f443d315ad
helper: clean up interface
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m37s
Test / Fpkg (push) Successful in 3m40s
Test / Data race detector (push) Successful in 3m54s
Test / Flake checks (push) Successful in 59s
The helper interface was messy due to odd context acquisition order. That has changed, so this cleans it up.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-15 00:27:44 +09:00
9e18d1de77
helper/proc: pass extra files and start
...
Test / Create distribution (push) Successful in 28s
Test / Fortify (push) Successful in 2m41s
Test / Fpkg (push) Successful in 3m38s
Test / Data race detector (push) Successful in 3m53s
Test / Flake checks (push) Successful in 59s
For integration with native container tooling.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 23:23:57 +09:00
2647a71be1
seccomp: move out of helper
...
Test / Create distribution (push) Successful in 29s
Test / Fortify (push) Successful in 2m53s
Test / Fpkg (push) Successful in 4m0s
Test / Data race detector (push) Successful in 4m9s
Test / Flake checks (push) Successful in 59s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 22:42:40 +09:00
7c60a4d8e8
helper: embed context on creation
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m34s
Test / Fpkg (push) Successful in 3m22s
Test / Data race detector (push) Successful in 3m44s
Test / Flake checks (push) Successful in 49s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 18:30:22 +09:00
4bb5d9780f
ldd: run in native sandbox
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m22s
Test / Data race detector (push) Successful in 3m43s
Test / Flake checks (push) Successful in 48s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 17:55:55 +09:00
f41fd94628
sandbox: write uid/gid map as init
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m30s
Test / Fpkg (push) Successful in 3m21s
Test / Data race detector (push) Successful in 3m39s
Test / Flake checks (push) Successful in 48s
This avoids PR_SET_DUMPABLE in the parent process.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 17:42:22 +09:00
94895bbacb
sandbox: invert seccomp ruleset defaults
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m31s
Test / Fpkg (push) Successful in 3m20s
Test / Data race detector (push) Successful in 3m35s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 02:38:32 +09:00
f332200ca4
sandbox: mount container /dev
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m29s
Test / Fpkg (push) Successful in 3m26s
Test / Data race detector (push) Successful in 3m33s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 02:18:44 +09:00
2eff470091
sandbox/mount: pass custom tmpfs name
...
Test / Create distribution (push) Successful in 27s
Test / Fortify (push) Successful in 2m51s
Test / Data race detector (push) Successful in 3m53s
Test / Fpkg (push) Successful in 3m59s
Test / Flake checks (push) Successful in 55s
The tmpfs driver allows arbitrary fsname.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 02:12:35 +09:00
a092b042ab
sandbox: pass params to setup ops
...
Test / Create distribution (push) Successful in 20s
Test / Fortify (push) Successful in 2m5s
Test / Fpkg (push) Successful in 3m26s
Test / Data race detector (push) Successful in 3m49s
Test / Flake checks (push) Successful in 55s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 02:11:38 +09:00
e94b09d337
sandbox/mount: fix source flag path
...
Test / Create distribution (push) Successful in 20s
Test / Fortify (push) Successful in 2m6s
Test / Fpkg (push) Successful in 3m24s
Test / Data race detector (push) Successful in 3m56s
Test / Flake checks (push) Successful in 54s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 02:10:48 +09:00
5d9e669d97
sandbox: separate tmpfs function from op
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m34s
Test / Fpkg (push) Successful in 3m25s
Test / Data race detector (push) Successful in 3m32s
Test / Flake checks (push) Successful in 52s
This is useful in the implementation of various other ops.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 00:21:20 +09:00
f1002157a5
sandbox: separate bind mount function from op
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m33s
Test / Fpkg (push) Successful in 3m26s
Test / Data race detector (push) Successful in 3m36s
Test / Flake checks (push) Successful in 53s
This is useful in the implementation of various other ops.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-14 00:16:41 +09:00
4133b555ba
internal/app: rename init to init0
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m21s
Test / Data race detector (push) Successful in 3m40s
Test / Flake checks (push) Successful in 48s
This makes way for the new container init.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 21:57:54 +09:00
9b1a60b5c9
sandbox: native container tooling
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m28s
Test / Fpkg (push) Successful in 3m23s
Test / Data race detector (push) Successful in 3m35s
Test / Flake checks (push) Successful in 48s
This should eventually replace bwrap.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 21:36:26 +09:00
beb3918809
test: run go test under regular user
...
Test / Create distribution (push) Successful in 24s
Test / Fpkg (push) Successful in 32s
Test / Fortify (push) Successful in 2m16s
Test / Data race detector (push) Successful in 2m46s
Test / Flake checks (push) Successful in 54s
By default test vm commands run as root, this causes buildFHSEnv bwrap to cover some parts of /proc, making it impossible to mount proc in a mount namespace created under it. Running as a regular user gets around this issue.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 20:56:32 +09:00
2871426df2
test: print output of failed test
...
Test / Create distribution (push) Successful in 29s
Test / Fpkg (push) Successful in 36s
Test / Fortify (push) Successful in 2m21s
Test / Data race detector (push) Successful in 2m39s
Test / Flake checks (push) Successful in 53s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 16:40:15 +09:00
e048f31baa
internal: pull EINTR loop from stdlib
...
