app: remove bubblewrap launch method
Launch methods serve the primary purpose of setting UID in the init namespace, which bubblewrap does not do. Furthermore, all applications will start within a bubblewrap sandbox once it has been implemented. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
parent
d41b9d2d9c
commit
8f03ddc3fa
SSH Key Fingerprint:
SHA256:gQ67O0enBZ7UdZypgtspB2FDM1g3GVw8nX0XSdcFw8Q
2
flag.go
2
flag.go
|
|
@ -47,7 +47,7 @@ func init() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func init() {
|
func init() {
|
||||||
methodHelpString := "Method of launching the child process, can be one of \"sudo\", \"bubblewrap\""
|
methodHelpString := "Method of launching the child process, can be one of \"sudo\""
|
||||||
if internal.SdBootedV {
|
if internal.SdBootedV {
|
||||||
methodHelpString += ", \"systemd\""
|
methodHelpString += ", \"systemd\""
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -1,8 +0,0 @@
|
||||||
package app
|
|
||||||
|
|
||||||
// TODO: launch dbus proxy via bwrap
|
|
||||||
|
|
||||||
func (a *app) commandBuilderBwrap() (args []string) {
|
|
||||||
// TODO: build bwrap command
|
|
||||||
panic("bwrap")
|
|
||||||
}
|
|
||||||
|
|
@ -15,7 +15,6 @@ import (
|
||||||
|
|
||||||
const (
|
const (
|
||||||
LaunchMethodSudo uint8 = iota
|
LaunchMethodSudo uint8 = iota
|
||||||
LaunchMethodBwrap
|
|
||||||
LaunchMethodMachineCtl
|
LaunchMethodMachineCtl
|
||||||
)
|
)
|
||||||
|
|
||||||
|
|
@ -25,7 +24,6 @@ var (
|
||||||
ErrLaunch = errors.New("invalid launch method")
|
ErrLaunch = errors.New("invalid launch method")
|
||||||
|
|
||||||
ErrSudo = errors.New("sudo not available")
|
ErrSudo = errors.New("sudo not available")
|
||||||
ErrBwrap = errors.New("bwrap not available")
|
|
||||||
ErrSystemd = errors.New("systemd not available")
|
ErrSystemd = errors.New("systemd not available")
|
||||||
ErrMachineCtl = errors.New("machinectl not available")
|
ErrMachineCtl = errors.New("machinectl not available")
|
||||||
)
|
)
|
||||||
|
|
@ -75,13 +73,6 @@ func (a *app) Seal(config *Config) error {
|
||||||
} else {
|
} else {
|
||||||
seal.toolPath = sudoPath
|
seal.toolPath = sudoPath
|
||||||
}
|
}
|
||||||
case "bubblewrap":
|
|
||||||
seal.launchOption = LaunchMethodBwrap
|
|
||||||
if bwrapPath, err := exec.LookPath("bwrap"); err != nil {
|
|
||||||
return (*LauncherLookupError)(wrapError(ErrBwrap, "bwrap not found"))
|
|
||||||
} else {
|
|
||||||
seal.toolPath = bwrapPath
|
|
||||||
}
|
|
||||||
case "systemd":
|
case "systemd":
|
||||||
seal.launchOption = LaunchMethodMachineCtl
|
seal.launchOption = LaunchMethodMachineCtl
|
||||||
if !internal.SdBootedV {
|
if !internal.SdBootedV {
|
||||||
|
|
|
||||||
|
|
@ -30,8 +30,6 @@ func (a *app) Start() error {
|
||||||
switch a.seal.launchOption {
|
switch a.seal.launchOption {
|
||||||
case LaunchMethodSudo:
|
case LaunchMethodSudo:
|
||||||
commandBuilder = a.commandBuilderSudo
|
commandBuilder = a.commandBuilderSudo
|
||||||
case LaunchMethodBwrap:
|
|
||||||
commandBuilder = a.commandBuilderBwrap
|
|
||||||
case LaunchMethodMachineCtl:
|
case LaunchMethodMachineCtl:
|
||||||
commandBuilder = a.commandBuilderMachineCtl
|
commandBuilder = a.commandBuilderMachineCtl
|
||||||
default:
|
default:
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue