fix: make T4 pid probe agent-safe #1662

Merged

hongming merged 1 commits from fix/t4-pid-probe-agent-safe into main 2026-05-22 01:25:08 +00:00

Conversation 5 Commits 1 Files Changed 2

+2 -2

hongming commented 2026-05-22 01:11:56 +00:00

Owner

Copy Link

Copy Source

Summary

• removes the redundant /proc/1/root directory guard from the pid_host_visible T4 probe
• regenerates workspace-server/internal/provisioner/t4_capabilities.yaml from the Go SSOT

Why

Claude template T4 conformance proved host-root nsenter --mount --pid works as uid 1000, but the extra /proc/1/root guard can fail under the agent user before the actual namespace proof runs. The host namespace proof is already the authoritative check and is the same command used by host_root_reach_via_nsenter.

Verification

• cd workspace-server && go test ./internal/provisioner

SOP Checklist

• Comprehensive testing performed: focused Go provisioner test and downstream Claude T4 CI validation path.
• Local-postgres E2E run: N/A, generated T4 contract probe only; no DB path.
• Staging-smoke verified or pending: downstream template T4 smoke is the staging-equivalent validation for this probe contract.
• Root-cause not symptom: uid-1000 agent cannot rely on /proc/1/root as a preguard while the actual host namespace proof succeeds.
• Five-Axis review walked: correctness/security/drift/CI/runtime reviewed for the narrow probe change.
• No backwards-compat shim / dead code added: no shim; generated YAML remains schema version 1.
• Memory/saved-feedback consulted: follows the current T4 SSOT and no-GitHub-critical-path work from this thread.

## Summary - removes the redundant `/proc/1/root` directory guard from the `pid_host_visible` T4 probe - regenerates `workspace-server/internal/provisioner/t4_capabilities.yaml` from the Go SSOT ## Why Claude template T4 conformance proved host-root `nsenter --mount --pid` works as uid 1000, but the extra `/proc/1/root` guard can fail under the agent user before the actual namespace proof runs. The host namespace proof is already the authoritative check and is the same command used by `host_root_reach_via_nsenter`. ## Verification - `cd workspace-server && go test ./internal/provisioner` ## SOP Checklist - Comprehensive testing performed: focused Go provisioner test and downstream Claude T4 CI validation path. - Local-postgres E2E run: N/A, generated T4 contract probe only; no DB path. - Staging-smoke verified or pending: downstream template T4 smoke is the staging-equivalent validation for this probe contract. - Root-cause not symptom: uid-1000 agent cannot rely on `/proc/1/root` as a preguard while the actual host namespace proof succeeds. - Five-Axis review walked: correctness/security/drift/CI/runtime reviewed for the narrow probe change. - No backwards-compat shim / dead code added: no shim; generated YAML remains schema version 1. - Memory/saved-feedback consulted: follows the current T4 SSOT and no-GitHub-critical-path work from this thread.

hongming added 1 commit 2026-05-22 01:11:57 +00:00

fix: make T4 pid probe agent-safe 9b36c9eb7a

hongming added the tier:medium label 2026-05-22 01:12:13 +00:00

core-qa commented 2026-05-22 01:12:13 +00:00

Member

Copy Link

Copy Source

/sop-n/a qa-review N/A: generated T4 contract probe-only change; covered by local Go test and downstream template T4 CI.

/sop-n/a qa-review N/A: generated T4 contract probe-only change; covered by local Go test and downstream template T4 CI.

core-security commented 2026-05-22 01:12:14 +00:00

Member

Copy Link

Copy Source

/sop-n/a security-review N/A: narrows a probe guard and does not widen auth, token, permission, or runtime semantics.

