hst/config: remove symlink field

Closes #6. Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-08-25 22:21:16 +09:00 · 2025-08-25 22:21:16 +09:00 · 9585b35d5b
commit 9585b35d5b
parent 26cafe3e80
8 changed files with 68 additions and 105 deletions
--- a/cmd/hakurei/print_test.go
+++ b/cmd/hakurei/print_test.go
@ -51,8 +51,8 @@ Filesystem
 w+ephemeral(-rwxr-xr-x):/tmp/
 w*/nix/store:/mnt-root/nix/.rw-store/upper:/mnt-root/nix/.rw-store/work:/mnt-root/nix/.ro-store
 */nix/store
- */run/current-system
- */run/opengl-driver
+ &/run/current-system:*/run/current-system
+ &/run/opengl-driver:*/run/opengl-driver
 w*/var/lib/hakurei/u0/org.chromium.Chromium:/data/data/org.chromium.Chromium
 d+/dev/dri

@ -128,8 +128,8 @@ Filesystem
 w+ephemeral(-rwxr-xr-x):/tmp/
 w*/nix/store:/mnt-root/nix/.rw-store/upper:/mnt-root/nix/.rw-store/work:/mnt-root/nix/.ro-store
 */nix/store
- */run/current-system
- */run/opengl-driver
+ &/run/current-system:*/run/current-system
+ &/run/opengl-driver:*/run/opengl-driver
 w*/var/lib/hakurei/u0/org.chromium.Chromium:/data/data/org.chromium.Chromium
 d+/dev/dri

