Ophestra Umiker
ad0034b09a
App ID is inherent to App, and it makes no sense to generate it as part of the app sealing process. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
71 lines
1.2 KiB
Go
71 lines
1.2 KiB
Go
package app
|
|
|
|
import (
|
|
"net"
|
|
"os/exec"
|
|
"sync"
|
|
)
|
|
|
|
type App interface {
|
|
// ID returns a copy of App's unique ID.
|
|
ID() ID
|
|
// Start sets up the system and starts the App.
|
|
Start() error
|
|
// Wait waits for App's process to exit and reverts system setup.
|
|
Wait() (int, error)
|
|
// WaitErr returns error returned by the underlying wait syscall.
|
|
WaitErr() error
|
|
|
|
Seal(config *Config) error
|
|
String() string
|
|
}
|
|
|
|
type app struct {
|
|
// application unique identifier
|
|
id *ID
|
|
// underlying user switcher process
|
|
cmd *exec.Cmd
|
|
// child process related information
|
|
seal *appSeal
|
|
|
|
// wayland connection if wayland mediation is enabled
|
|
wayland *net.UnixConn
|
|
// error returned waiting for process
|
|
waitErr error
|
|
|
|
lock sync.RWMutex
|
|
}
|
|
|
|
func (a *app) ID() ID {
|
|
return *a.id
|
|
}
|
|
|
|
func (a *app) String() string {
|
|
if a == nil {
|
|
return "(invalid fortified app)"
|
|
}
|
|
|
|
a.lock.RLock()
|
|
defer a.lock.RUnlock()
|
|
|
|
if a.cmd != nil {
|
|
return a.cmd.String()
|
|
}
|
|
|
|
if a.seal != nil {
|
|
return "(sealed fortified app as uid " + a.seal.sys.user.Uid + ")"
|
|
}
|
|
|
|
return "(unsealed fortified app)"
|
|
}
|
|
|
|
func (a *app) WaitErr() error {
|
|
return a.waitErr
|
|
}
|
|
|
|
func New() (App, error) {
|
|
a := new(app)
|
|
a.id = new(ID)
|
|
return a, newAppID(a.id)
|
|
}
|