security/hakurei
6
3
Fork 0
Code Issues 10 Pull Requests Actions Packages Projects Releases 11 Wiki Activity

system/wayland: hang up security-context-v1 internally
All checks were successful
Test / Create distribution (push) Successful in 33s
Details
Test / Sandbox (push) Successful in 39s
Details
Test / Sandbox (race detector) (push) Successful in 40s
Details
Test / Hakurei (push) Successful in 43s
Details
Test / Hakurei (race detector) (push) Successful in 44s
Details
Test / Hpkg (push) Successful in 41s
Details
Test / Flake checks (push) Successful in 1m26s
Details

Browse Source 
This should have been an implementation detail and should not be up to the caller to close.

Signed-off-by: Ophestra <cat@gensokyo.uk>
This commit is contained in:
Ophestra
2025-10-05 03:19:37 +09:00
parent eb5ee4fece
commit 8ace214832
6 changed files with 50 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/app/spwayland.go
View File

@@ -1,8 +1,6 @@
package app
import (
"os"
"hakurei.app/container"
"hakurei.app/hst"
"hakurei.app/system/acl"
@@ -13,10 +11,6 @@ import (
type spWaylandOp struct {
// Path to host wayland socket. Populated during toSystem if DirectWayland is true.
SocketPath *container.Absolute
// Address to write the security-context-v1 synchronisation fd [os.File] address to.
// Only populated for toSystem.
sync **os.File
}
func (s *spWaylandOp) toSystem(state *outcomeStateSys, config *hst.Config) error {
@@ -38,7 +32,7 @@ func (s *spWaylandOp) toSystem(state *outcomeStateSys, config *hst.Config) error
appID = "app.hakurei." + state.id.String()
}
// downstream socket paths
state.sys.Wayland(s.sync, state.instance().Append("wayland"), socketPath, appID, state.id.String())
state.sys.Wayland(state.instance().Append("wayland"), socketPath, appID, state.id.String())
} else { // bind mount wayland socket (insecure)
state.msg.Verbose("direct wayland access, PROCEED WITH CAUTION")
state.ensureRuntimeDir()