release: 0.3.3

Signed-off-by: Ophestra <cat@gensokyo.uk>
test: check shim private dir cleanup
2025-12-15 20:34:45 +09:00 · 2025-12-15 20:30:19 +09:00 · 2025-12-15 12:57:06 +09:00 · 2025-12-15 12:38:39 +09:00 · 2025-12-15 12:32:46 +09:00 · 2025-12-15 12:29:32 +09:00
218 changed files with 10746 additions and 1484 deletions
--- a/.clang-format
+++ b/.clang-format
@@ -0,0 +1,2 @@
+ColumnLimit: 0
+IndentWidth: 4
--- a/.gitea/workflows/test.yml
+++ b/.gitea/workflows/test.yml
@@ -2,7 +2,6 @@ name: Test

 on:
  - push
-  - pull_request

 jobs:
  hakurei:
--- a/cmd/hakurei/command.go
+++ b/cmd/hakurei/command.go
@@ -11,21 +11,24 @@ import (
 	"strconv"
 	"sync"
 	"time"
-	_ "unsafe"
+	_ "unsafe" // for go:linkname

 	"hakurei.app/command"
 	"hakurei.app/container/check"
 	"hakurei.app/container/fhs"
 	"hakurei.app/hst"
-	"hakurei.app/internal"
+	"hakurei.app/internal/dbus"
 	"hakurei.app/internal/env"
+	"hakurei.app/internal/info"
 	"hakurei.app/internal/outcome"
 	"hakurei.app/message"
-	"hakurei.app/system/dbus"
 )

+// optionalErrorUnwrap calls [errors.Unwrap] and returns the resulting value
+// if it is not nil, or the original value if it is.
+//
 //go:linkname optionalErrorUnwrap hakurei.app/container.optionalErrorUnwrap
-func optionalErrorUnwrap(_ error) error
+func optionalErrorUnwrap(err error) error

 func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErrs, out io.Writer) command.Command {
 	var (
@@ -88,7 +91,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr

 			flagPrivateRuntime, flagPrivateTmpdir bool

-			flagWayland, flagX11, flagDBus, flagPulse bool
+			flagWayland, flagX11, flagDBus, flagPipeWire, flagPulse bool
 		)

 		c.NewCommand("run", "Configure and start a permissive container", func(args []string) error {
@@ -143,8 +146,8 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
 			if flagDBus {
 				et |= hst.EDBus
 			}
-			if flagPulse {
-				et |= hst.EPulse
+			if flagPipeWire || flagPulse {
+				et |= hst.EPipeWire
 			}

 			config := &hst.Config{
@@ -294,8 +297,10 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
 				"Enable direct connection to X11").
 			Flag(&flagDBus, "dbus", command.BoolFlag(false),
 				"Enable proxied connection to D-Bus").
+			Flag(&flagPipeWire, "pipewire", command.BoolFlag(false),
+				"Enable connection to PipeWire via SecurityContext").
 			Flag(&flagPulse, "pulse", command.BoolFlag(false),
-				"Enable direct connection to PulseAudio")
+				"Enable PulseAudio compatibility daemon")
 	}

 	{
@@ -350,7 +355,7 @@ func buildCommand(ctx context.Context, msg message.Msg, early *earlyHardeningErr
 		}).Flag(&flagShort, "short", command.BoolFlag(false), "Print instance id")
 	}

-	c.Command("version", "Display version information", func(args []string) error { fmt.Println(internal.Version()); return errSuccess })
+	c.Command("version", "Display version information", func(args []string) error { fmt.Println(info.Version()); return errSuccess })
 	c.Command("license", "Show full license text", func(args []string) error { fmt.Println(license); return errSuccess })
 	c.Command("template", "Produce a config template", func(args []string) error { encodeJSON(log.Fatal, os.Stdout, false, hst.Template()); return errSuccess })
 	c.Command("help", "Show this help message", func([]string) error { c.PrintHelp(); return errSuccess })
--- a/cmd/hakurei/command_test.go
+++ b/cmd/hakurei/command_test.go
@@ -36,7 +36,7 @@ Commands:
 		},
 		{
 			"run", []string{"run", "-h"}, `
-Usage:	hakurei run [-h | --help] [--dbus-config <value>] [--dbus-system <value>] [--mpris] [--dbus-log] [--id <value>] [-a <int>] [-g <value>] [-d <value>] [-u <value>] [--private-runtime] [--private-tmpdir] [--wayland] [-X] [--dbus] [--pulse] COMMAND [OPTIONS]
+Usage:	hakurei run [-h | --help] [--dbus-config <value>] [--dbus-system <value>] [--mpris] [--dbus-log] [--id <value>] [-a <int>] [-g <value>] [-d <value>] [-u <value>] [--private-runtime] [--private-tmpdir] [--wayland] [-X] [--dbus] [--pipewire] [--pulse] COMMAND [OPTIONS]

 Flags:
  -X	Enable direct connection to X11
@@ -58,12 +58,14 @@ Flags:
    	Reverse-DNS style Application identifier, leave empty to inherit instance identifier
  -mpris
    	Allow owning MPRIS D-Bus path, has no effect if custom config is available
+  -pipewire
+    	Enable connection to PipeWire via SecurityContext
  -private-runtime
    	Do not share XDG_RUNTIME_DIR between containers under the same identity
  -private-tmpdir
    	Do not share TMPDIR between containers under the same identity
  -pulse
-    	Enable direct connection to PulseAudio
+    	Enable PulseAudio compatibility daemon
  -u string
    	Passwd user name within sandbox (default "chronos")
  -wayland
--- a/cmd/hakurei/json_test.go
+++ b/cmd/hakurei/json_test.go
@@ -1,18 +1,13 @@
-package main_test
+package main

 import (
-	"io"
 	"reflect"
 	"strings"
 	"testing"
-	_ "unsafe"

 	"hakurei.app/container/stub"
 )

-//go:linkname decodeJSON hakurei.app/cmd/hakurei.decodeJSON
-func decodeJSON(fatal func(v ...any), op string, r io.Reader, v any)
-
 func TestDecodeJSON(t *testing.T) {
 	t.Parallel()

@@ -62,9 +57,6 @@ func TestDecodeJSON(t *testing.T) {
 	}
 }

-//go:linkname encodeJSON hakurei.app/cmd/hakurei.encodeJSON
-func encodeJSON(fatal func(v ...any), output io.Writer, short bool, v any)
-
 func TestEncodeJSON(t *testing.T) {
 	t.Parallel()

@@ -74,7 +66,7 @@ func TestEncodeJSON(t *testing.T) {
 		want string
 	}{
 		{"marshaler", errorJSONMarshaler{},
-			`cannot encode json for main_test.errorJSONMarshaler: unique error 3735928559 injected by the test suite`},
+			`cannot encode json for main.errorJSONMarshaler: unique error 3735928559 injected by the test suite`},
 		{"default", func() {},
 			`cannot write json: json: unsupported type: func()`},
 	}
--- a/cmd/hakurei/print.go
+++ b/cmd/hakurei/print.go
@@ -12,8 +12,6 @@ import (
 	"time"

 	"hakurei.app/hst"
-	"hakurei.app/internal"
-	"hakurei.app/internal/env"
 	"hakurei.app/internal/outcome"
 	"hakurei.app/internal/store"
 	"hakurei.app/message"
@@ -23,21 +21,19 @@ import (
 func printShowSystem(output io.Writer, short, flagJSON bool) {
 	t := newPrinter(output)
 	defer t.MustFlush()
-
-	info := &hst.Info{Version: internal.Version(), User: new(outcome.Hsu).MustID(nil)}
-	env.CopyPaths().Copy(&info.Paths, info.User)
+	hi := outcome.Info()

 	if flagJSON {
-		encodeJSON(log.Fatal, output, short, info)
+		encodeJSON(log.Fatal, output, short, hi)
 		return
 	}

-	t.Printf("Version:\t%s\n", info.Version)
-	t.Printf("User:\t%d\n", info.User)
-	t.Printf("TempDir:\t%s\n", info.TempDir)
-	t.Printf("SharePath:\t%s\n", info.SharePath)
-	t.Printf("RuntimePath:\t%s\n", info.RuntimePath)
-	t.Printf("RunDirPath:\t%s\n", info.RunDirPath)
+	t.Printf("Version:\t%s (libwayland %s)\n", hi.Version, hi.WaylandVersion)
+	t.Printf("User:\t%d\n", hi.User)
+	t.Printf("TempDir:\t%s\n", hi.TempDir)
+	t.Printf("SharePath:\t%s\n", hi.SharePath)
+	t.Printf("RuntimePath:\t%s\n", hi.RuntimePath)
+	t.Printf("RunDirPath:\t%s\n", hi.RunDirPath)
 }

 // printShowInstance writes a representation of [hst.State] or [hst.Config] to output.
@@ -90,12 +86,6 @@ func printShowInstance(
 		t.Printf(" Groups:\t%s\n", strings.Join(config.Groups, ", "))
 	}
 	if config.Container != nil {
-		if config.Container.Home != nil {
-			t.Printf(" Home:\t%s\n", config.Container.Home)
-		}
-		if config.Container.Hostname != "" {
-			t.Printf(" Hostname:\t%s\n", config.Container.Hostname)
-		}
 		flags := config.Container.Flags.String()

 		// this is included in the upper hst.Config struct but is relevant here
@@ -110,6 +100,12 @@ func printShowInstance(
 		}
 		t.Printf(" Flags:\t%s\n", flags)

+		if config.Container.Home != nil {
+			t.Printf(" Home:\t%s\n", config.Container.Home)
+		}
+		if config.Container.Hostname != "" {
+			t.Printf(" Hostname:\t%s\n", config.Container.Hostname)
+		}
 		if config.Container.Path != nil {
 			t.Printf(" Path:\t%s\n", config.Container.Path)
 		}
--- a/cmd/hakurei/print_test.go
+++ b/cmd/hakurei/print_test.go
@@ -32,7 +32,7 @@ var (
 		PID:     0xbeef,
 		ShimPID: 0xcafe,
 		Config: &hst.Config{
-			Enablements: hst.NewEnablements(hst.EWayland | hst.EPulse),
+			Enablements: hst.NewEnablements(hst.EWayland | hst.EPipeWire),
 			Identity:    1,
 			Container: &hst.ContainerConfig{
 				Shell: check.MustAbs("/bin/sh"),
@@ -62,11 +62,11 @@ func TestPrintShowInstance(t *testing.T) {
 		{"nil", nil, nil, false, false, "Error: invalid configuration!\n\n", false},
 		{"config", nil, hst.Template(), false, false, `App
 Identity:       9 (org.chromium.Chromium)
- Enablements:    wayland, dbus, pulseaudio
+ Enablements:    wayland, dbus, pipewire
 Groups:         video, dialout, plugdev
+ Flags:          multiarch, compat, devel, userns, net, abstract, tty, mapuid, device, runtime, tmpdir
 Home:           /data/data/org.chromium.Chromium
 Hostname:       localhost
- Flags:          multiarch, compat, devel, userns, net, abstract, tty, mapuid, device, runtime, tmpdir
 Path:           /run/current-system/sw/bin/chromium
 Arguments:      chromium --ignore-gpu-blocklist --disable-smooth-scrolling --enable-features=UseOzonePlatform --ozone-platform=wayland

@@ -159,11 +159,11 @@ Session bus

 App
 Identity:       9 (org.chromium.Chromium)
- Enablements:    wayland, dbus, pulseaudio
+ Enablements:    wayland, dbus, pipewire
 Groups:         video, dialout, plugdev
+ Flags:          multiarch, compat, devel, userns, net, abstract, tty, mapuid, device, runtime, tmpdir
 Home:           /data/data/org.chromium.Chromium
 Hostname:       localhost
- Flags:          multiarch, compat, devel, userns, net, abstract, tty, mapuid, device, runtime, tmpdir
 Path:           /run/current-system/sw/bin/chromium
 Arguments:      chromium --ignore-gpu-blocklist --disable-smooth-scrolling --enable-features=UseOzonePlatform --ozone-platform=wayland

@@ -215,7 +215,7 @@ App
  "enablements": {
    "wayland": true,
    "dbus": true,
-    "pulse": true
+    "pipewire": true
  },
  "session_bus": {
    "see": null,
@@ -366,7 +366,7 @@ App
  "enablements": {
    "wayland": true,
    "dbus": true,
-    "pulse": true
+    "pipewire": true
  },
  "session_bus": {
    "see": null,
@@ -564,7 +564,7 @@ func TestPrintPs(t *testing.T) {
    "enablements": {
      "wayland": true,
      "dbus": true,
-      "pulse": true
+      "pipewire": true
    },
    "session_bus": {
      "see": null,
@@ -715,7 +715,7 @@ func TestPrintPs(t *testing.T) {
    "shim_pid": 51966,
    "enablements": {
      "wayland": true,
-      "pulse": true
+      "pipewire": true
    },
    "identity": 1,
    "groups": null,
--- a/cmd/hpkg/build.nix
+++ b/cmd/hpkg/build.nix
@@ -45,7 +45,7 @@
  allow_wayland ? true,
  allow_x11 ? false,
  allow_dbus ? true,
-  allow_pulse ? true,
+  allow_audio ? true,
  gpu ? allow_wayland || allow_x11,
 }:

@@ -175,7 +175,7 @@ let
      wayland = allow_wayland;
      x11 = allow_x11;
      dbus = allow_dbus;
-      pulse = allow_pulse;
+      pipewire = allow_audio;
    };

    mesa = if gpu then mesaWrappers else null;
--- a/cmd/hpkg/proc.go
+++ b/cmd/hpkg/proc.go
@@ -10,11 +10,11 @@ import (
 	"os/exec"

 	"hakurei.app/hst"
-	"hakurei.app/internal"
+	"hakurei.app/internal/info"
 	"hakurei.app/message"
 )

-var hakureiPathVal = internal.MustHakureiPath().String()
+var hakureiPathVal = info.MustHakureiPath().String()

 func mustRunApp(ctx context.Context, msg message.Msg, config *hst.Config, beforeFail func()) {
 	var (
--- a/cmd/hpkg/test/default.nix
+++ b/cmd/hpkg/test/default.nix
@@ -1,5 +1,5 @@
 {
-  nixosTest,
+  testers,
  callPackage,

  system,
@@ -8,7 +8,7 @@
 let
  buildPackage = self.buildPackage.${system};
 in
-nixosTest {
+testers.nixosTest {
  name = "hpkg";
  nodes.machine = {
    environment.etc = {
--- a/cmd/hpkg/test/test.py
+++ b/cmd/hpkg/test/test.py
@@ -90,13 +90,13 @@ wait_for_window("hakurei@machine-foot")
 machine.send_chars("clear; wayland-info && touch /tmp/success-client\n")
 machine.wait_for_file("/tmp/hakurei.0/tmpdir/2/success-client")
 collect_state_ui("app_wayland")
-check_state("foot", {"wayland": True, "dbus": True, "pulse": True})
+check_state("foot", {"wayland": True, "dbus": True, "pipewire": True})
 # Verify acl on XDG_RUNTIME_DIR:
-print(machine.succeed("getfacl --absolute-names --omit-header --numeric /run/user/1000 | grep 10002"))
+print(machine.succeed("getfacl --absolute-names --omit-header --numeric /tmp/hakurei.0/runtime | grep 10002"))
 machine.send_chars("exit\n")
 machine.wait_until_fails("pgrep foot")
 # Verify acl cleanup on XDG_RUNTIME_DIR:
-machine.wait_until_fails("getfacl --absolute-names --omit-header --numeric /run/user/1000 | grep 10002")
+machine.wait_until_fails("getfacl --absolute-names --omit-header --numeric /tmp/hakurei.0/runtime | grep 10002")

