fortify

Author	SHA1	Message	Date
Ophestra	5c4058d5ac	app: run in native sandbox Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-25 01:52:49 +09:00
Ophestra	24618ab9a1	sandbox: move out of internal Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 02:55:36 +09:00
Ophestra	9ce4706a07	sandbox: move params setup functions Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 02:48:32 +09:00
Ophestra	9a1f8e129f	sandbox: wrap fmsg interface Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 02:44:07 +09:00
Ophestra	ee10860357	seccomp: install output atomically Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 01:10:27 +09:00
Ophestra	10a21ce3ef	helper: expose extra files to direct Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-15 02:27:40 +09:00
Ophestra	f9bf20a3c7	helper: rearrange initialisation args This improves consistency across two different helper implementations. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-15 01:06:31 +09:00
Ophestra	f443d315ad	helper: clean up interface The helper interface was messy due to odd context acquisition order. That has changed, so this cleans it up. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-15 00:27:44 +09:00
Ophestra	2647a71be1	seccomp: move out of helper Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 22:42:40 +09:00
Ophestra	7c60a4d8e8	helper: embed context on creation Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-14 18:30:22 +09:00
Ophestra	4133b555ba	internal/app: rename init to init0 This makes way for the new container init. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-13 21:57:54 +09:00
Ophestra	61e58aa14d	helper/proc: expose setup file Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-09 17:22:31 +09:00
Ophestra	9e15898c8f	internal/prctl: rename prctl wrappers Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-07 22:56:35 +09:00
Ophestra	39dc8e7bd8	dbus: set process group id This stops signals sent by the TTY driver from propagating to the xdg-dbus-proxy process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 18:12:41 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	33a4ab11c2	internal: move shim and init into app This structure makes more sense, as both processes are part of an app's lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 16:28:46 +09:00

16 Commits

No results found.