4036da3b5c
fst: optional configured shell path
...
Test / Create distribution (push) Successful in 25s
Test / Sandbox (push) Successful in 1m45s
Test / Fortify (push) Successful in 2m28s
Test / Sandbox (race detector) (push) Successful in 2m45s
Test / Fpkg (push) Successful in 3m32s
Test / Fortify (race detector) (push) Successful in 4m5s
Test / Flake checks (push) Successful in 1m2s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-31 21:27:31 +09:00
532feb4bfa
app: merge shim into app package
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m48s
Test / Fpkg (push) Successful in 3m39s
Test / Data race detector (push) Successful in 4m35s
Test / Flake checks (push) Successful in 56s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-25 05:21:47 +09:00
ec5e91b8c9
system: optimise string formatting
...
Test / Create distribution (push) Successful in 20s
Test / Fpkg (push) Successful in 36s
Test / Fortify (push) Successful in 42s
Test / Data race detector (push) Successful in 43s
Test / Flake checks (push) Successful in 1m10s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-25 04:42:30 +09:00
5c4058d5ac
app: run in native sandbox
...
Test / Create distribution (push) Successful in 20s
Test / Fortify (push) Successful in 2m5s
Test / Fpkg (push) Successful in 3m0s
Test / Data race detector (push) Successful in 4m12s
Test / Flake checks (push) Successful in 1m4s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-25 01:52:49 +09:00
24618ab9a1
sandbox: move out of internal
...
Test / Create distribution (push) Successful in 18s
Test / Fpkg (push) Successful in 2m40s
Test / Data race detector (push) Successful in 3m13s
Test / Fortify (push) Successful in 3m1s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-17 02:55:36 +09:00
9a1f8e129f
sandbox: wrap fmsg interface
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m36s
Test / Data race detector (push) Successful in 4m16s
Test / Flake checks (push) Successful in 55s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-17 02:44:07 +09:00
ee10860357
seccomp: install output atomically
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m33s
Test / Fpkg (push) Successful in 3m17s
Test / Data race detector (push) Successful in 4m1s
Test / Flake checks (push) Successful in 49s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-17 01:10:27 +09:00
2647a71be1
seccomp: move out of helper
...
Test / Create distribution (push) Successful in 29s
Test / Fortify (push) Successful in 2m53s
Test / Fpkg (push) Successful in 4m0s
Test / Data race detector (push) Successful in 4m9s
Test / Flake checks (push) Successful in 59s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 22:42:40 +09:00
4133b555ba
internal/app: rename init to init0
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m21s
Test / Data race detector (push) Successful in 3m40s
Test / Flake checks (push) Successful in 48s
This makes way for the new container init.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 21:57:54 +09:00
61e58aa14d
helper/proc: expose setup file
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m34s
Test / Fpkg (push) Successful in 3m29s
Test / Data race detector (push) Successful in 3m27s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-09 17:22:31 +09:00
9e15898c8f
internal/prctl: rename prctl wrappers
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m39s
Test / Data race detector (push) Successful in 3m29s
Test / Fpkg (push) Successful in 3m34s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-07 22:56:35 +09:00
2d4cabe786
nix: increase nixfmt max width
...
Test / Create distribution (push) Successful in 30s
Test / Fpkg (push) Successful in 36s
Test / Data race detector (push) Successful in 35s
Test / Fortify (push) Successful in 39s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-28 14:43:46 +09:00
673b648bd3
cmd/fpkg: call app in-process
...
Test / Create distribution (push) Successful in 28s
Test / Fortify (push) Successful in 2m31s
Test / Data race detector (push) Successful in 3m25s
Test / Fpkg (push) Successful in 3m29s
Test / Flake checks (push) Successful in 55s
Wrapping fortify is slow, painful and error-prone. Start apps in-process instead.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 19:51:44 +09:00
45ad788c6d
cmd/fsu: allow switch from fpkg
...
Test / Create distribution (push) Successful in 32s
Test / Fortify (push) Successful in 2m12s
Test / Data race detector (push) Successful in 2m30s
Test / Fpkg (push) Successful in 3m8s
Test / Flake checks (push) Successful in 49s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 19:42:28 +09:00
12c6d66bfd
cmd/fpkg/test: nixos test fpkg install/start
...
