clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 43

fix(daemon): gate autospawn on .secured marker when require_secured=YES #184

Merged
clawdie merged 1 commit from fix/require-secured-interlock into main 2026-06-25 07:25:45 +02:00
Conversation 0 Commits 1 Files changed 1 +17
clawdie commented 2026-06-25 07:25:25 +02:00
Owner
Copy link

Adds colibri_daemon_require_secured knob (default NO). When enabled, the
daemon refuses to autospawn an agent until /var/db/colibri/.secured exists.
This interlock pairs with the clawdie-iso firstboot password gate (#139):
the gate writes .secured after the operator sets passwords, the daemon
reads it to gate autospawn + node_register.

Must run AFTER the provider.env block — otherwise COLIBRI_AUTOSPAWN=YES
from provider.env would override the NO set here. Defaults to NO so
deployed/disk hosts (which never run the firstboot gate) are unaffected.

Paired with: clawdie-iso PR #139 (force-root-password-on-first-boot).

Adds colibri_daemon_require_secured knob (default NO). When enabled, the daemon refuses to autospawn an agent until /var/db/colibri/.secured exists. This interlock pairs with the clawdie-iso firstboot password gate (#139): the gate writes .secured after the operator sets passwords, the daemon reads it to gate autospawn + node_register. Must run AFTER the provider.env block — otherwise COLIBRI_AUTOSPAWN=YES from provider.env would override the NO set here. Defaults to NO so deployed/disk hosts (which never run the firstboot gate) are unaffected. Paired with: clawdie-iso PR #139 (force-root-password-on-first-boot).
clawdie added 1 commit 2026-06-25 07:25:28 +02:00
fix(daemon): gate autospawn on .secured marker when require_secured=YES
Some checks failed
CI / rust (pull_request) Has been cancelled
Details
CI / markdown (pull_request) Has been cancelled
Details
CI / port (pull_request) Has been cancelled
Details
CI / agent-jail-pkgs (pull_request) Has been cancelled
Details
796070605b 
Adds colibri_daemon_require_secured knob (default NO). When enabled, the
daemon refuses to autospawn an agent until /var/db/colibri/.secured exists.
This interlock pairs with the clawdie-iso firstboot password gate (#139):
the gate writes .secured after the operator sets passwords, the daemon
reads it to gate autospawn + node_register.

Must run AFTER the provider.env block — otherwise COLIBRI_AUTOSPAWN=YES
from provider.env would override the NO set here. Defaults to NO so
deployed/disk hosts (which never run the firstboot gate) are unaffected.

Paired with: clawdie-iso PR #139 (force-root-password-on-first-boot).
clawdie merged commit 263b8f0b4d into main 2026-06-25 07:25:45 +02:00
clawdie deleted branch fix/require-secured-interlock 2026-06-25 07:25:47 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels   
first-proof blocker

gates the first proven end-to-end

  
hardening

security/robustness follow-up, not a first-proof gate

No labels
first-proof blocker
hardening
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: clawdie/colibri#184
No description provided.
Delete branch "fix/require-secured-interlock"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?