Enable unsafe host paired runtime

This commit is contained in:
ejclaw
2026-04-06 02:40:15 +09:00
parent 446b194e2c
commit 994e957767
12 changed files with 261 additions and 5 deletions

View File

@@ -32,6 +32,7 @@ import {
tmpfsMountArgs,
writableMountArgs,
} from './container-runtime.js';
import { ensureClaudeGlobalSettingsFile } from './agent-runner-environment.js';
import { detectAuthMode } from './credential-proxy.js';
import { resolveGroupFolderPath, resolveGroupIpcPath } from './group-folder.js';
import { logger } from './logger.js';
@@ -435,11 +436,17 @@ export function buildReviewerMounts(
`${group.folder}-reviewer`,
);
fs.mkdirSync(groupSessionsDir, { recursive: true });
ensureClaudeGlobalSettingsFile(groupSessionsDir);
pushMountOnce(mounts, {
hostPath: groupSessionsDir,
containerPath: '/home/node/.claude',
readonly: false,
});
pushMountOnce(mounts, {
hostPath: path.join(groupSessionsDir, '.claude.json'),
containerPath: '/home/node/.claude.json',
readonly: false,
});
// Owner session directory: read-only so reviewer can verify runtime state
// files (cron state, configs, etc.) that the owner references by absolute path.