Test / Create distribution (push) Successful in 27s
Test / Fortify (push) Successful in 2m33s
Test / Data race detector (push) Successful in 3m25s
Test / Fpkg (push) Successful in 38m26s
Test / Flake checks (push) Successful in 54s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 13:12:16 +09:00
d7d2bd33ed
cmd/fpkg/build: expose nixos configuration
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 36s
Test / Data race detector (push) Successful in 36s
Test / Flake checks (push) Successful in 44s
This should be used sparingly as the NixOS closure is in the bootstrap store which compresses rather poorly.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 12:31:18 +09:00
4fa38d6063
cmd/fpkg: use fortify path from internal
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m28s
Test / Data race detector (push) Successful in 3m22s
Test / Flake checks (push) Successful in 43s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 12:16:35 +09:00
a5d2f040fb
cmd/fpkg/build: run final build step in nix
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 34s
Test / Data race detector (push) Successful in 34s
Test / Flake checks (push) Successful in 41s
This used to be a script that had to be run outside of nix because the sandbox disallows access to nix store state. Turns out closureInfo is the proper way to do that.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-25 23:53:18 +09:00
e6cd2bb2a8
cmd/fpkg: integrate command handler
...
Test / Create distribution (push) Successful in 18s
Test / Fortify (push) Successful in 34s
Test / Data race detector (push) Successful in 1m39s
Test / Flake checks (push) Successful in 39s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-23 23:25:12 +09:00
0fb72e5d99
cmd/fpkg/build: prepend extra nix flags
...
Test / Create distribution (push) Successful in 25s
Test / Data race detector (push) Successful in 35s
Test / Fortify (push) Successful in 35s
Test / Flake checks (push) Successful in 39s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-23 20:21:09 +09:00
8bf162820b
nix: separate fsu from package
...
Test / Create distribution (push) Successful in 26s
Test / Run NixOS test (push) Successful in 7m25s
This appears to be the only way to build them with different configuration. This enables static linking in the main package.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-23 18:13:37 +09:00
eb0c16dd8c
cmd/fpkg: rename buildPackage file
...
Test / Create distribution (push) Successful in 26s
Test / Run NixOS test (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-21 18:13:34 +09:00
4fa1e97026
cmd/fpkg: rename shell to shellPath
...
Test / Create distribution (push) Successful in 25s
Test / Run NixOS test (push) Successful in 3m26s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-21 17:50:20 +09:00
90cb01b274
system: move out of internal
...
Test / Create distribution (push) Successful in 25s
Test / Run NixOS test (push) Successful in 3m17s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-17 19:00:43 +09:00
e599b5583d
fmsg: implement suspend in writer
...
Test / Create distribution (push) Successful in 24s
Test / Run NixOS test (push) Successful in 2m18s
This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-16 18:51:53 +09:00
1fd571d561
cmd/fsu: check parse behaviour
...
Test / Run NixOS test (push) Successful in 10m33s
Test / Create distribution (push) Successful in 1m8s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-14 16:43:55 +09:00
be30e2f11e
cmd/fsu: revert offset in error message
...
Test / Create distribution (push) Successful in 51s
Test / Run NixOS test (push) Successful in 3m39s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-14 15:31:39 +09:00
134247b57d
nix: configure target users via nixos
...
Build / Create distribution (push) Successful in 2m0s
Test / Run NixOS test (push) Successful in 3m46s
This makes patching home-manager no longer necessary.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-23 17:04:19 +09:00
580128922b
cmd/fpkg: expose syscall policy options
...
Build / Create distribution (push) Successful in 1m34s
Test / Run NixOS test (push) Successful in 3m44s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-22 12:01:30 +09:00
7baca66a56
proc: remove duplicate compile-time fortify reference
...
Build / Create distribution (push) Successful in 1m46s
Test / Run NixOS test (push) Successful in 3m44s
This is no longer needed since shim and init are now part of the main program.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-18 11:59:33 +09:00
27d2914286
proc/priv/init: merge init into main program
...
Build / Create distribution (push) Successful in 1m47s
Test / Run NixOS test (push) Successful in 3m46s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-18 11:47:01 +09:00
ea8f228af3
proc/priv/shim: merge shim into main program
...
