bundlewrap

History

CroneKorkN b10c4d22fd left4me: symlink /etc/sysctl.d/99-left4me.conf to the checkout Sysctl drop-in lives in left4me/deploy/files/etc/sysctl.d/99-left4me.conf (absorbed kernel.yama.ptrace_scope from the metadata entry). Deliver via target-side symlink instead of a verbatim copy. Canary for the deployment-responsibility reshape (left4me design doc 2026-05-15-deployment-responsibility-design.md, step 1). Validated end-to-end on ovh.left4me: symlink resolves to the checkout, sysctl --system fires on apply, kernel target value matches, idempotent. One-shot cleanup of stale /etc/sysctl.d/99-left4me-ptrace.conf (orphan from earlier apply; bundles/sysctl does not auto-purge unmanaged files). Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-15 19:10:23 +02:00
..
left4me	refactor(left4me): non-editable install + relocate runtime state to /var/lib/left4me	2026-05-15 17:56:08 +02:00
sudoers.d	left4me: vendor privileged helpers + sudoers/sysctl/sandbox-resolv	2026-05-10 17:10:17 +02:00

left4me: symlink /etc/sysctl.d/99-left4me.conf to the checkout

Sysctl drop-in lives in left4me/deploy/files/etc/sysctl.d/99-left4me.conf
(absorbed kernel.yama.ptrace_scope from the metadata entry). Deliver
via target-side symlink instead of a verbatim copy.

Canary for the deployment-responsibility reshape (left4me design doc
2026-05-15-deployment-responsibility-design.md, step 1). Validated
end-to-end on ovh.left4me: symlink resolves to the checkout,
sysctl --system fires on apply, kernel target value matches, idempotent.
One-shot cleanup of stale /etc/sysctl.d/99-left4me-ptrace.conf
(orphan from earlier apply; bundles/sysctl does not auto-purge unmanaged
files).

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-15 19:10:23 +02:00

left4me

refactor(left4me): non-editable install + relocate runtime state to /var/lib/left4me

2026-05-15 17:56:08 +02:00

sudoers.d

left4me: vendor privileged helpers + sudoers/sysctl/sandbox-resolv

2026-05-10 17:10:17 +02:00