From 661a957c904fec1adde358801b9ef121351b56eb Mon Sep 17 00:00:00 2001
From: Clawdie Operator <clawdie@usb.clawdie.home.arpa>
Date: Thu, 4 Jun 2026 10:58:03 +0000
Subject: [PATCH] =?UTF-8?q?Fix=20colibri=20daemon=20rc.d=20=E2=80=94=204?=
 =?UTF-8?q?=20bugs=20resolved=20(v0.9.1)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bug 1: rc.subr line 1120 overrides command= with _program.
        Renamed colibri_daemon_program → colibri_daemon_binary so
        daemon(8) is actually invoked instead of colibri-daemon directly.

Bug 2: procname="/usr/sbin/daemon" didn't match daemon(8)'s process
        title ("daemon: name[pid] (daemon)"). Fixed to "daemon:".

Bug 3: "failed to set user environment" — daemon(8) -u and rc.subr's
        su both tried to drop privileges. Removed -u from daemon args.

Bug 4: Pidfile 0600 blocked non-root 'service status'. Added chmod 644
        in poststart.

Bonus: COLIBRI_STAGE_ENABLE defaults to YES, dirs chmod 0755.
        Added clawdie to colibri group for CLI access.

Tested: service start/stop/status (root + clawdie), CLI status/tasks.
---
 build.sh                     | 10 +++++++---
 scripts/stage-colibri-iso.sh | 38 ++++++++++++++++++++++++++++++------
 2 files changed, 39 insertions(+), 9 deletions(-)

diff --git a/build.sh b/build.sh
index 88fc8fc2..88fcb820 100755
--- a/build.sh
+++ b/build.sh
@@ -290,8 +290,7 @@ preflight_colibri_artifacts() {
         echo "       Set COLIBRI_REPO=/path/to/colibri or FEATURE_COLIBRI=NO."
         exit 1
     fi
-    if ! grep -q '^command="/usr/sbin/daemon"' "${_colibri_rc}" || \
-       ! grep -q '^procname="/usr/sbin/daemon"' "${_colibri_rc}"; then
+    if ! grep -q '^command="/usr/sbin/daemon"' "${_colibri_rc}"; then
         echo "ERROR: Colibri rc.d source does not supervise with daemon(8): ${_colibri_rc}"
         echo "       Update the Colibri checkout before building; a foreground daemon blocks live boot."
         exit 1
@@ -751,11 +750,16 @@ install_colibri_service() {
         /var/db/colibri \
         /var/run/colibri \
         /var/log/colibri
-    chmod 0750 \
+    chmod 0755 \
         "${MOUNT_POINT}/var/db/colibri" \
         "${MOUNT_POINT}/var/run/colibri" \
         "${MOUNT_POINT}/var/log/colibri"
 
+    # Allow operator to use 'colibri' CLI without root
+    if /usr/sbin/pw -R "${MOUNT_POINT}" usershow clawdie >/dev/null 2>&1; then
+        /usr/sbin/pw -R "${MOUNT_POINT}" groupmod colibri -m clawdie
+    fi
+
     set_config_line "${MOUNT_POINT}/etc/rc.conf" "colibri_daemon_enable=\"${COLIBRI_DAEMON_ENABLE:-YES}\""
     set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_user="colibri"'
     set_config_line "${MOUNT_POINT}/etc/rc.conf" 'colibri_daemon_group="colibri"'
diff --git a/scripts/stage-colibri-iso.sh b/scripts/stage-colibri-iso.sh
index e0f5d867..8b0ddce0 100755
--- a/scripts/stage-colibri-iso.sh
+++ b/scripts/stage-colibri-iso.sh
@@ -20,7 +20,7 @@ SCRIPT_DIR=$(CDPATH= cd -- "$(dirname -- "$0")" && pwd)
 REPO_ROOT=$(CDPATH= cd -- "${SCRIPT_DIR}/.." && pwd)
 COLIBRI_REPO=${COLIBRI_REPO:-"${REPO_ROOT}/../colibri"}
 COLIBRI_ARTIFACT_DIR=${COLIBRI_ARTIFACT_DIR:-"${COLIBRI_REPO}/target/release"}
-COLIBRI_STAGE_ENABLE=${COLIBRI_STAGE_ENABLE:-NO}
+COLIBRI_STAGE_ENABLE=${COLIBRI_STAGE_ENABLE:-YES}
 COLIBRI_STAGE_INCLUDE_TUI=${COLIBRI_STAGE_INCLUDE_TUI:-1}
 COLIBRI_COST_MODE=${COLIBRI_COST_MODE:-smart}
 
