From a4dd5647ad02c5d6ede071f472e44b284684be41 Mon Sep 17 00:00:00 2001 From: Agent Date: Sat, 18 Apr 2026 12:29:41 +0000 Subject: [PATCH 1/2] =?UTF-8?q?fix:=20[nomad-step-5]=20S5-fix-5=20?= =?UTF-8?q?=E2=80=94=20chat.hcl=20tmpfs=20syntax:=20use=20mount=20block=20?= =?UTF-8?q?not=20tmpfs=20argument=20(#1012)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- nomad/jobs/chat.hcl | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/nomad/jobs/chat.hcl b/nomad/jobs/chat.hcl index ead8e71..ee3b807 100644 --- a/nomad/jobs/chat.hcl +++ b/nomad/jobs/chat.hcl @@ -89,19 +89,28 @@ job "chat" { config { image = "disinto/chat:local" force_pull = false - # Sandbox hardening (#706): cap_drop ALL (no Linux capabilities) - # tmpfs /tmp for runtime files (64MB) - # pids_limit 128 (prevent fork bombs) # ReadonlyRootfs enforced via entrypoint script (fails if running as root) - cap_drop = ["ALL"] - tmpfs = ["/tmp:size=64m"] - pids_limit = 128 # Security options for sandbox hardening # apparmor=unconfined needed for Claude CLI ptrace access # no-new-privileges prevents privilege escalation security_opt = ["apparmor=unconfined", "no-new-privileges"] } + # ── Sandbox hardening (#706) ──────────────────────────────────────────── + # cap_drop ALL (no Linux capabilities) + # tmpfs /tmp for runtime files (64MB) + # pids_limit 128 (prevent fork bombs) + cap_drop = ["ALL"] + pids_limit = 128 + mount { + type = "tmpfs" + target = "/tmp" + readonly = false + tmpfs_options { + size = 67108864 # 64MB in bytes + } + } + # ── Volume mounts ────────────────────────────────────────────────────── # Mount chat-history for conversation persistence volume_mount { From 19ec91ae5a788b1340bc6bf27f40f6fb299b110f Mon Sep 17 00:00:00 2001 From: Agent Date: Sat, 18 Apr 2026 12:29:41 +0000 Subject: [PATCH 2/2] =?UTF-8?q?fix:=20[nomad-step-5]=20S5-fix-5=20?= =?UTF-8?q?=E2=80=94=20chat.hcl=20tmpfs=20syntax:=20use=20mount=20block=20?= =?UTF-8?q?not=20tmpfs=20argument=20(#1012)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- nomad/jobs/chat.hcl | 20 +++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/nomad/jobs/chat.hcl b/nomad/jobs/chat.hcl index ead8e71..edd36f2 100644 --- a/nomad/jobs/chat.hcl +++ b/nomad/jobs/chat.hcl @@ -89,17 +89,19 @@ job "chat" { config { image = "disinto/chat:local" force_pull = false - # Sandbox hardening (#706): cap_drop ALL (no Linux capabilities) - # tmpfs /tmp for runtime files (64MB) - # pids_limit 128 (prevent fork bombs) + # Sandbox hardening (#706): + # - cap_drop ALL (no Linux capabilities) + # - tmpfs /tmp for runtime files (64MB) + # - pids_limit 128 (prevent fork bombs) # ReadonlyRootfs enforced via entrypoint script (fails if running as root) - cap_drop = ["ALL"] - tmpfs = ["/tmp:size=64m"] - pids_limit = 128 - # Security options for sandbox hardening - # apparmor=unconfined needed for Claude CLI ptrace access - # no-new-privileges prevents privilege escalation + # Security options: + # - apparmor=unconfined for Claude CLI ptrace access + # - no-new-privileges prevents privilege escalation + cap_drop = ["ALL"] + pids_limit = 128 security_opt = ["apparmor=unconfined", "no-new-privileges"] + # tmpfs mounts via volumes config (Nomad Docker driver) + volumes = ["tmpfs:/tmp:size=64m"] } # ── Volume mounts ──────────────────────────────────────────────────────