/sop-n/a security-review N/A: narrows a probe guard and does not widen auth, token, permission, or runtime semantics.

core-qa approved these changes 2026-05-22 01:12:37 +00:00

core-qa left a comment

Member

Copy Link

Copy Source

core-qa approval: focused T4 probe fix; local provisioner test green; ceremony skipped per operator instruction.

core-qa approval: focused T4 probe fix; local provisioner test green; ceremony skipped per operator instruction.

core-security approved these changes 2026-05-22 01:12:39 +00:00

core-security left a comment

Member

Copy Link

Copy Source

core-security approval: focused T4 probe fix; does not widen auth/token/permission semantics; ceremony skipped per operator instruction.

core-security approval: focused T4 probe fix; does not widen auth/token/permission semantics; ceremony skipped per operator instruction.

core-qa commented 2026-05-22 01:20:16 +00:00

Member

Copy Link

Copy Source

/sop-ack comprehensive-testing
/sop-ack local-postgres-e2e
/sop-ack staging-smoke
/sop-ack root-cause
/sop-ack five-axis-review
/sop-ack no-backwards-compat
/sop-ack memory-consulted

/sop-ack comprehensive-testing /sop-ack local-postgres-e2e /sop-ack staging-smoke /sop-ack root-cause /sop-ack five-axis-review /sop-ack no-backwards-compat /sop-ack memory-consulted

hongming merged commit 51284546d2 into main 2026-05-22 01:25:08 +00:00

Sign in to join this conversation.

Reviewers

No Reviewers

core-qa

core-security

Labels

Clear labels

area/ci

CI/CD pipeline issues

do-not-auto-merge

Opt out of autonomous merge-queue merging

kind/infrastructure

Infrastructure-related issues

merge-queue

Ready for serialized Gitea merge queue

merge-queue-hold

Temporarily hold PR in merge queue

platform/go

Go platform test issues

release-blocker

Blocks the staging→main promotion / a release

release-test

security

test-label-sre

tier:high

High risk per dev-sop §SOP-6 — ceo only, 24h cooldown

tier:low

Low risk per dev-sop §SOP-6 — engineers/managers/ceo can approve

tier:medium

Medium risk per dev-sop §SOP-6 — managers/ceo can approve

triage-test

test

wip

Work in progress — do not auto-merge

No Label tier:medium

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

agent-dev-a agent-dev-b agent-pm agent-researcher agent-reviewer agent-reviewer-1 agent-reviewer-cr2 app-fe (Molecule AI · app-fe) app-lead (Molecule AI · app-lead) app-qa (Molecule AI · app-qa) claude-ceo-assistant claude-ci-reader claude-status-reaper core-be (Molecule AI · core-be) core-devops (Molecule AI · core-devops) core-fe (Molecule AI · core-fe) core-lead (Molecule AI · core-lead) core-offsec (Molecule AI · core-offsec) core-qa (Molecule AI · core-qa) core-security (Molecule AI · core-security) core-uiux (Molecule AI · core-uiux) cp-be (Molecule AI · cp-be) cp-lead (Molecule AI · cp-lead) cp-qa (Molecule AI · cp-qa) cp-security (Molecule AI · cp-security) cui (Zhanlin Cui) dev-lead (Molecule AI · dev-lead) devops-engineer documentation-specialist (Molecule AI · documentation-specialist) fullstack-engineer (Molecule AI · fullstack-engineer) hongming hongming-ceo-delegated hongming-codex-laptop hongming-kimi-laptop hongming-pc2 infra-lead (Molecule AI · infra-lead) infra-runtime-be (Molecule AI · infra-runtime-be) infra-sre (Molecule AI · infra-sre) integration-tester (Molecule AI · integration-tester) mc-drift-bot molecule-code-reviewer plugin-dev (Molecule AI · plugin-dev) pm publish-runtime-bot pypi-publisher (Molecule AI PyPI Publisher (RFC#596)) release-manager (Molecule AI · release-manager) sdk-dev (Molecule AI · sdk-dev) sdk-lead (Molecule AI · sdk-lead) sop-drift-bot sop-tier-bot (SOP Tier-Check Bot) technical-writer (Molecule AI · technical-writer) triage-operator (Molecule AI · triage-operator)

No Assignees

3 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: molecule-ai/molecule-core#1662