Timmy_Foundation/the-nexus
15
1
Fork 2
Code Issues 80 Pull Requests 77 Actions Packages Projects Releases Wiki Activity
Files
e530565d3c289498c96fa6b19f7f3b2d7cdb437e
the-nexus/lazarus/__pycache__/isolation.cpython-312.pyc

75 lines
6.1 KiB
Plaintext
Raw Normal View History

WIP: Claude Code progress on #880 Automated salvage commit — agent session ended (exit 124). Work in progress, may need continuation.
2026-04-06 14:16:00 -04:00
<EFBFBD>
<00><><EFBFBD>i<EFBFBD><00><01><><00>dZddlmZddlZddlZddlZddlmZddlm Z ddl
m Z eje <0A>ZdZeGd<08>d <09><00>Zd d
<EFBFBD>Zdd <0B>Zdd <0C>Zy)uFLevel 1 isolation — directory setup and AppArmor profile generation.<2E>)<01> annotationsN)<01> dataclass)<01>Path)<01> MissionCella<6C>#include <tunables/global>
profile nexus-mission-{cell_id} flags=(attach_disconnected,mediate_deleted) {{
#include <abstractions/base>
# Allow read access to agent home
"{home_path}/" r,
"{home_path}/**" r,
# Allow read/write access to cell workspace
"{workspace_path}/" rw,
"{workspace_path}/**" rwkl,
# Allow read/write access to cell logs
"{logs_path}/" rw,
"{logs_path}/**" rwkl,
# Deny writes to home path
deny "{home_path}/**" w,
# Deny access to other agent home dirs
deny "/root/wizards/**" rw,
# Deny network access by default
deny network,
# Basic system access
/bin/** ix,
/usr/bin/** ix,
/lib/** r,
/usr/lib/** r,
/proc/self/** r,
}}
c<01>D<00>eZdZUdZded<ded<ded<ded<ded <y
) <0B>IsolationManifestz:Result of setting up Level 1 isolation for a mission cell.<2E>str<74>cell_idr<00>workspace_path<74> logs_pathz Path | None<6E>apparmor_profile_path<74>platformN)<05>__name__<5F>
__module__<EFBFBD> __qualname__<5F>__doc__<5F>__annotations__<5F><00><00>\/Users/apayne/worktrees/claude-880-F5562765-82F2-4A86-A333-481E532A011F/lazarus/isolation.pyrr4s <00><00>D<> <10>L<EFBFBD><18><18><13>O<EFBFBD>&<26>&<26><11>Mrrc<01>"<00>t|j<00>}|dz }|dz }|jdd<03><04>|jdd<03><04> |jd<05>|jd<05>d}tj<00>}|jr|d|j<00>d <09>z }t||<07>}t
jd
|j|<06>t|j||||<06> <0B>S#t$r }t
j d|<04>Yd}~<04><>d}~wwxYw) a
Set up Level 1 isolation for a mission cell.
Creates the proper directory structure with permissions and writes
an AppArmor profile (Linux) or just a profile file (other platforms).
Returns an IsolationManifest describing what was set up.
<20> workspace<63>logsT<73><02>parents<74>exist_oki<6B>z'Could not set directory permissions: %sNznexus-mission-z .apparmorz2Level 1 isolation set up for cell %s (platform=%s))r
r r r r)r<00> cell_path<74>mkdir<69>chmod<6F>OSError<6F>log<6F>warningr<00>system<65> home_path<74>id<69>write_apparmor_profile<6C>infor)<08>cellrr r <00>excr <00> sys_platform<72> profile_paths r<00>setup_level1_isolationr,?s<00><00><15>T<EFBFBD>^<5E>^<5E>$<24>I<EFBFBD><1E><1B>,<2C>N<EFBFBD><19>F<EFBFBD>"<22>I<EFBFBD><12><18><18><14><04><18>5<> <0A>O<EFBFBD>O<EFBFBD>D<EFBFBD>4<EFBFBD>O<EFBFBD>0<>D<01><16><1C><1C>U<EFBFBD>#<23><11><0F><0F><05><1E>*.<2E><19><1B>?<3F>?<3F>$<24>L<EFBFBD> <0B>~<7E>~<7E> <20>^<5E>D<EFBFBD>G<EFBFBD>G<EFBFBD>9<EFBFBD>I<EFBFBD>#F<>F<> <0C> 6<>t<EFBFBD>\<5C> J<><1D><07>H<EFBFBD>H<EFBFBD><<3C>d<EFBFBD>g<EFBFBD>g<EFBFBD>|<7C><06> <1D><14><07><07>%<25><1B>3<><1D>  <06><06><> <13>D<01> <0B> <0B> <0B>=<3D>s<EFBFBD>C<>C<><43>D<01>s<00>"C%<00>% D<03>.D <03> Dc<01><><00>t|j<00>}|dz }|dz }|jxsttj<00><00>}t
j |j|t|<03>t|<04><00><03>}|jjdd<04><05>|j|d<06><07>tjd|<01>|S) z<>
Write an AppArmor profile for the mission cell to output_path.
