clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 48

fix(wiki): repair broken ../packaging/ links (EN+SL) + clean stray content dir #216

Merged
clawdie merged 1 commit from fix/wiki-packaging-links into main 2026-06-26 14:53:22 +02:00
Conversation 0 Commits 1 Files changed 3 +232 -229
3 changed files with 232 additions and 229 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
astro/wiki/.gitignore vendored
View file

@ -1,3 +1,4 @@
node_modules/
dist/
.astro/
src/content/

221
docs/wiki/mother-hive.md
View file

@ -1,110 +1,111 @@
# Mother hive
← [index](./index.md)
## What this is
The mother node (OSA) coordinates USB operator nodes via MCP over SSH →
PostgreSQL. USB nodes send hardware profiles; mother derives capabilities and
maintains the hive registry. This page records the **decisions** behind the
implementation — the rationale the code can't express. For setup instructions,
architecture diagrams, and the first-run checklist, see
[`packaging/mother/MOTHER-SETUP.md`](../packaging/mother/MOTHER-SETUP.md).
## Decisions
### Forced-command SSH boundary (not a listening daemon)
USB nodes reach mother by spawning `ssh colibri@mother` (no remote command).
On the mother side, `authorized_keys` enforces
`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — the connection
**cannot** run an interactive shell or any command except the wrapper.
The wrapper (`colibri-mcp-ssh`) further allowlists `SSH_ORIGINAL_COMMAND` to
`""` (stdio MCP mode) or `"tools"` (one-shot discovery). Every other value is
rejected.
**Why not a listening daemon** (HTTP, gRPC, raw TCP): Tailscale encrypts the
wire, so the SSH layer adds authentication + confinement without extra
infrastructure (no TLS certs, no auth tokens, no open ports). The forced-command
boundary is a second lock on top of the SSH key — even a compromised USB that
holds the key can only invoke the wrapper, and the wrapper only delegates to
colibri-mcp. Defense in depth, deployed as one OpenSSH feature.
→ [`colibri-mcp-ssh`](../packaging/mother/colibri-mcp-ssh), [`MOTHER-SETUP.md` §Security](../packaging/mother/MOTHER-SETUP.md#security-properties)
### Single home for mother infra (colibri, not clawdie-iso)
The mother MCP scripts (`node-register-mcp`, `geodesic-dome-mcp`, etc.) were
originally copied into both repos. The clawdie-iso copy drifted — its
`node-register-mcp` used `E'${...}'` string interpolation (SQL-injectable)
while the colibri copy used parameterized `psql -v :'variable'`. The iso copy
was removed in clawdie-iso PR #129.
**Lesson**: a script in two repos **will** drift. The wiki lint is single-repo
and can't see cross-repo duplicates. The mitigation is discipline: mother infra
lives in one place.
→ [naming-decisions §Structural](./naming-decisions.md#structural-decisions) ("Single home" row)
### `hive_nodes` — not `usb_nodes`
The original table name assumed only USB-booted nodes would register. But a
node is any host that joins the hive — USB, NVMe, a jail. Renamed to
`hive_nodes` with a `node_type` column (colibri #161). The `derive_capabilities()`
trigger is table-agnostic and auto-computes `has_gpu`, `gpu_vendor`,
`can_run_local_llm`, `has_wifi`, `max_model` on INSERT.
→ [`mother_schema.sql`](../packaging/mother/mother_schema.sql),
[naming-decisions](./naming-decisions.md) (`usb_nodes → hive_nodes` row)
### PostgreSQL peer auth (no passwords)
The `colibri` OS user connects to `mother_hive` via peer authentication — the
kernel attests the Unix user, no password needed. `node-register-mcp` runs as
this user and inherits the trust. No pgpass files, no env vars, no credential
rotation. One moving part: the `pg_hba.conf` peer rule must precede any
catch-all `local all all` line (first-match).
**Why not a password or certificate**: passwords rotate and leak; certificates
need a CA. Peer auth is built into PostgreSQL on every Unix and works for a
localhost connection with zero configuration beyond one `pg_hba.conf` line.