 # Exit Sway and verify process exit status 0:
 swaymsg("exit", succeed=False)
@@ -107,4 +107,4 @@ print(machine.succeed("find /tmp/hakurei.0 "
    + "-path '/tmp/hakurei.0/runtime/*/*' -prune -o "
    + "-path '/tmp/hakurei.0/tmpdir/*/*' -prune -o "
    + "-print"))
-print(machine.succeed("find /run/user/1000/hakurei"))
+print(machine.fail("ls /run/user/1000/hakurei"))
--- a/container/autoetc.go
+++ b/container/autoetc.go
@@ -59,6 +59,7 @@ func (e *AutoEtcOp) apply(state *setupState, k syscallDispatcher) error {

 	return nil
 }
+func (e *AutoEtcOp) late(*setupState, syscallDispatcher) error { return nil }

 func (e *AutoEtcOp) hostPath() *check.Absolute { return fhs.AbsEtc.Append(e.hostRel()) }
 func (e *AutoEtcOp) hostRel() string           { return ".host/" + e.Prefix }
--- a/container/autoroot.go
+++ b/container/autoroot.go
@@ -69,6 +69,7 @@ func (r *AutoRootOp) apply(state *setupState, k syscallDispatcher) error {
 	}
 	return nil
 }
+func (r *AutoRootOp) late(*setupState, syscallDispatcher) error { return nil }

 func (r *AutoRootOp) Is(op Op) bool {
 	vr, ok := op.(*AutoRootOp)
--- a/container/autoroot_test.go
+++ b/container/autoroot_test.go
@@ -202,7 +202,7 @@ func TestIsAutoRootBindable(t *testing.T) {
 			t.Parallel()
 			var msg message.Msg
 			if tc.log {
-				msg = &kstub{nil, stub.New(t, func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { panic("unreachable") }, stub.Expect{Calls: []stub.Call{
+				msg = &kstub{nil, nil, stub.New(t, func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { panic("unreachable") }, stub.Expect{Calls: []stub.Call{
 					call("verbose", stub.ExpectArgs{[]any{"got unexpected root entry"}}, nil, nil),
 				}})}
 			}
--- a/container/check/absolute.go
+++ b/container/check/absolute.go
@@ -56,7 +56,7 @@ func NewAbs(pathname string) (*Absolute, error) {
 // MustAbs calls [NewAbs] and panics on error.
 func MustAbs(pathname string) *Absolute {
 	if a, err := NewAbs(pathname); err != nil {
-		panic(err.Error())
+		panic(err)
 	} else {
 		return a
 	}
--- a/container/check/absolute_test.go
+++ b/container/check/absolute_test.go
@@ -14,8 +14,10 @@ import (
 	. "hakurei.app/container/check"
 )

+// unsafeAbs returns check.Absolute on any string value.
+//
 //go:linkname unsafeAbs hakurei.app/container/check.unsafeAbs
-func unsafeAbs(_ string) *Absolute
+func unsafeAbs(pathname string) *Absolute

 func TestAbsoluteError(t *testing.T) {
 	t.Parallel()
@@ -82,9 +84,9 @@ func TestNewAbs(t *testing.T) {
 		t.Parallel()

 		defer func() {
-			wantPanic := `path "etc" is not absolute`
+			wantPanic := &AbsoluteError{Pathname: "etc"}

-			if r := recover(); r != wantPanic {
+			if r := recover(); !reflect.DeepEqual(r, wantPanic) {
 				t.Errorf("MustAbs: panic = %v; want %v", r, wantPanic)
 			}
 		}()
--- a/container/container_test.go
+++ b/container/container_test.go
@@ -21,6 +21,7 @@ import (
 	"hakurei.app/command"
 	"hakurei.app/container"
 	"hakurei.app/container/check"
+	"hakurei.app/container/fhs"
 	"hakurei.app/container/seccomp"
 	"hakurei.app/container/std"
 	"hakurei.app/container/vfs"
@@ -29,6 +30,45 @@ import (
 	"hakurei.app/message"
 )

+// Note: this package requires cgo, which is unavailable in the Go playground.
+func Example() {
+	// Must be called early if the current process starts containers.
+	container.TryArgv0(nil)
+
+	// Configure the container.
+	z := container.New(context.Background(), nil)
+	z.Hostname = "hakurei-example"
+	z.Proc(fhs.AbsProc).Dev(fhs.AbsDev, true)
+	z.Stdin, z.Stdout, z.Stderr = os.Stdin, os.Stdout, os.Stderr
+
+	// Bind / for demonstration.
+	z.Bind(fhs.AbsRoot, fhs.AbsRoot, 0)
+	if name, err := exec.LookPath("hostname"); err != nil {
+		panic(err)
+	} else {
+		z.Path = check.MustAbs(name)
+	}
+
+	// This completes the first stage of container setup and starts the container init process.
+	// The new process blocks until the Serve method is called.
+	if err := z.Start(); err != nil {
+		panic(err)
+	}
+
+	// This serves the setup payload to the container init process,
+	// starting the second stage of container setup.
+	if err := z.Serve(); err != nil {
+		panic(err)
+	}
+
+	// Must be called if the Start method succeeds.
+	if err := z.Wait(); err != nil {
+		panic(err)
+	}
+
+	// Output: hakurei-example
+}
+
 func TestStartError(t *testing.T) {
 	t.Parallel()

@@ -722,12 +762,14 @@ func TestMain(m *testing.M) {
 func helperNewContainerLibPaths(ctx context.Context, libPaths *[]*check.Absolute, args ...string) (c *container.Container) {
 	msg := message.New(nil)
 	msg.SwapVerbose(testing.Verbose())
+	executable := check.MustAbs(container.MustExecutable(msg))
+
 	c = container.NewCommand(ctx, msg, absHelperInnerPath, "helper", args...)
 	c.Env = append(c.Env, envDoCheck+"=1")
-	c.Bind(check.MustAbs(os.Args[0]), absHelperInnerPath, 0)
+	c.Bind(executable, absHelperInnerPath, 0)

 	// in case test has cgo enabled
-	if entries, err := ldd.Exec(ctx, msg, os.Args[0]); err != nil {
+	if entries, err := ldd.Resolve(ctx, msg, executable); err != nil {
 		log.Fatalf("ldd: %v", err)
 	} else {
 		*libPaths = ldd.Path(entries)
--- a/container/dispatcher_test.go
+++ b/container/dispatcher_test.go
@@ -162,7 +162,8 @@ func checkSimple(t *testing.T, fname string, testCases []simpleTestCase) {
 			t.Parallel()

 			wait4signal := make(chan struct{})
-			k := &kstub{wait4signal, stub.New(t, func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { return &kstub{wait4signal, s} }, tc.want)}
+			lockNotify := make(chan struct{})
+			k := &kstub{wait4signal, lockNotify, stub.New(t, func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { return &kstub{wait4signal, lockNotify, s} }, tc.want)}
 			defer stub.HandleExit(t)
 			if err := tc.f(k); !reflect.DeepEqual(err, tc.wantErr) {
 				t.Errorf("%s: error = %v, want %v", fname, err, tc.wantErr)
@@ -200,8 +201,8 @@ func checkOpBehaviour(t *testing.T, testCases []opBehaviourTestCase) {
 				t.Helper()
 				t.Parallel()

-				k := &kstub{nil, stub.New(t,
-					func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { return &kstub{nil, s} },
+				k := &kstub{nil, nil, stub.New(t,
+					func(s *stub.Stub[syscallDispatcher]) syscallDispatcher { return &kstub{nil, nil, s} },
 					stub.Expect{Calls: slices.Concat(tc.early, []stub.Call{{Name: stub.CallSeparator}}, tc.apply)},
 				)}
 				state := &setupState{Params: tc.params, Msg: k}
@@ -322,12 +323,19 @@ const (

 type kstub struct {
 	wait4signal chan struct{}
+	lockNotify  chan struct{}
 	*stub.Stub[syscallDispatcher]
 }

 func (k *kstub) new(f func(k syscallDispatcher)) { k.Helper(); k.New(f) }

-func (k *kstub) lockOSThread() { k.Helper(); k.Expects("lockOSThread") }
+func (k *kstub) lockOSThread() {
+	k.Helper()
+	expect := k.Expects("lockOSThread")
+	if k.lockNotify != nil && expect.Ret == magicWait4Signal {
+		<-k.lockNotify
+	}
+}

 func (k *kstub) setPtracer(pid uintptr) error {
 	k.Helper()
@@ -472,6 +480,10 @@ func (k *kstub) notify(c chan<- os.Signal, sig ...os.Signal) {
 		k.FailNow()
 	}

+	if k.lockNotify != nil && expect.Ret == magicWait4Signal {
+		defer close(k.lockNotify)
+	}
+
 	// export channel for external instrumentation
 	if chanf, ok := expect.Args[0].(func(c chan<- os.Signal)); ok && chanf != nil {
 		chanf(c)
@@ -759,7 +771,8 @@ func (k *kstub) checkMsg(msg message.Msg) {
 }

 func (k *kstub) GetLogger() *log.Logger { panic("unreachable") }
-func (k *kstub) IsVerbose() bool        { panic("unreachable") }
+
+func (k *kstub) IsVerbose() bool { k.Helper(); return k.Expects("isVerbose").Ret.(bool) }

 func (k *kstub) SwapVerbose(verbose bool) bool {
 	k.Helper()
--- a/container/errors.go
+++ b/container/errors.go
@@ -7,31 +7,36 @@ import (

 	"hakurei.app/container/check"
 	"hakurei.app/container/vfs"
+	"hakurei.app/message"
 )

 // messageFromError returns a printable error message for a supported concrete type.
-func messageFromError(err error) (string, bool) {
-	if m, ok := messagePrefixP[MountError]("cannot ", err); ok {
-		return m, ok
+func messageFromError(err error) (m string, ok bool) {
+	if m, ok = messagePrefixP[MountError]("cannot ", err); ok {
+		return
 	}
-	if m, ok := messagePrefixP[os.PathError]("cannot ", err); ok {
-		return m, ok
+	if m, ok = messagePrefixP[os.PathError]("cannot ", err); ok {
+		return
 	}
-	if m, ok := messagePrefixP[check.AbsoluteError]("", err); ok {
-		return m, ok
+	if m, ok = messagePrefixP[check.AbsoluteError](zeroString, err); ok {
+		return
 	}
-	if m, ok := messagePrefix[OpRepeatError]("", err); ok {
-		return m, ok
+	if m, ok = messagePrefix[OpRepeatError](zeroString, err); ok {
+		return
 	}
-	if m, ok := messagePrefix[OpStateError]("", err); ok {
-		return m, ok
+	if m, ok = messagePrefix[OpStateError](zeroString, err); ok {
+		return
 	}

-	if m, ok := messagePrefixP[vfs.DecoderError]("cannot ", err); ok {
-		return m, ok
+	if m, ok = messagePrefixP[vfs.DecoderError]("cannot ", err); ok {
+		return
 	}
-	if m, ok := messagePrefix[TmpfsSizeError]("", err); ok {
-		return m, ok
+	if m, ok = messagePrefix[TmpfsSizeError](zeroString, err); ok {
+		return
+	}
+
+	if m, ok = message.GetMessage(err); ok {
+		return
 	}

 	return zeroString, false
--- a/container/fhs/abs.go
+++ b/container/fhs/abs.go
@@ -8,8 +8,10 @@ import (

 /* constants in this file bypass abs check, be extremely careful when changing them! */

+// unsafeAbs returns check.Absolute on any string value.
+//
 //go:linkname unsafeAbs hakurei.app/container/check.unsafeAbs
-func unsafeAbs(_ string) *check.Absolute
+func unsafeAbs(pathname string) *check.Absolute

 var (
 	// AbsRoot is [Root] as [check.Absolute].
@@ -34,6 +36,8 @@ var (

 	// AbsDev is [Dev] as [check.Absolute].
 	AbsDev = unsafeAbs(Dev)
+	// AbsDevShm is [DevShm] as [check.Absolute].
+	AbsDevShm = unsafeAbs(DevShm)
 	// AbsProc is [Proc] as [check.Absolute].
 	AbsProc = unsafeAbs(Proc)
 	// AbsSys is [Sys] as [check.Absolute].
--- a/container/fhs/fhs.go
+++ b/container/fhs/fhs.go
@@ -29,6 +29,8 @@ const (

 	// Dev points to the root directory for device nodes.
 	Dev = "/dev/"
+	// DevShm is the place for POSIX shared memory segments, as created via shm_open(3).
+	DevShm = "/dev/shm/"
 	// Proc points to a virtual kernel file system exposing the process list and other functionality.
 	Proc = "/proc/"
 	// ProcSys points to a hierarchy below /proc/ that exposes a number of kernel tunables.
--- a/container/init.go
+++ b/container/init.go
@@ -1,6 +1,7 @@
 package container

 import (
+	"context"
 	"errors"
 	"fmt"
 	"log"
@@ -9,6 +10,8 @@ import (
 	"path"
 	"slices"
 	"strconv"
+	"sync"
+	"sync/atomic"
 	. "syscall"
 	"time"

@@ -18,24 +21,28 @@ import (
 )

 const (
-	/* intermediate tmpfs mount point
+	/* intermediateHostPath is the pathname of the intermediate tmpfs mount point.

-	this path might seem like a weird choice, however there are many good reasons to use it:
-	- the contents of this path is never exposed to the container:
-	  the tmpfs root established here effectively becomes anonymous after pivot_root
-	- it is safe to assume this path exists and is a directory:
-	  this program will not work correctly without a proper /proc and neither will most others
-	- this path belongs to the container init:
-	  the container init is not any more privileged or trusted than the rest of the container
-	- this path is only accessible by init and root:
-	  the container init sets SUID_DUMP_DISABLE and terminates if that fails;
+	This path might seem like a weird choice, however there are many good reasons to use it:
+	- The contents of this path is never exposed to the container:
+	  The tmpfs root established here effectively becomes anonymous after pivot_root.
+	- It is safe to assume this path exists and is a directory:
+	  This program will not work correctly without a proper /proc and neither will most others.
+	- This path belongs to the container init:
+	  The container init is not any more privileged or trusted than the rest of the container.
+	- This path is only accessible by init and root:
+	  The container init sets SUID_DUMP_DISABLE and terminates if that fails.

-	it should be noted that none of this should become relevant at any point since the resulting
-	intermediate root tmpfs should be effectively anonymous */
+	It should be noted that none of this should become relevant at any point since the resulting
+	intermediate root tmpfs should be effectively anonymous. */
 	intermediateHostPath = fhs.Proc + "self/fd"

-	// setup params file descriptor
+	// setupEnv is the name of the environment variable holding the string representation of
+	// the read end file descriptor of the setup params pipe.
 	setupEnv = "HAKUREI_SETUP"
+
+	// exitUnexpectedWait4 is the exit code if wait4 returns an unexpected errno.
+	exitUnexpectedWait4 = 2
 )

 type (
@@ -49,6 +56,8 @@ type (
 		early(state *setupState, k syscallDispatcher) error
 		// apply is called in intermediate root.
 		apply(state *setupState, k syscallDispatcher) error
+		// late is called right before starting the initial process.
+		late(state *setupState, k syscallDispatcher) error

 		// prefix returns a log message prefix, and whether this Op prints no identifying message on its own.
 		prefix() (string, bool)
@@ -61,11 +70,29 @@ type (
 	// setupState persists context between Ops.
 	setupState struct {
 		nonrepeatable uintptr
+
+		// Whether early reaping has concluded. Must only be accessed in the wait4 loop.
+		processConcluded bool
+		// Process to syscall.WaitStatus populated in the wait4 loop. Freed after early reaping concludes.
+		process map[int]WaitStatus
+		// Synchronises access to process.
+		processMu sync.RWMutex
+
 		*Params
+		context.Context
 		message.Msg
 	}
 )

+// terminated returns whether the specified pid has been reaped, and its
+// syscall.WaitStatus if it had. This is only usable by [Op].
+func (state *setupState) terminated(pid int) (wstatus WaitStatus, ok bool) {
+	state.processMu.RLock()
+	wstatus, ok = state.process[pid]
+	state.processMu.RUnlock()
+	return
+}
+
 // Grow grows the slice Ops points to using [slices.Grow].
 func (f *Ops) Grow(n int) { *f = slices.Grow(*f, n) }

@@ -180,7 +207,9 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 		k.fatalf(msg, "cannot make / rslave: %v", optionalErrorUnwrap(err))
 	}

-	state := &setupState{Params: &params.Params, Msg: msg}
+	ctx, cancel := context.WithCancel(context.Background())
+	state := &setupState{process: make(map[int]WaitStatus), Params: &params.Params, Msg: msg, Context: ctx}
+	defer cancel()

 	/* early is called right before pivot_root into intermediate root;
 	this step is mostly for gathering information that would otherwise be difficult to obtain
@@ -330,6 +359,97 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 	}
 	k.umask(oldmask)

