mrtoth
6e81866226
Flips the default sandbox mode from blacklist to whitelist and replaces the global RUST_TEST_THREADS=1 with a targeted RwLock that only serializes blacklist sandboxes against tests mutating glob-matching host paths. A new Sandbox newtype acquires the guard automatically when --blacklist is in args.
1.4 KiB
1.4 KiB
Agent guidelines for agent-sandbox
Deployed config
config-example.toml in the repo root is the canonical config file. It is symlinked into $XDG_CONFIG_HOME/agent-sandbox/config.toml on the host. When editing it, remember that changes take effect immediately for all sandbox invocations.
The config file may set extra-config = "<absolute path>" to layer a second file on top using the same merge rules (scalars replace, vecs append, profiles merge by name). A missing extra file is silently skipped; nesting is not supported (the extra file cannot itself set extra-config).
Build and test
cargo fmtandcargo clippymust pass before every commit.cargo testruns all test cases.- Never add Co-Authored-By lines to commits.
Things that will bite you
bwrap argument ordering matters
Later bwrap arguments override earlier ones for the same path. This has caused multiple bugs:
- Blacklist overlays (tmpfs, ro-bind /dev/null) must come after the base
--ro-bind / /and--bind /tmp /tmp. - The
/runtmpfs and its selective whitelisted binds must come after the overlay section, or the overlays clobber the whitelisted paths. - User
--rw/--roescape hatches must come after mode setup so they can override sandbox restrictions.
Take extreme care when reordering any arguments in sandbox.rs or refactor things and test thoroughly.