b3ef53b193 
							
						 
					 
					
						
						
							
							app: integrate security-context-v1  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 37s 
				
			 
		
		
	 
 
	 
						
						Should be able to get rid of XDG_RUNTIME_DIR share after this.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 04:25:33 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							8d0573405a 
							
						 
					 
					
						
						
							
							helper/bwrap: implement sync fd  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 38s 
				
			 
		
		
	 
 
	 
						
						This is required by wayland security-context-v1.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 04:21:37 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							38e92edb8e 
							
						 
					 
					
						
						
							
							system/wayland: integrate security-context-v1  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 37s 
				
			 
		
		
	 
 
	 
						
						Had to pass the sync fd through sys. The rest are just part of a standard Op.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 04:20:15 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							2d606b1f4b 
							
						 
					 
					
						
						
							
							wl: implement security-context-v1  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 38s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 04:15:13 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1b5b089c78 
							
						 
					 
					
						
						
							
							fortify: rename --dbus-id to --id  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 19s 
				
			 
		
		
	 
 
	 
						
						This value is no longer specific to D-Bus defaults.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 03:26:09 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6b8ddca7b4 
							
						 
					 
					
						
						
							
							nix: track nixos stable 24.11  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 25s 
				
			 
		
		
	 
 
	 
						
						Reduce rebuilds during development on my system.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-12-06 00:44:04 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							95668ac998 
							
						 
					 
					
						
						
							
							nix: expose no_new_session in module  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 14s 
				
			 
		
		
	 
 
	 
						
						Useful for shells and terminal programs like chat clients.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-28 00:19:06 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							b291f0b710 
							
						 
					 
					
						
						
							
							app: add nixos-based config test case  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-21 12:13:21 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3a20b149ce 
							
						 
					 
					
						
						
							
							update README document  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 26s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-21 11:22:34 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							30b8bce90a 
							
						 
					 
					
						
						
							
							fortify: zsh completion  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-20 01:25:19 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							de0d78daae 
							
						 
					 
					
						
						
							
							release: 0.2.1  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	release / release (push) Successful in 1m4s 
				
			 
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 21:03:50 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6bf33ce507 
							
						 
					 
					
						
						
							
							fortify: use resolved username  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 21:03:09 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							9faf3b3596 
							
						 
					 
					
						
						
							
							app: validate username  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 23s 
				
			 
		
		
	 
 
	 
						
						This value is used for passwd generation. Bad input can cause very confusing issues. This is not a security issue, however validation will improve user experience.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 21:01:41 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							d99c8b1fb4 
							
						 
					 
					
						
						
							
							release: 0.2.0  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	release / release (push) Successful in 44s 
				
			 
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 18:15:09 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6e4870775f 
							
						 
					 
					
						
						
							
							update README document  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 18:14:06 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							0a546885e3 
							
						 
					 
					
						
						
							
							nix: update options doc  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 18:12:35 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							653d69da0a 
							
						 
					 
					
						
						
							
							nix: module descriptions  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 18:10:57 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f8256137ae 
							
						 
					 
					
						
						
							
							nix: separate module options from implementation  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 25s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-19 17:08:22 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							54b47b0315 
							
						 
					 
					
						
						
							
							nix: copy pixmaps directory to share package  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 14:46:08 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ae2628e57a 
							
						 
					 
					
						
						
							
							cmd/fshim/ipc: install signal handler on shim start  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Getting killed at this point will result in inconsistent state.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 13:33:46 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							c026a4b5dc 
							
						 
					 
					
						
						
							
							fortify: permissive defaults resolve home directory from os  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						When starting with the permissive defaults "run" command, attempt to resolve home directory from os by default and fall back to /var/empty.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 13:01:07 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							748a0ae2c8 
							
						 
					 
					
						
						
							
							nix: wrap program from libexec  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						This avoids renaming the fortify binary.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 12:58:47 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							8f3f0c7bbf 
							
						 
					 
					
						
						
							
							nix: integrate dynamic users  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 02:49:48 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							05b7dbf066 
							
						 
					 
					
						
						
							
							app: alternative inner home path  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						Support binding home to an alternative path in the mount namespace.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-18 00:18:21 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							866270ff05 
							
						 
					 
					
						
						
							
							fmsg: add to wg prior to enqueue  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 27s 
				
			 
		
		
	 
 
	 
						
						Adding after channel write is racy.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-17 23:50:02 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							c1fad649e8 
							
						 
					 
					
						
						
							
							app/start: check for cleanup and abort condition  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						Dirty fix. Will rewrite after fsu integration complete.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-17 23:41:52 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							b5f01ef20b 
							
						 
					 
					
						
						
							
							app: append # for ChangeHosts message with numerical uid  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-17 23:40:37 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							2e23cef7bb 
							
						 
					 
					
						
						
							
							cmd/fuserdb: generate group entries  
						
						... 
						
