summary refs log tree commit diff
AgeCommit message (Collapse)Author
2022-04-11ripple/fossil/mount: serve a small, static filesystemedef
Serve up an entirely hardcoded minimal filesystem tree, so we can see most of the FUSE plumbing working already. Change-Id: I13c4b534c8dd159d2d2e177497b33f1bec3849ad
2022-04-11ripple/fossil/mount: stub out anything we don't want to implementedef
Change-Id: I7c2f940a411346230835f1befc5d4fe384e2b67e
2022-04-11ripple/fossil/mount: initedef
Minimal no-op FUSE FS. Change-Id: If6549990a768acea5ac8c75399b71ac10db8a4c6
2022-04-11ripple/fossil: don't .ok().expect()edef
Result::expect already does the right thing, and discards less information. Change-Id: I2d2fbd1981d4c3b84bb287fb4d79d985f8e465c9
2022-04-11ripple/fossil: track file sizeedef
Change-Id: I424bd482d82471255f2ce2f17bb0b5c6eae3b77a
2022-04-10ripple/fossil: split out FileRef/DirectoryRefedef
Change-Id: I649c89ccc4e7fbc3ce42c86f6653d59c07cf58a9
2022-04-10ripple/fossil: track transitive inode countedef
Change-Id: Ia5893bc64f58e3a6b17aa96fdd27b6b49ebf5fa5
2022-04-10ripple/fossil: just copy the slice refedef
Thanks, Clippy! Change-Id: I88e6b94b8edd415d1ed79c288a4677e2040dde77
2022-04-10ripple/fossil: use [T]::is_emptyedef
Thanks, Clippy! Change-Id: I9d8d154db76c49807262bb07f37aec0c17725739
2022-03-28fleet/hosts/trieste/naut: don't notify on infra updatesV
These aren't really relevant to the project. If people particularly care about our infra, we could create a channel specifically for that, but currently it's not of interest to anyone, and just clutters things up. Change-Id: I86a484604b9442a51ba0ea22783c9286857ce403
2022-02-28ripple: bump Rust edition to 2021V
Change-Id: I25fde01a2eee6fd3affd7f069745c346eb3b19ff
2022-02-16ripple/minitrace: use CString::from_vec_with_nul for constructionV
New Rust version, fresh new APIs. Change-Id: I0983ea45a27ec25c16b1a7ff4dc828540ccd0b5f
2022-02-16ripple/nix: update sources.jsonV
It's been a while since we've done this, and there are some great new changes in the Rust compiler and standard library. As a bonus, rustfmt now features the `imports_granularity = "One"` variant, so we can use unmodified tooling again. Change-Id: I228e4e5919f53b6a77e07a5c99420936c89016c3
2022-02-08ripple/minitrace: clean up prlimit64 arg destructuringV
Change-Id: If54ca6c931c0f3c8d99a65aeca15385f1ef8ebf3
2022-02-08ripple/minitrace: clean up arch_prctl arg destructuringV
Change-Id: I403062ce3570eac201612dcf083a8c670380f6a8
2022-02-08ripple/minitrace: log newfstatat pathsV
Change-Id: Ieec434cdbddb45ab099bb9cf91dea1a135fd06ad
2022-02-08ripple/minitrace: log readlink pathsedef
Change-Id: Idd2b174e0805e1a255f6a9a5cb9868aa59aa332a
2022-02-08ripple/minitrace: clean up ioctl handlingV
TIOCGWINSZ was mistakenly listed as TCGETS, and parameter destructuring got cleaned up. Change-Id: I8dce783c50d34ab619cf7b05c9b705b5e11bc459
2022-02-08ripple/minitrace: log access(2) pathsedef
Co-authored-by: V <v@unfathomable.blue> Change-Id: I26603ca7de3ac4a21b64390e4fc3d9f44a6c172a
2022-02-08ripple/minitrace: consistently use .. for arg matchingedef
Change-Id: Iadaebe17f1362460bf5b7b5770da3b94afbca237
2022-02-08ripple/minitrace: clear child environment variablesedef
Change-Id: If55273931055ff9033aca2e274b6cf7b4a510ec2
2022-02-08ripple/minitrace: enforce openat flagsedef
Co-authored-by: V <v@unfathomable.blue> Change-Id: Id848249e6b4a3de612d298d434c59889ba93b300
2022-02-08ripple/minitrace: log openat pathsedef
Co-authored-by: V <v@unfathomable.blue> Change-Id: Idcb3c29c4761158be788511f5f4bdb3003edf909
2022-02-08ripple/minitrace: ensure openat calls use AT_FDCWD onlyedef
Co-authored-by: V <v@unfathomable.blue> Change-Id: I32ca1947fc9278bdee1b0a8acdc8d5d66b61d736
2022-02-07ripple/shell.nix: make cc1 available for minitrace testingedef
Change-Id: Ie88130942865aa73bbdd9a3ddd71d9f5ef5914ab
2022-02-07ripple/minitrace: use anyhow::Result unqualifiededef
Result<T, E> keeps the same meaning, so there's no need to qualify it. Change-Id: I22872860ff18e75c01be01e0d4c8030bfc4133bb
2022-02-03ripple/minitrace: don't permit tracee escape if the tracer diesedef
Change-Id: If2c0262b82e072a600f9b8dfe7efdf3556f0e16a
2022-02-03ripple/Cargo.lock: resyncedef
We should probably have a CI lint for this. Change-Id: Ibff833dd4e3a428b1c96aa659cfd046f7e177a23
2022-02-03ripple/minitrace: only disable ASLR in traceeedef
Change-Id: I6df0596ecc0ba9514c04339dbd80469880e30f4c
2022-02-03ripple/minitrace: take care of our own ptrace bringupedef
Change-Id: I2602d7bb751b6a7415832308843cb334b6f24aa2