Build / Create distribution (push) Successful in 2m15s
Test / Run NixOS test (push) Successful in 2m53s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-17 23:43:32 +09:00
124743ffd3
app: expose single run method
...
Tests / Go tests (push) Successful in 1m1s
Nix / NixOS tests (push) Successful in 3m20s
App is no longer just a simple [exec.Cmd] wrapper, so exposing these steps separately no longer makes sense and actually hinders proper error handling, cleanup and cancellation. This change removes the five-second wait when the shim dies before receiving the payload, and provides caller the ability to gracefully stop execution of the confined process.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-01-15 23:39:51 +09:00
22a4b99674
cmd/fpkg/install: deduplicate nix store
...
Tests / Go tests (push) Successful in 41s
Nix / NixOS tests (push) Successful in 4m43s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-30 02:25:04 +09:00
1464ef774b
cmd/fpkg: expose nixGL wrappers
...
Tests / Go tests (push) Successful in 35s
Nix / NixOS tests (push) Successful in 4m6s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-30 02:02:20 +09:00
66ba4cea5c
cmd/fpkg: remove workDir acl from activation
...
Tests / Go tests (push) Successful in 33s
Nix / NixOS tests (push) Successful in 3m56s
Activation does not require access to workDir, and by this point all information is available in dataHome.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 23:48:45 +09:00
f8d0786509
cmd/fpkg: include nixGL source in inner store
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 4m24s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 23:37:11 +09:00
aff80b6b00
cmd/fpkg: optional network access when invoking with nix daemon
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 3m36s
This is useful for building nixGL.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 18:32:44 +09:00
a98a176907
cmd/fpkg: bind and document more gpu devices
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 3m40s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 18:25:26 +09:00
5302879b88
cmd/fpkg: improve readability of fortify invocations
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 3m41s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 17:55:56 +09:00
891b3cbde7
cmd/fpkg: compare all three store paths
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 3m39s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 17:10:41 +09:00
c795293f36
cmd/fpkg: clean up broken links before activation
...
Tests / Go tests (push) Successful in 35s
Nix / NixOS tests (push) Successful in 3m38s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 15:21:40 +09:00
c1a459a0b1
cmd/fpkg/start: correct drop to shell wording
...
Tests / Go tests (push) Successful in 52s
Nix / NixOS tests (push) Successful in 4m27s
Activation no longer happens during application startup.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-29 00:56:14 +09:00
e0e2f40e84
cmd/fpkg: app bundle helper
...
Tests / Go tests (push) Successful in 43s
Nix / NixOS tests (push) Successful in 4m25s
This helper program creates fortify configuration for running an application bundle. The activate action wraps a home-manager activation package and ensures each generation gets activated once.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-26 13:21:49 +09:00
9b206072fa
cmd/fshim: ensure data directory
...
Tests / Go tests (push) Successful in 36s
Nix / NixOS tests (push) Successful in 3m33s
Ensuring home directory in shim causes the directory to be owned by the target user.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-28 14:39:01 +09:00
0a2aa5823b
cmd/fshim: bind finit inside sandbox
...
Tests / Go tests (push) Successful in 34s
Nix / NixOS tests (push) Successful in 3m32s
The outer finit executable is normally inaccessible inside the sandbox. This was obscured by the current Nix-based setup exposing /nix/store to the sandbox.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2024-12-27 14:44:57 +09:00
df6fc298f6
migrate to git.gensokyo.uk/security/fortify
...
Tests / Go tests (push) Successful in 2m55s
Nix / NixOS tests (push) Successful in 5m10s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-12-20 00:20:02 +09:00
52f21a19f3
cmd/fshim: switch to setup pipe
...
Tests / Go tests (push) Successful in 38s
Nix / NixOS tests (push) Successful in 5m43s
The socket-based approach is no longer necessary as fsu allows extra files and sudo compatibility is no longer relevant.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-12-18 19:39:25 +09:00
7be53a2438
cmd/fshim: switch to generic setup func
...
Tests / Go tests (push) Successful in 38s
Nix / NixOS tests (push) Successful in 5m47s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-12-18 17:20:31 +09:00
f69e8e753e
cmd/finit: switch to generic receive func
...
Tests / Go tests (push) Successful in 38s
Nix / NixOS tests (push) Successful in 5m40s
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-12-18 16:49:19 +09:00