eba9bb3099
feeds: subscribe to Charles Stross blog
2024-09-02 11:38:47 +00:00
3deb17125d
make-sandboxed: handl polkit files when patching bin paths
2024-09-02 11:31:24 +00:00
4328a7ddf3
modules/programs: remove unused arguments
2024-09-02 10:26:42 +00:00
737df8c10e
modules/programs: plumb capabilities into bunpen sandboxer
2024-08-30 20:36:11 +00:00
f26f13ddf3
bunpen: bind "safe"-ish /de items
2024-08-29 20:13:37 +00:00
14929c1102
programs: plum --bunpen-autodetect into modules/programs API
2024-08-28 11:37:18 +00:00
b9fc61e627
modules/programs: plumb bunpen's home/run path binds
2024-08-27 20:36:31 +00:00
3417a9fd3f
sanebox: remove the portal logic, and delegate it to manual handling by those few apps which truly need special casing
...
it's a questionable responsibility to give to the sandbox itself (unless i also have the sandbox do things like dbus proxying, someday). and it will make the bunpen implementation simpler
2024-08-27 11:00:15 +00:00
422e8aeb3f
sanebox: support existingDir{,OrParent} autodetect option
2024-08-26 14:06:49 +00:00
c86d893a2c
modules/programs: sandbox: allow method = "bunpen"
2024-08-23 16:00:31 +00:00
effec38a99
modules/programs: sandbox: introduce an interface which will allow for sandboxers other than sanebox
2024-08-23 16:00:31 +00:00
c5ed1263dc
feeds: subscribe to justine.lol
2024-08-23 16:00:31 +00:00
45ff21822a
feeds: sub JRE (we'll see how long this lasts...)
2024-08-23 06:09:33 +00:00
a9cc0f28e2
feeds: subscribe to linuxdevtime podcast
2024-08-22 07:19:37 +00:00
b4b95be588
make-sandboxed: fix to preserve the specified output, for packages like dig
2024-08-21 04:00:45 +00:00
ae0d6cb8e8
make-sandboxed: preserve outputs of multiple-output packages
...
especially, this fixes the dconf service, since we keep '/libexec'
2024-08-21 03:28:02 +00:00
4055c6d3e9
podcasts: subscribe to C-Span's _The Weekly_
2024-08-20 02:23:41 +00:00
1b4266f8a7
hickory-dns: fix compilation error with newer rustc
2024-08-19 13:29:09 +00:00
ca793af819
make-sandboxed: fix double-wrapping when two symlinks point to the same binary by non-canonical paths (e.g. mount.sshfs -> ../bin/sshfs)
2024-08-16 10:50:20 +00:00
e846a5046a
feeds: subscribe to 404 media
2024-08-16 02:41:17 +00:00
a552ed625b
make-sandboxed: fix several edge-cases for e.g. brave, firefox, especially around handling of wrapped binaries
2024-08-16 02:15:46 +00:00
fd6959230f
make-sandboxed: handle /opt-style packaging, with toplevels linked into /bin, a bit better
2024-08-15 10:32:18 +00:00
87e9856497
sanebox: forward argv0
2024-08-15 10:31:21 +00:00
e7d5a61014
libcap: split into separate capsh and captree programs, and sandbox the latter
2024-08-12 10:13:50 +00:00
d4290588bf
rename: trust-dns -> hickory-dns
2024-08-12 01:23:39 +00:00
bfe278c17a
feeds: subscribe to Weird Little Guys
2024-08-12 00:35:34 +00:00
8aebc1fe87
feeds: subscribe to Oyez supreme court oral arguments
2024-08-10 11:16:54 +00:00
f986936bbd
wg-home-refresh: use the sandboxed wireguard-tools
2024-08-09 23:52:31 +00:00
055ad222e3
wg-home-refresh: harden systemd service
2024-08-09 23:05:58 +00:00
f8aea34e96
sanebox: bwrap: make user namespace unsharing more obvious
2024-08-07 21:23:21 +00:00
020e5f8c6e
/mnt/persist/private: split waiting on the keyfile out of the mount process
2024-08-06 02:03:55 +00:00
809c3af7fa
/mnt/persist/private: minor improvements to file permissions
2024-08-06 01:26:53 +00:00
93cb1bc546
/mnt/persist/private: sandbox in a way that the actual gocryptfs instance doesn't get CAP_SYS_ADMIN
2024-08-06 00:52:48 +00:00
53acab834c
refactor: persist/stores/ephemeral: move to its own source directory
2024-08-05 23:05:02 +00:00
3a0610b029
/mnt/persist/ephemeral: sandbox in a way that the actual gocryptfs instance doesn't get CAP_SYS_ADMIN
...
instead, only fuse does, and the capability is lost during the handoff between fuse and gocryptfs
2024-08-05 23:04:14 +00:00
c706a19836
landlock-sandboxer: rename the binary, so that it can be included on PATH without collisions
2024-08-05 22:59:14 +00:00
74662df720
persist/{private,ephemeral}: mount via fuse
...
gocryptfs is compatible with --drop-permissions style of mount.fuse3. only, i can't actually use that today because i need to keep permissions :o
but maybe i'll enable that in the future
2024-08-03 18:51:58 +00:00
3adbbe5fa7
/mnt/$host/home: run as user instead of as root
2024-08-03 15:13:04 +00:00
eaeb8380dc
fs: enable @basic-api everywhere, since its required by systemd restart logic
2024-08-02 09:13:55 +00:00
cf20230d96
sane.fs: cleanup
...
plumb systemd.{mounts,services} instead of the less detailed 'systemd'
2024-08-02 08:01:38 +00:00
9dbb2a6266
sane.fs: take in the role of generating systemd.mounts files
2024-08-02 07:33:21 +00:00
113b107d73
persist: fix ordering so stores arent required by local-fs.target
...
maybe they should be, but then there's weird stuff about getty depending on sysinit.target, and that being blocked by the private store...
2024-08-02 06:20:39 +00:00
96dfe79a8c
fs: persist/private: harden systemd mount file
2024-08-02 05:17:44 +00:00
6e5bde17aa
cleanup: persist/private: simplify
2024-08-02 05:00:55 +00:00
3eb66c098b
trust-dns: make it a dependency of "network-online.target"
2024-08-02 04:54:58 +00:00
515aab5370
cleanup: persist/private: encode the dependencies more precisely, rather than just having it all depend on default.target
2024-08-02 04:50:33 +00:00
f925dd9a20
fs: isolate /mnt/servo/* and /mnt/persist/ephemeral a bit more
2024-08-02 04:45:14 +00:00
6a7dd31755
vpn: fix warning about missing /32 syntax
2024-08-02 00:37:58 +00:00
2197951e12
NetworkManager-dispatcher: cleanup an ordering cycle between it and trust-dns-localhost
2024-08-02 00:36:54 +00:00
efc16a9e80
persist: harden the "ephemeral" store mount environment
...
there's only so much this can actually achieve. it's still quite possible for someone who knows what they're doing to do large amounts of damage
2024-08-01 22:40:55 +00:00