2021-12-28ripple/minitrace: disable ASLRedef
Change-Id: I7e34fd965b46f33a38821bca196c8774206ee037
2021-12-28ripple: upgrade nix crate to 0.23.1edef
Change-Id: Ie477bbd96109b4ce9ddcee221addb49733259d5a
2021-12-28ripple/minitrace: enforce arguments for arch_prctl, prlimit64, ioctl, mmapedef
Change-Id: Ifb5939b9088de3096da7a1bdc6e0bc6e6a6ba94f
2021-12-27ripple/website/pages/syscalls: document the syscalls we need to support for ↵edef
our MVP Change-Id: I651816d004ee5c5049569ddcf157d492cbcc0b2a
2021-12-27ripple/minitrace: enforce permitted syscall numbersedef
This doesn't discriminate between muxed syscalls yet, but at least bounds the available syscalls to the ones `cc1 hello.c` invokes. Change-Id: I1965f27746b509b32d5e86510e803038765c11dd
2021-12-27ripple/minitrace: initedef
Minimal PTRACE_SYSCALL tracer for further narrowing down the syscalls we need to support. Change-Id: I562ee6e88e52d7deeee6de588ef00dfc1c38a71a
2021-12-23ripple/website/nix: fix deploymentV
Our post-update deployment hook expects a callPackage-able default.nix in the root of the repository. Let's fix that! I'm moving the nixpkgs wrapper to another file, so it's still easy to build. Placeholder page until we've actually got content. Change-Id: I5e3ecabe0025c2361e15e31b3c520be6410281ce
2021-12-22ripple/data: add syscalls-gcc.logedef
A trace of `gcc hello.c -o hello` on Arch Linux, using //tools/driver.pl. Change-Id: I0af3d4896cb1bc530b3781fc3c48090b4c212316
2021-12-22ripple/data: add hello.cedef
Bog standard C hello world. The license info, insofar relevant, is kept separately because it's an unnecessary contaminant. Change-Id: Icf48e11fa44618a7f265f8b083e8a02dc6387711
2021-08-30fleet/hosts/trieste/naut: put proxy socket in its own directoryV
As the main service runs as a dynamic user, service restarts cause the runtime directory (/run/naut) to be recreated. This resulted in the proxy socket being deleted, never to be seen again (breaking the hook). Change-Id: Ief0655d24116939e401191acd75d9d59b9c03e86
2021-08-22fleet/naut: pluralise "{} commits pushed" message correctlyV
Change-Id: I716969d8c18628166c6b49dba8eca2807e22784d
2021-08-22ripple/fossil: prefer anonymous type parametersedef
This is mostly a stylistic distinction, but it helps with readability. Change-Id: Ia6b3dca53638f12bcfd498b5f36e7abf16fd061a
2021-08-21fleet/hosts/trieste/naut: fix proxy service dependencyedef
This ensures that only a single instance can be running, and allows the socket and service to be restarted together. Change-Id: Iaa7a2f36705996458d0c7af692151bba6209c028
2021-08-21fleet/pkgs/naut: a little commit notification botV
After a couple of days wrangling Rust's async ecosystem, we now have an IRC bot that will announce new commits. This should hopefully give people a better view into what we're working on! Change-Id: Ie7b3be62afca3ad2a10cb04c15ff666c62408fa2
2021-08-20fleet/hosts/trieste/cgit: put our tagline in the root descriptionV
I'm not sure why I didn't think to do this earlier. Change-Id: I951f7d5fa3d3276befe687e62393cbad807bd4c4
2021-08-17fleet/modules/public-inbox: fix updated descriptions not getting picked upV
Stale data just tastes bad, y'know? Change-Id: I027250bfb6831ef473088e2ee2652df2a8f894a4
2021-08-17fleet/modules/public-inbox: set NonBlocking on the httpd serviceV
For whatever reason, it complains if you don't provide this. It will then set O_NONBLOCK by itself, so I'm not really sure what the point is. Change-Id: Iec21e48f027a9782625f5fbbe539a8a7ccc04e2c
2021-08-17fleet/modules/public-inbox: add Requires/After of the corresponding socket ↵V
to the httpd service This ensures they can be restarted together correctly, as well as ensuring the service has a socket available at all times. Change-Id: Ifa06e217cc2209aea4bcf28ed054d74cbc091a99
2021-08-17fleet/modules/public-inbox: fix permissions issueV
It turns out the strange behaviour we were observing was due to createHome applying an overly-restrictive mode to the public-inbox top-level directory. This prevented public-inbox-httpd from accessing any of the inboxes, despite it having the correct group assigned. This fixes: - Inbox descriptions showing up as "($INBOX_DIR/description missing)" - Inbox pages only containing the text "No messages, yet" - Mysterious "fatal: not a git repository: '/path/to/inbox'" errors - Probably even more things that I simply didn't notice Change-Id: Ia5a3d57546efd2d0375528fa10e4e979d155b045
2021-08-17fleet: initV
Co-authored-by: edef <edef@unfathomable.blue> Change-Id: I36d2c4cca542ed91630b1b832f3c7a7b97b33c65