Skip to content

fix(gateway): block silent shared-service takeover#150

Merged
artemgetmann merged 1 commit into
mainfrom
codex/harden-shared-gateway-install
Mar 26, 2026
Merged

fix(gateway): block silent shared-service takeover#150
artemgetmann merged 1 commit into
mainfrom
codex/harden-shared-gateway-install

Conversation

@artemgetmann
Copy link
Copy Markdown
Owner

@artemgetmann artemgetmann commented Mar 26, 2026

Review Fast Path

  • User path fixed: plain openclaw gateway install can no longer silently overwrite the sacred default shared gateway service when another runtime/worktree already owns it.
  • Proof: pnpm test -- src/cli/daemon-cli/install.test.ts src/cli/daemon-cli/install.integration.test.ts src/cli/daemon-cli/register-service-commands.test.ts and pnpm build both passed in this worktree.
  • Shared-state footgun removed: the default shared service now fails closed on ownership drift and only allows replacement with --force --allow-shared-service-takeover; profiled tester/consumer/rescue lanes remain allowed.
  • Still hurts: this does not auto-fix already-misconfigured lanes, and I did not run a live launchd takeover E2E against the real machine label because that would be reckless.

Why This Matters

  • Consumer/tester worktrees were able to hijack ai.openclaw.gateway, which took the main Telegram bot down.
  • The repo already documented isolated profiles, but docs alone were not enough. The CLI needed a hard stop.

Scope Boundary

  • Added install-time ownership detection for the default shared gateway service.
  • Added an explicit --allow-shared-service-takeover escape hatch for intentional recovery.
  • Added regression tests and short workflow reminders in AGENTS.md and docs/gateway/multiple-gateways.md.
  • Did not change multi-bot/profile support, token routing, or runtime restart behavior.

Verification

  • pnpm test -- src/cli/daemon-cli/install.test.ts src/cli/daemon-cli/install.integration.test.ts src/cli/daemon-cli/register-service-commands.test.ts
  • pnpm build
  • Test coverage includes:
    • blocking takeover when the installed shared service points at another runtime/config
    • allowing explicit takeover with --allow-shared-service-takeover
    • skipping the guard for profiled installs so isolated tester lanes still work

AI Assistance

  • AI-assisted
  • Testing degree: targeted

@artemgetmann
fix(gateway): block silent shared-service takeover
422ab57 
- what: detect when the default shared gateway service already points at a different runtime/config and refuse silent overwrite unless takeover is explicitly allowed
- why: consumer/tester worktrees kept hijacking the sacred main launch agent, which knocked the main Telegram bot offline
- risk: legitimate shared-service recovery now requires the explicit --allow-shared-service-takeover escape hatch and profiled lanes must stay isolated by design
@artemgetmann artemgetmann merged commit fa28100 into main Mar 26, 2026
3 of 10 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@artemgetmann