→ [`MOTHER-SETUP.md` §Setup step 6](../packaging/mother/MOTHER-SETUP.md#setup-one-time)
### Key on seed partition, not in the image
The `mother-mcp` private key is placed on the CLAWDIESEED partition, not baked
into the ISO. The build script has a release guard that **refuses** to bake it
into a release image. The seed importer (`clawdie-live-seed`) installs it at
boot time.
**Why**: a release ISO is a downloadable artifact. Baking a private key into it
would give every downloader access to the mother MCP. The seed partition is a
separate physical medium that the operator controls. Even without a seed, the
ISO boots and runs — the daemon's external MCP connection to mother fails
gracefully (SSH: "config file not found"), and the node operates standalone.
→ [naming-decisions](./naming-decisions.md) ("Known residue"), clawdie-iso #133
### Daemon user, not operator
The colibri daemon runs as the `colibri` user (`/var/db/colibri`), not as the
operator (`clawdie`, `/home/clawdie`). The external MCP SSH connection to mother
is spawned by the daemon — so the SSH key, config, and known_hosts must be in
the daemon's home. The seed importer installs SSH material to **both** homes
(operator + daemon).
**Why not just put it in clawdie's home and `sudo`**: the daemon is not the
operator. Running as a separate user means the blast radius of a daemon
compromise is limited to what the `colibri` user can do — MCP calls to mother,
not operator files or `sudo`.
→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
[`MOTHER-SETUP.md` §Key management](../packaging/mother/MOTHER-SETUP.md#key-management)
## See also
- [agent-harness](./agent-harness.md) — the zot/Colibri split; autospawn
- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, autospawn flag rename
- [quality-gates](./quality-gates.md) — the gate that should catch drift at PR time
1|# Mother hive
2|
3|← [index](./index.md)
4|
5|## What this is
6|
7|The mother node (OSA) coordinates USB operator nodes via MCP over SSH →
8|PostgreSQL. USB nodes send hardware profiles; mother derives capabilities and
9|maintains the hive registry. This page records the **decisions** behind the
10|implementation — the rationale the code can't express. For setup instructions,
11|architecture diagrams, and the first-run checklist, see
12|[`packaging/mother/MOTHER-SETUP.md`](../../packaging/mother/MOTHER-SETUP.md).
13|
14|## Decisions
15|
16|### Forced-command SSH boundary (not a listening daemon)
17|
18|USB nodes reach mother by spawning `ssh colibri@mother` (no remote command).
19|On the mother side, `authorized_keys` enforces
20|`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — the connection
21|**cannot** run an interactive shell or any command except the wrapper.
22|
23|The wrapper (`colibri-mcp-ssh`) further allowlists `SSH_ORIGINAL_COMMAND` to
24|`""` (stdio MCP mode) or `"tools"` (one-shot discovery). Every other value is
25|rejected.
26|
27|**Why not a listening daemon** (HTTP, gRPC, raw TCP): Tailscale encrypts the
28|wire, so the SSH layer adds authentication + confinement without extra
29|infrastructure (no TLS certs, no auth tokens, no open ports). The forced-command
30|boundary is a second lock on top of the SSH key — even a compromised USB that
31|holds the key can only invoke the wrapper, and the wrapper only delegates to
32|colibri-mcp. Defense in depth, deployed as one OpenSSH feature.
33|
34|→ [`colibri-mcp-ssh`](../../packaging/mother/colibri-mcp-ssh), [`MOTHER-SETUP.md` §Security](../../packaging/mother/MOTHER-SETUP.md#security-properties)
35|
36|### Single home for mother infra (colibri, not clawdie-iso)
37|
38|The mother MCP scripts (`node-register-mcp`, `geodesic-dome-mcp`, etc.) were
39|originally copied into both repos. The clawdie-iso copy drifted — its
40|`node-register-mcp` used `E'${...}'` string interpolation (SQL-injectable)
41|while the colibri copy used parameterized `psql -v :'variable'`. The iso copy
42|was removed in clawdie-iso PR #129.
43|
44|**Lesson**: a script in two repos **will** drift. The wiki lint is single-repo
45|and can't see cross-repo duplicates. The mitigation is discipline: mother infra
46|lives in one place.
