hakurei

Author	SHA1	Message	Date
Ophestra	673b648bd3	cmd/fpkg: call app in-process All checks were successful Test / Create distribution (push) Successful in 28s Details Test / Fortify (push) Successful in 2m31s Details Test / Data race detector (push) Successful in 3m25s Details Test / Fpkg (push) Successful in 3m29s Details Test / Flake checks (push) Successful in 55s Details Wrapping fortify is slow, painful and error-prone. Start apps in-process instead. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 19:51:44 +09:00
Ophestra	45ad788c6d	cmd/fsu: allow switch from fpkg All checks were successful Test / Create distribution (push) Successful in 32s Details Test / Fortify (push) Successful in 2m12s Details Test / Data race detector (push) Successful in 2m30s Details Test / Fpkg (push) Successful in 3m8s Details Test / Flake checks (push) Successful in 49s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 19:42:28 +09:00
Ophestra	12c6d66bfd	cmd/fpkg/test: nixos test fpkg install/start All checks were successful Test / Create distribution (push) Successful in 27s Details Test / Fortify (push) Successful in 2m33s Details Test / Data race detector (push) Successful in 3m25s Details Test / Fpkg (push) Successful in 38m26s Details Test / Flake checks (push) Successful in 54s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 13:12:16 +09:00
Ophestra	d7d2bd33ed	cmd/fpkg/build: expose nixos configuration All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Fortify (push) Successful in 36s Details Test / Data race detector (push) Successful in 36s Details Test / Flake checks (push) Successful in 44s Details This should be used sparingly as the NixOS closure is in the bootstrap store which compresses rather poorly. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:31:18 +09:00
Ophestra	4fa38d6063	cmd/fpkg: use fortify path from internal All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Fortify (push) Successful in 2m28s Details Test / Data race detector (push) Successful in 3m22s Details Test / Flake checks (push) Successful in 43s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-26 12:16:35 +09:00
Ophestra	a5d2f040fb	cmd/fpkg/build: run final build step in nix All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Fortify (push) Successful in 34s Details Test / Data race detector (push) Successful in 34s Details Test / Flake checks (push) Successful in 41s Details This used to be a script that had to be run outside of nix because the sandbox disallows access to nix store state. Turns out closureInfo is the proper way to do that. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-25 23:53:18 +09:00
Ophestra	e6cd2bb2a8	cmd/fpkg: integrate command handler All checks were successful Test / Create distribution (push) Successful in 18s Details Test / Fortify (push) Successful in 34s Details Test / Data race detector (push) Successful in 1m39s Details Test / Flake checks (push) Successful in 39s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 23:25:12 +09:00
Ophestra	0fb72e5d99	cmd/fpkg/build: prepend extra nix flags All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Data race detector (push) Successful in 35s Details Test / Fortify (push) Successful in 35s Details Test / Flake checks (push) Successful in 39s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 20:21:09 +09:00
Ophestra	8bf162820b	nix: separate fsu from package All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 7m25s Details This appears to be the only way to build them with different configuration. This enables static linking in the main package. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-23 18:13:37 +09:00
Ophestra	eb0c16dd8c	cmd/fpkg: rename buildPackage file All checks were successful Test / Create distribution (push) Successful in 26s Details Test / Run NixOS test (push) Successful in 50s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-21 18:13:34 +09:00
Ophestra	4fa1e97026	cmd/fpkg: rename shell to shellPath All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m26s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-21 17:50:20 +09:00
Ophestra	90cb01b274	system: move out of internal All checks were successful Test / Create distribution (push) Successful in 25s Details Test / Run NixOS test (push) Successful in 3m17s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-17 19:00:43 +09:00
Ophestra	e599b5583d	fmsg: implement suspend in writer All checks were successful Test / Create distribution (push) Successful in 24s Details Test / Run NixOS test (push) Successful in 2m18s Details This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-16 18:51:53 +09:00
Ophestra	1fd571d561	cmd/fsu: check parse behaviour All checks were successful Test / Run NixOS test (push) Successful in 10m33s Details Test / Create distribution (push) Successful in 1m8s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 16:43:55 +09:00
Ophestra	be30e2f11e	cmd/fsu: revert offset in error message All checks were successful Test / Create distribution (push) Successful in 51s Details Test / Run NixOS test (push) Successful in 3m39s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-02-14 15:31:39 +09:00