Test / Create distribution (push) Successful in 20s
Test / Fpkg (push) Successful in 35s
Test / Fortify (push) Successful in 37s
Test / Data race detector (push) Successful in 36s
Test / Flake checks (push) Successful in 57s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 00:42:38 +09:00
6af8b8859f
sandbox: read overflow ids
...
Test / Create distribution (push) Successful in 19s
Test / Fortify (push) Successful in 1m53s
Test / Fpkg (push) Successful in 3m7s
Test / Data race detector (push) Successful in 3m33s
Test / Flake checks (push) Successful in 54s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 00:41:37 +09:00
f38ba7e923
test/sandbox: bypass fields
...
Test / Create distribution (push) Successful in 27s
Test / Fortify (push) Successful in 2m33s
Test / Fpkg (push) Successful in 3m26s
Test / Data race detector (push) Successful in 3m44s
Test / Flake checks (push) Successful in 53s
A field is bypassed if it contains a single null byte. This will never appear in the text format so is safe to use.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-13 00:00:58 +09:00
d22145a392
ldd: handle musl static behaviour
...
Test / Create distribution (push) Successful in 28s
Test / Fortify (push) Successful in 2m36s
Test / Fpkg (push) Successful in 3m24s
Test / Data race detector (push) Successful in 3m32s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-12 23:29:43 +09:00
29c3f8becb
helper/seccomp: improve error handling
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m32s
Test / Fpkg (push) Successful in 3m18s
Test / Data race detector (push) Successful in 3m26s
Test / Flake checks (push) Successful in 47s
This passes both errno and libseccomp return value.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-12 15:52:48 +09:00
be16970e77
helper/seccomp: seccomp_load on negative fd
...
Test / Create distribution (push) Successful in 24s
Test / Fortify (push) Successful in 2m32s
Test / Fpkg (push) Successful in 3m23s
Test / Data race detector (push) Successful in 3m28s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-12 15:18:52 +09:00
df266527f1
test/sandbox/mount: work around nondeterminism
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m30s
Test / Fpkg (push) Successful in 3m20s
Test / Data race detector (push) Successful in 3m35s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-12 15:16:51 +09:00
c8ed7aae6e
nix: update flake lock
...
Test / Create distribution (push) Successful in 42s
Test / Fortify (push) Successful in 24m42s
Test / Data race detector (push) Successful in 25m3s
Test / Fpkg (push) Successful in 25m40s
Test / Flake checks (push) Successful in 1m43s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-10 18:38:14 +09:00
61e58aa14d
helper/proc: expose setup file
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m34s
Test / Fpkg (push) Successful in 3m29s
Test / Data race detector (push) Successful in 3m27s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-09 17:22:31 +09:00
9e15898c8f
internal/prctl: rename prctl wrappers
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m39s
Test / Data race detector (push) Successful in 3m29s
Test / Fpkg (push) Successful in 3m34s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-07 22:56:35 +09:00
f7bd6a5a41
test/sandbox: check seccomp outcome
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m40s
Test / Fpkg (push) Successful in 3m39s
Test / Data race detector (push) Successful in 3m44s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-04 13:30:16 +09:00
ea853e21d9
test/sandbox: check fs outcome
...
Test / Create distribution (push) Successful in 19s
Test / Fpkg (push) Successful in 33s
Test / Fortify (push) Successful in 35s
Test / Data race detector (push) Successful in 35s
Test / Flake checks (push) Successful in 52s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-03 01:02:09 +09:00
0bd9b9e8fe
test/sandbox: assert filesystem json
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m30s
Test / Data race detector (push) Successful in 3m30s
Test / Flake checks (push) Successful in 57s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-02 23:23:04 +09:00
39e32799b3
test/sandbox: compare filesystem hierarchy
...
Test / Create distribution (push) Successful in 27s
Test / Fortify (push) Successful in 2m34s
Test / Data race detector (push) Successful in 3m37s
Test / Fpkg (push) Successful in 3m41s
Test / Flake checks (push) Successful in 56s
For checking deterministic aspects of fs outcome.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-02 22:59:04 +09:00
9953768de5
test: rename session message identifier
...
Test / Create distribution (push) Successful in 26s
Test / Fpkg (push) Successful in 35s
Test / Fortify (push) Successful in 2m14s
Test / Data race detector (push) Successful in 2m36s
Test / Flake checks (push) Successful in 56s
Labelling this as sway is misleading.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-02 22:47:33 +09:00
0d3652b793
test/sandbox/assert: wrap printf
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m34s
Test / Data race detector (push) Successful in 3m30s
Test / Fpkg (push) Successful in 3m38s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-03-02 18:37:46 +09:00
d8e9d71f87
test/sandbox: check mount outcome
...
Test / Create distribution (push) Successful in 21s
Test / Fpkg (push) Successful in 32s
Test / Fortify (push) Successful in 35s
Test / Data race detector (push) Successful in 35s
Test / Flake checks (push) Successful in 49s
Do this at the beginning of the test for early failure.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-28 15:56:15 +09:00
558974b996
test/sandbox: assert mntent json
...