@ -310,12 +310,16 @@ App
          "src": "/nix/store"
        },
        {
-          "type": "bind",
-          "src": "/run/current-system"
+          "type": "link",
+          "dst": "/run/current-system",
+          "linkname": "/run/current-system",
+          "dereference": true
        },
        {
-          "type": "bind",
-          "src": "/run/opengl-driver"
+          "type": "link",
+          "dst": "/run/opengl-driver",
+          "linkname": "/run/opengl-driver",
+          "dereference": true
        },
        {
          "type": "bind",
@ -329,12 +333,6 @@ App
          "dev": true,
          "optional": true
        }
-      ],
-      "symlink": [
-        {
-          "target": "/run/user/65534",
-          "linkname": "/run/user/150"
-        }
      ]
    }
  },
@ -468,12 +466,16 @@ App
        "src": "/nix/store"
      },
      {
-        "type": "bind",
-        "src": "/run/current-system"
+        "type": "link",
+        "dst": "/run/current-system",
+        "linkname": "/run/current-system",
+        "dereference": true
      },
      {
-        "type": "bind",
-        "src": "/run/opengl-driver"
+        "type": "link",
+        "dst": "/run/opengl-driver",
+        "linkname": "/run/opengl-driver",
+        "dereference": true
      },
      {
        "type": "bind",
@ -487,12 +489,6 @@ App
        "dev": true,
        "optional": true
      }
-    ],
-    "symlink": [
-      {
-        "target": "/run/user/65534",
-        "linkname": "/run/user/150"
-      }
    ]
  }
 }
@ -680,12 +676,16 @@ func Test_printPs(t *testing.T) {
            "src": "/nix/store"
          },
          {
-            "type": "bind",
-            "src": "/run/current-system"
+            "type": "link",
+            "dst": "/run/current-system",
+            "linkname": "/run/current-system",
+            "dereference": true
          },
          {
-            "type": "bind",
-            "src": "/run/opengl-driver"
+            "type": "link",
+            "dst": "/run/opengl-driver",
+            "linkname": "/run/opengl-driver",
+            "dereference": true
          },
          {
            "type": "bind",
@ -699,12 +699,6 @@ func Test_printPs(t *testing.T) {
            "dev": true,
            "optional": true
          }
-        ],
-        "symlink": [
-          {
-            "target": "/run/user/65534",
-            "linkname": "/run/user/150"
-          }
        ]
      }
    },
--- a/cmd/hpkg/app.go
+++ b/cmd/hpkg/app.go
@ -96,6 +96,9 @@ func (app *appInfo) toHst(pathSet *appPathSet, pathname *container.Absolute, arg
 			Filesystem: []hst.FilesystemConfigJSON{
 				{FilesystemConfig: &hst.FSBind{Target: container.AbsFHSEtc, Source: pathSet.cacheDir.Append("etc"), Special: true}},
 				{FilesystemConfig: &hst.FSBind{Source: pathSet.nixPath.Append("store"), Target: pathNixStore}},
+				{FilesystemConfig: &hst.FSLink{Target: pathCurrentSystem, Linkname: app.CurrentSystem.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: pathBin, Linkname: pathSwBin.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: container.AbsFHSUsrBin, Linkname: pathSwBin.String()}},
 				{FilesystemConfig: &hst.FSBind{Source: pathSet.metaPath, Target: hst.AbsTmp.Append("app")}},
 				{FilesystemConfig: &hst.FSBind{Source: container.AbsFHSEtc.Append("resolv.conf"), Optional: true}},
 				{FilesystemConfig: &hst.FSBind{Source: container.AbsFHSSys.Append("block"), Optional: true}},
@ -104,11 +107,6 @@ func (app *appInfo) toHst(pathSet *appPathSet, pathname *container.Absolute, arg
 				{FilesystemConfig: &hst.FSBind{Source: container.AbsFHSSys.Append("dev"), Optional: true}},
 				{FilesystemConfig: &hst.FSBind{Source: container.AbsFHSSys.Append("devices"), Optional: true}},
 			},
-			Link: []hst.LinkConfig{
-				{pathCurrentSystem, app.CurrentSystem.String()},
-				{pathBin, pathSwBin.String()},
-				{container.AbsFHSUsrBin, pathSwBin.String()},
-			},
 		},
 		ExtraPerms: []*hst.ExtraPermConfig{
 			{Path: dataHome, Execute: true},
--- a/cmd/hpkg/with.go
+++ b/cmd/hpkg/with.go
@ -51,11 +51,9 @@ func withNixDaemon(
 			Filesystem: []hst.FilesystemConfigJSON{
 				{FilesystemConfig: &hst.FSBind{Target: container.AbsFHSEtc, Source: pathSet.cacheDir.Append("etc"), Special: true}},
 				{FilesystemConfig: &hst.FSBind{Source: pathSet.nixPath, Target: pathNix, Write: true}},
-			},
-			Link: []hst.LinkConfig{
-				{pathCurrentSystem, app.CurrentSystem.String()},
-				{pathBin, pathSwBin.String()},
-				{container.AbsFHSUsrBin, pathSwBin.String()},
+				{FilesystemConfig: &hst.FSLink{Target: pathCurrentSystem, Linkname: app.CurrentSystem.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: pathBin, Linkname: pathSwBin.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: container.AbsFHSUsrBin, Linkname: pathSwBin.String()}},
 			},
 		},
 	}), dropShell, beforeFail)
@ -90,13 +88,11 @@ func withCacheDir(
 			Filesystem: []hst.FilesystemConfigJSON{
 				{FilesystemConfig: &hst.FSBind{Target: container.AbsFHSEtc, Source: workDir.Append(container.FHSEtc), Special: true}},
 				{FilesystemConfig: &hst.FSBind{Source: workDir.Append("nix"), Target: pathNix}},
+				{FilesystemConfig: &hst.FSLink{Target: pathCurrentSystem, Linkname: app.CurrentSystem.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: pathBin, Linkname: pathSwBin.String()}},
+				{FilesystemConfig: &hst.FSLink{Target: container.AbsFHSUsrBin, Linkname: pathSwBin.String()}},
 				{FilesystemConfig: &hst.FSBind{Source: workDir, Target: hst.AbsTmp.Append("bundle")}},
 			},
-			Link: []hst.LinkConfig{
-				{pathCurrentSystem, app.CurrentSystem.String()},
-				{pathBin, pathSwBin.String()},
-				{container.AbsFHSUsrBin, pathSwBin.String()},
-			},
 		},
 	}, dropShell, beforeFail)
 }
--- a/hst/config.go
+++ b/hst/config.go
@ -96,16 +96,6 @@ type (
 		// container mount points;
 		// if the first element targets /, it is inserted early and excluded from path hiding
 		Filesystem []FilesystemConfigJSON `json:"filesystem"`
-		// create symlinks inside container filesystem
-		Link []LinkConfig `json:"symlink"`
-	}
-
-	LinkConfig struct {
-		// symlink target in container
-		Target *container.Absolute `json:"target"`
-		// linkname the symlink points to;
-		// prepend '*' to dereference an absolute pathname on host
-		Linkname string `json:"linkname"`
 	}
 )