Ophestra	134247b57d	nix: configure target users via nixos All checks were successful Build / Create distribution (push) Successful in 2m0s Details Test / Run NixOS test (push) Successful in 3m46s Details This makes patching home-manager no longer necessary. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-23 17:04:19 +09:00
Ophestra	580128922b	cmd/fpkg: expose syscall policy options All checks were successful Build / Create distribution (push) Successful in 1m34s Details Test / Run NixOS test (push) Successful in 3m44s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-22 12:01:30 +09:00
Ophestra	7baca66a56	proc: remove duplicate compile-time fortify reference All checks were successful Build / Create distribution (push) Successful in 1m46s Details Test / Run NixOS test (push) Successful in 3m44s Details This is no longer needed since shim and init are now part of the main program. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-18 11:59:33 +09:00
Ophestra	27d2914286	proc/priv/init: merge init into main program All checks were successful Build / Create distribution (push) Successful in 1m47s Details Test / Run NixOS test (push) Successful in 3m46s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-18 11:47:01 +09:00
Ophestra	ea8f228af3	proc/priv/shim: merge shim into main program All checks were successful Build / Create distribution (push) Successful in 2m15s Details Test / Run NixOS test (push) Successful in 2m53s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-17 23:43:32 +09:00
Ophestra	124743ffd3	app: expose single run method All checks were successful Tests / Go tests (push) Successful in 1m1s Details Nix / NixOS tests (push) Successful in 3m20s Details App is no longer just a simple [exec.Cmd] wrapper, so exposing these steps separately no longer makes sense and actually hinders proper error handling, cleanup and cancellation. This change removes the five-second wait when the shim dies before receiving the payload, and provides caller the ability to gracefully stop execution of the confined process. Signed-off-by: Ophestra <cat@gensokyo.uk>	2025-01-15 23:39:51 +09:00
Ophestra	22a4b99674	cmd/fpkg/install: deduplicate nix store All checks were successful Tests / Go tests (push) Successful in 41s Details Nix / NixOS tests (push) Successful in 4m43s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-30 02:25:04 +09:00
Ophestra	1464ef774b	cmd/fpkg: expose nixGL wrappers All checks were successful Tests / Go tests (push) Successful in 35s Details Nix / NixOS tests (push) Successful in 4m6s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-30 02:02:20 +09:00
Ophestra	66ba4cea5c	cmd/fpkg: remove workDir acl from activation All checks were successful Tests / Go tests (push) Successful in 33s Details Nix / NixOS tests (push) Successful in 3m56s Details Activation does not require access to workDir, and by this point all information is available in dataHome. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 23:48:45 +09:00
Ophestra	f8d0786509	cmd/fpkg: include nixGL source in inner store All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 4m24s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 23:37:11 +09:00
Ophestra	aff80b6b00	cmd/fpkg: optional network access when invoking with nix daemon All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 3m36s Details This is useful for building nixGL. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 18:32:44 +09:00
Ophestra	a98a176907	cmd/fpkg: bind and document more gpu devices All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 3m40s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 18:25:26 +09:00
Ophestra	5302879b88	cmd/fpkg: improve readability of fortify invocations All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 3m41s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 17:55:56 +09:00
Ophestra	891b3cbde7	cmd/fpkg: compare all three store paths All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 3m39s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 17:10:41 +09:00
Ophestra	c795293f36	cmd/fpkg: clean up broken links before activation All checks were successful Tests / Go tests (push) Successful in 35s Details Nix / NixOS tests (push) Successful in 3m38s Details Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 15:21:40 +09:00
Ophestra	c1a459a0b1	cmd/fpkg/start: correct drop to shell wording All checks were successful Tests / Go tests (push) Successful in 52s Details Nix / NixOS tests (push) Successful in 4m27s Details Activation no longer happens during application startup. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-29 00:56:14 +09:00
Ophestra	e0e2f40e84	cmd/fpkg: app bundle helper All checks were successful Tests / Go tests (push) Successful in 43s Details Nix / NixOS tests (push) Successful in 4m25s Details This helper program creates fortify configuration for running an application bundle. The activate action wraps a home-manager activation package and ensures each generation gets activated once. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-26 13:21:49 +09:00
