clawdie/colibri
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions 48

docs: tidy clawdie handoff (hardening applied) #54

Merged
clawdie merged 1 commit from docs/handoff-tidy into main 2026-06-14 00:50:09 +02:00
Conversation 0 Commits 1 Files changed 1 +2 -3
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
docs/CLAWDIE-INSTALLER-HANDOFF.md
View file

@ -92,10 +92,9 @@ Observed results:
- bare `apply --pool zroot`: printed the same plan and exited as a dry-run (`DRY-RUN — nothing written`).
- `plan --pool does-not-exist`: now errors before rendering/apply: `ZFS pool \`does-not-exist\` not found; available pools: zroot`.
Findings filed for Linux-side review in branch
`fix/clawdie-installer-freebsd-hardening`:
Hardening applied (PR #53):
- generated FreeBSD rc.d now runs `/usr/local/bin/colibri-daemon` through `/usr/sbin/daemon -u clawdie` instead of root;
- generated FreeBSD rc.d runs `/usr/local/bin/colibri-daemon` through `/usr/sbin/daemon -u clawdie` (not root);
- service installation chowns `/var/db/clawdie` and `/var/log/clawdie` after creating the `clawdie` user;
- existing-pool plans validate the named pool before rendering/applying.