openclaw/hermes-agent
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

fix: preserve symlinks during atomic file writes (#16743)

Browse Source 
os.replace(tmp, path) replaces the symlink itself with a regular file,
breaking users who symlink config.yaml, SOUL.md, or .env from ~/.hermes/
to a dotfiles repo or managed profile package.

Fix: resolve symlinks via os.path.realpath() before os.replace(), so the
real file is overwritten in-place while the symlink survives.

Fixed in 7 files covering all os.replace call sites:
- utils.py (atomic_json_write, atomic_yaml_write — fixes save_config)
- hermes_cli/config.py (env sanitizer, save_env_value, remove_env_value)
- tools/skill_manager_tool.py (_atomic_write_text — SOUL.md writes)
- tools/memory_tool.py (memory file writes)
- tools/skills_sync.py (manifest writes)
- cron/jobs.py (job state + output file writes)
- agent/shell_hooks.py (hook file writes)

Fixes NousResearch/hermes-agent#16743
This commit is contained in:
vominh1919
2026-04-28 09:34:55 +07:00
committed by Teknium
parent 1369dae226
commit 3ab97a32d1
7 changed files with 38 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
utils.py
View File

@ -99,8 +99,11 @@ def atomic_json_write(
)
f.flush()
os.fsync(f.fileno())
os.replace(tmp_path, path)
_restore_file_mode(path, original_mode)
# Resolve symlinks so os.replace writes to the real file instead of
# replacing the symlink with a regular file (GitHub #16743).
real_path = os.path.realpath(path) if os.path.islink(path) else path
os.replace(tmp_path, real_path)
_restore_file_mode(real_path, original_mode)
except BaseException:
# Intentionally catch BaseException so temp-file cleanup still runs for
# KeyboardInterrupt/SystemExit before re-raising the original signal.
@ -150,8 +153,11 @@ def atomic_yaml_write(
f.write(extra_content)
f.flush()
os.fsync(f.fileno())
os.replace(tmp_path, path)
_restore_file_mode(path, original_mode)
# Resolve symlinks so os.replace writes to the real file instead of
# replacing the symlink with a regular file (GitHub #16743).
real_path = os.path.realpath(path) if os.path.islink(path) else path
os.replace(tmp_path, real_path)
_restore_file_mode(real_path, original_mode)
except BaseException:
# Match atomic_json_write: cleanup must also happen for process-level
# interruptions before we re-raise them.