Skip to main content

KernelConfig

kaish_kernel::kernel

Struct KernelConfig 

Source 
pub struct KernelConfig {
    pub name: String,
    pub vfs_mode: VfsMountMode,
    pub cwd: PathBuf,
    pub skip_validation: bool,
    pub interactive: bool,
    pub ignore_config: IgnoreConfig,
    pub output_limit: OutputLimitConfig,
    pub allow_external_commands: bool,
    pub latch_enabled: bool,
    pub trash_enabled: bool,
    pub nonce_store: Option<NonceStore>,
}
Expand description

Configuration for kernel initialization.

Fields§

§name: String

Name of this kernel (for identification).

§vfs_mode: VfsMountMode

VFS mount mode — controls how local filesystem is exposed.

§cwd: PathBuf

Initial working directory (VFS path).

§skip_validation: bool

Whether to skip pre-execution validation.

When false (default), scripts are validated before execution to catch errors early. Set to true to skip validation for performance or to allow dynamic/external commands.

§interactive: bool

When true, standalone external commands inherit stdio for real-time output.

Set by script runner and REPL for human-visible output. Not set by MCP server (output must be captured for structured responses).

§ignore_config: IgnoreConfig

Ignore file configuration for file-walking tools.

§output_limit: OutputLimitConfig

Output size limit configuration for agent safety.

§allow_external_commands: bool

Whether external command execution (PATH lookup, exec, spawn) is allowed.

When true (default), commands not found as builtins are resolved via PATH and executed as child processes. When false, only kaish builtins and backend-registered tools (MCP) are available.

Security: External commands bypass the VFS sandbox entirely — they see the real filesystem, network, and environment. Set to false when running untrusted input.

§latch_enabled: bool

Enable confirmation latch for dangerous operations (set -o latch).

When enabled, destructive operations like rm require nonce confirmation. Can also be enabled at runtime with set -o latch or via KAISH_LATCH=1.

§trash_enabled: bool

Enable trash-on-delete for rm (set -o trash).

When enabled, small files are moved to freedesktop.org Trash instead of being permanently deleted. Can also be enabled at runtime with set -o trash or via KAISH_TRASH=1.

§nonce_store: Option<NonceStore>

Shared nonce store for cross-request confirmation latch.

When Some, the kernel uses this store instead of creating a fresh one. This allows nonces issued in one MCP execute() call to be validated in a subsequent call. When None (default), a fresh store is created.

Implementations§

Source§

impl KernelConfig

Source

pub fn transient() -> Self

Create a transient kernel config (sandboxed, for temporary use).

Source

pub fn named(name: &str) -> Self

Create a kernel config with the given name (sandboxed by default).

Source

pub fn repl() -> Self

Create a REPL config with passthrough filesystem access.

Native paths like /home/user/project work directly. The cwd is set to the actual current working directory.

Source

pub fn mcp() -> Self

Create an MCP server config with sandboxed filesystem access.

Local filesystem is accessible at its real path (e.g., /home/user), but sandboxed to $HOME. Paths outside the sandbox are not accessible through builtins. External commands still access the real filesystem — use .with_allow_external_commands(false) to block them.

Source

pub fn mcp_with_root(root: PathBuf) -> Self

Create an MCP server config with a custom sandbox root.

Use this to restrict access to a subdirectory like ~/src.

Source

pub fn isolated() -> Self

Create a config with no local filesystem (memory only).

Complete isolation: no local filesystem and external commands are disabled. Useful for tests or pure sandboxed execution.

Source

pub fn with_vfs_mode(self, mode: VfsMountMode) -> Self

Set the VFS mount mode.

Source

pub fn with_cwd(self, cwd: PathBuf) -> Self

Set the initial working directory.

Source

pub fn with_skip_validation(self, skip: bool) -> Self

Skip pre-execution validation.

Source

pub fn with_interactive(self, interactive: bool) -> Self

Enable interactive mode (external commands inherit stdio).

Source

pub fn with_ignore_config(self, config: IgnoreConfig) -> Self

Set the ignore file configuration.

Source

pub fn with_output_limit(self, config: OutputLimitConfig) -> Self

Set the output limit configuration.

Source

pub fn with_allow_external_commands(self, allow: bool) -> Self

Set whether external command execution is allowed.

When false, commands not found as builtins produce “command not found” instead of searching PATH. The exec and spawn builtins also return errors. Use this to prevent VFS sandbox bypass via external binaries.

Source

pub fn with_latch(self, enabled: bool) -> Self

Enable or disable confirmation latch at startup.

Source

pub fn with_trash(self, enabled: bool) -> Self

Enable or disable trash-on-delete at startup.

Source

pub fn with_nonce_store(self, store: NonceStore) -> Self

Use a shared nonce store for cross-request confirmation latch.

Pass a NonceStore that outlives individual kernel instances so nonces issued in one MCP execute() call can be validated in subsequent calls.

Trait Implementations§

Source§

impl Clone for KernelConfig

Source§

fn clone(&self) -> KernelConfig

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Debug for KernelConfig

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl Default for KernelConfig

Source§

fn default() -> Self

Returns the “default value” for a type. Read more

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T> Instrument for T

Source§

fn instrument(self, span: Span) -> Instrumented<Self>

Instruments this type with the provided Span, returning an Instrumented wrapper. Read more
Source§

fn in_current_span(self) -> Instrumented<Self>

Instruments this type with the current Span, returning an Instrumented wrapper. Read more
Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<'src, T> IntoMaybe<'src, T> for T
where T: 'src,

Source§

type Proj<U: 'src> = U

Source§

fn map_maybe<R>( self, _f: impl FnOnce(&'src T) -> &'src R, g: impl FnOnce(T) -> R, ) -> <T as IntoMaybe<'src, T>>::Proj<R>
where R: 'src,

Source§

impl<'p, T> Seq<'p, T> for T
where T: Clone,

Source§

type Item<'a> = &'a T where T: 'a

The item yielded by the iterator.
Source§

type Iter<'a> = Once<&'a T> where T: 'a

An iterator over the items within this container, by reference.
Source§

fn seq_iter(&self) -> <T as Seq<'p, T>>::Iter<'_>

Iterate over the elements of the container.
Source§

fn contains(&self, val: &T) -> bool
where T: PartialEq,

Check whether an item is contained within this sequence.
Source§

fn to_maybe_ref<'b>(item: <T as Seq<'p, T>>::Item<'b>) -> Maybe<T, &'p T>
where 'p: 'b,

Convert an item of the sequence into a MaybeRef.
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> WithSubscriber for T

Source§

fn with_subscriber<S>(self, subscriber: S) -> WithDispatch<Self>
where S: Into<Dispatch>,

Attaches the provided Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

fn with_current_subscriber(self) -> WithDispatch<Self>

Attaches the current default Subscriber to this type, returning a WithDispatch wrapper. Read more
Source§

impl<T> OrderedSeq<'_, T> for T
where T: Clone,