fix: add writable tmpfs for /host/dev/shm (POSIX semaphores)#972
fix: add writable tmpfs for /host/dev/shm (POSIX semaphores)#972
Conversation
/dev is bind-mounted read-only (/dev:/host/dev:ro), which makes /dev/shm read-only after chroot /host. This breaks POSIX semaphores — python/black's blackd server and other tools fail with EROFS when creating semaphores. Adding a tmpfs overlay at /host/dev/shm provides a writable, isolated in-memory filesystem. Security: Docker containers have their own IPC namespace (no --ipc=host), so shared memory is fully isolated from the host and other containers. Size is capped at 64MB with noexec and nosuid flags. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
|
Chroot tests passed! Smoke Chroot - All security and functionality tests succeeded. |
|
📰 VERDICT: Smoke Copilot has concluded. All systems operational. This is a developing story. 🎤 |
|
🎬 THE END — Smoke Claude MISSION: ACCOMPLISHED! The hero saves the day! ✨ |
|
✨ The prophecy is fulfilled... Smoke Codex has completed its mystical journey. The stars align. 🌟 |
✅ Coverage Check PassedOverall Coverage
📁 Per-file Coverage Changes (1 files)
Coverage comparison generated by |
Node.js Build Test Results
Overall: PASS ✅ All projects installed successfully and all tests passed.
|
Deno Build Test Results
Overall: ✅ PASS All Deno tests completed successfully.
|
There was a problem hiding this comment.
Pull request overview
This PR fixes POSIX semaphore failures in the chrooted agent container by adding a writable tmpfs overlay for /host/dev/shm. The issue occurs because /dev is bind-mounted read-only (/dev:/host/dev:ro), which makes /dev/shm read-only after chroot /host, breaking tools like Python's black that require writable shared memory for semaphores.
Changes:
- Added a 64MB tmpfs mount at
/host/dev/shmwith security flags (noexec, nosuid, nodev) - Updated tests to account for 5 tmpfs mounts (previously 4) and allow variable size limits
- Added comprehensive documentation explaining the security implications and isolation guarantees
Reviewed changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| src/docker-manager.ts | Added /host/dev/shm tmpfs mount with 64MB size limit and security flags; included detailed comment about IPC isolation and security implications |
| src/docker-manager.test.ts | Updated test count from 4 to 5 tmpfs mounts; changed size validation from exact size=1m to regex pattern allowing both 1m and 65536k |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| // A tmpfs overlay at /host/dev/shm provides a writable, isolated in-memory filesystem. | ||
| // Security: Docker containers use their own IPC namespace (no --ipc=host), so shared | ||
| // memory is fully isolated from the host and other containers. Size is capped at 64MB | ||
| // (Docker's default). noexec and nosuid flags restrict abuse vectors. |
There was a problem hiding this comment.
The comment mentions "noexec and nosuid flags restrict abuse vectors" but doesn't mention the nodev flag that's also applied in line 849. Consider updating the comment to include nodev for completeness: "noexec, nosuid, and nodev flags restrict abuse vectors."
| // (Docker's default). noexec and nosuid flags restrict abuse vectors. | |
| // (Docker's default). noexec, nosuid, and nodev flags restrict abuse vectors. |
C++ Build Test Results
Overall: PASS ✅ All C++ build tests completed successfully.
|
Go Build Test Results ✅All Go projects tested successfully!
Overall: PASS
|
Smoke Test ResultsLast 2 Merged PRs:
✅ GitHub MCP Status: PASS cc @Mossaka
|
Bun Build Test Results
Overall: PASS ✅ All Bun projects built and tested successfully.
|
.NET Build Test Results ✅All .NET projects tested successfully!
Overall: PASS Test Detailshello-world:
json-parse:
|
Build Test Results: Java ✅
Overall: PASS All Java projects compiled and tested successfully using Maven with proxy configuration.
|
|
feat: simplify release to workflow_dispatch only
|
Rust Build Test Results ✅
Overall: PASS All Rust projects built successfully and passed their tests.
|
Chroot Version Comparison Test ResultsThe chroot mode test compared runtime versions between the host system and the chroot environment:
Overall Result: ❌ Tests FAILED (1 of 3 passed) The chroot environment successfully accessed and executed host binaries, but version mismatches were detected for Python and Node.js. This is expected if the host system has been updated after the chroot environment was created, or if the chroot is using system-installed versions while the host uses newer versions from package managers like nvm or pyenv.
|
|
Smoke Test Results Last 2 merged PRs:
✅ GitHub MCP (list PRs) Status: PASS
|
1 participant
Summary
/devis bind-mounted read-only (/dev:/host/dev:ro), making/dev/shmread-only afterchroot /hostpython/black'sblackdserver (and other tools) fail withOSError: [Errno 30] Read-only file systemwhen creating semaphores/host/dev/shmto provide a writable, isolated in-memory filesystem after chrootSecurity Assessment
Low risk. Adding a writable
/host/dev/shmtmpfs is safe because:--ipc=host), so shared memory is fully isolated from the host and other containers/tmpat both/tmpand/host/tmp—/dev/shmprovides similar attack surfacesize=65536k) matching Docker's default;noexecandnosuidflags restrict abuseNET_ADMIN,SYS_CHROOT,SYS_ADMIN) are dropped before user code runsTest plan
npm test— 794/794 tests pass)should include exactly 5 tmpfs mountstest to account for new/host/dev/shmentryshould set secure tmpfs optionstest to allowsize=65536k(not justsize=1m)black --checkto verify blackd semaphore creation succeeds🤖 Generated with Claude Code