github/openclaw
1
0
Fork 0
mirror of https://github.com/openclaw/openclaw.git synced 2026-05-10 11:04:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Daemon: harden systemd unit env rendering

Browse Source
This commit is contained in:
Shadow
2026-02-20 12:51:14 -06:00
parent 84281abd4b
commit 61f646c41f
3 changed files with 46 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
src/daemon/systemd-unit.test.ts Normal file
View File

@@ -0,0 +1,26 @@
import { describe, expect, it } from "vitest";
import { buildSystemdUnit } from "./systemd-unit.js";
describe("buildSystemdUnit", () => {
it("quotes arguments with whitespace", () => {
const unit = buildSystemdUnit({
description: "OpenClaw Gateway",
programArguments: ["/usr/bin/openclaw", "gateway", "--name", "My Bot"],
environment: {},
});
const execStart = unit.split("\n").find((line) => line.startsWith("ExecStart="));
expect(execStart).toBe('ExecStart=/usr/bin/openclaw gateway --name "My Bot"');
});
it("rejects environment values with line breaks", () => {
expect(() =>
buildSystemdUnit({
description: "OpenClaw Gateway",
programArguments: ["/usr/bin/openclaw", "gateway", "start"],
environment: {
INJECT: "ok\nExecStartPre=/bin/touch /tmp/oc15789_rce",
},
}),
).toThrow(/CR or LF/);
});
});