hakurei

Author	SHA1	Message	Date
Ophestra	9a1f8e129f	sandbox: wrap fmsg interface All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Fortify (push) Successful in 2m27s Details Test / Fpkg (push) Successful in 3m36s Details Test / Data race detector (push) Successful in 4m16s Details Test / Flake checks (push) Successful in 55s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 02:44:07 +09:00
Ophestra	44277dc0f1	dbus: run in native sandbox All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Fortify (push) Successful in 2m31s Details Test / Fpkg (push) Successful in 3m25s Details Test / Data race detector (push) Successful in 4m5s Details Test / Flake checks (push) Successful in 53s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-17 00:13:14 +09:00
Ophestra	273d97af85	ldd: lib paths resolve function All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Fortify (push) Successful in 2m37s Details Test / Fpkg (push) Successful in 3m37s Details Test / Data race detector (push) Successful in 3m50s Details Test / Flake checks (push) Successful in 56s Details This is what always happens right after a ldd call, so implement it here. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-16 01:20:09 +09:00
Ophestra	891316d924	helper/stub: copy args to stderr All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Fortify (push) Successful in 2m33s Details Test / Fpkg (push) Successful in 3m30s Details Test / Data race detector (push) Successful in 3m52s Details Test / Flake checks (push) Successful in 53s Details Some helpers are implemented via go test itself in tests, and as a result stdout gets clobbered. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-16 00:39:42 +09:00
Ophestra	6e7ddb2d2e	helper: eliminate commandContext replacement All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Fortify (push) Successful in 2m44s Details Test / Fpkg (push) Successful in 3m42s Details Test / Data race detector (push) Successful in 3m51s Details Test / Flake checks (push) Successful in 57s Details This is done more cleanly by modifying Args in cmdF. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-03-16 00:01:25 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m18s Details This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	ace97952cc	helper/bwrap: merge Args and FDArgs All checks were successful Test / Create distribution (push) Successful in 1m13s Details Test / Run NixOS test (push) Successful in 4m34s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 18:13:06 +09:00
Ophestra	fe7d208cf7	helper: use generic extra files interface All checks were successful Test / Create distribution (push) Successful in 1m38s Details Test / Run NixOS test (push) Successful in 4m36s Details This replaces the pipes object and integrates context into helper process lifecycle. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-13 23:34:15 +09:00
Ophestra Umiker	df6fc298f6	migrate to git.gensokyo.uk/security/fortify All checks were successful Tests / Go tests (push) Successful in 2m55s Details Nix / NixOS tests (push) Successful in 5m10s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-20 00:20:02 +09:00
Ophestra Umiker	ae1a102882	fmsg: support temporarily withholding output All checks were successful test / test (push) Successful in 31s Details Trying to print to a shared stdout is a terrible idea. This change makes it possible to withhold output for the lifetime of the sandbox. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-26 23:09:32 +09:00
Ophestra Umiker	65af1684e3	migrate to git.ophivana.moe/security/fortify All checks were successful test / test (push) Successful in 14s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-20 19:50:13 +09:00
Ophestra Umiker	c201c30c7f	helper/bwrap: check args only for internal tests Tests internal to the helper package sets crash-test-dummy as the command whenever a launch is expected to go through, and the hardcoded args are only valid for internal tests, so this characteristic is used here to exclude external tests that pass real program names and custom bwrap configurations. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-09 00:21:31 +09:00
Ophestra Umiker	7c7999e9e5	helper: implementation of helper.Helper using bwrap Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-08 18:02:38 +09:00
Ophestra Umiker	9647eb6a6b	helper: separate pipes from Helper Upcoming bwrap helper implementation requires two sets of pipes to be managed, fd will also no longer be constant. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-07 12:48:20 +09:00
Ophestra Umiker	18d9ce733e	helper: test non-existent helpers Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-06 16:00:59 +09:00
Ophestra Umiker	7e7327ebf8	helper: export internal stub functions for cross-package testing Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-09-29 15:22:35 +09:00

16 Commits