hakurei

Author	SHA1	Message	Date
Ophestra Umiker	2faf510146	helper/bwrap: ordered filesystem args The argument builder was written based on the incorrect assumption that bwrap arguments are unordered. The argument builder is replaced in this commit to correct that mistake. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-15 02:15:55 +09:00
Ophestra Umiker	1302bcede0	init: custom init process inside sandbox Bubblewrap as init is a bit awkward and don't support a few setup actions fortify will need, such as starting/supervising nscd. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-14 02:27:02 +09:00
Ophestra Umiker	3739b56504	shim: update payload comment Generating permissive default no longer happens in shim. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-13 17:19:50 +09:00
Ophestra Umiker	77f2c320a6	shim: re-exec self on startup Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-13 16:56:10 +09:00
Ophestra Umiker	b470941911	shim: get rid of insane launch condition Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-13 12:09:38 +09:00
Ophestra Umiker	e4536b87ad	app: generate and replace passwd and group files This ensures libc functions get correct user information. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-13 02:43:00 +09:00
Ophestra Umiker	3ddfd76cdf	shim: use bwrap config as it is Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-11 04:13:56 +09:00
Ophestra Umiker	b86fa6b4c9	shim: new shim implementation This implementation of shim accepts configuration as a gob stream over a unix socket, with support for mediating access to wayland via WAYLAND_SOCKET fd. All configuration is now included in the payload, and child is started inside bwrap configured with supplied bwrap.Config. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-10-11 01:55:33 +09:00

8 Commits