Hakurei is a tool for running sandboxed desktop applications as dedicated subordinate users on the Linux kernel. It implements the application container of [planterette (WIP)](https://git.gensokyo.uk/security/planterette), a self-contained Android-like package manager with modern security features. Interaction with hakurei happens entirely through structures described by package [hst](https://pkg.go.dev/hakurei.app/hst). No native API is available due to internal details of UID isolation. ## Notable Packages Package [container](https://pkg.go.dev/hakurei.app/container) is general purpose container tooling, it is used by the hakurei shim process running as the target subordinate user to set up the application container. It has a single dependency [libseccomp](https://github.com/seccomp/libseccomp) for creating BPF programs for the system call filter. Package [internal/pkg](https://pkg.go.dev/hakurei.app/internal/pkg) provides infrastructure for hermetic builds. This replaces the legacy nix-based testing framework and serves as the build system of Rosa OS, currently developed under package [internal/rosa](https://pkg.go.dev/hakurei.app/internal/rosa). ## Dependencies `container` depends on: - [libseccomp](https://github.com/seccomp/libseccomp) to generate BPF programs. `cmd/hakurei` depends on: - [acl](https://savannah.nongnu.org/projects/acl/) to export sockets to subordinate users. - [wayland](https://gitlab.freedesktop.org/wayland/wayland) to set up [security-context-v1](https://wayland.app/protocols/security-context-v1). - [xcb](https://xcb.freedesktop.org/) to grant and revoke subordinate users access to the X server. `cmd/sharefs` depends on: - [fuse](https://github.com/libfuse/libfuse) to implement the filesystem. New dependencies are generally not acceptable. ## NixOS Module (deprecated) The NixOS module is in maintenance mode and will be removed once planterette is feature-complete. Full module documentation can be found [here](options.md).