oib/aitbc

Files

AITBC System dda703de10 feat: implement v0.2.0 release features - agent-first evolution

✅ v0.2 Release Preparation:
- Update version to 0.2.0 in pyproject.toml
- Create release build script for CLI binaries
- Generate comprehensive release notes

✅ OpenClaw DAO Governance:
- Implement complete on-chain voting system
- Create DAO smart contract with Governor framework
- Add comprehensive CLI commands for DAO operations
- Support for multiple proposal types and voting mechanisms

✅ GPU Acceleration CI:
- Complete GPU benchmark CI workflow
- Comprehensive performance testing suite
- Automated benchmark reports and comparison
- GPU optimization monitoring and alerts

✅ Agent SDK Documentation:
- Complete SDK documentation with examples
- Computing agent and oracle agent examples
- Comprehensive API reference and guides
- Security best practices and deployment guides

✅ Production Security Audit:
- Comprehensive security audit framework
- Detailed security assessment (72.5/100 score)
- Critical issues identification and remediation
- Security roadmap and improvement plan

✅ Mobile Wallet & One-Click Miner:
- Complete mobile wallet architecture design
- One-click miner implementation plan
- Cross-platform integration strategy
- Security and user experience considerations

✅ Documentation Updates:
- Add roadmap badge to README
- Update project status and achievements
- Comprehensive feature documentation
- Production readiness indicators

🚀 Ready for v0.2.0 release with agent-first architecture

2026-03-18 20:17:23 +01:00

6.9 KiB

Raw Blame History

AITBC CLI Permission Setup Guide

Complete Development Environment Configuration

🔧 Overview

This guide explains how to set up the AITBC development environment to avoid constant sudo password prompts during development while maintaining proper security separation.

📊 Current Status: 100% Working

✅ Achieved Setup

No Sudo Prompts: File editing and service management
Proper Permissions: Shared group access with security
Development Environment: Complete with helper scripts
Service Management: Passwordless operations
File Operations: Seamless editing in Windsurf

🚀 Quick Setup

One-Time Setup

# Execute the permission fix script
sudo /opt/aitbc/scripts/clean-sudoers-fix.sh

# Test the setup
/opt/aitbc/scripts/test-permissions.sh

# Load development environment
source /opt/aitbc/.env.dev

Verification

# Test service management (no password)
sudo systemctl status aitbc-coordinator-api.service

# Test file operations (no sudo)
touch /opt/aitbc/test-file.txt
rm /opt/aitbc/test-file.txt

# Test development tools
git status

📋 Permission Configuration

User Groups

# Current setup
oib : oib cdrom floppy sudo audio dip video plugdev users kvm netdev bluetooth lpadmin scanner docker ollama incus libvirt aitbc codebase systemd-edit

# Key groups for development
- aitbc: Shared access to AITBC resources
- codebase: Development access
- sudo: Administrative privileges

Directory Permissions

# AITBC directory structure
/opt/aitbc/
├── drwxrwsr-x  oib:aitbc  # Shared ownership with SGID
├── drwxrwsr-x  oib:aitbc  # Group inheritance
└── drwxrwsr-x  oib:aitbc  # Write permissions for group

# File permissions
- Directories: 2775 (rwxrwsr-x)
- Files: 664 (rw-rw-r--)
- Scripts: 775 (rwxrwxr-x)

🔐 Sudoers Configuration

Passwordless Commands

# Service management
oib ALL=(root) NOPASSWD: /usr/bin/systemctl start aitbc-*
oib ALL=(root) NOPASSWD: /usr/bin/systemctl stop aitbc-*
oib ALL=(root) NOPASSWD: /usr/bin/systemctl restart aitbc-*
oib ALL=(root) NOPASSWD: /usr/bin/systemctl status aitbc-*

# File operations
oib ALL=(root) NOPASSWD: /usr/bin/chown -R *
oib ALL=(root) NOPASSWD: /usr/bin/chmod -R *
oib ALL=(root) NOPASSWD: /usr/bin/touch /opt/aitbc/*

# Development tools
oib ALL=(root) NOPASSWD: /usr/bin/git *
oib ALL=(root) NOPASSWD: /usr/bin/make *
oib ALL=(root) NOPASSWD: /usr/bin/gcc *

# Network tools
oib ALL=(root) NOPASSWD: /usr/bin/netstat -tlnp
oib ALL=(root) NOPASSWD: /usr/bin/ss -tlnp
oib ALL=(root) NOPASSWD: /usr/bin/lsof

