feat: always mount /:/host:ro even with custom mounts

Copilot · Mossaka · Copilot · commit 894520402e7f · 2026-01-23T00:52:37.000Z
Co-authored-by: Mossaka &lt;5447827+Mossaka@users.noreply.github.com&gt;
diff --git a/src/docker-manager.test.ts b/src/docker-manager.test.ts
@@ -270,8 +270,8 @@ describe('docker-manager', () => {
       const agent = result.services.agent;
       const volumes = agent.volumes as string[];
 
-      // Should NOT include blanket /:/host:ro mount
-      expect(volumes).not.toContain('/:/host:ro');
+      // Should STILL include /:/host:ro mount for chroot functionality
+      expect(volumes).toContain('/:/host:ro');
 
       // Should include custom mounts
       expect(volumes).toContain('/workspace:/workspace:ro');
@@ -282,12 +282,12 @@ describe('docker-manager', () => {
       expect(volumes.some((v: string) => v.includes('agent-logs'))).toBe(true);
     });
 
-    it('should use blanket mount when no custom mounts specified', () => {
+    it('should always include /:/host:ro mount for chroot functionality', () => {
       const result = generateDockerCompose(mockConfig, mockNetworkConfig);
       const agent = result.services.agent;
       const volumes = agent.volumes as string[];
 
-      // Should include blanket /:/host:ro mount
+      // Should include /:/host:ro mount
       expect(volumes).toContain('/:/host:ro');
     });
 
diff --git a/src/docker-manager.ts b/src/docker-manager.ts
@@ -355,12 +355,13 @@ export function generateDockerCompose(
     config.volumeMounts.forEach(mount => {
       agentVolumes.push(mount);
     });
-  } else {
-    // If no custom mounts specified, include blanket host filesystem mount for backward compatibility
-    logger.debug('No custom mounts specified, using blanket /:/host:ro mount');
-    agentVolumes.unshift('/:/host:ro');
   }
 
+  // Always include /:/host:ro mount for isolate.sh chroot functionality
+  // This is added regardless of custom mounts to ensure commands can fall back to host binaries
+  logger.debug('Adding /:/host:ro mount for chroot functionality');
+  agentVolumes.unshift('/:/host:ro');
+
   // Agent service configuration
   const agentService: any = {
     container_name: 'awf-agent',
diff --git a/src/types.ts b/src/types.ts
@@ -180,7 +180,7 @@ export interface WrapperConfig {
    * - 'host_path:container_path:rw' (read-write)
    *
    * These are in addition to essential mounts (Docker socket, HOME, /tmp).
-   * The blanket /:/host:ro mount is removed when custom mounts are specified.
+   * The /:/host:ro mount is always included for chroot functionality.
    *
    * @example ['/workspace:/workspace:ro', '/data:/data:rw']
    */

Original file line number	Diff line number	Diff line change
`@@ -180,7 +180,7 @@ export interface WrapperConfig {`
`180`	`180`	`* - 'host_path:container_path:rw' (read-write)`
`181`	`181`	`*`
`182`	`182`	`* These are in addition to essential mounts (Docker socket, HOME, /tmp).`
`183`		`- * The blanket /:/host:ro mount is removed when custom mounts are specified.`
	`183`	`+ * The /:/host:ro mount is always included for chroot functionality.`
`184`	`184`	`*`
`185`	`185`	`* @example ['/workspace:/workspace:ro', '/data:/data:rw']`
`186`	`186`	`*/`