+	// winfo represents an exited process from wait4.
+	type winfo struct {
+		wpid    int
+		wstatus WaitStatus
+	}
+
+	// info is closed as the wait4 thread terminates
+	// when there are no longer any processes left to reap
+	info := make(chan winfo, 1)
+
+	// whether initial process has started
+	var initialProcessStarted atomic.Bool
+
+	k.new(func(k syscallDispatcher) {
+		k.lockOSThread()
+
+	wait4:
+		var (
+			err     error
+			wpid    = -2
+			wstatus WaitStatus
+
+			// whether initial process has started
+			started bool
+		)
+
+		// keep going until no child process is left
+		for wpid != -1 {
+			if err != nil {
+				break
+			}
+
+			if wpid != -2 {
+				if !state.processConcluded {
+					state.processMu.Lock()
+					if state.process == nil {
+						// early reaping has already concluded at this point
+						state.processConcluded = true
+						info <- winfo{wpid, wstatus}
+					} else {
+						// initial process has not yet been created, and the
+						// info channel is not yet being received from
+						state.process[wpid] = wstatus
+					}
+					state.processMu.Unlock()
+				} else {
+					info <- winfo{wpid, wstatus}
+				}
+			}
+
+			if !started {
+				started = initialProcessStarted.Load()
+			}
+
+			err = EINTR
+			for errors.Is(err, EINTR) {
+				wpid, err = k.wait4(-1, &wstatus, 0, nil)
+			}
+		}
+
+		if !errors.Is(err, ECHILD) {
+			k.printf(msg, "unexpected wait4 response: %v", err)
+		} else if !started {
+			// initial process has not yet been reached and all daemons
+			// terminated or none were started in the first place
+			time.Sleep(500 * time.Microsecond)
+			goto wait4
+		}
+
+		close(info)
+	})
+
+	// called right before startup of initial process, all state changes to the
+	// current process is prohibited during late
+	for i, op := range *params.Ops {
+		// ops already checked during early setup
+		if err := op.late(state, k); err != nil {
+			if m, ok := messageFromError(err); ok {
+				k.fatal(msg, m)
+			} else if errors.Is(err, context.DeadlineExceeded) {
+				k.fatalf(msg, "%s deadline exceeded", op.String())
+			} else {
+				k.fatalf(msg, "cannot complete op at index %d: %v", i, err)
+			}
+		}
+	}
+	// early reaping has concluded, this must happen before initial process is created
+	state.processMu.Lock()
+	state.process = nil
+	state.processMu.Unlock()
+
 	if err := closeSetup(); err != nil {
 		k.fatalf(msg, "cannot close setup pipe: %v", err)
 	}
@@ -341,50 +461,11 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 	cmd.ExtraFiles = extraFiles
 	cmd.Dir = params.Dir.String()

-	msg.Verbosef("starting initial program %s", params.Path)
+	msg.Verbosef("starting initial process %s", params.Path)
 	if err := k.start(cmd); err != nil {
 		k.fatalf(msg, "%v", err)
 	}
-
-	type winfo struct {
-		wpid    int
-		wstatus WaitStatus
-	}
-
-	// info is closed as the wait4 thread terminates
-	// when there are no longer any processes left to reap
-	info := make(chan winfo, 1)
-
-	k.new(func(k syscallDispatcher) {
-		k.lockOSThread()
-
-		var (
-			err     error
-			wpid    = -2
-			wstatus WaitStatus
-		)
-
-		// keep going until no child process is left
-		for wpid != -1 {
-			if err != nil {
-				break
-			}
-
-			if wpid != -2 {
-				info <- winfo{wpid, wstatus}
-			}
-
-			err = EINTR
-			for errors.Is(err, EINTR) {
-				wpid, err = k.wait4(-1, &wstatus, 0, nil)
-			}
-		}
-		if !errors.Is(err, ECHILD) {
-			k.printf(msg, "unexpected wait4 response: %v", err)
-		}
-
-		close(info)
-	})
+	initialProcessStarted.Store(true)

 	// handle signals to dump withheld messages
 	sig := make(chan os.Signal, 2)
@@ -394,7 +475,7 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 	// closed after residualProcessTimeout has elapsed after initial process death
 	timeout := make(chan struct{})

-	r := 2
+	r := exitUnexpectedWait4
 	for {
 		select {
 		case s := <-sig:
@@ -426,6 +507,9 @@ func initEntrypoint(k syscallDispatcher, msg message.Msg) {
 			}

 			if w.wpid == cmd.Process.Pid {
+				// cancel Op context early
+				cancel()
+
 				// start timeout early
 				go func() { time.Sleep(params.AdoptWaitDelay); close(timeout) }()

--- a/container/init_test.go
+++ b/container/init_test.go
@@ -1983,11 +1983,20 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(13)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, nil, stub.UniqueError(12)),
 				call("fatalf", stub.ExpectArgs{"%v", []any{stub.UniqueError(12)}}, nil, nil),
 			},
+
+			/* wait4 */
+			Tracks: []stub.Expect{{Calls: []stub.Call{
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),
+
+				// this terminates the goroutine at the call, preventing it from leaking while preserving behaviour
+				call("wait4", stub.ExpectArgs{-1, nil, 0, nil, stub.PanicExit}, 0, syscall.ECHILD),
+			}}},
 		}, nil},

 		{"lowlastcap signaled cancel forward error", func(k *kstub) error { initEntrypoint(k, k); return nil }, stub.Expect{
@@ -2062,11 +2071,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(10)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- CancelSignal }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- CancelSignal }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbose", stub.ExpectArgs{[]any{"forwarding context cancellation"}}, nil, nil),
 				// magicWait4Signal as ret causes wait4 stub to unblock
 				call("signal", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent", os.Interrupt}, magicWait4Signal, stub.UniqueError(9)),
@@ -2081,7 +2090,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				// magicWait4Signal as args[4] causes this to block until simulated signal is delivered
 				call("wait4", stub.ExpectArgs{-1, syscall.WaitStatus(0xfade01ce), 0, nil, magicWait4Signal}, 0xbad, nil),
@@ -2162,11 +2171,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(7)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- syscall.SIGQUIT }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- syscall.SIGQUIT }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbosef", stub.ExpectArgs{"got %s, forwarding to initial process", []any{"quit"}}, nil, nil),
 				// magicWait4Signal as ret causes wait4 stub to unblock
 				call("signal", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent", syscall.SIGQUIT}, magicWait4Signal, stub.UniqueError(0xfe)),
@@ -2181,7 +2190,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				// magicWait4Signal as args[4] causes this to block until simulated signal is delivered
 				call("wait4", stub.ExpectArgs{-1, syscall.WaitStatus(0xfade01ce), 0, nil, magicWait4Signal}, 0xbad, nil),
@@ -2262,11 +2271,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(7)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- os.Interrupt }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{func(c chan<- os.Signal) { c <- os.Interrupt }, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbosef", stub.ExpectArgs{"got %s", []any{"interrupt"}}, nil, nil),
 				call("beforeExit", stub.ExpectArgs{}, nil, nil),
 				call("exit", stub.ExpectArgs{0}, nil, nil),
@@ -2274,7 +2283,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				// this terminates the goroutine at the call, preventing it from leaking while preserving behaviour
 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil, stub.PanicExit}, 0, syscall.ECHILD),
@@ -2353,11 +2362,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(5)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"initial process exited with signal %s", []any{syscall.Signal(0x4e)}}, nil, nil),
@@ -2368,7 +2377,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				call("wait4", stub.ExpectArgs{-1, syscall.WaitStatus(0xfade01ce), 0, nil}, 0xbad, nil),
 				// this terminates the goroutine at the call, preventing it from leaking while preserving behaviour
@@ -2448,11 +2457,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(3)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"initial process exited with signal %s", []any{syscall.Signal(0x4e)}}, nil, nil),
@@ -2462,7 +2471,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
@@ -2586,11 +2595,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(0x3a), "extra file 0"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(0x3b), "extra file 1"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(1)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/run/current-system/sw/bin/bash")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/run/current-system/sw/bin/bash", []string{"bash", "-c", "false"}, ([]string)(nil), "/.hakurei/nonexistent"}, &os.Process{Pid: 0xbad}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"initial process exited with code %d", []any{1}}, nil, nil),
@@ -2600,7 +2609,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
@@ -2728,11 +2737,11 @@ func TestInitEntrypoint(t *testing.T) {
 				call("newFile", stub.ExpectArgs{uintptr(11), "extra file 1"}, (*os.File)(nil), nil),
 				call("newFile", stub.ExpectArgs{uintptr(12), "extra file 2"}, (*os.File)(nil), nil),
 				call("umask", stub.ExpectArgs{022}, 0, nil),
+				call("New", stub.ExpectArgs{}, nil, nil),
 				call("fatalf", stub.ExpectArgs{"cannot close setup pipe: %v", []any{stub.UniqueError(0)}}, nil, nil),
 				call("verbosef", stub.ExpectArgs{"starting initial program %s", []any{check.MustAbs("/bin/zsh")}}, nil, nil),
 				call("start", stub.ExpectArgs{"/bin/zsh", []string{"zsh", "-c", "exec vim"}, []string{"DISPLAY=:0"}, "/.hakurei"}, &os.Process{Pid: 0xcafe}, nil),
-				call("New", stub.ExpectArgs{}, nil, nil),
-				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, nil, nil),
+				call("notify", stub.ExpectArgs{nil, []os.Signal{CancelSignal, os.Interrupt, syscall.SIGTERM, syscall.SIGQUIT}}, magicWait4Signal, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
 				call("verbose", stub.ExpectArgs{[]any{os.ErrInvalid.Error()}}, nil, nil),
@@ -2743,7 +2752,7 @@ func TestInitEntrypoint(t *testing.T) {

 			/* wait4 */
 			Tracks: []stub.Expect{{Calls: []stub.Call{
-				call("lockOSThread", stub.ExpectArgs{}, nil, nil),
+				call("lockOSThread", stub.ExpectArgs{}, magicWait4Signal, nil),

 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
 				call("wait4", stub.ExpectArgs{-1, nil, 0, nil}, 0, syscall.EINTR),
--- a/container/initbind.go
+++ b/container/initbind.go
@@ -90,6 +90,7 @@ func (b *BindMountOp) apply(state *setupState, k syscallDispatcher) error {
 	}
 	return k.bindMount(state, source, target, flags)
 }
+func (b *BindMountOp) late(*setupState, syscallDispatcher) error { return nil }

 func (b *BindMountOp) Is(op Op) bool {
 	vb, ok := op.(*BindMountOp)
--- a/container/initdaemon.go
+++ b/container/initdaemon.go
@@ -0,0 +1,134 @@
+package container
+
+import (
+	"context"
+	"encoding/gob"
+	"errors"
+	"fmt"
+	"os"
+	"os/exec"
+	"slices"
+	"strconv"
+	"syscall"
+	"time"
+
+	"hakurei.app/container/check"
+	"hakurei.app/container/fhs"
+)
+
+func init() { gob.Register(new(DaemonOp)) }
+
+const (
+	// daemonTimeout is the duration a [DaemonOp] is allowed to block before the
+	// [DaemonOp.Target] marker becomes available.
+	daemonTimeout = 5 * time.Second
+)
+
+// Daemon appends an [Op] that starts a daemon in the container and blocks until
+// [DaemonOp.Target] appears.
+func (f *Ops) Daemon(target, path *check.Absolute, args ...string) *Ops {
+	*f = append(*f, &DaemonOp{target, path, args})
+	return f
+}
+
+// DaemonOp starts a daemon in the container and blocks until Target appears.
+type DaemonOp struct {
+	// Pathname indicating readiness of daemon.
+	Target *check.Absolute
+	// Absolute pathname passed to [exec.Cmd].
+	Path *check.Absolute
+	// Arguments (excl. first) passed to [exec.Cmd].
+	Args []string
+}
+
+// earlyTerminationError is returned by [DaemonOp] when a daemon terminates
+// before [DaemonOp.Target] appears.
+type earlyTerminationError struct {
+	// Returned by [DaemonOp.String].
+	op string
+	// Copied from wait4 loop.
+	wstatus syscall.WaitStatus
+}
+
+func (e *earlyTerminationError) Error() string {
+	res := ""
+	switch {
+	case e.wstatus.Exited():
+		res = "exit status " + strconv.Itoa(e.wstatus.ExitStatus())
+	case e.wstatus.Signaled():
+		res = "signal: " + e.wstatus.Signal().String()
+	case e.wstatus.Stopped():
+		res = "stop signal: " + e.wstatus.StopSignal().String()
+		if e.wstatus.StopSignal() == syscall.SIGTRAP && e.wstatus.TrapCause() != 0 {
+			res += " (trap " + strconv.Itoa(e.wstatus.TrapCause()) + ")"
+		}
+	case e.wstatus.Continued():
+		res = "continued"
+	}
+	if e.wstatus.CoreDump() {
+		res += " (core dumped)"
+	}
+	return res
+}
+
+func (e *earlyTerminationError) Message() string { return e.op + " " + e.Error() }
+
+func (d *DaemonOp) Valid() bool                                { return d != nil && d.Target != nil && d.Path != nil }
+func (d *DaemonOp) early(*setupState, syscallDispatcher) error { return nil }
+func (d *DaemonOp) apply(*setupState, syscallDispatcher) error { return nil }
+func (d *DaemonOp) late(state *setupState, k syscallDispatcher) error {
+	cmd := exec.CommandContext(state.Context, d.Path.String(), d.Args...)
+	cmd.Env = state.Env
+	cmd.Dir = fhs.Root
+	if state.IsVerbose() {
+		cmd.Stdout, cmd.Stderr = os.Stdout, os.Stderr
+	}
+	// WaitDelay: left unset because lifetime is bound by AdoptWaitDelay on cancellation
+	cmd.Cancel = func() error { return cmd.Process.Signal(syscall.SIGTERM) }
+
+	state.Verbosef("starting %s", d.String())
+	if err := k.start(cmd); err != nil {
+		return err
+	}
+
+	deadline := time.Now().Add(daemonTimeout)
+	var wstatusErr error
+
+	for {
+		if _, err := k.stat(d.Target.String()); err != nil {
+			if !errors.Is(err, os.ErrNotExist) {
+				_ = k.signal(cmd, os.Kill)
+				return err
+			}
+
+			if time.Now().After(deadline) {
+				_ = k.signal(cmd, os.Kill)
+				return context.DeadlineExceeded
+			}
+
+			if wstatusErr != nil {
+				return wstatusErr
+			}
+			if wstatus, ok := state.terminated(cmd.Process.Pid); ok {
+				// check once again: process could have satisfied Target between stat and the lookup
+				wstatusErr = &earlyTerminationError{d.String(), wstatus}
+				continue
+			}
+
+			time.Sleep(500 * time.Microsecond)
+			continue
+		}
+
+		state.Verbosef("daemon process %d ready", cmd.Process.Pid)
+		return nil
+	}
+}
+
+func (d *DaemonOp) Is(op Op) bool {
+	vd, ok := op.(*DaemonOp)
+	return ok && d.Valid() && vd.Valid() &&
+		d.Target.Is(vd.Target) && d.Path.Is(vd.Path) &&
+		slices.Equal(d.Args, vd.Args)
+}
+func (*DaemonOp) prefix() (string, bool) { return zeroString, false }
+func (d *DaemonOp) String() string       { return fmt.Sprintf("daemon providing %q", d.Target) }
--- a/container/initdaemon_test.go
+++ b/container/initdaemon_test.go
@@ -0,0 +1,127 @@
+package container
+
+import (
+	"os"
+	"testing"
+
+	"hakurei.app/container/check"
+	"hakurei.app/container/stub"
+	"hakurei.app/message"
+)
+
+func TestEarlyTerminationError(t *testing.T) {
+	t.Parallel()
+
+	testCases := []struct {
+		name string
+		err  error
+		want string
+		msg  string
+	}{
+		{"exited", &earlyTerminationError{
+			`daemon providing "/run/user/1971/pulse/native"`, 127 << 8,
+		}, "exit status 127", `daemon providing "/run/user/1971/pulse/native" exit status 127`},
+	}
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			t.Parallel()
+
+			if got := tc.err.Error(); got != tc.want {
+				t.Errorf("Error: %q, want %q", got, tc.want)
+			}
+			if got := tc.err.(message.Error).Message(); got != tc.msg {
+				t.Errorf("Message: %s, want %s", got, tc.msg)
+			}
+		})
+	}
+}
+
+func TestDaemonOp(t *testing.T) {
+	t.Parallel()
+
+	checkSimple(t, "DaemonOp.late", []simpleTestCase{
+		{"success", func(k *kstub) error {
+			state := setupState{Params: &Params{Env: []string{"\x00"}}, Context: t.Context(), Msg: k}
+			return (&DaemonOp{
+				Target: check.MustAbs("/run/user/1971/pulse/native"),
+				Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+				Args:   []string{"-v"},
+			}).late(&state, k)
+		}, stub.Expect{Calls: []stub.Call{
+			call("isVerbose", stub.ExpectArgs{}, true, nil),
+			call("verbosef", stub.ExpectArgs{"starting %s", []any{`daemon providing "/run/user/1971/pulse/native"`}}, nil, nil),
+			call("start", stub.ExpectArgs{"/run/current-system/sw/bin/pipewire-pulse", []string{"/run/current-system/sw/bin/pipewire-pulse", "-v"}, []string{"\x00"}, "/"}, &os.Process{Pid: 0xcafe}, nil),
+			call("stat", stub.ExpectArgs{"/run/user/1971/pulse/native"}, isDirFi(false), os.ErrNotExist),
+			call("stat", stub.ExpectArgs{"/run/user/1971/pulse/native"}, isDirFi(false), os.ErrNotExist),
+			call("stat", stub.ExpectArgs{"/run/user/1971/pulse/native"}, isDirFi(false), os.ErrNotExist),
+			call("stat", stub.ExpectArgs{"/run/user/1971/pulse/native"}, isDirFi(false), nil),
+			call("verbosef", stub.ExpectArgs{"daemon process %d ready", []any{0xcafe}}, nil, nil),
+		}}, nil},
+	})
+
+	checkOpsValid(t, []opValidTestCase{
+		{"nil", (*DaemonOp)(nil), false},
+		{"zero", new(DaemonOp), false},
+		{"valid", &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+			Args:   []string{"-v"},
+		}, true},
+	})
+
+	checkOpsBuilder(t, []opsBuilderTestCase{
+		{"pipewire-pulse", new(Ops).Daemon(
+			check.MustAbs("/run/user/1971/pulse/native"),
+			check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"), "-v",
+		), Ops{
+			&DaemonOp{
+				Target: check.MustAbs("/run/user/1971/pulse/native"),
+				Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+				Args:   []string{"-v"},
+			},
+		}},
+	})
+
+	checkOpIs(t, []opIsTestCase{
+		{"zero", new(DaemonOp), new(DaemonOp), false},
+
+		{"args differs", &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+			Args:   []string{"-v"},
+		}, &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, false},
+
+		{"path differs", &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire"),
+		}, &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, false},
+
+		{"target differs", &DaemonOp{
+			Target: check.MustAbs("/run/user/65534/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, false},
+
+		{"equals", &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+			Path:   check.MustAbs("/run/current-system/sw/bin/pipewire-pulse"),
+		}, true},
+	})
+
+	checkOpMeta(t, []opMetaTestCase{
+		{"pipewire-pulse", &DaemonOp{
+			Target: check.MustAbs("/run/user/1971/pulse/native"),
+		}, zeroString, `daemon providing "/run/user/1971/pulse/native"`},
+	})
+}
--- a/container/initdev.go
+++ b/container/initdev.go
@@ -126,6 +126,7 @@ func (d *MountDevOp) apply(state *setupState, k syscallDispatcher) error {
 	}
 	return k.mountTmpfs(SourceTmpfs, devShmPath, MS_NOSUID|MS_NODEV, 0, 01777)
 }
+func (d *MountDevOp) late(*setupState, syscallDispatcher) error { return nil }