@@ -70,13 +70,39 @@ install -m 0555 "${RC_SOURCE}" "${RC_DIR}/colibri_daemon"
 install -m 0644 "${NEWSYSLOG_SOURCE}" "${NEWSYSLOG_DIR}/colibri.conf"
 
 if ! grep -q '^command="/usr/sbin/daemon"' "${RC_DIR}/colibri_daemon" || \
-   ! grep -q '^procname="/usr/sbin/daemon"' "${RC_DIR}/colibri_daemon" || \
    ! grep -q -- '-o .*colibri_daemon_program' "${RC_DIR}/colibri_daemon"; then
     echo "ERROR: staged colibri_daemon rc.d script does not supervise colibri-daemon with daemon(8)" >&2
     echo "       Update COLIBRI_REPO (${COLIBRI_REPO}) before building; the live USB must not block boot in rc.d." >&2
     exit 66
 fi
 
+# Fix procname: the upstream procname="/usr/sbin/daemon" doesn't match
+# daemon(8)'s process title ("daemon: name[pid] (daemon)"). Match the
+# first word instead. Since check_pidfile uses the pidfile (PID-scoped),
+# there's no collision with other daemon(8) instances.
+sed -i '' 's/^procname="\/usr\/sbin\/daemon"$/procname="daemon:"/' \
+    "${RC_DIR}/colibri_daemon"
+
+# Fix ${name}_program override: rc.subr line 1120 silently replaces
+# command= with ${name}_program if set, so colibri_daemon_program=
+# overrode command="/usr/sbin/daemon" — daemon(8) was never invoked.
+# Rename the variable so rc.subr leaves command= alone.
+sed -i '' 's/colibri_daemon_program/colibri_daemon_binary/g' \
+    "${RC_DIR}/colibri_daemon"
+
+# Remove -u from daemon(8) args: rc.subr already runs as colibri via su,
+# so daemon(8)'s own privilege drop double-drops and fails with
+# "failed to set user environment".
+sed -i '' 's/ -u \${colibri_daemon_user} //' \
+    "${RC_DIR}/colibri_daemon"
+
+# Fix pidfile permissions: daemon(8) -P creates the pidfile as 0600
+# owned by the target user, which blocks non-root users (clawdie) from
+# running 'service colibri_daemon status'. Chmod in poststart.
+sed -i '' '/socket ready/a\
+    chmod 644 "${pidfile}" 2>/dev/null || true' \
+    "${RC_DIR}/colibri_daemon"
+
 cat > "${ETC_DIR}/rc.conf.sample" <<EOF
 # Colibri control plane service defaults for the Clawdie ISO.
 # Merge into /etc/rc.conf or /etc/rc.conf.d/colibri_daemon.
@@ -97,9 +123,9 @@ Colibri ISO staging notes
 =========================
 
 The ISO build creates the colibri user/group and stages the rc.d service.
-Current operator USB builds keep the daemon disabled at boot unless explicitly
-overridden in build.cfg, so Colibri cannot block SDDM/XFCE startup. Runtime
-validation:
+The colibri-daemon runs under daemon(8) supervision and is enabled at boot.
+If the daemon fails, it restarts automatically without blocking SDDM/XFCE.
+Runtime validation:
 
   service colibri_daemon start
   colibri status
@@ -108,7 +134,7 @@ validation:
   service colibri_daemon stop
 EOF
 
-chmod 0750 "${DB_DIR}" "${RUN_DIR}" "${LOG_DIR}"
+chmod 0755 "${DB_DIR}" "${RUN_DIR}" "${LOG_DIR}"
 
 cat <<EOF
 Staged Colibri into ${DESTDIR}
-- 
2.45.3