fix: harden workspace startup and daemon config handling#1
Merged
Conversation
Stop reporting successful workspace startup when networking is not actually usable. Workspace startup now fails closed if Enclave cannot attach networking and verify that a default route exists in the workspace network namespace. Write runtime networking-related files against the live workspace root instead of the shared sandbox rootfs. This prevents resolv.conf, hosts, and apt sandbox state from leaking across sibling workspaces. Make registry mutation fail closed on invalid registry state and keep explicit repair as the supported recovery path. This avoids silently overwriting corrupt registry contents with an empty in-memory registry. Fix session helper resolution for non-daemon and test-driven startup paths by resolving the real enclave binary instead of blindly copying the current process image. This restores internal workspace-session launch behavior in integration and library-driven flows. Improve daemon auto-start UX by honoring configured state_dir, pid_file, debootstrap_binary, and security defaults when commands implicitly start the daemon. Also repair ownership and permissions for private runtime and state directories when root launches Enclave, so users do not have to manually chown those directories before enclave up/down succeeds. Tighten auth token visibility by validating configured provider files before reporting them as usable, while keeping ownership checks aligned with the effective user that manages the state directory. Verification: - cargo check --all-targets - cargo clippy --all-targets -- -D warnings - cargo test --all-targets -- --skip integration:: --skip stress:: - sudo env ... cargo test --test integration_suite -- --ignored --test-threads=1 - direct end-to-end enclave up/down runs against disposable Enclavefile projects, including a process-liveness check showing enclave down terminates a long-lived process inside the workspace
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This PR hardens workspace startup, fixes false-success networking behavior, removes shared-rootfs runtime leakage, makes daemon auto-start respect project config, and reduces the amount of manual Linux setup users need before
enclave up/enclave downwork.What Changed
1. Fail workspace startup closed when networking is not actually ready
Workspace startup previously allowed a degraded success path where the workspace could be marked running even when outbound networking was not correctly attached.
This PR changes startup semantics so that:
This directly addresses the observed case where
enclave upcould succeed while the workspace had no usable outbound route.2. Fix the default-route readiness check
The readiness probe now validates the actual default route state more reliably by inspecting
ip route show defaultand matching the expected interface and gateway.During verification, this also exposed a false-negative path in the earlier probe logic, which is now corrected.
3. Stop mutating shared sandbox rootfs for runtime workspace files
Runtime networking-related files are now provisioned against the live workspace root instead of the shared sandbox rootfs.
This includes:
resolv.conf/etc/hostsThat prevents workspace-specific runtime state from leaking across sibling workspaces.
4. Make registry mutation fail closed on invalid state
Mutating registry operations no longer silently replace corrupt registry contents with an empty in-memory registry.
Instead:
registry repairremains the supported recovery pathThis avoids accidental state loss when registry contents are malformed or partially written.
5. Fix session helper resolution outside daemon-only flows
Workspace session helper resolution previously depended on copying the current process image. That breaks when startup is driven from a non-daemon process such as test binaries or other library-driven flows.
This PR resolves the actual
enclavebinary more robustly by:target/<profile>/enclavebinary when current execution happens undertarget/<profile>/depsThat restores internal workspace-session launch behavior for integration and test-driven startup paths.
6. Make daemon auto-start honor project configuration
Commands that implicitly start the daemon now use the configured values instead of silently falling back to global defaults.
Auto-start now respects:
state_dirpid_filedebootstrap_binaryThis prevents commands from connecting to the right socket while starting a daemon with the wrong state/runtime paths.
7. Reduce manual root-owned path setup friction
When root launches Enclave against private runtime/state directories created by the invoking user, Enclave now repairs ownership and permissions for those private service directories instead of failing immediately and requiring manual
chown/ permission repair first.This improves the real-world
enclave up/enclave downUX for project-local configuration without weakening the secure-directory checks.8. Tighten auth provider visibility
Configured auth providers are now only reported as configured when their token files actually pass permission and ownership validation.
Ownership validation is also aligned with the effective user managing the state directory instead of assuming a hardcoded uid 0 path for all cases.
User-Facing Impact
After this change:
enclave upshould no longer report success when the workspace lacks a valid outbound routeenclave downcontinues to stop the running workspace runtime and terminate long-lived processes inside itVerification
Build and static checks
cargo check --all-targetscargo clippy --all-targets -- -D warningsDefault test suite
cargo test --all-targets -- --skip integration:: --skip stress::Root integration coverage
sudo env ... cargo test --test integration_suite -- --ignored --test-threads=1This root integration run covered:
End-to-end CLI verification
Direct CLI runs were executed against disposable Enclavefile-backed projects to verify:
enclave upenclave downenclave downWhy This PR Exists
The main trigger for this work was a correctness bug where:
enclave upcould succeedThis PR changes that behavior so success means networking is actually attached and route-ready, not merely that the workspace process exists.