const (

View File

@ -3,7 +3,7 @@ package verbose_test
import (
"testing"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal/verbose"
)
func TestGetSet(t *testing.T) {

View File

@ -6,8 +6,8 @@ import (
"os/exec"
"strings"
"git.ophivana.moe/cat/fortify/helper"
"git.ophivana.moe/cat/fortify/helper/bwrap"
"git.ophivana.moe/security/fortify/helper"
"git.ophivana.moe/security/fortify/helper/bwrap"
)
func Exec(p string) ([]*Entry, error) {

View File

@ -6,7 +6,7 @@ import (
"strings"
"testing"
"git.ophivana.moe/cat/fortify/ldd"
"git.ophivana.moe/security/fortify/ldd"
)
func TestParseError(t *testing.T) {

10
main.go
View File

@ -6,11 +6,11 @@ import (
"os"
"syscall"
"git.ophivana.moe/cat/fortify/internal"
"git.ophivana.moe/cat/fortify/internal/app"
init0 "git.ophivana.moe/cat/fortify/internal/init"
"git.ophivana.moe/cat/fortify/internal/shim"
"git.ophivana.moe/cat/fortify/internal/verbose"
"git.ophivana.moe/security/fortify/internal"
"git.ophivana.moe/security/fortify/internal/app"
init0 "git.ophivana.moe/security/fortify/internal/init"
"git.ophivana.moe/security/fortify/internal/shim"
"git.ophivana.moe/security/fortify/internal/verbose"
)
var (

View File

@ -6,8 +6,8 @@ import (
"os"
"text/tabwriter"
"git.ophivana.moe/cat/fortify/internal"
"git.ophivana.moe/cat/fortify/internal/state"
"git.ophivana.moe/security/fortify/internal"
"git.ophivana.moe/security/fortify/internal/state"
)
var (