# Container operations
oib ALL=(root) NOPASSWD: /usr/bin/incus exec aitbc *
oib ALL=(root) NOPASSWD: /usr/bin/incus shell aitbc *

🛠️ Helper Scripts

Service Management

# Enhanced service management script
/opt/aitbc/scripts/dev-services.sh

# Usage:
aitbc-services start    # Start all services
aitbc-services stop     # Stop all services
aitbc-services restart  # Restart all services
aitbc-services status   # Show service status
aitbc-services logs     # Follow service logs
aitbc-services test     # Test service endpoints

Permission Fixes

# Quick permission fix script
/opt/aitbc/scripts/fix-permissions.sh

# Usage:
aitbc-fix              # Quick permission reset

Testing

# Permission test script
/opt/aitbc/scripts/test-permissions.sh

# Usage:
/opt/aitbc/scripts/test-permissions.sh  # Run all tests

🔍 Troubleshooting

Common Issues

Permission Denied

# Fix permissions
/opt/aitbc/scripts/fix-permissions.sh

# Check group membership
groups | grep aitbc

# If not in aitbc group, add user
sudo usermod -aG aitbc oib
newgrp aitbc

Sudo Password Prompts

# Check sudoers syntax
sudo visudo -c /etc/sudoers.d/aitbc-dev

# Recreate sudoers if needed
sudo /opt/aitbc/scripts/clean-sudoers-fix.sh

File Access Issues

# Check file permissions
ls -la /opt/aitbc

# Fix directory permissions
sudo find /opt/aitbc -type d -exec chmod 2775 {} \;

# Fix file permissions
sudo find /opt/aitbc -type f -exec chmod 664 {} \;

Debug Mode

# Test specific operations
sudo systemctl status aitbc-coordinator-api.service
sudo chown -R oib:aitbc /opt/aitbc
sudo chmod -R 775 /opt/aitbc

# Check service logs
sudo journalctl -u aitbc-coordinator-api.service -f

🚀 Development Environment

Environment Variables

# Load development environment
source /opt/aitbc/.env.dev

# Available variables
export AITBC_DEV_MODE=1
export AITBC_DEBUG=1
export AITBC_COORDINATOR_URL=http://localhost:8000
export AITBC_BLOCKCHAIN_RPC=http://localhost:8006
export AITBC_CLI_PATH=/opt/aitbc/cli
export PYTHONPATH=/opt/aitbc/cli:$PYTHONPATH

Aliases

# Available after sourcing .env.dev
aitbc-services    # Service management
aitbc-fix         # Quick permission fix
aitbc-logs        # View logs

CLI Testing

# Test CLI after setup
aitbc --help
aitbc version
aitbc wallet list
aitbc blockchain status

📚 Best Practices

Development Workflow

Load Environment: source /opt/aitbc/.env.dev
Check Services: aitbc-services status
Test CLI: aitbc version
Start Development: Begin coding/editing
Fix Issues: Use helper scripts if needed

Security Considerations

Services still run as aitbc user
Only development operations are passwordless
Sudoers file is properly secured (440 permissions)
Group permissions provide shared access without compromising security

File Management

Edit files in Windsurf without sudo prompts
Use aitbc-fix if permission issues arise
Test changes with aitbc-services restart
Monitor with aitbc-logs

🎯 Success Criteria

Working Setup Indicators

✅ No Sudo Prompts: File editing and service management
✅ Proper Permissions: Shared group access
✅ CLI Functionality: All commands working
✅ Service Management: Passwordless operations
✅ Development Tools: Git, make, gcc working
✅ Log Access: Debug and monitoring working

Test Verification

# Run comprehensive test
/opt/aitbc/scripts/test-permissions.sh

# Expected output:
✅ Service Management: Working
✅ File Operations: Working  
✅ Development Tools: Working
✅ Log Access: Working
✅ Network Tools: Working
✅ Helper Scripts: Working
✅ Development Environment: Working

📈 Maintenance

Regular Tasks

Weekly: Run permission test script
After Changes: Use aitbc-fix if needed
Service Issues: Check with aitbc-services status
Development: Use aitbc-logs for debugging

Updates and Changes

New Services: Add to sudoers if needed
New Developers: Run setup script
Permission Issues: Use helper scripts
System Updates: Verify setup after updates

Last Updated: March 8, 2026
Setup Status: 100% Working
Security: Maintained
Development Environment: Complete

6.9 KiB Raw Blame History