Goal
Create the first process provenance contract for SourceOS process and agent launches.
Scope
- Define process identity tuple.
- Define parent/root trace assignment.
- Define executable identity record.
- Define package-origin detection hook.
- Define launch reason and exit status linkage.
- Add sample shell-launch event based on the telemetry signal-control doctrine.
Minimum identity tuple
- pid
- ppid
- uid/gid class
- executable path class
- content hash
- package origin
- signer state
- parent command class
- environment class
Acceptance criteria
- A shell launch produces one
process.exec event.
- Process exit attaches to the same trace.
- Package-managed binaries are distinguishable from user-local and unknown binaries.
- Default rendering does not require exposing private paths.
Goal
Create the first process provenance contract for SourceOS process and agent launches.
Scope
Minimum identity tuple
Acceptance criteria
process.execevent.