azcomputerguru/guru-connect
1
0
Fork 0
Code Issues 4 Pull Requests Actions Packages Projects Releases 2 Wiki Activity
Files
7be8f454e0066d20496bafd11c99d14c667bec63
guru-connect/docs/specs
History
azcomputerguru 761bae5d01 spec: update SPEC-012 to include both Serial Console + PTY Shell modes 
Major update to SPEC-012 adding dual-mode terminal access:

Mode 1: Serial Console Mode (True Remote Console)
- Direct access to system serial console (/dev/ttyS0 or /dev/console)
- Sees GRUB bootloader, kernel boot messages, login prompts, kernel panics
- Boot-time interaction: select GRUB entries, edit kernel parameters, single-user mode
- Requires root privileges or CAP_SYS_TTY_CONFIG capability
- Setup: GRUB + kernel parameters configured for serial console output
- Like KVM-over-IP or IPMI Serial-over-LAN (text-mode equivalent)

Mode 2: PTY Shell Mode (Interactive Shell)
- Spawn pseudo-TTY with bash/zsh shell session
- Normal server management (package updates, log review, etc.)
- Runs as unprivileged agent service user
- Standard interactive shell with full ANSI/VT100 support

Architecture:
- Agent mode selection based on viewer request (console vs. shell)
- Dashboard shows two buttons: "Console" and "Shell" for headless agents
- Same xterm.js viewer handles both modes transparently
- Protobuf extensions: TerminalModeRequest enum, console_mode flag

Security:
- Console mode requires root (boot-level control risk)
- Recommend RBAC: separate console_access and shell_access permissions
- Console sessions should require MFA (Phase 2)
- Audit logging for both modes

Setup Requirements:
- One-time GRUB configuration for serial console
- systemd service with CAP_SYS_TTY_CONFIG for console mode
- serial-getty@ttyS0.service enabled for login prompt

Updated effort: Medium (5-7 weeks, up from 4-6)
Priority remains P2

Addresses user request for "remote console" (as if at the machine)
not just shell access.

Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
2026-05-30 19:02:27 -07:00
..
SPEC-001-operational-tooling-parity.md
feat: operational tooling — signing, versioning, changelog, roadmap (SPEC-001)
2026-05-29 07:19:29 -07:00
SPEC-002-v2-modernization-architecture.md
docs(spec): add SPEC-002 GuruConnect v2 modernization architecture
2026-05-29 18:08:23 -07:00
SPEC-003-machine-inventory.md
spec: add SPEC-003 full machine inventory in connection DB
2026-05-30 15:48:09 -07:00
SPEC-004-session-lifecycle-and-removal.md
spec: SPEC-004 add stable machine-derived identity as the primary fix
2026-05-30 16:11:38 -07:00
SPEC-005-machines-list-view-parity.md
spec: add SPEC-005 machines list view (dual indicators + rich rows)
2026-05-30 16:17:48 -07:00
SPEC-006-universal-machine-search.md
spec: add SPEC-006 universal machine search
2026-05-30 16:21:10 -07:00
SPEC-007-managed-agent-installer-builder.md
spec: add SPEC-007 managed-agent installer builder
2026-05-30 16:24:56 -07:00
SPEC-008-valuable-error-messages.md
spec: add SPEC-008 valuable error messages
2026-05-30 16:30:07 -07:00
SPEC-009-feature-rich-documented-api.md
spec: add SPEC-009 feature-rich documented API
2026-05-30 16:35:57 -07:00
SPEC-010-cross-platform-agents.md
spec: add SPEC-010 Cross-Platform Agent Support (macOS and Linux)
2026-05-30 18:15:16 -07:00
SPEC-011-mobile-agents.md
spec: add SPEC-011 Mobile Agent Support (iOS and Android)
2026-05-30 18:24:16 -07:00
SPEC-012-headless-linux-tty.md
spec: update SPEC-012 to include both Serial Console + PTY Shell modes
2026-05-30 19:02:27 -07:00