lfg2025/archy
1
0
Fork 0
Code Issues 7 Pull Requests Actions Packages Projects Releases 33 Wiki Activity
Files
0c8dd582fa0a1dfa237426189aaeb98f237a2972
archy/core
History
Dorian 0c8dd582fa fix: rootless podman scanning — relax namespace/syscall restrictions 
RestrictNamespaces and SystemCallFilter block rootless podman from
creating user namespaces needed for container isolation. Removed these
along with RestrictSUIDSGID (implied by NoNewPrivileges). ProtectHome
set to no (rootless podman needs ~/.local/share/containers writable).

Remaining active protections: NoNewPrivileges, ProtectSystem=strict,
ReadWritePaths, RestrictAddressFamilies, MemoryDenyWriteExecute,
RestrictRealtime, SystemCallArchitectures=native.

Also reduced initial scan delay from 15s to 3s for faster container
visibility after boot, and removed Ollama from auto-deploy.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-18 14:22:00 +00:00
..
.cargo
refactor: update dependencies and remove unused code
2026-03-12 00:19:30 +00:00
archipelago
fix: rootless podman scanning — relax namespace/syscall restrictions
2026-03-18 14:22:00 +00:00
container
feat: rootless podman, session hardening, boot stability, sidebar fix
2026-03-18 13:53:27 +00:00
container-init
helpers
js-engine
models
parmanode
feat: complete Phase 1 foundation hardening + three-mode UI design doc
2026-03-04 05:23:42 +00:00
performance
security
fix: Phase 7 — key zeroization, OsRng, checked arithmetic, TOTP rate limits
2026-03-18 01:00:57 +00:00
.env.example
.env.production
Update README and configuration for macOS support
2026-01-28 11:12:19 +00:00
Cargo.lock
feat: v1.2.0-alpha — E2E encrypted mesh relay, steganography, relay status polling
2026-03-17 23:56:37 +00:00
Cargo.toml
Refactor configuration and scripts for Archipelago backend and ISO build
2026-02-01 05:42:05 +00:00