hakurei

Author	SHA1	Message	Date
Ophestra	82561d62b6	system: move system access packages All checks were successful Test / Create distribution (push) Successful in 31s Details Test / Sandbox (push) Successful in 1m52s Details Test / Hakurei (push) Successful in 3m3s Details Test / Planterette (push) Successful in 3m38s Details Test / Hakurei (race detector) (push) Successful in 4m48s Details Test / Sandbox (race detector) (push) Successful in 1m14s Details Test / Flake checks (push) Successful in 1m6s Details These packages loosely belong in the "system" package and "system" provides high level wrappers for all of them. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-02 21:52:07 +09:00
Ophestra	87e008d56d	treewide: rename to hakurei All checks were successful Test / Create distribution (push) Successful in 43s Details Test / Sandbox (push) Successful in 2m18s Details Test / Hakurei (push) Successful in 3m10s Details Test / Sandbox (race detector) (push) Successful in 3m30s Details Test / Hakurei (race detector) (push) Successful in 4m43s Details Test / Fpkg (push) Successful in 5m4s Details Test / Flake checks (push) Successful in 1m12s Details Fortify makes little sense for a container tool. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-06-25 04:57:41 +09:00
Ophestra	dde2516304	dbus: handle bizarre dbus proxy behaviour All checks were successful Test / Create distribution (push) Successful in 28s Details Test / Sandbox (push) Successful in 1m53s Details Test / Fortify (push) Successful in 2m44s Details Test / Sandbox (race detector) (push) Successful in 3m2s Details Test / Fpkg (push) Successful in 3m36s Details Test / Fortify (race detector) (push) Successful in 4m16s Details Test / Flake checks (push) Successful in 1m17s Details There is a strange behaviour in xdg-dbus-proxy where if any interface string when stripped of a single ".*" suffix does not contain a '.' byte anywhere, the program will exit with code 1 without any output. This checks for such conditions to make the failure less confusing. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-05-25 19:50:06 +09:00
Ophestra	5979d8b1e0	dbus: clean up wrapper implementation All checks were successful Test / Create distribution (push) Successful in 27s Details Test / Sandbox (push) Successful in 1m50s Details Test / Fortify (push) Successful in 2m49s Details Test / Sandbox (race detector) (push) Successful in 3m4s Details Test / Fpkg (push) Successful in 3m35s Details Test / Fortify (race detector) (push) Successful in 4m13s Details Test / Flake checks (push) Successful in 1m3s Details The dbus proxy wrapper haven't been updated much ever since the helper interface was introduced. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-04-16 23:35:17 +09:00
Ophestra	44277dc0f1	dbus: run in native sandbox All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Fortify (push) Successful in 2m31s Details Test / Fpkg (push) Successful in 3m25s Details Test / Data race detector (push) Successful in 4m5s Details Test / Flake checks (push) Successful in 53s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 00:13:14 +09:00
Ophestra	6e7ddb2d2e	helper: eliminate commandContext replacement All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Fortify (push) Successful in 2m44s Details Test / Fpkg (push) Successful in 3m42s Details Test / Data race detector (push) Successful in 3m51s Details Test / Flake checks (push) Successful in 57s Details This is done more cleanly by modifying Args in cmdF. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-16 00:01:25 +09:00
Ophestra	73146ea7fa	dbus: remove BwrapStatic method All checks were successful Test / Create distribution (push) Successful in 54s Details Test / Run NixOS test (push) Successful in 8m20s Details This method does not do anything and is not called from anywhere. It also does not make any sense as a public interface since the argument builder is no longer stateless. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 18:09:59 +09:00
Ophestra	fe7d208cf7	helper: use generic extra files interface All checks were successful Test / Create distribution (push) Successful in 1m38s Details Test / Run NixOS test (push) Successful in 4m36s Details This replaces the pipes object and integrates context into helper process lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 23:34:15 +09:00
Ophestra	72fb13dccc	dbus: lock for read in public args interface All checks were successful Test / Create distribution (push) Successful in 1m27s Details Test / Run NixOS test (push) Successful in 4m2s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-07 13:42:29 +09:00
Ophestra	9a239fa1a5	helper/bwrap: integrate seccomp into helper interface All checks were successful Build / Create distribution (push) Successful in 1m36s Details Test / Run NixOS test (push) Successful in 3m40s Details This makes API usage much cleaner, and encapsulates all bwrap arguments in argsWt. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 01:52:57 +09:00
Ophestra Umiker	df6fc298f6	migrate to git.gensokyo.uk/security/fortify All checks were successful Tests / Go tests (push) Successful in 2m55s Details Nix / NixOS tests (push) Successful in 5m10s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-20 00:20:02 +09:00
Ophestra Umiker	65af1684e3	migrate to git.ophivana.moe/security/fortify All checks were successful test / test (push) Successful in 14s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-20 19:50:13 +09:00
Ophestra Umiker	33cf0bed54	dbus: various accessors for dbus.Proxy internal fields These values are useful during sandbox setup and exporting them makes more sense than storing them twice. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-16 01:27:49 +09:00
Ophestra Umiker	753c5191b1	dbus/run: support running xdg-dbus-proxy in a restrictive bubblewrap sandbox Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-09 20:41:42 +09:00

14 Commits