47|
48|→ [naming-decisions §Structural](./naming-decisions.md#structural-decisions) ("Single home" row)
49|
50|### `hive_nodes` — not `usb_nodes`
51|
52|The original table name assumed only USB-booted nodes would register. But a
53|node is any host that joins the hive — USB, NVMe, a jail. Renamed to
54|`hive_nodes` with a `node_type` column (colibri #161). The `derive_capabilities()`
55|trigger is table-agnostic and auto-computes `has_gpu`, `gpu_vendor`,
56|`can_run_local_llm`, `has_wifi`, `max_model` on INSERT.
57|
58|→ [`mother_schema.sql`](../../packaging/mother/mother_schema.sql),
59|[naming-decisions](./naming-decisions.md) (`usb_nodes → hive_nodes` row)
60|
61|### PostgreSQL peer auth (no passwords)
62|
63|The `colibri` OS user connects to `mother_hive` via peer authentication — the
64|kernel attests the Unix user, no password needed. `node-register-mcp` runs as
65|this user and inherits the trust. No pgpass files, no env vars, no credential
66|rotation. One moving part: the `pg_hba.conf` peer rule must precede any
67|catch-all `local all all` line (first-match).
68|
69|**Why not a password or certificate**: passwords rotate and leak; certificates
70|need a CA. Peer auth is built into PostgreSQL on every Unix and works for a
71|localhost connection with zero configuration beyond one `pg_hba.conf` line.
72|
73|→ [`MOTHER-SETUP.md` §Setup step 6](../../packaging/mother/MOTHER-SETUP.md#setup-one-time)
74|
75|### Key on seed partition, not in the image
76|
77|The `mother-mcp` private key is placed on the CLAWDIESEED partition, not baked
78|into the ISO. The build script has a release guard that **refuses** to bake it
79|into a release image. The seed importer (`clawdie-live-seed`) installs it at
80|boot time.
81|
82|**Why**: a release ISO is a downloadable artifact. Baking a private key into it
83|would give every downloader access to the mother MCP. The seed partition is a
84|separate physical medium that the operator controls. Even without a seed, the
85|ISO boots and runs — the daemon's external MCP connection to mother fails
86|gracefully (SSH: "config file not found"), and the node operates standalone.
87|
88|→ [naming-decisions](./naming-decisions.md) ("Known residue"), clawdie-iso #133
89|
90|### Daemon user, not operator
91|
92|The colibri daemon runs as the `colibri` user (`/var/db/colibri`), not as the
93|operator (`clawdie`, `/home/clawdie`). The external MCP SSH connection to mother
94|is spawned by the daemon — so the SSH key, config, and known_hosts must be in
95|the daemon's home. The seed importer installs SSH material to **both** homes
96|(operator + daemon).
97|
98|**Why not just put it in clawdie's home and `sudo`**: the daemon is not the
99|operator. Running as a separate user means the blast radius of a daemon
100|compromise is limited to what the `colibri` user can do — MCP calls to mother,
101|not operator files or `sudo`.
102|
103|→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
104|[`MOTHER-SETUP.md` §Key management](../../packaging/mother/MOTHER-SETUP.md#key-management)
105|
106|## See also
107|
108|- [agent-harness](./agent-harness.md) — the zot/Colibri split; autospawn
109|- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, autospawn flag rename
110|- [quality-gates](./quality-gates.md) — the gate that should catch drift at PR time
111|

239
docs/wiki/sl/mother-hive.md
View file

@ -1,119 +1,120 @@
---
title: Matični hive
description: "Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL."
---
← [kazalo](./index.md)
## Kaj je to
Matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH →
PostgreSQL. USB-vozlišča pošiljajo profile strojne opreme; mati izpelje
zmožnosti in vzdržuje hive register. Ta stran beleži **odločitve**, ki stojijo
za izvedbo — utemeljitve, ki jih koda ne more izraziti. Za navodila za
namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
[`packaging/mother/MOTHER-SETUP.md`](../packaging/mother/MOTHER-SETUP.md).
## Odločitve
### Meja SSH s prisiljenim ukazom (ne poslušajoči ozadnji proces)
USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
oddaljenega ukaza). Na materini strani `authorized_keys` vsili
`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — povezava **ne more**
zagnati interaktivne lupine ali kateregakoli ukaza razen ovoja.
Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
(stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
zavrnjena.