 func (d *MountDevOp) Is(op Op) bool {
 	vd, ok := op.(*MountDevOp)
--- a/container/initmkdir.go
+++ b/container/initmkdir.go
@@ -27,6 +27,7 @@ func (m *MkdirOp) early(*setupState, syscallDispatcher) error { return nil }
 func (m *MkdirOp) apply(_ *setupState, k syscallDispatcher) error {
 	return k.mkdirAll(toSysroot(m.Path.String()), m.Perm)
 }
+func (m *MkdirOp) late(*setupState, syscallDispatcher) error { return nil }

 func (m *MkdirOp) Is(op Op) bool {
 	vm, ok := op.(*MkdirOp)
--- a/container/initoverlay.go
+++ b/container/initoverlay.go
@@ -205,6 +205,8 @@ func (o *MountOverlayOp) apply(state *setupState, k syscallDispatcher) error {
 	return k.mount(SourceOverlay, target, FstypeOverlay, 0, strings.Join(options, check.SpecialOverlayOption))
 }

+func (o *MountOverlayOp) late(*setupState, syscallDispatcher) error { return nil }
+
 func (o *MountOverlayOp) Is(op Op) bool {
 	vo, ok := op.(*MountOverlayOp)
 	return ok && o.Valid() && vo.Valid() &&
--- a/container/initplace.go
+++ b/container/initplace.go
@@ -57,6 +57,7 @@ func (t *TmpfileOp) apply(state *setupState, k syscallDispatcher) error {
 	}
 	return nil
 }
+func (t *TmpfileOp) late(*setupState, syscallDispatcher) error { return nil }

 func (t *TmpfileOp) Is(op Op) bool {
 	vt, ok := op.(*TmpfileOp)
--- a/container/initproc.go
+++ b/container/initproc.go
@@ -28,6 +28,7 @@ func (p *MountProcOp) apply(state *setupState, k syscallDispatcher) error {
 	}
 	return k.mount(SourceProc, target, FstypeProc, MS_NOSUID|MS_NOEXEC|MS_NODEV, zeroString)
 }
+func (p *MountProcOp) late(*setupState, syscallDispatcher) error { return nil }

 func (p *MountProcOp) Is(op Op) bool {
 	vp, ok := op.(*MountProcOp)
--- a/container/initremount.go
+++ b/container/initremount.go
@@ -26,6 +26,7 @@ func (*RemountOp) early(*setupState, syscallDispatcher) error { return nil }
 func (r *RemountOp) apply(state *setupState, k syscallDispatcher) error {
 	return k.remount(state, toSysroot(r.Target.String()), r.Flags)
 }
+func (r *RemountOp) late(*setupState, syscallDispatcher) error { return nil }

 func (r *RemountOp) Is(op Op) bool {
 	vr, ok := op.(*RemountOp)
--- a/container/initsymlink.go
+++ b/container/initsymlink.go
@@ -50,6 +50,8 @@ func (l *SymlinkOp) apply(state *setupState, k syscallDispatcher) error {
 	return k.symlink(l.LinkName, target)
 }

+func (l *SymlinkOp) late(*setupState, syscallDispatcher) error { return nil }
+
 func (l *SymlinkOp) Is(op Op) bool {
 	vl, ok := op.(*SymlinkOp)
 	return ok && l.Valid() && vl.Valid() &&
--- a/container/inittmpfs.go
+++ b/container/inittmpfs.go
@@ -48,6 +48,7 @@ func (t *MountTmpfsOp) apply(_ *setupState, k syscallDispatcher) error {
 	}
 	return k.mountTmpfs(t.FSName, toSysroot(t.Path.String()), t.Flags, t.Size, t.Perm)
 }
+func (t *MountTmpfsOp) late(*setupState, syscallDispatcher) error { return nil }

 func (t *MountTmpfsOp) Is(op Op) bool {
 	vt, ok := op.(*MountTmpfsOp)
--- a/container/seccomp/libseccomp-helper.c
+++ b/container/seccomp/libseccomp-helper.c
@@ -9,136 +9,130 @@

 #define LEN(arr) (sizeof(arr) / sizeof((arr)[0]))

-int32_t hakurei_scmp_make_filter(int *ret_p, uintptr_t allocate_p,
-                                 uint32_t arch, uint32_t multiarch,
-                                 struct hakurei_syscall_rule *rules,
-                                 size_t rules_sz, hakurei_export_flag flags) {
-  int i;
-  int last_allowed_family;
-  int disallowed;
-  struct hakurei_syscall_rule *rule;
-  void *buf;
-  size_t len = 0;
+int32_t hakurei_scmp_make_filter(
+    int *ret_p, uintptr_t allocate_p,
+    uint32_t arch, uint32_t multiarch,
+    struct hakurei_syscall_rule *rules,
+    size_t rules_sz, hakurei_export_flag flags) {
+    int i;
+    int last_allowed_family;
+    int disallowed;
+    struct hakurei_syscall_rule *rule;
+    void *buf;
+    size_t len = 0;

-  int32_t res = 0; /* refer to resPrefix for message */
+    int32_t res = 0; /* refer to resPrefix for message */

-  /* Blocklist all but unix, inet, inet6 and netlink */
-  struct {
-    int family;
-    hakurei_export_flag flags_mask;
-  } socket_family_allowlist[] = {
-      /* NOTE: Keep in numerical order */
-      {AF_UNSPEC, 0},
-      {AF_LOCAL, 0},
-      {AF_INET, 0},
-      {AF_INET6, 0},
-      {AF_NETLINK, 0},
-      {AF_CAN, HAKUREI_EXPORT_CAN},
-      {AF_BLUETOOTH, HAKUREI_EXPORT_BLUETOOTH},
-  };
+    /* Blocklist all but unix, inet, inet6 and netlink */
+    struct {
+        int family;
+        hakurei_export_flag flags_mask;
+    } socket_family_allowlist[] = {
+        /* NOTE: Keep in numerical order */
+        {AF_UNSPEC, 0},
+        {AF_LOCAL, 0},
+        {AF_INET, 0},
+        {AF_INET6, 0},
+        {AF_NETLINK, 0},
+        {AF_CAN, HAKUREI_EXPORT_CAN},
+        {AF_BLUETOOTH, HAKUREI_EXPORT_BLUETOOTH},
+    };

-  scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_ALLOW);
-  if (ctx == NULL) {
-    res = 1;
-    goto out;
-  } else
-    errno = 0;
-
-  /* We only really need to handle arches on multiarch systems.
-   * If only one arch is supported the default is fine */
-  if (arch != 0) {
-    /* This *adds* the target arch, instead of replacing the
-     * native one. This is not ideal, because we'd like to only
-     * allow the target arch, but we can't really disallow the
-     * native arch at this point, because then bubblewrap
-     * couldn't continue running. */
-    *ret_p = seccomp_arch_add(ctx, arch);
-    if (*ret_p < 0 && *ret_p != -EEXIST) {
-      res = 2;
-      goto out;
-    }
-
-    if (flags & HAKUREI_EXPORT_MULTIARCH && multiarch != 0) {
-      *ret_p = seccomp_arch_add(ctx, multiarch);
-      if (*ret_p < 0 && *ret_p != -EEXIST) {
-        res = 3;
+    scmp_filter_ctx ctx = seccomp_init(SCMP_ACT_ALLOW);
+    if (ctx == NULL) {
+        res = 1;
        goto out;
-      }
-    }
-  }
+    } else
+        errno = 0;

-  for (i = 0; i < rules_sz; i++) {
-    rule = &rules[i];
-    assert(rule->m_errno == EPERM || rule->m_errno == ENOSYS);
+    /* We only really need to handle arches on multiarch systems.
+     * If only one arch is supported the default is fine */
+    if (arch != 0) {
+        /* This *adds* the target arch, instead of replacing the
+         * native one. This is not ideal, because we'd like to only
+         * allow the target arch, but we can't really disallow the
+         * native arch at this point, because then bubblewrap
+         * couldn't continue running. */
+        *ret_p = seccomp_arch_add(ctx, arch);
+        if (*ret_p < 0 && *ret_p != -EEXIST) {
+            res = 2;
+            goto out;
+        }

-    if (rule->arg)
-      *ret_p = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(rule->m_errno),
-                                rule->syscall, 1, *rule->arg);
-    else
-      *ret_p = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(rule->m_errno),
-                                rule->syscall, 0);
-
-    if (*ret_p == -EFAULT) {
-      res = 4;
-      goto out;
-    } else if (*ret_p < 0) {
-      res = 5;
-      goto out;
-    }
-  }
-
-  /* Socket filtering doesn't work on e.g. i386, so ignore failures here
-   * However, we need to user seccomp_rule_add_exact to avoid libseccomp doing
-   * something else: https://github.com/seccomp/libseccomp/issues/8 */
-  last_allowed_family = -1;
-  for (i = 0; i < LEN(socket_family_allowlist); i++) {
-    if (socket_family_allowlist[i].flags_mask != 0 &&
-        (socket_family_allowlist[i].flags_mask & flags) !=
-            socket_family_allowlist[i].flags_mask)
-      continue;
-
-    for (disallowed = last_allowed_family + 1;
-         disallowed < socket_family_allowlist[i].family; disallowed++) {
-      /* Blocklist the in-between valid families */
-      seccomp_rule_add_exact(ctx, SCMP_ACT_ERRNO(EAFNOSUPPORT),
-                             SCMP_SYS(socket), 1,
-                             SCMP_A0(SCMP_CMP_EQ, disallowed));
-    }
-    last_allowed_family = socket_family_allowlist[i].family;
-  }
-  /* Blocklist the rest */
-  seccomp_rule_add_exact(ctx, SCMP_ACT_ERRNO(EAFNOSUPPORT), SCMP_SYS(socket), 1,
-                         SCMP_A0(SCMP_CMP_GE, last_allowed_family + 1));
-
-  if (allocate_p == 0) {
-    *ret_p = seccomp_load(ctx);
-    if (*ret_p != 0) {
-      res = 7;
-      goto out;
-    }
-  } else {
-    *ret_p = seccomp_export_bpf_mem(ctx, NULL, &len);
-    if (*ret_p != 0) {
-      res = 6;
-      goto out;
+        if (flags & HAKUREI_EXPORT_MULTIARCH && multiarch != 0) {
+            *ret_p = seccomp_arch_add(ctx, multiarch);
+            if (*ret_p < 0 && *ret_p != -EEXIST) {
+                res = 3;
+                goto out;
+            }
+        }
    }

-    buf = hakurei_scmp_allocate(allocate_p, len);
-    if (buf == NULL) {
-      res = 4;
-      goto out;
+    for (i = 0; i < rules_sz; i++) {
+        rule = &rules[i];
+        assert(rule->m_errno == EPERM || rule->m_errno == ENOSYS);
+
+        if (rule->arg)
+            *ret_p = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(rule->m_errno), rule->syscall, 1, *rule->arg);
+        else
+            *ret_p = seccomp_rule_add(ctx, SCMP_ACT_ERRNO(rule->m_errno), rule->syscall, 0);
+
+        if (*ret_p == -EFAULT) {
+            res = 4;
+            goto out;
+        } else if (*ret_p < 0) {
+            res = 5;
+            goto out;
+        }
    }

-    *ret_p = seccomp_export_bpf_mem(ctx, buf, &len);
-    if (*ret_p != 0) {
-      res = 6;
-      goto out;
+    /* Socket filtering doesn't work on e.g. i386, so ignore failures here
+     * However, we need to user seccomp_rule_add_exact to avoid libseccomp doing
+     * something else: https://github.com/seccomp/libseccomp/issues/8 */
+    last_allowed_family = -1;
+    for (i = 0; i < LEN(socket_family_allowlist); i++) {
+        if (socket_family_allowlist[i].flags_mask != 0 &&
+            (socket_family_allowlist[i].flags_mask & flags) != socket_family_allowlist[i].flags_mask)
+            continue;
+
+        for (disallowed = last_allowed_family + 1; disallowed < socket_family_allowlist[i].family; disallowed++) {
+            /* Blocklist the in-between valid families */
+            seccomp_rule_add_exact(ctx, SCMP_ACT_ERRNO(EAFNOSUPPORT), SCMP_SYS(socket), 1, SCMP_A0(SCMP_CMP_EQ, disallowed));
+        }
+        last_allowed_family = socket_family_allowlist[i].family;
+    }
+    /* Blocklist the rest */
+    seccomp_rule_add_exact(ctx, SCMP_ACT_ERRNO(EAFNOSUPPORT), SCMP_SYS(socket), 1, SCMP_A0(SCMP_CMP_GE, last_allowed_family + 1));
+
+    if (allocate_p == 0) {
+        *ret_p = seccomp_load(ctx);
+        if (*ret_p != 0) {
+            res = 7;
+            goto out;
+        }
+    } else {
+        *ret_p = seccomp_export_bpf_mem(ctx, NULL, &len);
+        if (*ret_p != 0) {
+            res = 6;
+            goto out;
+        }
+
+        buf = hakurei_scmp_allocate(allocate_p, len);
+        if (buf == NULL) {
+            res = 4;
+            goto out;
+        }
+
+        *ret_p = seccomp_export_bpf_mem(ctx, buf, &len);
+        if (*ret_p != 0) {
+            res = 6;
+            goto out;
+        }
    }
-  }

 out:
-  if (ctx)
-    seccomp_release(ctx);
+    if (ctx)
+        seccomp_release(ctx);

-  return res;
+    return res;
 }
--- a/container/seccomp/libseccomp-helper.h
+++ b/container/seccomp/libseccomp-helper.h
@@ -1,25 +1,26 @@
 #include <seccomp.h>
 #include <stdint.h>

