Docker/profile mode should avoid different HOME values between Hermes process and tool subprocesses

[christolan]

Problem

In Docker deployments, Hermes uses HERMES_HOME as the persistent data root, for example:

HERMES_HOME=/opt/data

At the same time, tool subprocesses may get a different HOME:

HOME=/opt/data/home

This is understandable as a fix for Docker persistence and profile isolation: tools like git, ssh, gh, npm should not write to /root, and different profiles should not share credentials.

The confusing part is that the Hermes main/gateway process can still have a different HOME from the subprocesses it starts.

Example:

Hermes main process:
HOME=/opt/data
HERMES_HOME=/opt/data

Tool subprocess:
HOME=/opt/data/home
HERMES_HOME=/opt/data

This means that within the same active profile, ~ can point to different places depending on where it is expanded.

Why this is a problem

For one profile, I would expect these to agree:

echo "$HOME"
python -c 'from pathlib import Path; print(Path.home())'
python -c 'import os; print(os.path.expanduser("~"))'

and also the HOME seen by terminal tools, background processes, and execute_code.

When they differ, it becomes hard to reason about paths like:

~/.ssh
~/.config/gh
~/.gitconfig
~/workspace

or skill/config paths that use ~.

I agree that different profiles should have isolated homes. But inside a single profile, splitting HOME between Hermes itself and its tools does not seem to provide much benefit. It mostly creates path ambiguity.

For Docker specifically, I think the cleaner isolation boundary is the container itself. If I want stronger isolation between agents/profiles, I would rather run separate containers with separate mounted data directories, instead of relying on different HOME values inside the same container.

Suggested behavior

Keep profile isolation, but make HOME consistent within one profile.

For example, in Docker default profile:

HERMES_HOME=/opt/data
HOME=/opt/data/home

For named profiles:

HERMES_HOME=/opt/data/profiles/<profile>
HOME=/opt/data/profiles/<profile>/home

So the intended model would be:

HERMES_HOME = Hermes state/config root
HOME        = user/tool home for this profile

Different profiles should still get different homes. But the same profile should not have two competing HOME values.

Expected invariant

Within one active profile:

main process HOME == subprocess HOME

Across profiles:

profile A HOME != profile B HOME

This keeps the useful isolation boundary at the profile level, while avoiding confusing behavior inside a single profile.

[alt-glitch]

Related: #12260 (resolve_skill_config_values() expands ~ against wrong HOME), #7357 (original per-profile HOME isolation), #21671 (subprocess HOME override). The core tension is the same: Hermes process HOME ≠ subprocess HOME within one profile.

[cardtest15-coder]

🤖 Auto-Triage

• Label: bug
• Severity: medium
• Suggested action: comment
• Summary: Несоответствие значений HOME между основным процессом Hermes и дочерними процессами инструментов в Docker

[pcfreak30]

I just finished an AI dig as a new docker user and this bit me. related #33913.

[thinkyhead]

Many issues are caused by Hermes abusing the sacred $HOME environment variable. This is a major blocker for effectively all users of shells on all operating systems. I just discovered this problem exists, and in spite of being gung-ho for Hermes I simply cannot trust it to work properly if it is going to be messing with $HOME in the background.

[pcfreak30]

Many issues are caused by Hermes abusing the sacred $HOME environment variable. This is a major blocker for effectively all users of shells on all operating systems. I just discovered this problem exists, and in spite of being gung-ho for Hermes I simply cannot trust it to work properly if it is going to be messing with $HOME in the background.

I am now just running multiple docker instances b/c the multi-profile thing just isn't ready, IMO.