**Zakaj ne poslušajoči ozadnji proces** (HTTP, gRPC, surovi TCP): Tailscale šifrira
prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
ključa — tudi ogroženi USB, ki drži ključ, lahko samo pokliče ovoj, ovoj pa
samo delegira colibri-mcp. Obramba v globino, nameščena kot ena funkcija
OpenSSH.
→ [`colibri-mcp-ssh`](../packaging/mother/colibri-mcp-ssh),
[`MOTHER-SETUP.md` §Varnost](../packaging/mother/MOTHER-SETUP.md#varnostne-lastnosti)
### En sam dom za matično infrastrukturo (colibri, ne clawdie-iso)
Matični MCP skripti (`node-register-mcp`, `geodesic-dome-mcp` itd.) so bili
prvotno kopirani v oba repozitorija. Kopija v clawdie-iso je odnesla — njen
`node-register-mcp` je uporabljal interpolacijo nizov `E'${...}'` (dovzetno
za SQL-injekcijo), medtem ko je kopija v colibri uporabljala parametrizirani
`psql -v :'variable'`. Kopija v iso je bila odstranjena v clawdie-iso PR #129.
**Nauk**: skripta v dveh repozitorijih **bo** odnesla. Wiki lint je
enorepozitorijski in ne vidi podvojenih skript med repozitoriji. Zmanjšanje
tveganja je disciplina: matična infrastruktura živi na enem mestu.
→ [naming-decisions §Strukturne](./naming-decisions.md#strukturne-odločitve)
(vrstica "En sam dom")
### `hive_nodes` — ne `usb_nodes`
Prvotno ime tabele je predpostavljalo, da se bodo registrirala samo
USB-zagnana vozlišča. Toda vozlišče je vsak gostitelj, ki se pridruži hive —
USB, NVMe, ječa. Preimenovano v `hive_nodes` s stolpcem `node_type` (colibri
#161). Sprožilec `derive_capabilities()` je agnostičen glede tabele in ob
INSERT samodejno izračuna `has_gpu`, `gpu_vendor`, `can_run_local_llm`,
`has_wifi`, `max_model`.
→ [`mother_schema.sql`](../packaging/mother/mother_schema.sql),
[naming-decisions](./naming-decisions.md) (vrstica `usb_nodes → hive_nodes`)
### PostgreSQL peer avtentikacija (brez gesel)
Uporabnik OS `colibri` se poveže na `mother_hive` prek peer avtentikacije —
jedro potrdi Unix uporabnika, geslo ni potrebno. `node-register-mcp` teče kot
ta uporabnik in podeduje zaupanje. Brez datotek pgpass, brez spremenljivk
okolja, brez vrtenja poverilnic. En gibljivi del: pravilo `peer` v
`pg_hba.conf` mora biti pred morebitno vrstico `local all all` (prvo
ujemanje).
**Zakaj ne geslo ali certifikat**: gesla se vrtijo in uhajajo; certifikati
potrebujejo CA. Peer avtentikacija je vgrajena v PostgreSQL na vsakem Unixu
in deluje za povezavo localhost z nič konfiguracije razen ene vrstice v
`pg_hba.conf`.
→ [`MOTHER-SETUP.md` §Namestitev, 6. korak](../packaging/mother/MOTHER-SETUP.md#enkratna-namestitev)
### Ključ na semenski particiji, ne v sliki
Zasebni ključ `mother-mcp` je nameščen na particijo CLAWDIESEED, ne zapečen v
ISO. Gradbeni skript ima varovalko za izdajo, ki **zavrne** vgradnjo ključa v
sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
**Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
zažene in deluje — zunanja MCP povezava ozadnjega procesa do matere odpove elegantno
(SSH: "config file not found"), vozlišče pa deluje samostojno.
→ [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
### Demonov uporabnik, ne operater
Colibri ozadnji proces teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
zažene ozadnji proces — zato morajo biti SSH ključ, konfiguracija in known_hosts v
v domu ozadnjega procesa. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
- ozadnji proces).
**Zakaj ne preprosto v clawdiejev dom in `sudo`**: ozadnji proces ni operater. Tek kot
ločen uporabnik pomeni, da je domet ogroženega ozadnjega procesa omejen na tisto, kar
uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
datoteke ali `sudo`.
