diff --git a/setup/verify.ts b/setup/verify.ts index 1238500..f57cb84 100644 --- a/setup/verify.ts +++ b/setup/verify.ts @@ -11,7 +11,7 @@ import path from 'path'; import Database from 'better-sqlite3'; -import { DATA_DIR, STORE_DIR } from '../src/orchestrator/config.js'; +import { DATA_DIR, STATE_ROOT, STORE_DIR } from '../src/orchestrator/config.js'; import { readEnvFile } from '../src/orchestrator/env.js'; import { logger } from '../src/orchestrator/logger.js'; import { @@ -23,7 +23,7 @@ import { import { emitStatus } from './status.js'; // Derive service label from data directory for instance-specific checks -const SERVICE_DIR_NAME = path.basename(DATA_DIR).replace(/[^a-zA-Z0-9_-]/g, '-'); +const SERVICE_DIR_NAME = path.basename(STATE_ROOT).replace(/[^a-zA-Z0-9_-]/g, '-'); const SERVICE_LABEL = `com.claudeclaw.${SERVICE_DIR_NAME}`; const SYSTEMD_UNIT = `claudeclaw-${SERVICE_DIR_NAME}`; diff --git a/src/runtimes/sandbox-runner.ts b/src/runtimes/sandbox-runner.ts index 1c880df..f0011f2 100644 --- a/src/runtimes/sandbox-runner.ts +++ b/src/runtimes/sandbox-runner.ts @@ -300,7 +300,10 @@ export function buildSandboxSettings( denyWrite.push(mount.hostPath); } else if (mount.readonly) { allowRead.push(mount.hostPath); - denyWrite.push(mount.hostPath); // enforce read-only at srt level + // Do NOT push to denyWrite: per srt config, denyWrite takes precedence + // over allowWrite, so adding a parent path here blocks nested writable + // mounts (e.g. groupDir inside projectRoot). Read-only is enforced + // implicitly: paths not present in allowWrite cannot be written. } else { // read-write allowWrite.push(mount.hostPath);