feat(260504-bw4): make SANDBOX.md conditional on SSH activation
This commit is contained in:
parent
41ebf10458
commit
e9154fd691
1 changed files with 39 additions and 16 deletions
55
claudebox.sh
55
claudebox.sh
|
|
@ -229,8 +229,40 @@ fi
|
|||
|
||||
# === Sandbox-aware prompting (AWARE-01, AWARE-02) ===
|
||||
|
||||
# Build SSH-conditional SANDBOX.md content blocks
|
||||
if [[ "$SSH_ACTIVE" == true ]]; then
|
||||
_ssh_notes=""
|
||||
[[ "$WITH_SSH" == true ]] && _ssh_notes+="- ssh-agent socket forwarded via \$SSH_AUTH_SOCK"$'\n'
|
||||
(( ${#SSH_KEYS[@]} > 0 )) && _ssh_notes+="- Explicit key file(s) mounted read-only at ~/.ssh/"$'\n'
|
||||
SANDBOX_RESTRICTIONS_BLOCK="## Default Restrictions
|
||||
|
||||
By default, the following are not mounted into the sandbox:
|
||||
- GPG and age keys (~/.gnupg, age key files)
|
||||
- Cloud credentials (~/.aws, ~/.config/gcloud)
|
||||
- Tailscale state
|
||||
|
||||
## SSH
|
||||
|
||||
SSH is available in this session:
|
||||
${_ssh_notes}
|
||||
Use \`git push\`/\`git pull\` over SSH normally."
|
||||
SANDBOX_GIT_TAIL="SSH remotes work in this session."
|
||||
unset _ssh_notes
|
||||
else
|
||||
SANDBOX_RESTRICTIONS_BLOCK="## Default Restrictions
|
||||
|
||||
By default, the following are not mounted into the sandbox:
|
||||
- SSH keys (~/.ssh)
|
||||
- GPG and age keys (~/.gnupg, age key files)
|
||||
- Cloud credentials (~/.aws, ~/.config/gcloud)
|
||||
- Tailscale state
|
||||
|
||||
If your setup has been customized, some of these may be available."
|
||||
SANDBOX_GIT_TAIL="For remote operations, prefer HTTPS URLs over SSH since SSH keys are not available by default."
|
||||
fi
|
||||
|
||||
# Write SANDBOX.md -- fully managed, overwritten every launch (D-02)
|
||||
cat > "$HOME/.claudebox/SANDBOX.md" << 'SANDBOXEOF'
|
||||
cat > "$HOME/.claudebox/SANDBOX.md" <<SANDBOXEOF
|
||||
# Sandbox Environment
|
||||
|
||||
You are running inside a bubblewrap (bwrap) sandbox managed by claudebox.
|
||||
|
|
@ -243,30 +275,21 @@ from the host, with per-project isolation for conversation history.
|
|||
You have two ways to install tools on the fly:
|
||||
|
||||
**Comma (preferred for quick one-off commands):**
|
||||
`, ripgrep` runs ripgrep without permanent installation. Comma uses
|
||||
\`, ripgrep\` runs ripgrep without permanent installation. Comma uses
|
||||
nix-index to find the right package automatically.
|
||||
|
||||
**Nix shell (for persistent access within the session):**
|
||||
`nix shell nixpkgs#python3 -c python3 script.py` runs a command with
|
||||
\`nix shell nixpkgs#python3 -c python3 script.py\` runs a command with
|
||||
a package available. To keep it in your PATH for the session:
|
||||
`nix shell nixpkgs#python3` then use `python3` normally.
|
||||
\`nix shell nixpkgs#python3\` then use \`python3\` normally.
|
||||
|
||||
## Default Restrictions
|
||||
|
||||
By default, the following are not mounted into the sandbox:
|
||||
- SSH keys (~/.ssh)
|
||||
- GPG and age keys (~/.gnupg, age key files)
|
||||
- Cloud credentials (~/.aws, ~/.config/gcloud)
|
||||
- Tailscale state
|
||||
|
||||
If your setup has been customized, some of these may be available.
|
||||
${SANDBOX_RESTRICTIONS_BLOCK}
|
||||
|
||||
## Git
|
||||
|
||||
Your git identity (name and email) is pre-configured from the host.
|
||||
The `safe.directory` setting trusts the mounted working directory.
|
||||
For remote operations, prefer HTTPS URLs over SSH since SSH keys
|
||||
are not available by default.
|
||||
The \`safe.directory\` setting trusts the mounted working directory.
|
||||
${SANDBOX_GIT_TAIL}
|
||||
SANDBOXEOF
|
||||
|
||||
# Generate minimal .gitconfig (D-05)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue