hst/enablement: move bits from system

This is part of the hst API, should not be in the implementation package.

Signed-off-by: Ophestra <cat@gensokyo.uk>

internal/app/app_test.go

@@ -121,7 +121,7 @@ func TestApp(t *testing.T) {
 					},
 					Filter: true,
 				},
-				Enablements: hst.NewEnablements(system.EWayland | system.EDBus | system.EPulse),
+				Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPulse),
 			},
 			state.ID{
 				0xeb, 0xf0, 0x83, 0xd1,
@@ -229,7 +229,7 @@ func TestApp(t *testing.T) {
 			&hst.Config{
 				ID:          "org.chromium.Chromium",
 				Path:        m("/nix/store/yqivzpzzn7z5x0lq9hmbzygh45d8rhqd-chromium-start"),
-				Enablements: hst.NewEnablements(system.EWayland | system.EDBus | system.EPulse),
+				Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPulse),
 				Shell:       m("/run/current-system/sw/bin/zsh"),
 
 				Container: &hst.ContainerConfig{
@@ -288,7 +288,7 @@ func TestApp(t *testing.T) {
 				Ensure("/tmp/hakurei.0/tmpdir/1", 01700).UpdatePermType(system.User, "/tmp/hakurei.0/tmpdir/1", acl.Read, acl.Write, acl.Execute).
 				Ensure("/run/user/1971/hakurei", 0700).UpdatePermType(system.User, "/run/user/1971/hakurei", acl.Execute).
 				Ensure("/run/user/1971", 0700).UpdatePermType(system.User, "/run/user/1971", acl.Execute). // this is ordered as is because the previous Ensure only calls mkdir if XDG_RUNTIME_DIR is unset
-				UpdatePermType(system.EWayland, "/run/user/1971/wayland-0", acl.Read, acl.Write, acl.Execute).
+				UpdatePermType(hst.EWayland, "/run/user/1971/wayland-0", acl.Read, acl.Write, acl.Execute).
 				Ephemeral(system.Process, "/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1", 0700).UpdatePermType(system.Process, "/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1", acl.Execute).
 				Link("/run/user/1971/pulse/native", "/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1/pulse").
 				CopyFile(nil, "/home/ophestra/xdg/config/pulse/cookie", 256, 256).

internal/app/finalise.go

@@ -241,7 +241,7 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 		}
 
 		// bind GPU stuff
-		if config.Enablements.Unwrap()&(system.EX11|system.EWayland) != 0 {
+		if config.Enablements.Unwrap()&(hst.EX11|hst.EWayland) != 0 {
 			conf.Filesystem = append(conf.Filesystem, hst.FilesystemConfigJSON{FilesystemConfig: &hst.FSBind{Source: container.AbsFHSDev.Append("dri"), Device: true, Optional: true}})
 		}
 		// opportunistically bind kvm
@@ -353,7 +353,7 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 		k.env[term] = t
 	}
 
-	if config.Enablements.Unwrap()&system.EWayland != 0 {
+	if config.Enablements.Unwrap()&hst.EWayland != 0 {
 		// outer wayland socket (usually `/run/user/%d/wayland-%d`)
 		var socketPath *container.Absolute
 		if name, ok := k.lookupEnv(wayland.WaylandDisplay); !ok {
@@ -382,11 +382,11 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 			msg.Verbose("direct wayland access, PROCEED WITH CAUTION")
 			share.ensureRuntimeDir()
 			k.container.Bind(socketPath, innerPath, 0)
-			k.sys.UpdatePermType(system.EWayland, socketPath.String(), acl.Read, acl.Write, acl.Execute)
+			k.sys.UpdatePermType(hst.EWayland, socketPath.String(), acl.Read, acl.Write, acl.Execute)
 		}
 	}
 
-	if config.Enablements.Unwrap()&system.EX11 != 0 {
+	if config.Enablements.Unwrap()&hst.EX11 != 0 {
 		if d, ok := k.lookupEnv(display); !ok {
 			return newWithMessage("DISPLAY is not set")
 		} else {
@@ -410,7 +410,7 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 						return &hst.AppError{Step: fmt.Sprintf("access X11 socket %q", socketPath), Err: err}
 					}
 				} else {
-					k.sys.UpdatePermType(system.EX11, socketPath.String(), acl.Read, acl.Write, acl.Execute)
+					k.sys.UpdatePermType(hst.EX11, socketPath.String(), acl.Read, acl.Write, acl.Execute)
 					if !config.Container.HostAbstract {
 						d = "unix:" + socketPath.String()
 					}
@@ -423,7 +423,7 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 		}
 	}
 
-	if config.Enablements.Unwrap()&system.EPulse != 0 {
+	if config.Enablements.Unwrap()&hst.EPulse != 0 {
 		// PulseAudio runtime directory (usually `/run/user/%d/pulse`)
 		pulseRuntimeDir := share.sc.RuntimePath.Append("pulse")
 		// PulseAudio socket (usually `/run/user/%d/pulse/native`)
@@ -527,7 +527,7 @@ func (k *outcome) finalise(ctx context.Context, msg container.Msg, config *hst.C
 		}
 	}
 
-	if config.Enablements.Unwrap()&system.EDBus != 0 {
+	if config.Enablements.Unwrap()&hst.EDBus != 0 {
 		// ensure dbus session bus defaults
 		if config.SessionBus == nil {
 			config.SessionBus = dbus.NewConfig(config.ID, true, true)

internal/app/process.go

@@ -13,6 +13,7 @@ import (
 	"time"
 
 	"hakurei.app/container"
+	"hakurei.app/hst"
 	"hakurei.app/internal"
 	"hakurei.app/internal/app/state"
 	"hakurei.app/system"
@@ -146,7 +147,7 @@ func (ms mainState) beforeExit(isFault bool) {
 				}
 			}
 
-			var rt system.Enablement
+			var rt hst.Enablement
 			if states, err := c.Load(); err != nil {
 				// it is impossible to continue from this point;
 				// revert per-process state here to limit damage
@@ -182,7 +183,7 @@ func (ms mainState) beforeExit(isFault bool) {
 					}
 				}
 
-				ec |= rt ^ (system.EWayland | system.EX11 | system.EDBus | system.EPulse)
+				ec |= rt ^ (hst.EWayland | hst.EX11 | hst.EDBus | hst.EPulse)
 				if ms.IsVerbose() {
 					if ec > 0 {
 						ms.Verbose("reverting operations scope", system.TypeString(ec))