On non-Linux platforms this just writes the file without attempting to load it.
Returns the path to the written profile.
rr)r
r$r r Trzutf-8)<01>encodingzWrote AppArmor profile to %s) rrr$r <00>home<6D>_APPARMOR_TEMPLATE<54>formatr%<00>parentr<00>
write_textr!r')r(<00> output_pathrr r r$<00>profile_contents rr&r&is<><00><00><15>T<EFBFBD>^<5E>^<5E>$<24>I<EFBFBD><1E><1B>,<2C>N<EFBFBD><19>F<EFBFBD>"<22>I<EFBFBD><14><0E><0E>2<>#<23>d<EFBFBD>i<EFBFBD>i<EFBFBD>k<EFBFBD>"2<>I<EFBFBD>(<28>/<2F>/<2F><14><07><07><1B><1A>><3E>*<2A><15>i<EFBFBD>.<2E> 0<><06>O<EFBFBD><10><16><16><1C><1C>T<EFBFBD>D<EFBFBD><1C>9<><0F><1A><1A>?<3F>W<EFBFBD><1A>=<3D><07>H<EFBFBD>H<EFBFBD> +<2B>[<5B>9<> <16>rc<01>x<00>tj<00>dk7r)tjdtj<00><00>y t j
ddt |<00>gddd<07><08>}|jd k(rtjd
|<00>ytjd |j|jj<00><00>y#t$rtjd <0C>Yytj$rtjd |<00>Yyt$r }tjd|<02>Yd}~yd}~wwxYw)z<>
Attempt to load an AppArmor profile via apparmor_parser.
On non-Linux platforms or when apparmor_parser is absent, this is a no-op
and returns False gracefully.
Returns True if the profile was loaded successfully.
<20>Linuxz1AppArmor load skipped: not on Linux (platform=%s)F<>apparmor_parserz-rT<72>
)<03>capture_output<75>text<78>timeoutrzLoaded AppArmor profile from %sz"apparmor_parser failed (rc=%d): %sz0apparmor_parser not found; skipping profile loadz$apparmor_parser timed out loading %sz-Unexpected error loading AppArmor profile: %sN)rr#r!<00>debug<75>
subprocess<EFBFBD>runr <00>
returncoder'r"<00>stderr<72>strip<69>FileNotFoundError<6F>TimeoutExpired<65> Exception)r+<00>resultr)s r<00>load_apparmor_profilerG<00>s<00><00><10><EFBFBD><EFBFBD><18>G<EFBFBD>#<23> <0B> <09> <09> ?<3F><18><1F><1F>AR<41>
<EFBFBD><15><15><1B><1E><1E> <1E><04>c<EFBFBD>,<2C>&7<> 8<><1F><15><16> 
<EFBFBD><06> <12> <1C> <1C><01> !<21> <0F>H<EFBFBD>H<EFBFBD>6<> <0C> E<><17> <0F>K<EFBFBD>K<EFBFBD>4<><16>!<21>!<21><16> <0A> <0A>#<23>#<23>%<25> <0E>
<19><> <1C><15> <0B> <09> <09>D<>E<><14> <15> $<24> $<24><15> <0B> <0B> <0B>:<3A>L<EFBFBD>I<><14> <14><15> <0B> <0B> <0B>C<>S<EFBFBD>I<><14><><15>s+<00>A
C<00> 9C<00>D9<03>'(D9<03>D9<03>D4<03>4D9)r(r<00>returnr)r(rr4rrHr)r+rrH<00>bool)r<00>
__future__r<00>loggingrr><00> dataclassesr<00>pathlibr<00> lazarus.cellr<00> getLoggerrr!r0rr,r&rGrrr<00><module>rPsa<00><01>L<>"<22><0E><0F><11>!<21><18>$<24><17>g<EFBFBD><17><17><08>!<21><03>"<04><12>J <0B><12><12> <0B><12>'<06>T<17>2(r
Reference in New Issue Copy Permalink