Carol — back to Apps ← Apps

Carolopedia

A friendly guide to Carol, her ecosystem, and the agents who built her.

📖 CarolopediaDroidsRadagast Sudo Daemon
Radagast Sudo Daemon

Radagast Sudo Daemon

Droid Long-running privileged daemon that executes Radagast's allowlisted admin actions as the dedicated radagast OS user; caroladmin droids enqueue verified requests and never run sudo directly.
Go to droid →

📖About & Usage

Owner agent — accountability this droid serves

CAROL-INI-1848

Droid responsibility

Be the single OS-enforced executor of privileged admin actions on the VM.

What the droid actually does

Poll the admin-request queue; re-verify each request (authentic+active+reviewed); enforce the allowlist; execute via the radagast user's scoped sudo grant; write the admin-log.

Boundaries

Only the allowlisted carol- + nginx ops; no NOPASSWD:ALL; nothing outside the carol- namespace; refuses unverified or unreviewed requests.

👤Owner

Radagast · Admin

📚Recent initiatives

Initiatives that touched this droid — a short summary each; open one for the full story.

CAROL-INI-1878-00: Auto-detected coverage gap: 55 scheduled/ongoing droids emit no run-audit
Hermione (Process Monitor) found 55 registered scheduled/ongoing droids that write no run-audit row, so their liveness cannot be judged (silent observability blind spot). Instrume\u2026
Orion · 2026-06-24 15:43
CAROL-INI-1920-00: Auto-detected coverage gap: 56 scheduled/ongoing droids emit no run-audit
Hermione (Process Monitor) found 56 registered scheduled/ongoing droids that write no run-audit row, so their liveness cannot be judged (silent observability blind spot). Instrume\u2026
Orion · 2026-06-24 15:43
CAROL-INI-1975-00: Auto-detected coverage gap: 80 scheduled/ongoing droids emit no run-audit
Hermione (Process Monitor) found 80 registered scheduled/ongoing droids that write no run-audit row, so their liveness cannot be judged (silent observability blind spot). Instrume\u2026
Orion · 2026-06-24 15:43
Browse all initiatives →