						
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-17 23:31:06 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							6a6d30af1f 
							
						 
					 
					
						
						
							
							cmd/fuserdb: systemd userdb drop-in entries generator  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						This provides user records via nss-systemd. Static drop-in entries are generated to reduce complexity and attack surface.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-17 02:16:02 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							df33123bd7 
							
						 
					 
					
						
						
							
							app: integrate fsu  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						This removes the dependency on external user switchers like sudo/machinectl and decouples fortify user ids from the passwd database.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-16 21:19:45 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							1a09b55bd4 
							
						 
					 
					
						
						
							
							nix: remove portal paths from default  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 27s 
				
			 
		
		
	 
 
	 
						
						Despite presenting itself as a generic desktop integration interface, xdg-desktop portal is highly flatpak-centric and only supports flatpak and snap in practice. It is a significant attack surface to begin with as it is a privileged process which accepts input from unprivileged processes, and the lack of support for anything other than fortify also introduces various information leaks when exposed to fortify as it treats fortified programs as unsandboxed, privileged programs in many cases.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-10 22:24:17 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							9a13b311ac 
							
						 
					 
					
						
						
							
							app/config: rename map_real_uid from use_real_uid  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 19s 
				
			 
		
		
	 
 
	 
						
						This option only changes mapped uid in the user namespace.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-09 12:01:34 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							45fead18c3 
							
						 
					 
					
						
						
							
							cmd/fshim: set no_new_privs flag  
						
						... 
						
						
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-09 11:50:56 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							431aa32291 
							
						 
					 
					
						
						
							
							nix: remove absolute Exec paths  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 26s 
				
			 
		
		
	 
 
	 
						
						Absolute paths set for Exec causes the program to be launched as the privileged user.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-08 02:05:47 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3962705126 
							
						 
					 
					
						
						
							
							nix: keep fshim and finit names  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 14:59:28 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							ad80be721b 
							
						 
					 
					
						
						
							
							nix: improve start script  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 23s 
				
			 
		
		
	 
 
	 
						
						Zsh store path in shebang. Replace writeShellScript with writeScript since runtimeShell is not overridable.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 14:09:41 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							f831948bca 
							
						 
					 
					
						
						
							
							release: 0.1.0  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	release / release (push) Successful in 28s 
				
			 
		
			
				
	test / test (push) Successful in 21s 
				
			 
		
		
	 
 
	 
						
						This release significantly changes the command line interface, and updates the NixOS module to finally produce meaningful sandbox configuration.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 04:37:43 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							2e31b3d3a1 
							
						 
					 
					
						
						
							
							update README document  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 32s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 04:35:52 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							4d90e73366 
							
						 
					 
					
						
						
							
							nix: generate strict sandbox configuration  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 04:25:15 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							3dfc1fcd56 
							
						 
					 
					
						
						
							
							app: support full /dev access  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Also moved /dev/fortify to /fortify since it is impossible to create new directories in /dev from the init namespace and bind mounting its contents has undesirable side effects.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-06 03:49:39 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							89bafd0c22 
							
						 
					 
					
						
						
							
							fortify: root check before command handling  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-05 12:57:03 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							861bb1274f 
							
						 
					 
					
						
						
							
							fortify: override default usage function  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 23s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-05 00:12:31 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							714818c8aa 
							
						 
					 
					
						
						
							
							fortify: implement cleaner argument structure  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-05 00:07:36 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							69cc64ef56 
							
						 
					 
					
						
						
							
							linux: provide access to stdout  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 22s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 22:55:46 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							fc25ac2523 
							
						 
					 
					
						
						
							
							app: separate auto etc from permissive defaults  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 23s 
				
			 
		
		
	 
 
	 
						
						Populating /etc with symlinks is quite useful even outside the permissive defaults usage pattern.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 22:18:05 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							d909b1190a 
							
						 
					 
					
						
						
							
							app/config: UseRealUID as true in template  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						The template is based on a Chromium setup, which this workaround was created for.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 19:45:31 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							cfd05b10f1 
							
						 
					 
					
						
						
							
							release: 0.0.11  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	release / release (push) Successful in 28s 
				
			 
		
			
				
	test / test (push) Successful in 19s 
				
			 
		
		
	 
 
	 
						
						This will be the final release before major command line interface changes. This version is tagged as it contains many fixes that still impacts the permissive defaults usage pattern.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 13:46:47 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							aa067436a7 
							
						 
					 
					
						
						
							
							workflows: build all packages with full ldflags  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 13:43:57 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							d7df24c999 
							
						 
					 
					
						
						
							
							fmsg: drop messages when msgbuf is full during withhold  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 20s 
				
			 
		
		
	 
 
	 
						
						Logging functions are not expected to block. This change fixes multiple hangs where more than 64 messages are produced during withhold.
Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 12:56:19 +09:00 
						 
				 
			
				
					
						
					 
					
						
						
							
							
								
									
								
							
						
						
						
							
						
						
							88abcbe0b2 
							
						 
					 
					
						
						
							
							cmd/fsu: remove import of internal package  
						
						... 
						
						
	
		
			
	 
	
	
		
	
	
		
			
				
	test / test (push) Successful in 24s 
				
			 
		
		
	 
 
	 
						
						Signed-off-by: Ophestra Umiker <cat@ophivana.moe> 
						
						
					 
					
						2024-11-04 12:32:14 +09:00