-
-
Notifications
You must be signed in to change notification settings - Fork 5
Daemon Supervisor
CortexPrism edited this page Jun 17, 2026
·
1 revision
The daemon supervisor manages three background processes required for tool security and job scheduling.
cortex daemon start
│
▼
supervisor-process.ts
│
├── validator-process.ts ← IPC socket: approves/rejects tool intents
│ policy check → allow/deny → logged to Lens
│
├── executor-process.ts ← IPC socket: executes approved tool calls
│ file read/write, shell commands, directory listing
│
└── scheduler-process.ts ← DB polling: runs cron jobs every 30s
memory consolidation, scheduled commands
- Each child is spawned via
Deno.Commandwith scoped--allow-*permissions - On crash (non-zero exit): wait
min(2^n × 1s, 30s)then restart - On clean exit (zero exit): not restarted
-
SIGINT/SIGTERM: cascading shutdown of all children
Three daemons communicate via Unix domain sockets (configurable via CORTEX_SOCKET_DIR):
/tmp/cortex/validator.sock
/tmp/cortex/executor.sock
/tmp/cortex/scheduler.sock
Messages are JSON-line, connection-per-message. Heartbeat pings check liveness.
cortex daemon start # Start supervisor (background)
cortex daemon stop # Stop supervisor
cortex daemon restart # Restart supervisor
cortex daemon run # Run in foreground (systemd/tmux)
cortex daemon status # Check process status
cortex daemon install # Install as system service (all platforms)
cortex daemon uninstall # Remove system servicecortex chat and cortex serve call ensureDaemons() which pings the validator socket and starts the supervisor if needed.
Validator is fail-closed: when the validator daemon is unreachable, tool calls are denied rather than silently auto-approved.
- Service Installation — Platform-specific service setup
- Security — Policy validation and tool gating
CortexPrism — Open-source agentic AI harness · MIT License · Built with Deno 2.x + TypeScript