e599b5583d 
							
						 
					 
					
						
						
							
							fmsg: implement suspend in writer  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 24s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 2m18s 
				
			 
		
		
	 
 
	 
						
						This removes the requirement to call fmsg.Exit on every exit path, and enables direct use of the "log" package. However, fmsg.BeforeExit is still encouraged when possible to catch exit on suspended output.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-16 18:51:53 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							33a4ab11c2 
							
						 
					 
					
						
						
							
							internal: move shim and init into app  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 24s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 2m7s 
				
			 
		
		
	 
 
	 
						
						This structure makes more sense, as both processes are part of an app's lifecycle.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-16 16:28:46 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1fa5e992e4 
							
						 
					 
					
						
						
							
							helper/bwrap: expose address of DataConfig  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 24s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 2m7s 
				
			 
		
		
	 
 
	 
						
						This allows the caller to defer fulfilling its payload.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-16 12:33:59 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							c667b13a00 
							
						 
					 
					
						
						
							
							system: separate link Op implementation  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 24s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 2m13s 
				
			 
		
		
	 
 
	 
						
						This Op would still be useful after replacing the Tmpfiles interface, so isolate it here.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-16 12:15:26 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							90b86a5531 
							
						 
					 
					
						
						
							
							release: 0.2.14  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Release / Create release (push) Successful in 24s 
				
			 
		
			
				
	Test / Create distribution (push) Successful in 18s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 50s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 23:05:02 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f545e154f0 
							
						 
					 
					
						
						
							
							workflows: use native nix runner  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 20s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 51s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 22:58:04 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							268a90f1a5 
							
						 
					 
					
						
						
							
							app: improve WAYLAND_DISPLAY correctness  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 46s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m35s 
				
			 
		
		
	 
 
	 
						
						This now has identical behaviour as wayland C library.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 14:45:09 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3054527ca5 
							
						 
					 
					
						
						
							
							fortify: prevent exit status 0 on app failure  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 46s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m37s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 14:40:19 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ddb2f9c11b 
							
						 
					 
					
						
						
							
							app: remove wayland socket hard link  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m32s 
				
			 
		
		
	 
 
	 
						
						This Op was not doing anything useful.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 10:54:00 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6ae02e72fa 
							
						 
					 
					
						
						
							
							nix: test direct_wayland behaviour  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 47s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m35s 
				
			 
		
		
	 
 
	 
						
						This should never be used outside tests unless you absolutely know what you're doing or are using GNOME.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 10:45:27 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							989fb5395f 
							
						 
					 
					
						
						
							
							nix: remove unused configuration  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m30s 
				
			 
		
		
	 
 
	 
						
						User setup no longer depends on userdb.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 10:10:42 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f955b15b84 
							
						 
					 
					
						
						
							
							system: remove write mode tmpfiles  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 57s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m42s 
				
			 
		
		
	 
 
	 
						
						This interface is ugly and bug-prone. This change removes its write mode which has been obsoleted by CopyBind.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 03:22:20 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							0340c67995 
							
						 
					 
					
						
						
							
							app: port passwd and group files to copy  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m41s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 03:19:06 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							72b0160aad 
							
						 
					 
					
						
						
							
							helper/bwrap: implement file copy flags  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m42s 
				
			 
		
		
	 
 
	 
						
						These are significantly more efficient and less error-prone than mounting an external tmpfile. This should also reduce attack surface as the resulting files are private to its specific sandbox.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 03:13:15 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ea8d1c07df 
							
						 
					 
					
						
						
							
							priv/shim: move /sbin/init setup to app  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m36s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 03:06:10 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							a0062d8275 
							
						 
					 
					
						
						
							
							fmsg: resume on exit  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 47s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m32s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 02:22:09 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							43d2e4f5d7 
							
						 
					 
					
						
						
							
							nix: sway increase resolution  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 50s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m46s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 02:21:24 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							be7d944b39 
							
						 
					 
					
						
