colin/nix-files
1
0
Fork 1
Code Issues Pull Requests Projects Releases Wiki Activity

bunpen: support --bunpen-autodetect-cli existingDirOrParent

Browse Source
This commit is contained in:
Colin
2024-09-11 01:57:11 +00:00
parent e69bacf54e
commit fad05b929a
3 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkgs/additional/bunpen/config/autodetect.ha
View File

@@ -5,6 +5,7 @@ export type autodetect = enum {
EXISTING,
EXISTING_FILE,
EXISTING_FILE_OR_PARENT,
EXISTING_DIR_OR_PARENT,
EXISTING_OR_PARENT,
PARENT,
};
@@ -14,6 +15,7 @@ fn autodetect_fromstr(v: str) (autodetect | errors::invalid) = {
case "existing" => yield autodetect::EXISTING;
case "existingFile" => yield autodetect::EXISTING_FILE;
case "existingFileOrParent" => yield autodetect::EXISTING_FILE_OR_PARENT;
case "existingDirOrParent" => yield autodetect::EXISTING_DIR_OR_PARENT;
case "existingOrParent" => yield autodetect::EXISTING_OR_PARENT;
case "parent" => yield autodetect::PARENT;
case => yield errors::invalid;

2
pkgs/additional/bunpen/config/cli.ha
View File

@@ -40,7 +40,7 @@ export fn usage() void = {
fmt::println(" omit `n` for light debugging, or specify n=0/1/2/3/4 where higher = more verbose")!;
fmt::println(" --bunpen-drop-shell")!;
fmt::println(" instead of running the program, drop into an interactive shell")!;
fmt::println(" --bunpen-autodetect <existing|existingFile|existingFileOrParent|existingOrParent|parent>")!;
fmt::println(" --bunpen-autodetect <existing|existingFile|existingFileOrParent|existingDirOrParent|existingOrParent|parent>")!;
fmt::println(" add files which appear later as CLI arguments into the sandbox")!;
fmt::println(" --bunpen-cap <all|sys_admin|net_raw|net_admin|...>")!;
fmt::println(" allow the sandboxed program to use the provided linux capability (both inside and outside the sandbox)")!;

1
pkgs/additional/bunpen/config/translate_opts.ha
View File

@@ -147,6 +147,7 @@ fn ingest_paths(into: *[]path::buffer, from: []str, base: (str | void), allow_ab
case autodetect::EXISTING => yield (false, true, true, false);
case autodetect::EXISTING_FILE => yield (false, true, false, false);
case autodetect::EXISTING_FILE_OR_PARENT => yield (false, true, false, true);
case autodetect::EXISTING_DIR_OR_PARENT => yield (false, false, true, true);
case autodetect::EXISTING_OR_PARENT => yield (false, true, true, true);
case autodetect::PARENT => yield (false, false, false, true);
};