-#if (SCMP_VER_MAJOR < 2) || (SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR < 5) ||     \
+#if (SCMP_VER_MAJOR < 2) || (SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR < 5) || \
    (SCMP_VER_MAJOR == 2 && SCMP_VER_MINOR == 5 && SCMP_VER_MICRO < 1)
 #error This package requires libseccomp >= v2.5.1
 #endif

 typedef enum {
-  HAKUREI_EXPORT_MULTIARCH = 1 << 0,
-  HAKUREI_EXPORT_CAN = 1 << 1,
-  HAKUREI_EXPORT_BLUETOOTH = 1 << 2,
+    HAKUREI_EXPORT_MULTIARCH = 1 << 0,
+    HAKUREI_EXPORT_CAN = 1 << 1,
+    HAKUREI_EXPORT_BLUETOOTH = 1 << 2,
 } hakurei_export_flag;

 struct hakurei_syscall_rule {
-  int syscall;
-  int m_errno;
-  struct scmp_arg_cmp *arg;
+    int syscall;
+    int m_errno;
+    struct scmp_arg_cmp *arg;
 };

 extern void *hakurei_scmp_allocate(uintptr_t f, size_t len);
-int32_t hakurei_scmp_make_filter(int *ret_p, uintptr_t allocate_p,
-                                 uint32_t arch, uint32_t multiarch,
-                                 struct hakurei_syscall_rule *rules,
-                                 size_t rules_sz, hakurei_export_flag flags);
+int32_t hakurei_scmp_make_filter(
+    int *ret_p, uintptr_t allocate_p,
+    uint32_t arch, uint32_t multiarch,
+    struct hakurei_syscall_rule *rules,
+    size_t rules_sz, hakurei_export_flag flags);
--- a/container/stub/exit_test.go
+++ b/container/stub/exit_test.go
@@ -7,8 +7,10 @@ import (
 	"hakurei.app/container/stub"
 )

+// Made available here to check panic recovery behaviour.
+//
 //go:linkname handleExitNew hakurei.app/container/stub.handleExitNew
-func handleExitNew(_ testing.TB)
+func handleExitNew(t testing.TB)

 // overrideTFailNow overrides the Fail and FailNow method.
 type overrideTFailNow struct {
--- a/dist/comp/_hakurei
+++ b/dist/comp/_hakurei
@@ -17,7 +17,8 @@ _hakurei_run() {
    '--wayland[Enable connection to Wayland via security-context-v1]' \
    '-X[Enable direct connection to X11]' \
    '--dbus[Enable proxied connection to D-Bus]' \
-    '--pulse[Enable direct connection to PulseAudio]' \
+    '--pipewire[Enable connection to PipeWire via SecurityContext]' \
+    '--pulse[Enable PulseAudio compatibility daemon]' \
    '--dbus-config[Path to session bus proxy config file]: :_files -g "*.json"' \
    '--dbus-system[Path to system bus proxy config file]: :_files -g "*.json"' \
    '--mpris[Allow owning MPRIS D-Bus path]' \
--- a/dist/release.sh
+++ b/dist/release.sh
@@ -10,9 +10,9 @@ cp -rv "dist/comp" "${out}"

 go generate ./...
 go build -trimpath -v -o "${out}/bin/" -ldflags "-s -w -buildid= -extldflags '-static'
-  -X hakurei.app/internal.buildVersion=${VERSION}
-  -X hakurei.app/internal.hakureiPath=/usr/bin/hakurei
-  -X hakurei.app/internal.hsuPath=/usr/bin/hsu
+  -X hakurei.app/internal/info.buildVersion=${VERSION}
+  -X hakurei.app/internal/info.hakureiPath=/usr/bin/hakurei
+  -X hakurei.app/internal/info.hsuPath=/usr/bin/hsu
  -X main.hakureiPath=/usr/bin/hakurei" ./...

 rm -f "./${out}.tar.gz" && tar -C dist -czf "${out}.tar.gz" "${pname}"
--- a/flake.lock
+++ b/flake.lock
@@ -7,32 +7,32 @@
        ]
      },
      "locked": {
-        "lastModified": 1756679287,
-        "narHash": "sha256-Xd1vOeY9ccDf5VtVK12yM0FS6qqvfUop8UQlxEB+gTQ=",
+        "lastModified": 1765384171,
+        "narHash": "sha256-FuFtkJrW1Z7u+3lhzPRau69E0CNjADku1mLQQflUORo=",
        "owner": "nix-community",
        "repo": "home-manager",
-        "rev": "07fc025fe10487dd80f2ec694f1cd790e752d0e8",
+        "rev": "44777152652bc9eacf8876976fa72cc77ca8b9d8",
        "type": "github"
      },
      "original": {
        "owner": "nix-community",
-        "ref": "release-25.05",
+        "ref": "release-25.11",
        "repo": "home-manager",
        "type": "github"
      }
    },
    "nixpkgs": {
      "locked": {
-        "lastModified": 1757020766,
-        "narHash": "sha256-PLoSjHRa2bUbi1x9HoXgTx2AiuzNXs54c8omhadyvp0=",
+        "lastModified": 1765311797,
+        "narHash": "sha256-mSD5Ob7a+T2RNjvPvOA1dkJHGVrNVl8ZOrAwBjKBDQo=",
        "owner": "NixOS",
        "repo": "nixpkgs",
-        "rev": "fe83bbdde2ccdc2cb9573aa846abe8363f79a97a",
+        "rev": "09eb77e94fa25202af8f3e81ddc7353d9970ac1b",
        "type": "github"
      },
      "original": {
        "owner": "NixOS",
-        "ref": "nixos-25.05",
+        "ref": "nixos-25.11",
        "repo": "nixpkgs",
        "type": "github"
      }
--- a/flake.nix
+++ b/flake.nix
@@ -2,10 +2,10 @@
  description = "hakurei container tool and nixos module";

  inputs = {
-    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.05";
+    nixpkgs.url = "github:NixOS/nixpkgs/nixos-25.11";

    home-manager = {
-      url = "github:nix-community/home-manager/release-25.05";
+      url = "github:nix-community/home-manager/release-25.11";
      inputs.nixpkgs.follows = "nixpkgs";
    };
  };
@@ -114,7 +114,7 @@
            inherit (pkgs)
              # passthru.buildInputs
              go
-              gcc
+              clang

              # nativeBuildInputs
              pkg-config
@@ -129,6 +129,10 @@
              zstd
              gnutar
              coreutils
+
+              # for check
+              util-linux
+              nettools
              ;
          };
          hsu = pkgs.callPackage ./cmd/hsu/package.nix { inherit (self.packages.${system}) hakurei; };
@@ -144,7 +148,7 @@
                && chmod -R +w .

            export HAKUREI_VERSION="v${hakurei.version}"
-            ./dist/release.sh && mkdir $out && cp -v "dist/hakurei-$HAKUREI_VERSION.tar.gz"* $out
+            CC="clang -O3 -Werror" ./dist/release.sh && mkdir $out && cp -v "dist/hakurei-$HAKUREI_VERSION.tar.gz"* $out
          '';
        }
      );
@@ -181,13 +185,13 @@
                      hakurei =
                        let
                          # this is used for interactive vm testing during development, where tests might be broken
-                          package = self.packages.${pkgs.system}.hakurei.override {
+                          package = self.packages.${pkgs.stdenv.hostPlatform.system}.hakurei.override {
                            buildGoModule = previousArgs: pkgs.pkgsStatic.buildGoModule (previousArgs // { doCheck = false; });
                          };
                        in
                        {
                          inherit package;
-                          hsuPackage = self.packages.${pkgs.system}.hsu.override { hakurei = package; };
+                          hsuPackage = self.packages.${pkgs.stdenv.hostPlatform.system}.hsu.override { hakurei = package; };
                        };
                    };
                  }
--- a/helper/deprecated.go
+++ b/helper/deprecated.go
@@ -0,0 +1,73 @@
+// Package helper exposes the internal/helper package.
+//
+// Deprecated: This package will be removed in 0.4.
+package helper
+
+import (
+	"context"
+	"io"
+	"os"
+	"os/exec"
+	"time"
+	_ "unsafe" // for go:linkname
+
+	"hakurei.app/container"
+	"hakurei.app/container/check"
+	"hakurei.app/internal/helper"
+	"hakurei.app/message"
+)
+
+//go:linkname WaitDelay hakurei.app/internal/helper.WaitDelay
+var WaitDelay time.Duration
+
+const (
+	// HakureiHelper is set to 1 when args fd is enabled and 0 otherwise.
+	HakureiHelper = helper.HakureiHelper
+	// HakureiStatus is set to 1 when stat fd is enabled and 0 otherwise.
+	HakureiStatus = helper.HakureiStatus
+)
+
+type Helper = helper.Helper
+
+// NewCheckedArgs returns a checked null-terminated argument writer for a copy of args.
+//
+//go:linkname NewCheckedArgs hakurei.app/internal/helper.NewCheckedArgs
+func NewCheckedArgs(args ...string) (wt io.WriterTo, err error)
+
+// MustNewCheckedArgs returns a checked null-terminated argument writer for a copy of args.
+// If s contains a NUL byte this function panics instead of returning an error.
+//
+//go:linkname MustNewCheckedArgs hakurei.app/internal/helper.MustNewCheckedArgs
+func MustNewCheckedArgs(args ...string) io.WriterTo
+
+// NewDirect initialises a new direct Helper instance with wt as the null-terminated argument writer.
+// Function argF returns an array of arguments passed directly to the child process.
+//
+//go:linkname NewDirect hakurei.app/internal/helper.NewDirect
+func NewDirect(
+	ctx context.Context,
+	name string,
+	wt io.WriterTo,
+	stat bool,
+	argF func(argsFd, statFd int) []string,
+	cmdF func(cmd *exec.Cmd),
+	extraFiles []*os.File,
+) Helper
+
+// New initialises a Helper instance with wt as the null-terminated argument writer.
+//
+//go:linkname New hakurei.app/internal/helper.New
+func New(
+	ctx context.Context,
+	msg message.Msg,
+	pathname *check.Absolute, name string,
+	wt io.WriterTo,
+	stat bool,
+	argF func(argsFd, statFd int) []string,
+	cmdF func(z *container.Container),
+	extraFiles []*os.File,
+) Helper
+
+// InternalHelperStub is an internal function but exported because it is cross-package;
+// it is part of the implementation of the helper stub.
+func InternalHelperStub() { helper.InternalHelperStub() }
--- a/helper/proc/deprecated.go
+++ b/helper/proc/deprecated.go
@@ -0,0 +1,63 @@
+// Deprecated: This package will be removed in 0.4.
+package proc
+
+import (
+	"context"
+	"io"
+	"os"
+	"os/exec"
+	"time"
+	_ "unsafe" // for go:linkname
+
+	"hakurei.app/internal/helper/proc"
+)
+
+//go:linkname FulfillmentTimeout hakurei.app/internal/helper/proc.FulfillmentTimeout
+var FulfillmentTimeout time.Duration
+
+// A File is an extra file with deferred initialisation.
+type File = proc.File
+
+// ExtraFilesPre is a linked list storing addresses of [os.File].
+type ExtraFilesPre = proc.ExtraFilesPre
+
+// Fulfill calls the [File.Fulfill] method on all files, starts cmd and blocks until all fulfillment completes.
+//
+//go:linkname Fulfill hakurei.app/internal/helper/proc.Fulfill
+func Fulfill(ctx context.Context,
+	v *[]*os.File, start func() error,
+	files []File, extraFiles *ExtraFilesPre,
+) (err error)
+
+// InitFile initialises f as part of the slice extraFiles points to,
+// and returns its final fd value.
+//
+//go:linkname InitFile hakurei.app/internal/helper/proc.InitFile
+func InitFile(f File, extraFiles *ExtraFilesPre) (fd uintptr)
+
+// BaseFile implements the Init method of the File interface and provides indirect access to extra file state.
+type BaseFile = proc.BaseFile
+
+//go:linkname ExtraFile hakurei.app/internal/helper/proc.ExtraFile
+func ExtraFile(cmd *exec.Cmd, f *os.File) (fd uintptr)
+
+//go:linkname ExtraFileSlice hakurei.app/internal/helper/proc.ExtraFileSlice
+func ExtraFileSlice(extraFiles *[]*os.File, f *os.File) (fd uintptr)
+
+// NewWriterTo returns a [File] that receives content from wt on fulfillment.
+//
+//go:linkname NewWriterTo hakurei.app/internal/helper/proc.NewWriterTo
+func NewWriterTo(wt io.WriterTo) File
+
+// NewStat returns a [File] implementing the behaviour
+// of the receiving end of xdg-dbus-proxy stat fd.
+//
+//go:linkname NewStat hakurei.app/internal/helper/proc.NewStat
+func NewStat(s *io.Closer) File
+
+var (
+	//go:linkname ErrStatFault hakurei.app/internal/helper/proc.ErrStatFault
+	ErrStatFault error
+	//go:linkname ErrStatRead hakurei.app/internal/helper/proc.ErrStatRead
+	ErrStatRead error
+)
--- a/hst/config.go
+++ b/hst/config.go
@@ -23,9 +23,54 @@ type Config struct {
 	// System D-Bus proxy configuration.
 	// If set to nil, system bus proxy is disabled.
 	SystemBus *BusConfig `json:"system_bus,omitempty"`
+
 	// Direct access to wayland socket, no attempt is made to attach security-context-v1
 	// and the bare socket is made available to the container.
+	//
+	// This option is unsupported and most likely enables full control over the Wayland
+	// session. Do not set this to true unless you are sure you know what you are doing.
 	DirectWayland bool `json:"direct_wayland,omitempty"`
+	// Direct access to the PipeWire socket established via SecurityContext::Create, no
+	// attempt is made to start the pipewire-pulse server.
+	//
+	// The SecurityContext machinery is fatally flawed, it blindly sets read and execute
+	// bits on all objects for clients with the lowest achievable privilege level (by
+	// setting PW_KEY_ACCESS to "restricted"). This enables them to call any method
+	// targeting any object, and since Registry::Destroy checks for the read and execute bit,
+	// allows the destruction of any object other than PW_ID_CORE as well. This behaviour
+	// is implemented separately in media-session and wireplumber, with the wireplumber
+	// implementation in Lua via an embedded Lua vm. In all known setups, wireplumber is
+	// in use, and there is no known way to change its behaviour and set permissions
+	// differently without replacing the Lua script. Also, since PipeWire relies on these
+	// permissions to work, reducing them is not possible.
+	//
+	// Currently, the only other sandboxed use case is flatpak, which is not aware of
+	// PipeWire and blindly exposes the bare PulseAudio socket to the container (behaves
+	// like DirectPulse). This socket is backed by the pipewire-pulse compatibility daemon,
+	// which obtains client pid via the SO_PEERCRED option. The PipeWire daemon, pipewire-pulse
+	// daemon and the session manager daemon then separately performs the /.flatpak-info hack
+	// described in https://git.gensokyo.uk/security/hakurei/issues/21. Under such use case,
+	// since the client has no direct access to PipeWire, insecure parts of the protocol are
+	// obscured by pipewire-pulse simply not implementing them, and thus hiding the flaws
+	// described above.
+	//
+	// Hakurei does not rely on the /.flatpak-info hack. Instead, a socket is sets up via
+	// SecurityContext. A pipewire-pulse server connected through it achieves the same
+	// permissions as flatpak does via the /.flatpak-info hack and is maintained for the
+	// life of the container.
+	//
+	// This option is unsupported and enables a denial-of-service attack as the sandboxed
+	// client is able to destroy any client object and thus disconnecting them from PipeWire,
+	// or destroy the SecurityContext object preventing any further container creation.
+	// Do not set this to true, it is insecure under any configuration.
+	DirectPipeWire bool `json:"direct_pipewire,omitempty"`
+	// Direct access to PulseAudio socket, no attempt is made to establish pipewire-pulse
+	// server via a PipeWire socket with a SecurityContext attached and the bare socket
+	// is made available to the container.
+	//
+	// This option is unsupported and enables arbitrary code execution as the PulseAudio
+	// server. Do not set this to true, it is insecure under any configuration.
+	DirectPulse bool `json:"direct_pulse,omitempty"`

 	// Extra acl updates to perform before setuid.
 	ExtraPerms []ExtraPermConfig `json:"extra_perms,omitempty"`
@@ -49,6 +94,9 @@ var (

