fortify

Author	SHA1	Message	Date
Ophestra Umiker	7b6052a473	nix: run Go tests in nixos All checks were successful Tests / Go tests (push) Successful in 41s Details Nix / NixOS tests (push) Successful in 9m56s Details Nix build environment does not support ACLs in any filesystem. This allows acl tests to run. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-17 21:16:55 +09:00
Ophestra Umiker	3f993021f8	nix: permissive defaults nixos test All checks were successful test / test (push) Successful in 37s Details Adapted from nixos sway integration tests. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-16 22:56:10 +09:00
Ophestra Umiker	4d3bd5338f	nix: implement flake checks All checks were successful test / test (push) Successful in 36s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-16 20:54:28 +09:00
Ophestra Umiker	6b8ddca7b4	nix: track nixos stable 24.11 All checks were successful test / test (push) Successful in 25s Details Reduce rebuilds during development on my system. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-06 00:44:04 +09:00
Ophestra Umiker	0a546885e3	nix: update options doc All checks were successful test / test (push) Successful in 22s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-19 18:12:35 +09:00
Ophestra Umiker	d9cb2a9f2b	fsu: implement simple setuid user switcher Contains path to fortify, set at compile time, authenticates based on a simple uid range assignment file which also acts as the allow list. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-28 00:02:34 +09:00
Ophestra Umiker	40161c5938	nix: remove fortify package from default devShell This change makes it possible to start a devShell when tests aren't passing. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-17 20:35:10 +09:00
Ophestra Umiker	1038af98f0	dbus: add tests Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-28 00:06:16 +09:00
Ophestra Umiker	61628dabb7	nix: remove obnoxious shell hook Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-22 16:08:11 +09:00
Ophestra Umiker	3d963b9f67	nix: include package buildInputs in devShells Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-17 23:15:33 +09:00
Ophestra Umiker	945cce2f5e	nix: implement nixos module Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-04 17:03:21 +09:00
Ophestra Umiker	d8f76f3b25	rename to fortify and restructure More sandbox features will be added and this will no longer track ego's features and behaviour. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-04 01:20:12 +09:00
Ophestra Umiker	7e6eb82195	license: embed license in executable Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-07-16 22:07:40 +09:00
Ophestra Umiker	09507a541b	nix: build directly with buildGoModules Since we have no dependencies, we don't need a vendor hash, so doing this actually makes sense. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-07-16 21:54:44 +09:00
Ophestra Umiker	190eb088bc	nix: add libxcb package to dev shell Since we link libxcb as well now this is needed in the dev shell for it to build properly without impure. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-07-15 00:38:11 +09:00
Ophestra Umiker	94c69806ef	nix: set up devShell Since we're using cgo to call into libacl a few dependencies other than go are required to build. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-07-11 01:10:35 +09:00

16 Commits