fix(gateway): detect launchd in the /restart service-manager probe#43888
Open
chazmaniandinkle wants to merge 1 commit into
Open
fix(gateway): detect launchd in the /restart service-manager probe#43888chazmaniandinkle wants to merge 1 commit into
chazmaniandinkle wants to merge 1 commit into
Conversation
…esearch#43475) On a launchd-managed gateway (macOS), /restart stopped the gateway but never relaunched it: the handler's service detection checks only INVOCATION_ID (systemd) and container markers, so under launchd it takes the detached path and exits 0 — which KeepAlive.SuccessfulExit=false treats as a deliberate stop. The gateway stays silently dead until a manual launchctl kickstart. Detect launchd via XPC_SERVICE_NAME, which launchd sets to the job label for processes it spawns. The probe deliberately excludes the literal "0": interactive macOS shells inherit XPC_SERVICE_NAME=0 (a truthy string), and routing an unsupervised interactive gateway to the service path would make it exit non-zero with nothing to revive it. Routing through via_service=True (rather than forcing a non-zero exit on the detached path) matters: the detached path also spawns a helper that relaunches the gateway, so exiting non-zero there would have BOTH the helper and launchd respawn it — two gateways racing for the same bot tokens. The service path spawns no helper; launchd is the single respawner. Fixes NousResearch#43475. Supersedes the run.py-era probes in NousResearch#19940/NousResearch#33393 (the handler has since moved to gateway/slash_commands.py) and avoids the double-spawn risk in the exit-code-site approaches (NousResearch#43498, NousResearch#43596).
This was referenced Jun 11, 2026
Contributor
|
Verification: LGTM — correct launchd detection with proper edge-case handling. Reviewed the diff and tests. Key observations:
No issues found. |
tonydwb
approved these changes
Jun 11, 2026
tonydwb
left a comment
There was a problem hiding this comment.
Code Review Summary
Verdict: Approved
✅ Looks Good
- Well-scoped fix: Improves launchd detection in the
/restartservice-manager probe by checking forlaunchdin the service manager probe. - Small change: 50 additions, 5 deletions - minimal and targeted.
- No security concerns: Local service detection logic, no external input or secrets.
Reviewed by Hermes Agent
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #43475.
On a launchd-managed gateway (macOS),
/restartstops the gateway and never relaunches it. The handler's service-manager probe checks onlyINVOCATION_ID(systemd) and container markers, so under launchd it takes the detached path and exits 0. The generated plist usesKeepAlive.SuccessfulExit=false, which treats a clean exit as a deliberate stop, so the gateway stays silently dead until a manuallaunchctl kickstart.The fix detects launchd via
XPC_SERVICE_NAME, which launchd sets to the job label. Two details distinguish it from the earlier attempts:XPC_SERVICE_NAME=0must not count as launchd. Interactive macOS shells inheritXPC_SERVICE_NAME=0, a truthy string. The barebool()probe in fix(gateway): detect launchd service for restart #19940/fix: /restart uses via_service=True on launchd (macOS) #33393 would route an unsupervised interactive gateway to the service path, where it exits 75 and nothing revives it. This probe excludes""and"0"(verified: launchd jobs see the real label viaps eww; interactive shells see0).via_service=Truerather than forcing a non-zero exit on the detached path (the fix(gateway): exit non-zero on /restart so launchd revives the gateway #43498/fix(gateway): exit non-zero on macOS launchd restart path (#43475) #43596 approach). The detached path spawns a relaunch helper; exiting non-zero there means the helper and launchd both respawn the gateway, and two instances then race for the same bot tokens, which Telegram and Discord reject (one connection per bot). The service path spawns no helper, so launchd is the single respawner.This also targets the current handler location in
gateway/slash_commands.py; the older probe PRs predate the move out ofgateway/run.py.Tests:
tests/gateway/test_restart_service_detection.pypins all four routings (launchd job label, interactive=0, no service env, systemdINVOCATION_ID), built on the existing restart test helpers.Production validation: running on two launchd-managed gateways since 2026-06-10; an earlier version of the same probe ran from 2026-06-03 (noted on #33393).