--- a/hst/hst.go
+++ b/hst/hst.go
@ -107,13 +107,12 @@ func Template() *Config {
 					Work:   container.MustAbs("/mnt-root/nix/.rw-store/work"),
 				}},
 				{&FSBind{Source: container.MustAbs("/nix/store")}},
-				{&FSBind{Source: container.AbsFHSRun.Append("current-system")}},
-				{&FSBind{Source: container.AbsFHSRun.Append("opengl-driver")}},
+				{&FSLink{Target: container.AbsFHSRun.Append("current-system"), Linkname: "/run/current-system", Dereference: true}},
+				{&FSLink{Target: container.AbsFHSRun.Append("opengl-driver"), Linkname: "/run/opengl-driver", Dereference: true}},
 				{&FSBind{Source: container.AbsFHSVarLib.Append("hakurei/u0/org.chromium.Chromium"),
 					Target: container.MustAbs("/data/data/org.chromium.Chromium"), Write: true}},
 				{&FSBind{Source: container.AbsFHSDev.Append("dri"), Device: true, Optional: true}},
 			},
-			Link: []LinkConfig{{container.AbsFHSRunUser.Append("65534"), container.FHSRunUser + "150"}},
 		},
 	}
 }
--- a/hst/hst_test.go
+++ b/hst/hst_test.go
@ -135,12 +135,16 @@ func TestTemplate(t *testing.T) {
 				"src": "/nix/store"
 			},
 			{
-				"type": "bind",
-				"src": "/run/current-system"
+				"type": "link",
+				"dst": "/run/current-system",
+				"linkname": "/run/current-system",
+				"dereference": true
 			},
 			{
-				"type": "bind",
-				"src": "/run/opengl-driver"
+				"type": "link",
+				"dst": "/run/opengl-driver",
+				"linkname": "/run/opengl-driver",
+				"dereference": true
 			},
 			{
 				"type": "bind",
@ -154,12 +158,6 @@ func TestTemplate(t *testing.T) {
 				"dev": true,
 				"optional": true
 			}
-		],
-		"symlink": [
-			{
-				"target": "/run/user/65534",
-				"linkname": "/run/user/150"
-			}
 		]
 	}
 }`
--- a/internal/app/container_linux.go
+++ b/internal/app/container_linux.go
@ -44,7 +44,7 @@ func newContainer(s *hst.ContainerConfig, os sys.State, prefix string, uid, gid
 		AutoEtcPrefix: prefix,
 	}
 	{
-		ops := make(container.Ops, 0, preallocateOpsCount+len(s.Filesystem)+len(s.Link))
+		ops := make(container.Ops, 0, preallocateOpsCount+len(s.Filesystem))
 		params.Ops = &ops
 		as.Ops = &ops
 	}
@ -231,19 +231,6 @@ func newContainer(s *hst.ContainerConfig, os sys.State, prefix string, uid, gid
 		}
 	}

-	for i, l := range s.Link {
-		if l.Target == nil || l.Linkname == "" {
-			return nil, nil, fmt.Errorf("invalid link at index %d", i)
-		}
-		linkname := l.Linkname
-		var dereference bool
-		if linkname[0] == '*' && path.IsAbs(linkname[1:]) {
-			linkname = linkname[1:]
-			dereference = true
-		}
-		params.Link(l.Target, linkname, dereference)
-	}
-
 	// no more ContainerConfig paths beyond this point
 	if !s.Device {
 		params.Remount(container.AbsFHSDev, syscall.MS_RDONLY)
--- a/nixos.nix
+++ b/nixos.nix
@ -188,28 +188,29 @@ in
                            src = "/etc/";
                            special = true;
                          }
-                        ];
-
-                      symlink = [
-                        {
-                          target = "/run/current-system";
-                          linkname = "*/run/current-system";
-                        }
-                      ]
-                      ++ optionals (isGraphical && config.hardware.graphics.enable) (
-                        [
                          {
-                            target = "/run/opengl-driver";
-                            linkname = config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver"."L+".argument;
+                            type = "link";
+                            dst = "/run/current-system";
+                            linkname = "/run/current-system";
+                            dereference = true;
                          }
                        ]
-                        ++ optionals (app.multiarch && config.hardware.graphics.enable32Bit) [
-                          {
-                            target = "/run/opengl-driver-32";
-                            linkname = config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver-32"."L+".argument;
-                          }
-                        ]
-                      );
+                        ++ optionals (isGraphical && config.hardware.graphics.enable) (
+                          [
+                            {
+                              type = "link";
+                              dst = "/run/opengl-driver";
+                              linkname = config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver"."L+".argument;
+                            }
+                          ]
+                          ++ optionals (app.multiarch && config.hardware.graphics.enable32Bit) [
+                            {
+                              type = "link";
+                              dst = "/run/opengl-driver-32";
+                              linkname = config.systemd.tmpfiles.settings.graphics-driver."/run/opengl-driver-32"."L+".argument;
+                            }
+                          ]
+                        );
                    };
                  };