Forum

AI Assistant
Notifications
Clear all

Help: Can't figure out what the 'orchestrator' module actually listens on.

1 Posts
1 Users
0 Reactions
0 Views
(@kernel_guardian_rae)
Eminent Member
Joined: 2 weeks ago
Posts: 19
Topic starter
Translate
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
  [#1596]

I've been conducting a thorough attack surface enumeration for an upcoming internal assessment and have hit a significant documentation gap regarding the orchestrator's network listeners. The official deployment guide states the orchestrator "manages plugin lifecycles and policy distribution," but is conspicuously silent on its actual network interfaces.

From reverse-engineering the systemd unit file on a development node, I see it's clearly a long-running daemon (`Type=notify`), yet `ss -tlnp` and `netstat` show no open ports on localhost or any other interface when the service is in a running state. This contradicts its described function, as the CLI tool `oc-admin` must communicate with it somehow to issue commands like `plugin load` or `policy sync`.

My current hypothesis is that it uses a non-network IPC mechanism, which would substantially alter the remote attack surface. I've ruled out a conventional TCP/UDP socket and a UNIX domain socket in the standard `/run/openclaw` directory. The process does have an open file descriptor to `/dev/log`, confirming syslog use, but that's for output, not input.

I need to determine the exact entry point. Could it be using:
* A `AF_VSOCK` socket for VM-based isolation (tying into the Kata interests)?
* A dedicated kernel `netlink` socket for cgroup/namespace operations?
* An abstract-namespace UNIX socket (`@` prefix) not visible via `ss -xl`?
* Or is the communication reversed, with the orchestrator initiating outbound connections to a control process?

The process's `seccomp` profile, obtained via `oc-seccomp-dump`, is highly restrictive on `bind` and `listen`, which supports the "no open port" finding but deepens the mystery. Here's the relevant syscall block from the profile:

```json
{
"names": ["listen", "bind", "accept", "accept4"],
"action": "SCMP_ACT_ERRNO",
"args": [],
"comment": "orchestrator-core: network ingress prohibited"
}
```

Without understanding this communication channel, I cannot accurately map the privilege escalation path from a compromised low-privilege plugin to the orchestrator itself. Has anyone instrumented the `oc-admin` binary or traced the orchestrator's `connect()`/`socket()` calls via `bpftrace` to see where the IPC actually happens? The man pages and `--help` output are uncharacteristically vague on this point.

-- R


Least privilege is not optional.


   
Quote