From 40799e619df9e7163b1da5800c184c11631ca21e Mon Sep 17 00:00:00 2001 From: Sam & Claude Date: Sun, 14 Jun 2026 15:24:03 +0200 Subject: [PATCH] docs: add Hermes rc.d service to ISO Priority 1 FreeBSD validation The hermes-bsd rc.d service (hermes_daemon, merged fc4b57ade) is a second FreeBSD service that ships toward the same ISO Gate 1 and has not been booted on real FreeBSD. Add it to Priority 1's boot/runtime validation list with the start/health/stop checks, including the missing-config abort behavior. Co-Authored-By: Claude Opus 4.8 --- docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) diff --git a/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md b/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md index d516480..75abe93 100644 --- a/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md +++ b/docs/PRIORITY-HANDOFF-ISO-SPAWN-COST.md @@ -62,6 +62,23 @@ Gate 1 (passive service) is unproven. config is in place, and `service colibri_daemon stop` cleanly stops the daemon and removes the pidfile. +4. **Validate the Hermes rc.d service** (`hermes-bsd`, merged 2026-06-14 as + `fc4b57ade`). The `hermes_daemon` rc.d script runs `hermes gateway run` + under `daemon(8)` with a dedicated user, persistent `HERMES_HOME`, and + supervisor/child pidfile separation — but it has not been booted on real + FreeBSD yet. On the same image run: + + ```sh + # one-time: create user + install the rc.d script per README-FreeBSD.md + service hermes_daemon start # must abort cleanly if config.yaml is missing + service hermes_daemon health + service hermes_daemon stop # supervisor exits, child does not respawn + ``` + + Confirm: prestart aborts (exit 1, no crash loop) when + `/var/db/hermes/config.yaml` is absent; once configured, start/health/stop + work and both the supervisor and child pidfiles are cleaned up on stop. + ### Key files - `scripts/stage-colibri-iso.sh` — the staging script (dir creation, bin copy, rc.d install, rc.conf.sample generation) @@ -69,12 +86,13 @@ Gate 1 (passive service) is unproven. - `docs/ISO-ACCEPTANCE-RUNBOOK.md` — acceptance commands to run on the booted image - `docs/ISO-INTEGRATION-PLAN.md` §Lane A — full plan with gap audit - clawdie-iso `build.sh` — `install_colibri_service()` already wires staging, user creation, and service enable +- `hermes-bsd` `packaging/freebsd/hermes_daemon.in` + `README-FreeBSD.md` — Hermes rc.d service and setup steps ### Suggested owner ISO/build lane — FreeBSD agent (Codex) or Sam boots a built image and runs the -acceptance runbook. No Linux-side code change is required; this is a -runtime-proof step. +acceptance runbook plus the Hermes rc.d checks. No Linux-side code change is +required; this is a runtime-proof step. --- -- 2.45.3