clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 48

fix(bootstrap): pre-create daemon staging dir in agent jails #134

Merged
clawdie merged 1 commit from jail-staging-dir into main 2026-06-21 17:28:51 +02:00
Conversation 0 Commits 1 Files changed 1 +8
clawdie commented 2026-06-21 17:28:42 +02:00
Owner
Copy link

Follow-up intended for #131 (which merged at its first commit before this one landed). Fixes the second root cause of the jail-spawn EACCES found via truss (docs #132).

For staged spawns the daemon writes launch.sh/env.sh under <jail_root>/var/run/colibri-stage/<stage_id>/, but nothing ever created /var/run/colibri-stage. The daemon runs as clawdie and can't mkdir under root-owned /var/run, so staging failed with Permission denied.

agent-jail-bootstrap.sh now pre-creates the dir owned by the daemon user, mode 0700 — replacing the runtime chmod 777 workaround from #132: durable across jail rebuilds and not world-writable (staged files are sourced as shell, so world-writable would be a privilege footgun). DAEMON_USER is overridable, defaulting to clawdie. sh -n clean.

Together with #131 this closes the spawn EACCES end-to-end.

🤖 Generated with Claude Code

Follow-up intended for #131 (which merged at its first commit before this one landed). Fixes the **second** root cause of the jail-spawn EACCES found via truss (docs #132). For staged spawns the daemon writes `launch.sh`/`env.sh` under `<jail_root>/var/run/colibri-stage/<stage_id>/`, but nothing ever created `/var/run/colibri-stage`. The daemon runs as `clawdie` and can't `mkdir` under root-owned `/var/run`, so staging failed with Permission denied. `agent-jail-bootstrap.sh` now pre-creates the dir owned by the daemon user, mode `0700` — replacing the runtime `chmod 777` workaround from #132: durable across jail rebuilds and not world-writable (staged files are sourced as shell, so world-writable would be a privilege footgun). `DAEMON_USER` is overridable, defaulting to `clawdie`. `sh -n` clean. Together with #131 this closes the spawn EACCES end-to-end. 🤖 Generated with Claude Code
clawdie added 1 commit 2026-06-21 17:28:44 +02:00
fix(bootstrap): pre-create daemon staging dir in agent jails
Some checks failed
CI / rust (pull_request) Has been cancelled
Details
CI / markdown (pull_request) Has been cancelled
Details
CI / port (pull_request) Has been cancelled
Details
CI / agent-jail-pkgs (pull_request) Has been cancelled
Details
4623f8c209 
Second root cause of the jail-spawn EACCES (found via truss, docs PR #132):
for staged spawns the daemon writes launch.sh/env.sh under
<jail_root>/var/run/colibri-stage/<stage_id>/, but nothing created
/var/run/colibri-stage. The daemon runs as clawdie and cannot mkdir under
root-owned /var/run, so staging failed with Permission denied.

agent-jail-bootstrap.sh now pre-creates the dir owned by the daemon user
(0700), replacing the runtime `chmod 777` workaround — durable across jail
rebuilds and not world-writable (staged files are sourced as shell, so a
world-writable staging dir would be a privilege footgun). DAEMON_USER is
overridable, defaulting to clawdie.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
clawdie merged commit 64c1198f4b into main 2026-06-21 17:28:51 +02:00
clawdie deleted branch jail-staging-dir 2026-06-21 17:28:51 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
first-proof blocker

gates the first proven end-to-end

  
hardening

security/robustness follow-up, not a first-proof gate

No labels
first-proof blocker
hardening
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/colibri#134
No description provided.
Delete branch "jail-staging-dir"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?