 	// ErrEnviron is returned by [Config.Validate] if an environment variable name contains '=' or NUL.
 	ErrEnviron = errors.New("invalid environment variable name")
+
+	// ErrInsecure is returned by [Config.Validate] if the configuration is considered insecure.
+	ErrInsecure = errors.New("configuration is insecure")
 )

 // Validate checks [Config] and returns [AppError] if an invalid value is encountered.
@@ -95,6 +143,11 @@ func (config *Config) Validate() error {
 		}
 	}

+	if et := config.Enablements.Unwrap(); !config.DirectPulse && et&EPulse != 0 {
+		return &AppError{Step: "validate configuration", Err: ErrInsecure,
+			Msg: "enablement PulseAudio is insecure and no longer supported"}
+	}
+
 	return nil
 }

--- a/hst/config_test.go
+++ b/hst/config_test.go
@@ -53,6 +53,12 @@ func TestConfigValidate(t *testing.T) {
 			Env:   map[string]string{"TERM\x00": ""},
 		}}, &hst.AppError{Step: "validate configuration", Err: hst.ErrEnviron,
 			Msg: `invalid environment variable "TERM\x00"`}},
+		{"insecure pulse", &hst.Config{Enablements: hst.NewEnablements(hst.EPulse), Container: &hst.ContainerConfig{
+			Home:  fhs.AbsTmp,
+			Shell: fhs.AbsTmp,
+			Path:  fhs.AbsTmp,
+		}}, &hst.AppError{Step: "validate configuration", Err: hst.ErrInsecure,
+			Msg: "enablement PulseAudio is insecure and no longer supported"}},
 		{"valid", &hst.Config{Container: &hst.ContainerConfig{
 			Home:  fhs.AbsTmp,
 			Shell: fhs.AbsTmp,
--- a/hst/enablement.go
+++ b/hst/enablement.go
@@ -17,6 +17,8 @@ const (
 	EX11
 	// EDBus enables the per-container xdg-dbus-proxy daemon.
 	EDBus
+	// EPipeWire exposes a pipewire pathname socket via SecurityContext.
+	EPipeWire
 	// EPulse copies the PulseAudio cookie to [hst.PrivateTmp] and exposes the PulseAudio socket.
 	EPulse

@@ -35,6 +37,8 @@ func (e Enablement) String() string {
 		return "x11"
 	case EDBus:
 		return "dbus"
+	case EPipeWire:
+		return "pipewire"
 	case EPulse:
 		return "pulseaudio"
 	default:
@@ -62,10 +66,11 @@ type Enablements Enablement

 // enablementsJSON is the [json] representation of [Enablements].
 type enablementsJSON = struct {
-	Wayland bool `json:"wayland,omitempty"`
-	X11     bool `json:"x11,omitempty"`
-	DBus    bool `json:"dbus,omitempty"`
-	Pulse   bool `json:"pulse,omitempty"`
+	Wayland  bool `json:"wayland,omitempty"`
+	X11      bool `json:"x11,omitempty"`
+	DBus     bool `json:"dbus,omitempty"`
+	PipeWire bool `json:"pipewire,omitempty"`
+	Pulse    bool `json:"pulse,omitempty"`
 }

 // Unwrap returns the underlying [Enablement].
@@ -81,10 +86,11 @@ func (e *Enablements) MarshalJSON() ([]byte, error) {
 		return nil, syscall.EINVAL
 	}
 	return json.Marshal(&enablementsJSON{
-		Wayland: Enablement(*e)&EWayland != 0,
-		X11:     Enablement(*e)&EX11 != 0,
-		DBus:    Enablement(*e)&EDBus != 0,
-		Pulse:   Enablement(*e)&EPulse != 0,
+		Wayland:  Enablement(*e)&EWayland != 0,
+		X11:      Enablement(*e)&EX11 != 0,
+		DBus:     Enablement(*e)&EDBus != 0,
+		PipeWire: Enablement(*e)&EPipeWire != 0,
+		Pulse:    Enablement(*e)&EPulse != 0,
 	})
 }

@@ -108,6 +114,9 @@ func (e *Enablements) UnmarshalJSON(data []byte) error {
 	if v.DBus {
 		ve |= EDBus
 	}
+	if v.PipeWire {
+		ve |= EPipeWire
+	}
 	if v.Pulse {
 		ve |= EPulse
 	}
--- a/hst/enablement_test.go
+++ b/hst/enablement_test.go
@@ -32,6 +32,7 @@ func TestEnablementString(t *testing.T) {
 		{hst.EWayland | hst.EDBus | hst.EPulse, "wayland, dbus, pulseaudio"},
 		{hst.EX11 | hst.EDBus | hst.EPulse, "x11, dbus, pulseaudio"},
 		{hst.EWayland | hst.EX11 | hst.EDBus | hst.EPulse, "wayland, x11, dbus, pulseaudio"},
+		{hst.EM - 1, "wayland, x11, dbus, pipewire, pulseaudio"},

 		{1 << 5, "e20"},
 		{1 << 6, "e40"},
@@ -62,8 +63,9 @@ func TestEnablements(t *testing.T) {
 		{"wayland", hst.NewEnablements(hst.EWayland), `{"wayland":true}`, `{"value":{"wayland":true},"magic":3236757504}`},
 		{"x11", hst.NewEnablements(hst.EX11), `{"x11":true}`, `{"value":{"x11":true},"magic":3236757504}`},
 		{"dbus", hst.NewEnablements(hst.EDBus), `{"dbus":true}`, `{"value":{"dbus":true},"magic":3236757504}`},
+		{"pipewire", hst.NewEnablements(hst.EPipeWire), `{"pipewire":true}`, `{"value":{"pipewire":true},"magic":3236757504}`},
 		{"pulse", hst.NewEnablements(hst.EPulse), `{"pulse":true}`, `{"value":{"pulse":true},"magic":3236757504}`},
-		{"all", hst.NewEnablements(hst.EWayland | hst.EX11 | hst.EDBus | hst.EPulse), `{"wayland":true,"x11":true,"dbus":true,"pulse":true}`, `{"value":{"wayland":true,"x11":true,"dbus":true,"pulse":true},"magic":3236757504}`},
+		{"all", hst.NewEnablements(hst.EM - 1), `{"wayland":true,"x11":true,"dbus":true,"pipewire":true,"pulse":true}`, `{"value":{"wayland":true,"x11":true,"dbus":true,"pipewire":true,"pulse":true},"magic":3236757504}`},
 	}

 	for _, tc := range testCases {
--- a/hst/fs.go
+++ b/hst/fs.go
@@ -45,6 +45,9 @@ type Ops interface {
 	Root(host *check.Absolute, flags int) Ops
 	// Etc appends an op that expands host /etc into a toplevel symlink mirror with /etc semantics.
 	Etc(host *check.Absolute, prefix string) Ops
+
+	// Daemon appends an op that starts a daemon in the container and blocks until target appears.
+	Daemon(target, path *check.Absolute, args ...string) Ops
 }

 // ApplyState holds the address of [Ops] and any relevant application state.
@@ -124,6 +127,12 @@ func (f *FilesystemConfigJSON) MarshalJSON() ([]byte, error) {
 			*FSLink
 		}{fsType{FilesystemLink}, cv}

+	case *FSDaemon:
+		v = &struct {
+			fsType
+			*FSDaemon
+		}{fsType{FilesystemDaemon}, cv}
+
 	default:
 		return nil, FSImplError{f.FilesystemConfig}
 	}
@@ -152,6 +161,9 @@ func (f *FilesystemConfigJSON) UnmarshalJSON(data []byte) error {
 	case FilesystemLink:
 		*f = FilesystemConfigJSON{new(FSLink)}

+	case FilesystemDaemon:
+		*f = FilesystemConfigJSON{new(FSDaemon)}
+
 	default:
 		return FSTypeError(t.Type)
 	}
--- a/hst/fs_test.go
+++ b/hst/fs_test.go
@@ -84,6 +84,16 @@ func TestFilesystemConfigJSON(t *testing.T) {
 		}, nil,
 			`{"type":"link","dst":"/run/current-system","linkname":"/run/current-system","dereference":true}`,
 			`{"fs":{"type":"link","dst":"/run/current-system","linkname":"/run/current-system","dereference":true},"magic":3236757504}`},
+
+		{"daemon", hst.FilesystemConfigJSON{
+			FilesystemConfig: &hst.FSDaemon{
+				Target: m("/run/user/1971/pulse/native"),
+				Exec:   m("/run/current-system/sw/bin/pipewire-pulse"),
+				Args:   []string{"-v"},
+			},
+		}, nil,
+			`{"type":"daemon","dst":"/run/user/1971/pulse/native","path":"/run/current-system/sw/bin/pipewire-pulse","args":["-v"]}`,
+			`{"fs":{"type":"daemon","dst":"/run/user/1971/pulse/native","path":"/run/current-system/sw/bin/pipewire-pulse","args":["-v"]},"magic":3236757504}`},
 	}

 	for _, tc := range testCases {
@@ -345,6 +355,10 @@ func (p opsAdapter) Etc(host *check.Absolute, prefix string) hst.Ops {
 	return opsAdapter{p.Ops.Etc(host, prefix)}
 }

+func (p opsAdapter) Daemon(target, path *check.Absolute, args ...string) hst.Ops {
+	return opsAdapter{p.Ops.Daemon(target, path, args...)}
+}
+
 func m(pathname string) *check.Absolute { return check.MustAbs(pathname) }
 func ms(pathnames ...string) []*check.Absolute {
 	as := make([]*check.Absolute, len(pathnames))
--- a/hst/fsdaemon.go
+++ b/hst/fsdaemon.go
@@ -0,0 +1,48 @@
+package hst
+
+import (
+	"encoding/gob"
+
+	"hakurei.app/container/check"
+)
+
+func init() { gob.Register(new(FSDaemon)) }
+
+// FilesystemDaemon is the type string of a daemon.
+const FilesystemDaemon = "daemon"
+
+// FSDaemon represents a daemon to be started in the container.
+type FSDaemon struct {
+	// Pathname indicating readiness of daemon.
+	Target *check.Absolute `json:"dst"`
+	// Absolute pathname to daemon executable file.
+	Exec *check.Absolute `json:"path"`
+	// Arguments (excl. first) passed to daemon.
+	Args []string `json:"args"`
+}
+
+func (d *FSDaemon) Valid() bool { return d != nil && d.Target != nil && d.Exec != nil }
+
+func (d *FSDaemon) Path() *check.Absolute {
+	if !d.Valid() {
+		return nil
+	}
+	return d.Target
+}
+
+func (d *FSDaemon) Host() []*check.Absolute { return nil }
+
+func (d *FSDaemon) Apply(z *ApplyState) {
+	if !d.Valid() {
+		return
+	}
+	z.Daemon(d.Target, d.Exec, d.Args...)
+}
+
+func (d *FSDaemon) String() string {
+	if !d.Valid() {
+		return "<invalid>"
+	}
+
+	return "daemon:" + d.Target.String()
+}
--- a/hst/fsdaemon_test.go
+++ b/hst/fsdaemon_test.go
@@ -0,0 +1,29 @@
+package hst_test
+
+import (
+	"testing"
+
+	"hakurei.app/container"
+	"hakurei.app/hst"
+)
+
+func TestFSDaemon(t *testing.T) {
+	t.Parallel()
+
+	checkFs(t, []fsTestCase{
+		{"nil", (*hst.FSDaemon)(nil), false, nil, nil, nil, "<invalid>"},
+		{"zero", new(hst.FSDaemon), false, nil, nil, nil, "<invalid>"},
+
+		{"pipewire-pulse", &hst.FSDaemon{
+			Target: m("/run/user/1971/pulse/native"),
+			Exec:   m("/run/current-system/sw/bin/pipewire-pulse"),
+			Args:   []string{"-v"},
+		}, true, container.Ops{
+			&container.DaemonOp{
+				Target: m("/run/user/1971/pulse/native"),
+				Path:   m("/run/current-system/sw/bin/pipewire-pulse"),
+				Args:   []string{"-v"},
+			},
+		}, m("/run/user/1971/pulse/native"), nil, `daemon:/run/user/1971/pulse/native`},
+	})
+}
--- a/hst/hst.go
+++ b/hst/hst.go
@@ -54,6 +54,9 @@ type Paths struct {

 // Info holds basic system information collected from the implementation.
 type Info struct {
+	// WaylandVersion is the libwayland value of WAYLAND_VERSION.
+	WaylandVersion string `json:"WAYLAND_VERSION"`
+
 	// Version is a hardcoded version string.
 	Version string `json:"version"`
 	// User is the userid according to hsu.
@@ -67,7 +70,7 @@ func Template() *Config {
 	return &Config{
 		ID: "org.chromium.Chromium",

-		Enablements: NewEnablements(EWayland | EDBus | EPulse),
+		Enablements: NewEnablements(EWayland | EDBus | EPipeWire),

 		SessionBus: &BusConfig{
 			See: nil,
@@ -89,7 +92,6 @@ func Template() *Config {
 			Log:       false,
 			Filter:    true,
 		},
-		DirectWayland: false,

 		ExtraPerms: []ExtraPermConfig{
 			{Path: fhs.AbsVarLib.Append("hakurei/u0"), Ensure: true, Execute: true},
--- a/hst/hst_test.go
+++ b/hst/hst_test.go
@@ -105,7 +105,7 @@ func TestTemplate(t *testing.T) {
 	"enablements": {
 		"wayland": true,
 		"dbus": true,
-		"pulse": true
+		"pipewire": true
 	},
 	"session_bus": {
 		"see": null,
--- a/hst/instance_test.go
+++ b/hst/instance_test.go
@@ -6,11 +6,13 @@ import (
 	"reflect"
 	"testing"
 	"time"
-	_ "unsafe"
+	_ "unsafe" // for go:linkname

 	"hakurei.app/hst"
 )

+// Made available here to check time encoding behaviour of [hst.ID].
+//
 //go:linkname newInstanceID hakurei.app/hst.newInstanceID
 func newInstanceID(id *hst.ID, p uint64) error

--- a/internal/acl/acl.go
+++ b/internal/acl/acl.go
--- a/internal/acl/acl_test.go
+++ b/internal/acl/acl_test.go
@@ -13,7 +13,7 @@ import (
 	"strconv"
 	"testing"

-	"hakurei.app/system/acl"
+	"hakurei.app/internal/acl"
 )

 const testFileName = "acl.test"
--- a/internal/acl/libacl-helper.c
+++ b/internal/acl/libacl-helper.c
@@ -0,0 +1,90 @@
+#include "libacl-helper.h"
+#include <acl/libacl.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <sys/acl.h>
+
+int hakurei_acl_update_file_by_uid(const char *path_p, uid_t uid,
+                                   acl_perm_t *perms, size_t plen) {
+    int ret;
+    bool v;
+    int i;
+    acl_t acl;
+    acl_entry_t entry;
+    acl_tag_t tag_type;
+    void *qualifier_p;
+    acl_permset_t permset;
+
+    ret = -1; /* acl_get_file */
+    acl = acl_get_file(path_p, ACL_TYPE_ACCESS);
+    if (acl == NULL)
+        goto out;
+
+    /* prune entries by uid */
+    for (i = acl_get_entry(acl, ACL_FIRST_ENTRY, &entry); i == 1;
+         i = acl_get_entry(acl, ACL_NEXT_ENTRY, &entry)) {
+        ret = -2; /* acl_get_tag_type */
+        if (acl_get_tag_type(entry, &tag_type) != 0)
+            goto out;
+        if (tag_type != ACL_USER)
+            continue;
+
+        ret = -3; /* acl_get_qualifier */
+        qualifier_p = acl_get_qualifier(entry);
+        if (qualifier_p == NULL)
+            goto out;
+        v = *(uid_t *)qualifier_p == uid;
+        acl_free(qualifier_p);
+
+        if (!v)
+            continue;
+
+        ret = -4; /* acl_delete_entry */
+        if (acl_delete_entry(acl, entry) != 0)
+            goto out;
+    }
+
+    if (plen == 0)
+        goto set;
+
+    ret = -5; /* acl_create_entry */
+    if (acl_create_entry(&acl, &entry) != 0)
+        goto out;
+
+    ret = -6; /* acl_get_permset */
+    if (acl_get_permset(entry, &permset) != 0)
+        goto out;
+
+    ret = -7; /* acl_add_perm */
+    for (i = 0; i < plen; i++) {
+        if (acl_add_perm(permset, perms[i]) != 0)
+            goto out;
+    }
+
+    ret = -8; /* acl_set_tag_type */
+    if (acl_set_tag_type(entry, ACL_USER) != 0)
+        goto out;
+
+    ret = -9; /* acl_set_qualifier */
+    if (acl_set_qualifier(entry, (void *)&uid) != 0)
+        goto out;
+
+set:
+    ret = -10; /* acl_calc_mask */
+    if (acl_calc_mask(&acl) != 0)
+        goto out;
+
+    ret = -11; /* acl_valid */
+    if (acl_valid(acl) != 0)
+        goto out;
+
+    ret = -12; /* acl_set_file */
+    if (acl_set_file(path_p, ACL_TYPE_ACCESS, acl) == 0)
+        ret = 0;
+
+out:
+    free((void *)path_p);
+    if (acl != NULL)
+        acl_free((void *)acl);
+    return ret;
+}
--- a/internal/acl/libacl-helper.go
+++ b/internal/acl/libacl-helper.go
--- a/internal/acl/libacl-helper.h
+++ b/internal/acl/libacl-helper.h
--- a/internal/acl/libacl-helper_test.go
+++ b/internal/acl/libacl-helper_test.go
--- a/internal/acl/perms.go
+++ b/internal/acl/perms.go
--- a/internal/acl/perms_test.go
+++ b/internal/acl/perms_test.go
@@ -3,7 +3,7 @@ package acl_test
 import (
 	"testing"

