6830bb7097
servo: transmission: simplify the rsync call
...
i'm having perms issues _somewhere_
2024-08-06 08:14:45 +00:00
316b0bee3a
landlock-sandboxer: disable the ABI mismatch warnings
2024-08-06 07:20:00 +00:00
638655ff83
mnt-servo-*-reachable.service: harden systemd service
2024-08-06 06:43:10 +00:00
5e57e78411
/mnt/servo/*: fix to not hang the mount when fs is offline
...
this is an unfortunate effect of the drop_privileges part of fuse3,
that the mount is active as soon as the fs implementation is launched,
instead of when it enters `fuse_main`.
2024-08-06 05:54:31 +00:00
3859619ae0
curlftpfs-sane: implement "-o exit_after_connect"
2024-08-06 05:53:45 +00:00
646c2dd85a
common/fs: mount curlftpfs using fuse3
2024-08-06 04:48:47 +00:00
0655b6906c
curlftpfs: implement readdir
...
i think now all the stuff you'd expect of a basic fs now actually works
2024-08-06 04:11:32 +00:00
3019f90f5d
curlftpfs-sane: upgrade to fuse3
2024-08-06 03:00:11 +00:00
020e5f8c6e
/mnt/persist/private: split waiting on the keyfile out of the mount process
2024-08-06 02:03:55 +00:00
809c3af7fa
/mnt/persist/private: minor improvements to file permissions
2024-08-06 01:26:53 +00:00
93cb1bc546
/mnt/persist/private: sandbox in a way that the actual gocryptfs instance doesn't get CAP_SYS_ADMIN
2024-08-06 00:52:48 +00:00
53acab834c
refactor: persist/stores/ephemeral: move to its own source directory
2024-08-05 23:05:02 +00:00
3a0610b029
/mnt/persist/ephemeral: sandbox in a way that the actual gocryptfs instance doesn't get CAP_SYS_ADMIN
...
instead, only fuse does, and the capability is lost during the handoff between fuse and gocryptfs
2024-08-05 23:04:14 +00:00
9cee460d7e
gocryptfs: sandbox with landlock
...
now /mnt/persist/ephemeral implementation can't access /mnt/persist/private; /mnt/persist/private can't access /mnt/desko/home, and so on
2024-08-05 23:01:38 +00:00
e657507a76
libfuse-sane: search for mount helpers on /run/current-system/sw/bin
2024-08-05 23:00:05 +00:00
c706a19836
landlock-sandboxer: rename the binary, so that it can be included on PATH without collisions
2024-08-05 22:59:14 +00:00
566e15286b
sanebox: don't assume 'readlink' is available in the environment
2024-08-05 22:56:18 +00:00
d1b4e9c923
sanebox: allow /dev/fd in the sandbox by default
2024-08-05 22:55:12 +00:00
5eca45891b
sanebox: fix landlock sandboxing IAB edgecases
...
i don't fully understand it. but adjusting the Inh capability set breaks things like gocryptfs. i think it isn't necessary: if we set E alone, and no-new-privs, then that gets us the same guarantees.
2024-08-05 22:54:20 +00:00
722fe8f368
libcap: ship the optional 'captree' component
2024-08-05 05:30:14 +00:00
e25dd98f6c
spot/spotify: disable
...
i don't use spotify atm
2024-08-05 00:47:59 +00:00
54e9d4a0ae
sane-vpn: switch back to bwrap instead of pasta
2024-08-04 18:56:17 +00:00
9f3a13eeb8
nixpkgs: 24.05-unstable-2024-08-02 -> 24.05-unstable-2024-08-04
2024-08-04 02:19:14 +00:00
5605ffda4b
nixpkgs-wayland: 0-unstable-2024-08-02 -> 0-unstable-2024-08-03
2024-08-04 02:18:57 +00:00
9165925469
syshud: 0-unstable-2024-07-29 -> 0-unstable-2024-08-03
2024-08-04 02:18:37 +00:00
f65bf2b433
uassets: 0-unstable-2024-08-02 -> 0-unstable-2024-08-03
2024-08-04 02:18:14 +00:00
0f60a86ed4
hare-ev: 0-unstable-2024-07-07 -> 0-unstable-2024-07-11
2024-08-04 01:08:37 +00:00
b488b6748d
nixos/pam: replace apparmor warnings with assertions
2024-08-04 00:50:41 +00:00
ef6b7cf175
syshud: 0-unstable-2024-07-16 -> 0-unstable-2024-07-29
2024-08-04 00:39:04 +00:00
0906d76f83
libcap_ng: ship
2024-08-03 23:27:53 +00:00
90c495e74c
libfuse-sane: ship
2024-08-03 22:59:34 +00:00
74662df720
persist/{private,ephemeral}: mount via fuse
...
gocryptfs is compatible with --drop-permissions style of mount.fuse3. only, i can't actually use that today because i need to keep permissions :o
but maybe i'll enable that in the future
2024-08-03 18:51:58 +00:00
2b3278eb7f
/mnt/$host/home: layer bwrap sandboxing after the drop-privileges passoff
2024-08-03 17:11:11 +00:00
9b4e91fbd9
/mnt/$host/home: harden systemd settings
2024-08-03 16:27:42 +00:00
734627232a
/mnt/$host/home: mount with drop_privileges
2024-08-03 15:13:04 +00:00
3adbbe5fa7
/mnt/$host/home: run as user instead of as root
2024-08-03 15:13:04 +00:00
b4a244df7a
rsync-net: fix /nix/persist/private path
2024-08-03 14:32:44 +00:00
97268e9b26
curlftpfs-sane: rename from curlftpfs
...
i already patched it significantly; i plan to port to fuse3 shortly
2024-08-03 14:32:01 +00:00
bebf6bdaeb
rsync-net: hardcode fewer paths
2024-08-03 11:38:43 +00:00
04fc601c9c
rsync-net: fix sandboxing (dont set PrivateUsers: we lose perms in the root ns doing that)
2024-08-03 11:25:50 +00:00
ee062d61d0
sane-tag-media: rework the tag extrapolation to be less intrusive
2024-08-03 07:58:43 +00:00
0dba9987c5
sane-tag-media: remove unused "confirm" function
2024-08-03 07:19:53 +00:00
4761690b6d
sane-tag-media: have --derive + --override-existing NOT override the existing tags when the derived ones apear to be simply lower-quality versions of the same on-disk data
2024-08-03 07:19:08 +00:00
604782c3a6
sane-tag-media: refactor (simplify)
2024-08-03 03:57:09 +00:00
365d33c357
sane-tag-media: empty manual tags always overwrite tags, regardless of --override-existing flag
2024-08-03 03:38:22 +00:00
a39ad8a508
sane-tag-media: rename --force flag to --override-existing
2024-08-03 03:31:16 +00:00
c49e9a4c2b
sane-tag-media: implement the --ignore-existing flag
2024-08-03 03:18:07 +00:00
36491842cc
sanebox: bwrap: micro-optimize to not require env
2024-08-02 22:44:27 +00:00
81ea2210c9
sanebox: allow keeping the net namespace
2024-08-02 22:44:27 +00:00
f678508b33
sanebox: add --sanebox-capsh-arg flag
2024-08-02 22:44:27 +00:00