→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
[`MOTHER-SETUP.md` §Upravljanje ključev](../packaging/mother/MOTHER-SETUP.md#upravljanje-ključev)
## Glej tudi
- [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo ujeti odmik ob času PR
1|---
2|title: Matični hive
3|description: "Kako matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH → PostgreSQL."
4|---
5|
6|← [kazalo](./index.md)
7|
8|## Kaj je to
9|
10|Matično vozlišče (OSA) usklajuje USB-operaterska vozlišča prek MCP prek SSH →
11|PostgreSQL. USB-vozlišča pošiljajo profile strojne opreme; mati izpelje
12|zmožnosti in vzdržuje hive register. Ta stran beleži **odločitve**, ki stojijo
13|za izvedbo — utemeljitve, ki jih koda ne more izraziti. Za navodila za
14|namestitev, arhitekturne diagrame in kontrolni seznam prvega zagona glejte
15|[`packaging/mother/MOTHER-SETUP.md`](../../packaging/mother/MOTHER-SETUP.md).
16|
17|## Odločitve
18|
19|### Meja SSH s prisiljenim ukazom (ne poslušajoči ozadnji proces)
20|
21|USB-vozlišča dosežejo mater tako, da zaženejo `ssh colibri@mother` (brez
22|oddaljenega ukaza). Na materini strani `authorized_keys` vsili
23|`command="/usr/local/bin/colibri-mcp-ssh",restrict,...` — povezava **ne more**
24|zagnati interaktivne lupine ali kateregakoli ukaza razen ovoja.
25|
26|Ovoj (`colibri-mcp-ssh`) dodatno dovoli `SSH_ORIGINAL_COMMAND` samo kot `""`
27|(stdio MCP način) ali `"tools"` (enkratno odkritje). Vsaka druga vrednost je
28|zavrnjena.
29|
30|**Zakaj ne poslušajoči ozadnji proces** (HTTP, gRPC, surovi TCP): Tailscale šifrira
31|prenos, zato plast SSH doda avtentikacijo in omejitev brez dodatne
32|infrastrukture (brez TLS certifikatov, brez avtentikacijskih žetonov, brez
33|odprtih vrat). Meja s prisiljenim ukazom je druga ključavnica poleg SSH
34|ključa — tudi ogroženi USB, ki drži ključ, lahko samo pokliče ovoj, ovoj pa
35|samo delegira colibri-mcp. Obramba v globino, nameščena kot ena funkcija
36|OpenSSH.
37|
38|→ [`colibri-mcp-ssh`](../../packaging/mother/colibri-mcp-ssh),
39|[`MOTHER-SETUP.md` §Varnost](../../packaging/mother/MOTHER-SETUP.md#varnostne-lastnosti)
40|
41|### En sam dom za matično infrastrukturo (colibri, ne clawdie-iso)
42|
43|Matični MCP skripti (`node-register-mcp`, `geodesic-dome-mcp` itd.) so bili
44|prvotno kopirani v oba repozitorija. Kopija v clawdie-iso je odnesla — njen
45|`node-register-mcp` je uporabljal interpolacijo nizov `E'${...}'` (dovzetno
46|za SQL-injekcijo), medtem ko je kopija v colibri uporabljala parametrizirani
47|`psql -v :'variable'`. Kopija v iso je bila odstranjena v clawdie-iso PR #129.
48|
49|**Nauk**: skripta v dveh repozitorijih **bo** odnesla. Wiki lint je
50|enorepozitorijski in ne vidi podvojenih skript med repozitoriji. Zmanjšanje
51|tveganja je disciplina: matična infrastruktura živi na enem mestu.
52|
53|→ [naming-decisions §Strukturne](./naming-decisions.md#strukturne-odločitve)
54|(vrstica "En sam dom")
55|
56|### `hive_nodes` — ne `usb_nodes`
57|
58|Prvotno ime tabele je predpostavljalo, da se bodo registrirala samo
59|USB-zagnana vozlišča. Toda vozlišče je vsak gostitelj, ki se pridruži hive —
60|USB, NVMe, ječa. Preimenovano v `hive_nodes` s stolpcem `node_type` (colibri
61|#161). Sprožilec `derive_capabilities()` je agnostičen glede tabele in ob
62|INSERT samodejno izračuna `has_gpu`, `gpu_vendor`, `can_run_local_llm`,
63|`has_wifi`, `max_model`.