Ophestra	9b206072fa	cmd/fshim: ensure data directory All checks were successful Tests / Go tests (push) Successful in 36s Details Nix / NixOS tests (push) Successful in 3m33s Details Ensuring home directory in shim causes the directory to be owned by the target user. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-28 14:39:01 +09:00
Ophestra	0a2aa5823b	cmd/fshim: bind finit inside sandbox All checks were successful Tests / Go tests (push) Successful in 34s Details Nix / NixOS tests (push) Successful in 3m32s Details The outer finit executable is normally inaccessible inside the sandbox. This was obscured by the current Nix-based setup exposing /nix/store to the sandbox. Signed-off-by: Ophestra <cat@gensokyo.uk>	2024-12-27 14:44:57 +09:00
Ophestra Umiker	df6fc298f6	migrate to git.gensokyo.uk/security/fortify All checks were successful Tests / Go tests (push) Successful in 2m55s Details Nix / NixOS tests (push) Successful in 5m10s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-20 00:20:02 +09:00
Ophestra Umiker	52f21a19f3	cmd/fshim: switch to setup pipe All checks were successful Tests / Go tests (push) Successful in 38s Details Nix / NixOS tests (push) Successful in 5m43s Details The socket-based approach is no longer necessary as fsu allows extra files and sudo compatibility is no longer relevant. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-18 19:39:25 +09:00
Ophestra Umiker	7be53a2438	cmd/fshim: switch to generic setup func All checks were successful Tests / Go tests (push) Successful in 38s Details Nix / NixOS tests (push) Successful in 5m47s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-18 17:20:31 +09:00
Ophestra Umiker	f69e8e753e	cmd/finit: switch to generic receive func All checks were successful Tests / Go tests (push) Successful in 38s Details Nix / NixOS tests (push) Successful in 5m40s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-18 16:49:19 +09:00
Ophestra Umiker	b453f70ca2	cmd/fsu: check uid range before syscall All checks were successful Tests / Go tests (push) Successful in 43s Details Nix / NixOS tests (push) Successful in 5m0s Details This limits potential exploits to the fortify uid range. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-17 13:01:36 +09:00
Ophestra Umiker	33c95b80ca	cmd/fuserdb: rename home directories All checks were successful test / test (push) Successful in 36s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-07 20:23:46 +09:00
Ophestra Umiker	cc816a1aaa	proc: cleaner extra files All checks were successful test / test (push) Successful in 37s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-06 16:05:04 +09:00
Ophestra Umiker	b3ef53b193	app: integrate security-context-v1 All checks were successful test / test (push) Successful in 37s Details Should be able to get rid of XDG_RUNTIME_DIR share after this. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-12-06 04:25:33 +09:00
Ophestra Umiker	ae2628e57a	cmd/fshim/ipc: install signal handler on shim start All checks were successful test / test (push) Successful in 20s Details Getting killed at this point will result in inconsistent state. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-18 13:33:46 +09:00
Ophestra Umiker	2e23cef7bb	cmd/fuserdb: generate group entries Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-17 23:31:06 +09:00
Ophestra Umiker	6a6d30af1f	cmd/fuserdb: systemd userdb drop-in entries generator All checks were successful test / test (push) Successful in 20s Details This provides user records via nss-systemd. Static drop-in entries are generated to reduce complexity and attack surface. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-17 02:16:02 +09:00
Ophestra Umiker	df33123bd7	app: integrate fsu All checks were successful test / test (push) Successful in 21s Details This removes the dependency on external user switchers like sudo/machinectl and decouples fortify user ids from the passwd database. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-16 21:19:45 +09:00
Ophestra Umiker	45fead18c3	cmd/fshim: set no_new_privs flag Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-09 11:50:56 +09:00
Ophestra Umiker	88abcbe0b2	cmd/fsu: remove import of internal package All checks were successful test / test (push) Successful in 24s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-04 12:32:14 +09:00
Ophestra Umiker	8cd3651bb6	cmd/fshim/ipc: friendly setup timeout message All checks were successful test / test (push) Successful in 22s Details This message eventually gets returned by the app's Start method, so they should be wrapped to provide a friendly message. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-03 02:03:30 +09:00
Ophestra Umiker	584732f80a	cmd: shim and init into separate binaries All checks were successful test / test (push) Successful in 19s Details This change also fixes a deadlock when shim fails to connect and complete the setup. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-02 03:13:57 +09:00

1 2 3 4

152 Commits