From cee02cc052a1c7f7cebb02d8bf2689b1fa74302d Mon Sep 17 00:00:00 2001 From: Sam & Claude Date: Sun, 14 Jun 2026 00:49:52 +0200 Subject: [PATCH] =?UTF-8?q?docs:=20tidy=20clawdie=20handoff=20=E2=80=94=20?= =?UTF-8?q?reflect=20hardening=20applied=20(PR=20#53)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The findings were merged; reword from 'filed in branch for review' to 'applied (PR #53)'. Co-Authored-By: Claude Opus 4.8 --- docs/CLAWDIE-INSTALLER-HANDOFF.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/docs/CLAWDIE-INSTALLER-HANDOFF.md b/docs/CLAWDIE-INSTALLER-HANDOFF.md index 5d502e3..509d664 100644 --- a/docs/CLAWDIE-INSTALLER-HANDOFF.md +++ b/docs/CLAWDIE-INSTALLER-HANDOFF.md @@ -92,10 +92,9 @@ Observed results: - bare `apply --pool zroot`: printed the same plan and exited as a dry-run (`DRY-RUN — nothing written`). - `plan --pool does-not-exist`: now errors before rendering/apply: `ZFS pool \`does-not-exist\` not found; available pools: zroot`. -Findings filed for Linux-side review in branch -`fix/clawdie-installer-freebsd-hardening`: +Hardening applied (PR #53): -- generated FreeBSD rc.d now runs `/usr/local/bin/colibri-daemon` through `/usr/sbin/daemon -u clawdie` instead of root; +- generated FreeBSD rc.d runs `/usr/local/bin/colibri-daemon` through `/usr/sbin/daemon -u clawdie` (not root); - service installation chowns `/var/db/clawdie` and `/var/log/clawdie` after creating the `clawdie` user; - existing-pool plans validate the named pool before rendering/applying. -- 2.45.3