64|
65|→ [`mother_schema.sql`](../../packaging/mother/mother_schema.sql),
66|[naming-decisions](./naming-decisions.md) (vrstica `usb_nodes → hive_nodes`)
67|
68|### PostgreSQL peer avtentikacija (brez gesel)
69|
70|Uporabnik OS `colibri` se poveže na `mother_hive` prek peer avtentikacije —
71|jedro potrdi Unix uporabnika, geslo ni potrebno. `node-register-mcp` teče kot
72|ta uporabnik in podeduje zaupanje. Brez datotek pgpass, brez spremenljivk
73|okolja, brez vrtenja poverilnic. En gibljivi del: pravilo `peer` v
74|`pg_hba.conf` mora biti pred morebitno vrstico `local all all` (prvo
75|ujemanje).
76|
77|**Zakaj ne geslo ali certifikat**: gesla se vrtijo in uhajajo; certifikati
78|potrebujejo CA. Peer avtentikacija je vgrajena v PostgreSQL na vsakem Unixu
79|in deluje za povezavo localhost z nič konfiguracije razen ene vrstice v
80|`pg_hba.conf`.
81|
82|→ [`MOTHER-SETUP.md` §Namestitev, 6. korak](../../packaging/mother/MOTHER-SETUP.md#enkratna-namestitev)
83|
84|### Ključ na semenski particiji, ne v sliki
85|
86|Zasebni ključ `mother-mcp` je nameščen na particijo CLAWDIESEED, ne zapečen v
87|ISO. Gradbeni skript ima varovalko za izdajo, ki **zavrne** vgradnjo ključa v
88|sliko za izdajo. Uvoznik semena (`clawdie-live-seed`) ga namesti ob zagonu.
89|
90|**Zakaj**: ISO za izdajo je prenosljiv artefakt. Vgradnja zasebnega ključa
91|vanj bi vsakemu prenašalcu dala dostop do materinega MCP. Semenska particija
92|je ločen fizični medij, ki ga nadzoruje operater. Tudi brez semena se ISO
93|zažene in deluje — zunanja MCP povezava ozadnjega procesa do matere odpove elegantno
94|(SSH: "config file not found"), vozlišče pa deluje samostojno.
95|
96|→ [naming-decisions](./naming-decisions.md) ("Znani ostanek"), clawdie-iso #133
97|
98|### Demonov uporabnik, ne operater
99|
100|Colibri ozadnji proces teče kot uporabnik `colibri` (`/var/db/colibri`), ne kot
101|operater (`clawdie`, `/home/clawdie`). Zunanjo MCP SSH povezavo do matere
102|zažene ozadnji proces — zato morajo biti SSH ključ, konfiguracija in known_hosts v
103|v domu ozadnjega procesa. Uvoznik semena namesti SSH gradivo v **oba** domova (operater
104|
105|- ozadnji proces).
106|
107|**Zakaj ne preprosto v clawdiejev dom in `sudo`**: ozadnji proces ni operater. Tek kot
108|ločen uporabnik pomeni, da je domet ogroženega ozadnjega procesa omejen na tisto, kar
109|uporabnik `colibri` lahko počne — MCP klici do matere, ne operaterske
110|datoteke ali `sudo`.
111|
112|→ [`clawdie-live-seed` (clawdie-iso)](https://code.smilepowered.org/clawdie/clawdie-iso/src/branch/main/live/operator-session/clawdie-live-seed),
113|[`MOTHER-SETUP.md` §Upravljanje ključev](../../packaging/mother/MOTHER-SETUP.md#upravljanje-ključev)
114|
115|## Glej tudi
116|
117|- [agent-harness](./agent-harness.md) — razcep zot/Colibri; samodejni zagon
118|- [naming-decisions](./naming-decisions.md) — `usb_nodes → hive_nodes`, preimenovanje zastavice autospawn
119|- [quality-gates](./quality-gates.md) — preverjanje, ki bi moralo ujeti odmik ob času PR
120|