-	"hakurei.app/system/acl"
+	"hakurei.app/internal/acl"
 )

 func TestPerms(t *testing.T) {
--- a/internal/dbus/address.go
+++ b/internal/dbus/address.go
--- a/internal/dbus/address_escape_test.go
+++ b/internal/dbus/address_escape_test.go
--- a/internal/dbus/address_test.go
+++ b/internal/dbus/address_test.go
@@ -5,7 +5,7 @@ import (
 	"reflect"
 	"testing"

-	"hakurei.app/system/dbus"
+	"hakurei.app/internal/dbus"
 )

 func TestParse(t *testing.T) {
--- a/internal/dbus/config.go
+++ b/internal/dbus/config.go
--- a/internal/dbus/config_test.go
+++ b/internal/dbus/config_test.go
@@ -7,7 +7,7 @@ import (
 	"testing"

 	"hakurei.app/hst"
-	"hakurei.app/system/dbus"
+	"hakurei.app/internal/dbus"
 )

 func TestConfigArgs(t *testing.T) {
--- a/internal/dbus/dbus.go
+++ b/internal/dbus/dbus.go
--- a/internal/dbus/dbus_test.go
+++ b/internal/dbus/dbus_test.go
@@ -11,9 +11,9 @@ import (
 	"testing"
 	"time"

-	"hakurei.app/helper"
+	"hakurei.app/internal/dbus"
+	"hakurei.app/internal/helper"
 	"hakurei.app/message"
-	"hakurei.app/system/dbus"
 )

 func TestFinalise(t *testing.T) {
--- a/internal/dbus/export_test.go
+++ b/internal/dbus/export_test.go
--- a/internal/dbus/proc.go
+++ b/internal/dbus/proc.go
@@ -12,7 +12,7 @@ import (
 	"hakurei.app/container/check"
 	"hakurei.app/container/seccomp"
 	"hakurei.app/container/std"
-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 	"hakurei.app/ldd"
 )

@@ -54,7 +54,7 @@ func (p *Proxy) Start() error {
 		}

 		var libPaths []*check.Absolute
-		if entries, err := ldd.Exec(ctx, p.msg, toolPath.String()); err != nil {
+		if entries, err := ldd.Resolve(ctx, p.msg, toolPath); err != nil {
 			return err
 		} else {
 			libPaths = ldd.Path(entries)
--- a/internal/dbus/proc_test.go
+++ b/internal/dbus/proc_test.go
@@ -5,7 +5,7 @@ import (
 	"testing"

 	"hakurei.app/container"
-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 func TestMain(m *testing.M) { container.TryArgv0(nil); helper.InternalHelperStub(); os.Exit(m.Run()) }
--- a/internal/dbus/proxy.go
+++ b/internal/dbus/proxy.go
@@ -6,8 +6,8 @@ import (
 	"sync"
 	"syscall"

-	"hakurei.app/helper"
 	"hakurei.app/hst"
+	"hakurei.app/internal/helper"
 	"hakurei.app/message"
 )

--- a/internal/dbus/samples_test.go
+++ b/internal/dbus/samples_test.go
--- a/internal/dbus/testdata/dev.vencord.Vesktop.json
+++ b/internal/dbus/testdata/dev.vencord.Vesktop.json
--- a/internal/dbus/testdata/org.chromium.Chromium+.json
+++ b/internal/dbus/testdata/org.chromium.Chromium+.json
--- a/internal/dbus/testdata/org.chromium.Chromium.json
+++ b/internal/dbus/testdata/org.chromium.Chromium.json
--- a/internal/dbus/testdata/uk.gensokyo.CrashTestDummy.json
+++ b/internal/dbus/testdata/uk.gensokyo.CrashTestDummy.json
--- a/internal/helper/args.go
+++ b/internal/helper/args.go
--- a/internal/helper/args_test.go
+++ b/internal/helper/args_test.go
@@ -7,7 +7,7 @@ import (
 	"syscall"
 	"testing"

-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 func TestArgsString(t *testing.T) {
--- a/internal/helper/cmd.go
+++ b/internal/helper/cmd.go
@@ -10,7 +10,7 @@ import (
 	"sync"
 	"syscall"

-	"hakurei.app/helper/proc"
+	"hakurei.app/internal/helper/proc"
 )

 // NewDirect initialises a new direct Helper instance with wt as the null-terminated argument writer.
--- a/internal/helper/cmd_test.go
+++ b/internal/helper/cmd_test.go
@@ -9,7 +9,7 @@ import (
 	"testing"

 	"hakurei.app/container"
-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 func TestCmd(t *testing.T) {
--- a/internal/helper/container.go
+++ b/internal/helper/container.go
@@ -11,7 +11,7 @@ import (

 	"hakurei.app/container"
 	"hakurei.app/container/check"
-	"hakurei.app/helper/proc"
+	"hakurei.app/internal/helper/proc"
 	"hakurei.app/message"
 )

--- a/internal/helper/container_test.go
+++ b/internal/helper/container_test.go
@@ -9,7 +9,7 @@ import (
 	"hakurei.app/container"
 	"hakurei.app/container/check"
 	"hakurei.app/container/fhs"
-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 func TestContainer(t *testing.T) {
--- a/internal/helper/helper.go
+++ b/internal/helper/helper.go
@@ -8,7 +8,7 @@ import (
 	"os"
 	"time"

-	"hakurei.app/helper/proc"
+	"hakurei.app/internal/helper/proc"
 )

 var WaitDelay = 2 * time.Second
--- a/internal/helper/helper_test.go
+++ b/internal/helper/helper_test.go
@@ -13,7 +13,7 @@ import (
 	"testing"
 	"time"

-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 var (
--- a/internal/helper/proc/files.go
+++ b/internal/helper/proc/files.go
--- a/internal/helper/proc/pipe.go
+++ b/internal/helper/proc/pipe.go
--- a/internal/helper/stub.go
+++ b/internal/helper/stub.go
--- a/internal/helper/stub_test.go
+++ b/internal/helper/stub_test.go
@@ -5,7 +5,7 @@ import (
 	"testing"

 	"hakurei.app/container"
-	"hakurei.app/helper"
+	"hakurei.app/internal/helper"
 )

 func TestMain(m *testing.M) { container.TryArgv0(nil); helper.InternalHelperStub(); os.Exit(m.Run()) }
--- a/internal/info/path.go
+++ b/internal/info/path.go
@@ -1,4 +1,4 @@
-package internal
+package info

 import (
 	"log"
--- a/internal/info/path_test.go
+++ b/internal/info/path_test.go
@@ -1,4 +1,4 @@
-package internal
+package info

 import (
 	"reflect"
--- a/internal/info/version.go
+++ b/internal/info/version.go
@@ -1,4 +1,4 @@
-package internal
+package info

 // FallbackVersion is returned when a version string was not set by the linker.
 const FallbackVersion = "dirty"
--- a/internal/outcome/dispatcher.go
+++ b/internal/outcome/dispatcher.go
@@ -14,9 +14,9 @@ import (
 	"hakurei.app/container/check"
 	"hakurei.app/container/seccomp"
 	"hakurei.app/container/std"
-	"hakurei.app/internal"
+	"hakurei.app/internal/dbus"
+	"hakurei.app/internal/info"
 	"hakurei.app/message"
-	"hakurei.app/system/dbus"
 )

 // osFile represents [os.File].
@@ -53,6 +53,10 @@ type syscallDispatcher interface {
 	readdir(name string) ([]os.DirEntry, error)
 	// tempdir provides [os.TempDir].
 	tempdir() string
+	// mkdir provides [os.Mkdir].
+	mkdir(name string, perm os.FileMode) error
+	// removeAll provides [os.RemoveAll].
+	removeAll(path string) error
 	// exit provides [os.Exit].
 	exit(code int)

@@ -62,6 +66,8 @@ type syscallDispatcher interface {
 	// lookupGroupId calls [user.LookupGroup] and returns the Gid field of the resulting [user.Group] struct.
 	lookupGroupId(name string) (string, error)

+	// lookPath provides exec.LookPath.
+	lookPath(file string) (string, error)
 	// cmdOutput provides the Output method of [exec.Cmd].
 	cmdOutput(cmd *exec.Cmd) ([]byte, error)

@@ -121,6 +127,8 @@ func (direct) stat(name string) (os.FileInfo, error)      { return os.Stat(name)
 func (direct) open(name string) (osFile, error)           { return os.Open(name) }
 func (direct) readdir(name string) ([]os.DirEntry, error) { return os.ReadDir(name) }
 func (direct) tempdir() string                            { return os.TempDir() }
+func (direct) mkdir(name string, perm os.FileMode) error  { return os.Mkdir(name, perm) }
+func (direct) removeAll(path string) error                { return os.RemoveAll(path) }
 func (direct) exit(code int)                              { os.Exit(code) }

 func (direct) evalSymlinks(path string) (string, error) { return filepath.EvalSymlinks(path) }
@@ -134,6 +142,7 @@ func (direct) lookupGroupId(name string) (gid string, err error) {
 	return
 }

+func (direct) lookPath(file string) (string, error)    { return exec.LookPath(file) }
 func (direct) cmdOutput(cmd *exec.Cmd) ([]byte, error) { return cmd.Output() }

 func (direct) notifyContext(parent context.Context, signals ...os.Signal) (ctx context.Context, stop context.CancelFunc) {
@@ -156,7 +165,7 @@ func (direct) seccompLoad(rules []std.NativeRule, flags seccomp.ExportFlag) erro
 	return seccomp.Load(rules, flags)
 }

-func (direct) mustHsuPath() *check.Absolute { return internal.MustHsuPath() }
+func (direct) mustHsuPath() *check.Absolute { return info.MustHsuPath() }

 func (direct) dbusAddress() (session, system string) { return dbus.Address() }

--- a/internal/outcome/dispatcher_test.go
+++ b/internal/outcome/dispatcher_test.go
@@ -24,8 +24,8 @@ import (
 	"hakurei.app/container/std"
 	"hakurei.app/container/stub"
 	"hakurei.app/hst"
+	"hakurei.app/internal/system"
 	"hakurei.app/message"
-	"hakurei.app/system"
 )

 // call initialises a [stub.Call].
@@ -701,10 +701,13 @@ func (panicDispatcher) stat(string) (os.FileInfo, error)                    { pa
 func (panicDispatcher) open(string) (osFile, error)                         { panic("unreachable") }
 func (panicDispatcher) readdir(string) ([]os.DirEntry, error)               { panic("unreachable") }
 func (panicDispatcher) tempdir() string                                     { panic("unreachable") }
+func (panicDispatcher) mkdir(string, os.FileMode) error                     { panic("unreachable") }
+func (panicDispatcher) removeAll(string) error                              { panic("unreachable") }
 func (panicDispatcher) exit(int)                                            { panic("unreachable") }
 func (panicDispatcher) evalSymlinks(string) (string, error)                 { panic("unreachable") }
 func (panicDispatcher) prctl(uintptr, uintptr, uintptr) error               { panic("unreachable") }
 func (panicDispatcher) lookupGroupId(string) (string, error)                { panic("unreachable") }
+func (panicDispatcher) lookPath(string) (string, error)                     { panic("unreachable") }
 func (panicDispatcher) cmdOutput(*exec.Cmd) ([]byte, error)                 { panic("unreachable") }
 func (panicDispatcher) overflowUid(message.Msg) int                         { panic("unreachable") }
 func (panicDispatcher) overflowGid(message.Msg) int                         { panic("unreachable") }
--- a/internal/outcome/finalise.go
+++ b/internal/outcome/finalise.go
@@ -8,8 +8,8 @@ import (
 	"os/user"

 	"hakurei.app/hst"
+	"hakurei.app/internal/system"
 	"hakurei.app/message"
-	"hakurei.app/system"
 )

 func newWithMessage(msg string) error { return newWithMessageError(msg, os.ErrInvalid) }
--- a/internal/outcome/outcome.go
+++ b/internal/outcome/outcome.go
@@ -9,12 +9,24 @@ import (
 	"hakurei.app/container"
 	"hakurei.app/container/check"
 	"hakurei.app/hst"
+	"hakurei.app/internal/acl"
 	"hakurei.app/internal/env"
+	"hakurei.app/internal/info"
+	"hakurei.app/internal/system"
+	"hakurei.app/internal/wayland"
 	"hakurei.app/message"
-	"hakurei.app/system"
-	"hakurei.app/system/acl"
 )

+// Info returns the address to a populated [hst.Info].
+//
+// This must not be called from within package outcome.
+func Info() *hst.Info {
+	hi := hst.Info{WaylandVersion: wayland.Version,
+		Version: info.Version(), User: new(Hsu).MustID(nil)}
+	env.CopyPaths().Copy(&hi.Paths, hi.User)
+	return &hi
+}
+
 // envAllocSize is the initial size of the env map pre-allocated when the configured env map is nil.
 // It should be large enough to fit all insertions by outcomeOp.toContainer.
 const envAllocSize = 1 << 6
@@ -58,7 +70,7 @@ type outcomeState struct {
 	// Copied from their respective exported values.
 	mapuid, mapgid *stringPair[int]

-	// Copied from [EnvPaths] per-process.
+	// Copied from [env.Paths] per-process.
 	sc hst.Paths
 	*env.Paths

@@ -160,6 +172,10 @@ type outcomeStateSys struct {

 	// Copied from [hst.Config]. Safe for read by spWaylandOp.toSystem only.
 	directWayland bool
+	// Copied from [hst.Config]. Safe for read by spPipeWireOp.toSystem only.
+	directPipeWire bool
+	// Copied from [hst.Config]. Safe for read by spPulseOp.toSystem only.
+	directPulse bool
 	// Copied header from [hst.Config]. Safe for read by spFilesystemOp.toSystem only.
 	extraPerms []hst.ExtraPermConfig
 	// Copied address from [hst.Config]. Safe for read by spDBusOp.toSystem only.
@@ -173,8 +189,8 @@ type outcomeStateSys struct {
 func (s *outcomeState) newSys(config *hst.Config, sys *system.I) *outcomeStateSys {
 	return &outcomeStateSys{
 		appId: config.ID, et: config.Enablements.Unwrap(),
-		directWayland: config.DirectWayland, extraPerms: config.ExtraPerms,
-		sessionBus: config.SessionBus, systemBus: config.SystemBus,
+		directWayland: config.DirectWayland, directPipeWire: config.DirectPipeWire, directPulse: config.DirectPulse,
+		extraPerms: config.ExtraPerms, sessionBus: config.SessionBus, systemBus: config.SystemBus,
 		sys: sys, outcomeState: s,
 	}
 }
@@ -241,6 +257,10 @@ type outcomeStateParams struct {
 	// Populated by spRuntimeOp.
 	runtimeDir *check.Absolute

+	// Path to pipewire-pulse server.
+	// Populated by spPipeWireOp if DirectPipeWire is false.
+	pipewirePulsePath *check.Absolute
+
 	as hst.ApplyState
 	*outcomeState
 }
@@ -280,6 +300,7 @@ func (state *outcomeStateSys) toSystem() error {
 		// optional via enablements
 		&spWaylandOp{},
 		&spX11Op{},
+		&spPipeWireOp{},
 		&spPulseOp{},
 		&spDBusOp{},

--- a/internal/outcome/process.go
+++ b/internal/outcome/process.go
@@ -16,10 +16,10 @@ import (
 	"hakurei.app/container/check"
 	"hakurei.app/container/fhs"
 	"hakurei.app/hst"
-	"hakurei.app/internal"
+	"hakurei.app/internal/info"
 	"hakurei.app/internal/store"
+	"hakurei.app/internal/system"
 	"hakurei.app/message"
-	"hakurei.app/system"
 )

 const (
@@ -39,7 +39,7 @@ func (k *outcome) main(msg message.Msg, identifierFd int) {
 	}

 	// read comp value early for early failure
-	hsuPath := internal.MustHsuPath()
+	hsuPath := info.MustHsuPath()

 	const (
 		// transitions to processCommit, or processFinal on failure
--- a/internal/outcome/main.go
+++ b/internal/outcome/main.go
@@ -12,6 +12,8 @@ import (

 // IsPollDescriptor reports whether fd is the descriptor being used by the poller.
 //
+// Made available here to determine and reject impossible fd.
+//
 //go:linkname IsPollDescriptor internal/poll.IsPollDescriptor
 func IsPollDescriptor(fd uintptr) bool

--- a/internal/outcome/main_test.go
+++ b/internal/outcome/main_test.go
@@ -21,13 +21,13 @@ import (
 	"hakurei.app/container/seccomp"
 	"hakurei.app/container/std"
 	"hakurei.app/hst"
+	"hakurei.app/internal/acl"
+	"hakurei.app/internal/dbus"
+	"hakurei.app/internal/system"
 	"hakurei.app/message"
-	"hakurei.app/system"
-	"hakurei.app/system/acl"
-	"hakurei.app/system/dbus"
 )

-func TestOutcomeMain(t *testing.T) {
+func TestOutcomeRun(t *testing.T) {
 	t.Parallel()
 	msg := message.New(nil)
 	msg.SwapVerbose(testing.Verbose())
@@ -67,18 +67,12 @@ func TestOutcomeMain(t *testing.T) {
 				"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
 			).

