mrtoth
6e81866226
Flips the default sandbox mode from blacklist to whitelist and replaces the global RUST_TEST_THREADS=1 with a targeted RwLock that only serializes blacklist sandboxes against tests mutating glob-matching host paths. A new Sandbox newtype acquires the guard automatically when --blacklist is in args.
26 lines
1.4 KiB
Markdown
26 lines
1.4 KiB
Markdown
# Agent guidelines for agent-sandbox
|
|
|
|
## Deployed config
|
|
|
|
`config-example.toml` in the repo root is the canonical config file. It is symlinked into `$XDG_CONFIG_HOME/agent-sandbox/config.toml` on the host. When editing it, remember that changes take effect immediately for all sandbox invocations.
|
|
|
|
The config file may set `extra-config = "<absolute path>"` to layer a second file on top using the same merge rules (scalars replace, vecs append, profiles merge by name). A missing extra file is silently skipped; nesting is not supported (the extra file cannot itself set `extra-config`).
|
|
|
|
## Build and test
|
|
|
|
- `cargo fmt` and `cargo clippy` must pass before every commit.
|
|
- `cargo test` runs all test cases.
|
|
- Never add Co-Authored-By lines to commits.
|
|
|
|
## Things that will bite you
|
|
|
|
### bwrap argument ordering matters
|
|
|
|
Later bwrap arguments override earlier ones for the same path. This has caused multiple bugs:
|
|
|
|
- Blacklist overlays (tmpfs, ro-bind /dev/null) must come **after** the base `--ro-bind / /` and `--bind /tmp /tmp`.
|
|
- The `/run` tmpfs and its selective whitelisted binds must come **after** the overlay section, or the overlays clobber the whitelisted paths.
|
|
- User `--rw`/`--ro` escape hatches must come **after** mode setup so they can override sandbox restrictions.
|
|
|
|
Take extreme care when reordering any arguments in `sandbox.rs` or refactor things and test thoroughly.
|