						
							
							helper/bwrap: PositionalArg implement fmt.Stringer  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m28s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-15 00:11:48 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ace97952cc 
							
						 
					 
					
						
						
							
							helper/bwrap: merge Args and FDArgs  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m13s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m34s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 18:13:06 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							73146ea7fa 
							
						 
					 
					
						
						
							
							dbus: remove BwrapStatic method  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 54s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 8m20s 
				
			 
		
		
	 
 
	 
						
						This method does not do anything and is not called from anywhere. It also does not make any sense as a public interface since the argument builder is no longer stateless.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 18:09:59 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							88040504b2 
							
						 
					 
					
						
						
							
							helper/bwrap: remove fmsg import  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 57s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 8m13s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 18:05:00 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1fd571d561 
							
						 
					 
					
						
						
							
							cmd/fsu: check parse behaviour  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Run NixOS test (push) Successful in 10m33s 
				
			 
		
			
				
	Test / Create distribution (push) Successful in 1m8s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 16:43:55 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							be30e2f11e 
							
						 
					 
					
						
						
							
							cmd/fsu: revert offset in error message  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 51s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m39s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 15:31:39 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							aaebb8f3ab 
							
						 
					 
					
						
						
							
							fortify: check print behaviour  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m10s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m59s 
				
			 
		
		
	 
 
	 
						
						These output are supposed to be deterministic, so checking them is a good way to catch regressions.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 14:44:28 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1f74b636d3 
							
						 
					 
					
						
						
							
							state/join: use Join method when available  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m4s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m11s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 14:11:02 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e431ab3c24 
							
						 
					 
					
						
						
							
							app: check username length against LOGIN_NAME_MAX  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 49s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m46s 
				
			 
		
		
	 
 
	 
						
						This limit is arbitrary, but it's good to enforce it anyway.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 12:44:55 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3fba33687b 
							
						 
					 
					
						
						
							
							fortify: print line after ps output  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m43s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 9m18s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-14 12:23:20 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							820f48ef94 
							
						 
					 
					
						
						
							
							release: 0.2.13  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m56s 
				
			 
		
			
				
	Release / Create release (push) Successful in 2m9s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m38s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 23:45:54 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							fe7d208cf7 
							
						 
					 
					
						
						
							
							helper: use generic extra files interface  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m38s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m36s 
				
			 
		
		
	 
 
	 
						
						This replaces the pipes object and integrates context into helper process lifecycle.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 23:34:15 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							60c2873750 
							
						 
					 
					
						
						
							
							helper/proc: cancel ec on parent ctx  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m31s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m13s 
				
			 
		
		
	 
 
	 
						
						This allows errors written during a timeout to be received and handled.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 23:08:28 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							d1d20c06fb 
							
						 
					 
					
						
						
							
							helper/seccomp: use sync.Once for closeWrite  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m29s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m13s 
				
			 
		
		
	 
 
	 
						
						This makes the code much cleaner, and eliminates the intermittent ErrInvalid errors.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 22:49:16 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1e6a059668 
							
						 
					 
					
						
						
							
							helper/seccomp: benchmark exporter  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m44s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m32s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 22:37:51 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							318df0f7e1 
							
						 
					 
					
						
						
							
							nix: test syscall filter  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m30s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m17s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 22:01:16 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							58eb8f971d 
							
						 
					 
					
						
						
							
							proc/pipe: implement args and stat file  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m30s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m11s 
				
			 
		
		
	 
 
	 
						
						This is a generic implementation of helper/pipe.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 19:57:24 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							0a1d7c01cd 
							
						 
					 
					
						
						
							
							helper/proc: count dispatched errs  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m28s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m59s 
				
			 
		
		
	 
 
	 
						
						This helps debug implementation errors of [proc.File].
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 19:55:37 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							60ca1c6c55 
							
						 
					 
					
						
						
							
							helper/proc: store file addresses in linked list  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m28s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m5s 
				
			 
		
		
	 
 
	 