-			// ensureRuntimeDir
-			Ensure(m("/run/user/1971"), 0700).
-			UpdatePermType(system.User, m("/run/user/1971"), acl.Execute).
-			Ensure(m("/run/user/1971/hakurei"), 0700).
-			UpdatePermType(system.User, m("/run/user/1971/hakurei"), acl.Execute).
-
-			// runtime
-			Ephemeral(system.Process, m("/run/user/1971/hakurei/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), 0700).
-			UpdatePerm(m("/run/user/1971/hakurei/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"), acl.Execute).
-
-			// spPulseOp
-			Link(m("/run/user/1971/pulse/native"), m("/run/user/1971/hakurei/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/pulse")).
+			// spPipeWireOp
+			PipeWire(
+				m("/tmp/hakurei.0/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/pipewire"),
+				"org.chromium.Chromium",
+				"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
+			).

 			// spDBusOp
 			MustProxyDBus(
@@ -106,8 +100,6 @@ func TestOutcomeMain(t *testing.T) {
 				"GOOGLE_DEFAULT_CLIENT_ID=77185425430.apps.googleusercontent.com",
 				"GOOGLE_DEFAULT_CLIENT_SECRET=OTJgUOQcT7lO7GsGZq2G4IlT",
 				"HOME=/data/data/org.chromium.Chromium",
-				"PULSE_COOKIE=/.hakurei/pulse-cookie",
-				"PULSE_SERVER=unix:/run/user/1971/pulse/native",
 				"SHELL=/run/current-system/sw/bin/zsh",
 				"TERM=xterm-256color",
 				"USER=chronos",
@@ -141,10 +133,10 @@ func TestOutcomeMain(t *testing.T) {
 				Proc(fhs.AbsProc).
 				Tmpfs(hst.AbsPrivateTmp, 1<<12, 0755).
 				Bind(fhs.AbsDev, fhs.AbsDev, std.BindWritable|std.BindDevice).
-				Tmpfs(fhs.AbsDev.Append("shm"), 0, 01777).
+				Tmpfs(fhs.AbsDevShm, 0, 01777).

 				// spRuntimeOp
-				Tmpfs(fhs.AbsRunUser, 1<<12, 0755).
+				Tmpfs(fhs.AbsRunUser, xdgRuntimeDirSize, 0755).
 				Bind(m("/tmp/hakurei.0/runtime/9"), m("/run/user/1971"), std.BindWritable).

 				// spTmpdirOp
@@ -157,10 +149,6 @@ func TestOutcomeMain(t *testing.T) {
 				// spWaylandOp
 				Bind(m("/tmp/hakurei.0/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/wayland"), m("/run/user/1971/wayland-0"), 0).

-				// spPulseOp
-				Bind(m("/run/user/1971/hakurei/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/pulse"), m("/run/user/1971/pulse/native"), 0).
-				Place(m("/.hakurei/pulse-cookie"), bytes.Repeat([]byte{0}, pulseCookieSizeMax)).
-
 				// spDBusOp
 				Bind(m("/tmp/hakurei.0/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bus"), m("/run/user/1971/bus"), 0).
 				Bind(m("/tmp/hakurei.0/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/system_bus_socket"), m("/var/run/dbus/system_bus_socket"), 0).
@@ -182,7 +170,7 @@ func TestOutcomeMain(t *testing.T) {
 				Remount(fhs.AbsRoot, syscall.MS_RDONLY),
 		}},

-		{"nixos permissive defaults no enablements", new(stubNixOS), &hst.Config{Container: &hst.ContainerConfig{
+		{"nixos permissive defaults no enablements", new(stubNixOS), &hst.Config{DirectPipeWire: true, Container: &hst.ContainerConfig{
 			Filesystem: []hst.FilesystemConfigJSON{
 				{FilesystemConfig: &hst.FSBind{
 					Target:  fhs.AbsRoot,
@@ -243,8 +231,8 @@ func TestOutcomeMain(t *testing.T) {
 				Proc(m("/proc/")).
 				Tmpfs(hst.AbsPrivateTmp, 4096, 0755).
 				DevWritable(m("/dev/"), true).
-				Tmpfs(m("/dev/shm"), 0, 01777).
-				Tmpfs(m("/run/user/"), 4096, 0755).
+				Tmpfs(m("/dev/shm/"), 0, 01777).
+				Tmpfs(m("/run/user/"), xdgRuntimeDirSize, 0755).
 				Bind(m("/tmp/hakurei.0/runtime/0"), m("/run/user/65534"), std.BindWritable).
 				Bind(m("/tmp/hakurei.0/tmpdir/0"), m("/tmp/"), std.BindWritable).
 				Place(m("/etc/passwd"), []byte("chronos:x:65534:65534:Hakurei:/home/chronos:/run/current-system/sw/bin/zsh\n")).
@@ -264,6 +252,8 @@ func TestOutcomeMain(t *testing.T) {
 		}},

 		{"nixos permissive defaults chromium", new(stubNixOS), &hst.Config{
+			DirectPipeWire: true,
+
 			ID:       "org.chromium.Chromium",
 			Identity: 9,
 			Groups:   []string{"video"},
@@ -298,7 +288,7 @@ func TestOutcomeMain(t *testing.T) {
 				},
 				Filter: true,
 			},
-			Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPulse),
+			Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPipeWire | hst.EPulse),

 			Container: &hst.ContainerConfig{
 				Filesystem: []hst.FilesystemConfigJSON{
@@ -347,10 +337,7 @@ func TestOutcomeMain(t *testing.T) {
 			Ensure(m("/tmp/hakurei.0/tmpdir/9"), 01700).UpdatePermType(system.User, m("/tmp/hakurei.0/tmpdir/9"), acl.Read, acl.Write, acl.Execute).
 			Ephemeral(system.Process, m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c"), 0711).
 			Wayland(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/wayland"), m("/run/user/1971/wayland-0"), "org.chromium.Chromium", "ebf083d1b175911782d413369b64ce7c").
-			Ensure(m("/run/user/1971"), 0700).UpdatePermType(system.User, m("/run/user/1971"), acl.Execute). // this is ordered as is because the previous Ensure only calls mkdir if XDG_RUNTIME_DIR is unset
-			Ensure(m("/run/user/1971/hakurei"), 0700).UpdatePermType(system.User, m("/run/user/1971/hakurei"), acl.Execute).
-			Ephemeral(system.Process, m("/run/user/1971/hakurei/ebf083d1b175911782d413369b64ce7c"), 0700).UpdatePermType(system.Process, m("/run/user/1971/hakurei/ebf083d1b175911782d413369b64ce7c"), acl.Execute).
-			Link(m("/run/user/1971/pulse/native"), m("/run/user/1971/hakurei/ebf083d1b175911782d413369b64ce7c/pulse")).
+			PipeWire(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/pipewire"), "org.chromium.Chromium", "ebf083d1b175911782d413369b64ce7c").
 			MustProxyDBus(&hst.BusConfig{
 				Talk: []string{
 					"org.freedesktop.Notifications",
@@ -397,8 +384,7 @@ func TestOutcomeMain(t *testing.T) {
 				"DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/65534/bus",
 				"DBUS_SYSTEM_BUS_ADDRESS=unix:path=/var/run/dbus/system_bus_socket",
 				"HOME=/home/chronos",
-				"PULSE_COOKIE=" + hst.PrivateTmp + "/pulse-cookie",
-				"PULSE_SERVER=unix:/run/user/65534/pulse/native",
+				"PIPEWIRE_REMOTE=/run/user/65534/pipewire-0",
 				"SHELL=/run/current-system/sw/bin/zsh",
 				"TERM=xterm-256color",
 				"USER=chronos",
@@ -412,15 +398,14 @@ func TestOutcomeMain(t *testing.T) {
 				Proc(m("/proc/")).
 				Tmpfs(hst.AbsPrivateTmp, 4096, 0755).
 				DevWritable(m("/dev/"), true).
-				Tmpfs(m("/dev/shm"), 0, 01777).
-				Tmpfs(m("/run/user/"), 4096, 0755).
+				Tmpfs(m("/dev/shm/"), 0, 01777).
+				Tmpfs(m("/run/user/"), xdgRuntimeDirSize, 0755).
 				Bind(m("/tmp/hakurei.0/runtime/9"), m("/run/user/65534"), std.BindWritable).
 				Bind(m("/tmp/hakurei.0/tmpdir/9"), m("/tmp/"), std.BindWritable).
 				Place(m("/etc/passwd"), []byte("chronos:x:65534:65534:Hakurei:/home/chronos:/run/current-system/sw/bin/zsh\n")).
 				Place(m("/etc/group"), []byte("hakurei:x:65534:\n")).
 				Bind(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/wayland"), m("/run/user/65534/wayland-0"), 0).
-				Bind(m("/run/user/1971/hakurei/ebf083d1b175911782d413369b64ce7c/pulse"), m("/run/user/65534/pulse/native"), 0).
-				Place(m(hst.PrivateTmp+"/pulse-cookie"), bytes.Repeat([]byte{0}, pulseCookieSizeMax)).
+				Bind(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/pipewire"), m("/run/user/65534/pipewire-0"), 0).
 				Bind(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/bus"), m("/run/user/65534/bus"), 0).
 				Bind(m("/tmp/hakurei.0/ebf083d1b175911782d413369b64ce7c/system_bus_socket"), m("/var/run/dbus/system_bus_socket"), 0).
 				Bind(m("/dev/dri"), m("/dev/dri"), std.BindWritable|std.BindDevice|std.BindOptional).
@@ -439,8 +424,10 @@ func TestOutcomeMain(t *testing.T) {
 		}},

 		{"nixos chromium direct wayland", new(stubNixOS), &hst.Config{
+			DirectPipeWire: true,
+
 			ID:          "org.chromium.Chromium",
-			Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPulse),
+			Enablements: hst.NewEnablements(hst.EWayland | hst.EDBus | hst.EPipeWire | hst.EPulse),
 			Container: &hst.ContainerConfig{
 				Env: nil,
 				Filesystem: []hst.FilesystemConfigJSON{
@@ -502,9 +489,8 @@ func TestOutcomeMain(t *testing.T) {
 			Ensure(m("/run/user/1971"), 0700).UpdatePermType(system.User, m("/run/user/1971"), acl.Execute). // this is ordered as is because the previous Ensure only calls mkdir if XDG_RUNTIME_DIR is unset
 			Ensure(m("/run/user/1971/hakurei"), 0700).UpdatePermType(system.User, m("/run/user/1971/hakurei"), acl.Execute).
 			UpdatePermType(hst.EWayland, m("/run/user/1971/wayland-0"), acl.Read, acl.Write, acl.Execute).
-			Ephemeral(system.Process, m("/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1"), 0700).UpdatePermType(system.Process, m("/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1"), acl.Execute).
-			Link(m("/run/user/1971/pulse/native"), m("/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1/pulse")).
 			Ephemeral(system.Process, m("/tmp/hakurei.0/8e2c76b066dabe574cf073bdb46eb5c1"), 0711).
+			PipeWire(m("/tmp/hakurei.0/8e2c76b066dabe574cf073bdb46eb5c1/pipewire"), "org.chromium.Chromium", "8e2c76b066dabe574cf073bdb46eb5c1").
 			MustProxyDBus(&hst.BusConfig{
 				Talk: []string{
 					"org.freedesktop.FileManager1", "org.freedesktop.Notifications",
@@ -544,8 +530,7 @@ func TestOutcomeMain(t *testing.T) {
 				"DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1971/bus",
 				"DBUS_SYSTEM_BUS_ADDRESS=unix:path=/var/run/dbus/system_bus_socket",
 				"HOME=/var/lib/persist/module/hakurei/0/1",
-				"PULSE_COOKIE=" + hst.PrivateTmp + "/pulse-cookie",
-				"PULSE_SERVER=unix:/run/user/1971/pulse/native",
+				"PIPEWIRE_REMOTE=/run/user/1971/pipewire-0",
 				"SHELL=/run/current-system/sw/bin/zsh",
 				"TERM=xterm-256color",
 				"USER=u0_a1",
@@ -558,15 +543,14 @@ func TestOutcomeMain(t *testing.T) {
 				Proc(m("/proc/")).
 				Tmpfs(hst.AbsPrivateTmp, 4096, 0755).
 				DevWritable(m("/dev/"), true).
-				Tmpfs(m("/dev/shm"), 0, 01777).
-				Tmpfs(m("/run/user/"), 4096, 0755).
+				Tmpfs(m("/dev/shm/"), 0, 01777).
+				Tmpfs(m("/run/user/"), xdgRuntimeDirSize, 0755).
 				Bind(m("/tmp/hakurei.0/runtime/1"), m("/run/user/1971"), std.BindWritable).
 				Bind(m("/tmp/hakurei.0/tmpdir/1"), m("/tmp/"), std.BindWritable).
 				Place(m("/etc/passwd"), []byte("u0_a1:x:1971:100:Hakurei:/var/lib/persist/module/hakurei/0/1:/run/current-system/sw/bin/zsh\n")).
 				Place(m("/etc/group"), []byte("hakurei:x:100:\n")).
 				Bind(m("/run/user/1971/wayland-0"), m("/run/user/1971/wayland-0"), 0).
-				Bind(m("/run/user/1971/hakurei/8e2c76b066dabe574cf073bdb46eb5c1/pulse"), m("/run/user/1971/pulse/native"), 0).
-				Place(m(hst.PrivateTmp+"/pulse-cookie"), bytes.Repeat([]byte{0}, pulseCookieSizeMax)).
+				Bind(m("/tmp/hakurei.0/8e2c76b066dabe574cf073bdb46eb5c1/pipewire"), m("/run/user/1971/pipewire-0"), 0).
 				Bind(m("/tmp/hakurei.0/8e2c76b066dabe574cf073bdb46eb5c1/bus"), m("/run/user/1971/bus"), 0).
 				Bind(m("/tmp/hakurei.0/8e2c76b066dabe574cf073bdb46eb5c1/system_bus_socket"), m("/var/run/dbus/system_bus_socket"), 0).
 				Bind(m("/bin"), m("/bin"), 0).
@@ -899,6 +883,16 @@ func (k *stubNixOS) lookupGroupId(name string) (string, error) {
 	}
 }

+func (k *stubNixOS) lookPath(file string) (string, error) {
+	switch file {
+	case "pipewire-pulse":
+		return "/run/current-system/sw/bin/pipewire-pulse", nil
+
+	default:
+		panic(fmt.Sprintf("unexpected file %q", file))
+	}
+}
+
 func (k *stubNixOS) cmdOutput(cmd *exec.Cmd) ([]byte, error) {
 	switch cmd.Path {
 	case "/proc/nonexistent/hsu":
--- a/Show More
+++ b/Show More