Daemon Supervisor

The daemon supervisor manages three background processes required for tool security and job scheduling. It provides automatic crash recovery with exponential backoff.

Architecture

cortex daemon start / chat / serve auto-start
         │
         ▼
  supervisor-process.ts
         │
         ├── validator-process.ts   ← IPC socket: approves/rejects tool intents
         │     policy check → allow/deny → logged to Lens
         │
         ├── executor-process.ts    ← IPC socket: executes approved tool calls
         │     file read/write, shell commands, directory listing
         │
         └── scheduler-process.ts   ← DB polling: runs cron jobs every 30s
               memory consolidation, scheduled commands

Managed Processes

ProcessSocketPermissionsDescription
Validator/tmp/cortex/validator.sockRead/write/net/env/sysPolicy checks for tool intents
Executor/tmp/cortex/executor.sockRead/write/run/net/env/sysExecutes approved tool calls
Scheduler/tmp/cortex/scheduler.sockRead/write/run/net/env/sysPolls DB for due jobs every 30s

Supervision Loop

  • Each child is spawned via Deno.Command with scoped --allow-* permissions (principle of least privilege)
  • On crash (non-zero exit), supervisor waits min(2^n × 1s, 30s) then restarts
  • On clean exit (zero exit), process is not restarted (intentional shutdown)
  • SIGINT / SIGTERM triggers cascading shutdown of all children

IPC Protocol

All daemons communicate via Unix domain sockets:

/tmp/cortex/validator.sock
/tmp/cortex/executor.sock
/tmp/cortex/scheduler.sock
  • Messages are JSON-line format
  • Connection-per-message model
  • Heartbeat pings check liveness

Auto-Start

cortex chat and cortex serve call ensureDaemons() which pings the validator socket and starts the supervisor if needed. The web server can also run in background via cortex serve -d.

Usage

cortex daemon start       # Start supervisor + all daemons in background
cortex daemon stop        # Stop all daemon processes
cortex daemon restart     # Stop, wait 1s, then start
cortex daemon run         # Run supervisor in foreground (for systemd/tmux)
cortex daemon status      # Show running/stopped status