						
						Storing extra files as a slice requires the caller to allocate a large enough slice before initialising any file and never grow the slice.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 17:42:12 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							099da78af5 
							
						 
					 
					
						
						
							
							helper/seccomp: eliminate data race on pfd  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 2m10s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m50s 
				
			 
		
		
	 
 
	 
						
						Turns out the doc comment on os.File was lying about its methods being safe for concurrent use. The race detector picked up a data race from concurrent use of Fd and Close.
This change eliminates that by calling Fd in the prepare routine.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-13 10:40:51 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							18466cfd02 
							
						 
					 
					
						
						
							
							helper/proc: declare generic extra files interface  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m29s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m4s 
				
			 
		
		
	 
 
	 
						
						Helpers use extra files for various purposes. This provides a generic interface for implementing the fulfillment of these extra files without having to specifically handle them in the process creation code.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-11 16:34:47 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							e14923ae53 
							
						 
					 
					
						
						
							
							helper/proc: move package out of internal  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m32s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m6s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-08 13:03:45 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							7aff3ead3a 
							
						 
					 
					
						
						
							
							nix: vm test remove unnecessary setup  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m27s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m10s 
				
			 
		
		
	 
 
	 
						
						This step is no longer required as the NixOS module is responsible for home directory creation.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-07 22:29:56 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							72fb13dccc 
							
						 
					 
					
						
						
							
							dbus: lock for read in public args interface  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m27s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m2s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-07 13:42:29 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							a48386bd56 
							
						 
					 
					
						
						
							
							system/dbus: dump messages on early fault  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m27s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m14s 
				
			 
		
		
	 
 
	 
						
						In the current app implementation this gets dumped in the wait method after resuming output. Wait is never called in an early fault condition, so any error messages get lost.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-07 13:20:56 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							2e52191404 
							
						 
					 
					
						
						
							
							system/dbus: dump method prints msgbuf  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m27s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m1s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-07 13:16:54 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							568d7758d5 
							
						 
					 
					
						
						
							
							helper/seccomp: panic on invalid closeWrite use  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m46s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m39s 
				
			 
		
		
	 
 
	 
						
						Returning an error here puts exporter in an invalid state. The caller should guard against this condition instead.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-07 12:58:20 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							5b7b3fa9a4 
							
						 
					 
					
						
						
							
							helper/seccomp: implement reader interface via pipe  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m6s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 2m44s 
				
			 
		
		
	 
 
	 
						
						This also does not require the libc tmpfile call.
BPF programs emitted by libseccomp seems to be deterministic. The tests would catch regressions as it verifies the program against known good output backed by manual testing.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-03 19:43:03 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							d58fb8c6ee 
							
						 
					 
					
						
						
							
							workflows: fix nix store cache  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m13s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m0s 
				
			 
		
		
	 
 
	 
						
						Prefix does not seem to match correctly, this appears to be a Gitea implementation bug.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-02-01 21:16:13 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							5808fe61c3 
							
						 
					 
					
						
						
							
							nix: vm test set sway background  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 2m36s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 6m32s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-01-25 22:28:04 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f338d3bb4b 
							
						 
					 
					
						
						
							
							nix: update flake lock  
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 3m6s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 6m32s 
				
			 
		
		
	 
 
	 
						
						
					 
					
						2025-01-25 19:46:33 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							8d04dd72f1 
							
						 
					 
					
						
						
							
							nix: mount nvidia devices  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 1m43s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 3m33s 
				
			 
		
		
	 
 
	 
						
						These non-standard paths are required in the sandbox for nvidia drivers to work.
Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-01-25 18:05:18 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							21735a8abe 
							
						 
					 
					
						
						
							
							release: 0.2.12  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	Test / Create distribution (push) Successful in 2m25s 
				
			 
		
			
				
	Release / Create release (push) Successful in 4m6s 
				
			 
		
			
				
	Test / Run NixOS test (push) Successful in 4m49s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra <cat@gensokyo.uk> 
						
						
					 
					
						2025-01-25 13:40:48 +09:00