clawdie/clawdie-iso
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: clawdie pre-build hardening + Codex handoff #6

Merged
clawdie merged 2 commits from fix/clawdie-prebuild-hardening into main 2026-06-02 10:49:22 +02:00
Conversation 0 Commits 2 Files changed 3 +125 -12
clawdie commented 2026-06-02 10:49:15 +02:00
Owner
Copy link

Changes

  • CLAWDIE_ENABLE defaults to NO — agent staged but not auto-started until proven on hardware
  • Fix dead/fragile useradd clawdie footgun in install_clawdie_service — assert existing user instead of creating
  • Deliver CLAWDIE-CODEX-HANDOFF.md — Codex ISO Builder instructions

After merge, Codex is fully unblocked.

## Changes - CLAWDIE_ENABLE defaults to NO — agent staged but not auto-started until proven on hardware - Fix dead/fragile useradd clawdie footgun in install_clawdie_service — assert existing user instead of creating - Deliver CLAWDIE-CODEX-HANDOFF.md — Codex ISO Builder instructions After merge, Codex is fully unblocked.
clawdie added 2 commits 2026-06-02 10:49:17 +02:00 
Three low-risk fixes before enabling FEATURE_CLAWDIE on a build:

- build.cfg: CLAWDIE_ENABLE now defaults NO. Stage the binary + rc.d but do not
  auto-start at boot until rc.d supervision is proven on hardware (same caution
  as COLIBRI_DAEMON_ENABLE), so clawdie cannot interfere with SDDM/live boot.
  Start manually with `service clawdie start`, then flip to YES.
- build.sh: install_clawdie_service no longer re-creates a conflicting nologin
  `clawdie` user. The operator `clawdie` account is created earlier by
  configure_live_operator_session and reused (the agent runs as it, same as
  Clawdie-AI); we now assert it exists instead of silently diverging on
  home/shell. Matching CLAWDIE_ENABLE fallbacks flipped to NO.
- build.sh: build summary label disambiguated to "Clawdie agent :" (was a second
  "Clawdie :" line colliding with the Clawdie-AI ref banner).

sh -n clean on build.sh and scripts/stage-clawdie-iso.sh.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Step-by-step handoff for staging + validating the simplified `clawdie` agent on
the FreeBSD build host: build colibri release artifacts (incl. clawdie), ISO
preflight, build with FEATURE_CLAWDIE=YES (staged but CLAWDIE_ENABLE=NO),
mounted-image inspection, hardware validation, and cleanup timing. Includes the
two blocking PR merges, the baked-secret caveat, and deletion criteria.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
clawdie merged commit 1215d8ebc4 into main 2026-06-02 10:49:22 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/clawdie-iso#6
No description provided.
Delete branch "fix/clawdie-prebuild-hardening"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?