hakurei

Author	SHA1	Message	Date
Ophestra	3b8a3d3b00	app: remount root readonly All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Sandbox (push) Successful in 41s Details Test / Sandbox (race detector) (push) Successful in 42s Details Test / Hakurei (race detector) (push) Successful in 45s Details Test / Hpkg (push) Successful in 44s Details Test / Hakurei (push) Successful in 2m13s Details Test / Flake checks (push) Successful in 1m25s Details This does nothing for security, but should help avoid hiding bugs of programs developed in a hakurei container. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-08-01 23:56:28 +09:00
Ophestra	ec33061c92	nix: remove nscd cover All checks were successful Test / Create distribution (push) Successful in 33s Details Test / Hpkg (push) Successful in 40s Details Test / Sandbox (push) Successful in 1m30s Details Test / Hakurei (push) Successful in 2m18s Details Test / Sandbox (race detector) (push) Successful in 2m21s Details Test / Hakurei (race detector) (push) Successful in 2m50s Details Test / Flake checks (push) Successful in 1m15s Details This is a pd workaround that does nothing in the nixos module. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-08-01 22:04:58 +09:00
Ophestra	547a2adaa4	container/mount: pass tmpfs flags All checks were successful Test / Create distribution (push) Successful in 32s Details Test / Sandbox (push) Successful in 2m1s Details Test / Sandbox (race detector) (push) Successful in 3m57s Details Test / Hpkg (push) Successful in 3m55s Details Test / Hakurei (race detector) (push) Successful in 4m30s Details Test / Hakurei (push) Successful in 2m18s Details Test / Flake checks (push) Successful in 1m14s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-08-01 18:59:06 +09:00
Ophestra	625632c593	nix: update flake lock All checks were successful Test / Create distribution (push) Successful in 39s Details Test / Sandbox (race detector) (push) Successful in 50s Details Test / Sandbox (push) Successful in 52s Details Test / Planterette (push) Successful in 50s Details Test / Hakurei (race detector) (push) Successful in 57s Details Test / Hakurei (push) Successful in 59s Details Test / Flake checks (push) Successful in 1m53s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-26 18:57:54 +09:00
Ophestra	749a2779f5	test/sandbox: add arm64 constants All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Sandbox (push) Successful in 40s Details Test / Hakurei (push) Successful in 42s Details Test / Hakurei (race detector) (push) Successful in 42s Details Test / Sandbox (race detector) (push) Successful in 38s Details Test / Planterette (push) Successful in 40s Details Test / Flake checks (push) Successful in 1m30s Details Most of these are differences in qemu. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-09 05:36:35 +09:00
Ophestra	e574042d76	test/sandbox: verify seccomp on all test cases All checks were successful Test / Hakurei (push) Successful in 42s Details Test / Sandbox (push) Successful in 39s Details Test / Hakurei (race detector) (push) Successful in 41s Details Test / Create distribution (push) Successful in 33s Details Test / Sandbox (race detector) (push) Successful in 39s Details Test / Planterette (push) Successful in 41s Details Test / Flake checks (push) Successful in 1m17s Details This change also makes seccomp hashes cross-platform. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-07-09 04:21:35 +09:00

6 Commits