mirror of
https://github.com/openai/codex.git
synced 2026-03-05 13:35:28 +03:00
38f84b6b29
## Why We already plan to remove the shell-tool MCP path, and doing that cleanup first makes the follow-on `shell-escalation` work much simpler. This change removes the last remaining reason to keep `codex-rs/exec-server` around by moving the `codex-execve-wrapper` binary and shared shell test fixtures to the crates/tests that now own that functionality. ## What Changed ### Delete `codex-rs/exec-server` - Remove the `exec-server` crate, including the MCP server binary, MCP-specific modules, and its test support/test suite - Remove `exec-server` from the `codex-rs` workspace and update `Cargo.lock` ### Move `codex-execve-wrapper` into `codex-rs/shell-escalation` - Move the wrapper implementation into `shell-escalation` (`src/unix/execve_wrapper.rs`) - Add the `codex-execve-wrapper` binary entrypoint under `shell-escalation/src/bin/` - Update `shell-escalation` exports/module layout so the wrapper entrypoint is hosted there - Move the wrapper README content from `exec-server` to `shell-escalation/README.md` ### Move shared shell test fixtures to `app-server` - Move the DotSlash `bash`/`zsh` test fixtures from `exec-server/tests/suite/` to `app-server/tests/suite/` - Update `app-server` zsh-fork tests to reference the new fixture paths ### Keep `shell-tool-mcp` as a shell-assets package - Update `.github/workflows/shell-tool-mcp.yml` packaging so the npm artifact contains only patched Bash/Zsh payloads (no Rust binaries) - Update `shell-tool-mcp/package.json`, `shell-tool-mcp/src/index.ts`, and docs to reflect the shell-assets-only package shape - `shell-tool-mcp-ci.yml` does not need changes because it is already JS-only ## Verification - `cargo shear` - `cargo clippy -p codex-shell-escalation --tests` - `just clippy`
55 lines
1.7 KiB
Rust
55 lines
1.7 KiB
Rust
use std::collections::HashMap;
|
|
use std::os::fd::RawFd;
|
|
use std::path::PathBuf;
|
|
|
|
use serde::Deserialize;
|
|
use serde::Serialize;
|
|
|
|
/// Exec wrappers read this to find the inherited FD for the escalation socket.
|
|
pub const ESCALATE_SOCKET_ENV_VAR: &str = "CODEX_ESCALATE_SOCKET";
|
|
|
|
/// Patched shells use this to wrap exec() calls.
|
|
pub const EXEC_WRAPPER_ENV_VAR: &str = "EXEC_WRAPPER";
|
|
|
|
/// Compatibility alias for older patched bash builds.
|
|
pub const LEGACY_BASH_EXEC_WRAPPER_ENV_VAR: &str = "BASH_EXEC_WRAPPER";
|
|
|
|
/// The client sends this to the server to request an exec() call.
|
|
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq)]
|
|
pub struct EscalateRequest {
|
|
/// The absolute path to the executable to run, i.e. the first arg to exec.
|
|
pub file: PathBuf,
|
|
/// The argv, including the program name (argv[0]).
|
|
pub argv: Vec<String>,
|
|
pub workdir: PathBuf,
|
|
pub env: HashMap<String, String>,
|
|
}
|
|
|
|
/// The server sends this to the client to respond to an exec() request.
|
|
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq)]
|
|
pub struct EscalateResponse {
|
|
pub action: EscalateAction,
|
|
}
|
|
|
|
#[derive(Clone, Serialize, Deserialize, Debug, PartialEq, Eq)]
|
|
pub enum EscalateAction {
|
|
/// The command should be run directly by the client.
|
|
Run,
|
|
/// The command should be escalated to the server for execution.
|
|
Escalate,
|
|
/// The command should not be executed.
|
|
Deny { reason: Option<String> },
|
|
}
|
|
|
|
/// The client sends this to the server to forward its open FDs.
|
|
#[derive(Clone, Serialize, Deserialize, Debug)]
|
|
pub struct SuperExecMessage {
|
|
pub fds: Vec<RawFd>,
|
|
}
|
|
|
|
/// The server responds when the exec()'d command has exited.
|
|
#[derive(Clone, Serialize, Deserialize, Debug)]
|
|
pub struct SuperExecResult {
|
|
pub exit_code: i32,
|
|
}
|