Test / Create distribution (push) Successful in 28s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m24s
Test / Data race detector (push) Successful in 3m25s
Test / Flake checks (push) Successful in 49s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-28 15:40:58 +09:00
4de4049713
test/sandbox: wrap libc getmntent
...
Test / Create distribution (push) Successful in 30s
Test / Fortify (push) Successful in 2m35s
Test / Data race detector (push) Successful in 3m23s
Test / Fpkg (push) Successful in 3m35s
Test / Flake checks (push) Successful in 50s
For checking mounts outcome.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-28 14:56:08 +09:00
2d4cabe786
nix: increase nixfmt max width
...
Test / Create distribution (push) Successful in 30s
Test / Fpkg (push) Successful in 36s
Test / Data race detector (push) Successful in 35s
Test / Fortify (push) Successful in 39s
Test / Flake checks (push) Successful in 50s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-28 14:43:46 +09:00
80f9b62d25
app: print comp values early
...
Test / Create distribution (push) Successful in 30s
Test / Fortify (push) Successful in 2m31s
Test / Fpkg (push) Successful in 3m27s
Test / Data race detector (push) Successful in 3m26s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 22:27:55 +09:00
673b648bd3
cmd/fpkg: call app in-process
...
Test / Create distribution (push) Successful in 28s
Test / Fortify (push) Successful in 2m31s
Test / Data race detector (push) Successful in 3m25s
Test / Fpkg (push) Successful in 3m29s
Test / Flake checks (push) Successful in 55s
Wrapping fortify is slow, painful and error-prone. Start apps in-process instead.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 19:51:44 +09:00
45ad788c6d
cmd/fsu: allow switch from fpkg
...
Test / Create distribution (push) Successful in 32s
Test / Fortify (push) Successful in 2m12s
Test / Data race detector (push) Successful in 2m30s
Test / Fpkg (push) Successful in 3m8s
Test / Flake checks (push) Successful in 49s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 19:42:28 +09:00
56539d8db5
fortify: move internal commands up
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m30s
Test / Data race detector (push) Successful in 3m27s
Test / Fpkg (push) Successful in 3m34s
Test / Flake checks (push) Successful in 52s
This improves readability.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 18:02:11 +09:00
840ceb615a
app: handle RunState errors
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m27s
Test / Data race detector (push) Successful in 3m24s
Test / Fpkg (push) Successful in 3m30s
Test / Flake checks (push) Successful in 52s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 17:36:14 +09:00
741d011543
fortify: configure seccomp logger early
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m27s
Test / Fpkg (push) Successful in 3m28s
Test / Data race detector (push) Successful in 3m27s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 17:19:36 +09:00
d050b3de25
app: define errors in a separate file
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 2m28s
Test / Data race detector (push) Successful in 3m25s
Test / Fpkg (push) Successful in 3m31s
Test / Flake checks (push) Successful in 52s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 17:12:02 +09:00
5de28800ad
test: verify fsu ppid check
...
Test / Create distribution (push) Successful in 27s
Test / Fpkg (push) Successful in 33s
Test / Fortify (push) Successful in 1m44s
Test / Data race detector (push) Successful in 2m8s
Test / Flake checks (push) Successful in 51s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 16:51:57 +09:00
8e50293ab7
test: remove sway process check
...
Test / Create distribution (push) Successful in 26s
Test / Fpkg (push) Successful in 34s
Test / Fortify (push) Successful in 1m50s
Test / Data race detector (push) Successful in 2m12s
Test / Flake checks (push) Successful in 54s
This eliminates the race where systemd restarts sway too quick.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 13:52:44 +09:00
12c6d66bfd
cmd/fpkg/test: nixos test fpkg install/start
...
Test / Create distribution (push) Successful in 27s
Test / Fortify (push) Successful in 2m33s
Test / Data race detector (push) Successful in 3m25s
Test / Fpkg (push) Successful in 38m26s
Test / Flake checks (push) Successful in 54s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 13:12:16 +09:00
d7d2bd33ed
cmd/fpkg/build: expose nixos configuration
...
Test / Create distribution (push) Successful in 26s
Test / Fortify (push) Successful in 36s
Test / Data race detector (push) Successful in 36s
Test / Flake checks (push) Successful in 44s
This should be used sparingly as the NixOS closure is in the bootstrap store which compresses rather poorly.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 12:31:18 +09:00
c21a4cff14
nix: wrap fpkg
...
Test / Create distribution (push) Successful in 26s
Test / Data race detector (push) Successful in 2m11s
Test / Fortify (push) Successful in 2m24s
Test / Flake checks (push) Successful in 42s
This is usable on nixos now due to the static build.
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 12:24:04 +09:00
4fa38d6063
cmd/fpkg: use fortify path from internal
...
Test / Create distribution (push) Successful in 25s
Test / Fortify (push) Successful in 2m28s
Test / Data race detector (push) Successful in 3m22s
Test / Flake checks (push) Successful in 43s
Signed-off-by: Ophestra <cat@gensokyo.uk>
2025-02-26 12:16:35 +09:00
