Skip to content
/ loom Public

fix(audit-sidecar): add macOS compatibility for workspace builds#6

Open
denverbaumgartner wants to merge 1 commit intoghuntley:trunkfrom
denverbaumgartner:fix/macos-compatibility
Open

fix(audit-sidecar): add macOS compatibility for workspace builds#6
denverbaumgartner wants to merge 1 commit intoghuntley:trunkfrom
denverbaumgartner:fix/macos-compatibility

Conversation

@denverbaumgartner
Copy link

@denverbaumgartner denverbaumgartner commented Jan 16, 2026

Summary

  • Makes cargo build --workspace succeed on macOS by making the aya crate (eBPF userspace library) Linux-only
  • The audit sidecar runs in "stub mode" on non-Linux platforms (no eBPF monitoring) while preserving full functionality on Linux

Changes

File Change
Cargo.toml Move aya dependency to [target.'cfg(target_os = "linux")'.dependencies]
loader.rs Add module-level #![cfg(all(feature = "ebpf", target_os = "linux"))]
main.rs Update cfg attributes to require both ebpf feature AND Linux

Problem

The aya crate uses Linux-specific APIs (netlink, bpf syscalls) that cause compilation failures on macOS:

error[E0432]: unresolved imports `libc::nlattr`, `libc::nlmsgerr`, `libc::nlmsghdr`

Solution

Use Cargo's target-specific dependencies combined with conditional compilation to:

  1. Only include aya as a dependency on Linux
  2. Only compile the eBPF loader module on Linux with the ebpf feature
  3. Run in stub mode on other platforms

Verification

  • cargo build --workspace passes on macOS
  • cargo test -p loom-weaver-audit-sidecar passes (19 tests)
  • ⏳ Linux builds unchanged (verified by structure - no functional changes to Linux code paths)

Test plan

  • Build workspace on macOS
  • Run audit-sidecar unit tests
  • Verify Linux CI passes (if available)

🤖 Generated with Claude Code

@denverbaumgartner @claude
fix(audit-sidecar): add macOS compatibility for workspace builds
d1c3ff8 
The aya crate (eBPF userspace library) uses Linux-specific APIs (netlink,
bpf syscalls) that cause compilation failures on macOS. This prevented
`cargo build --workspace` from succeeding on macOS.

Changes:
- Move aya dependency to Linux-only target section in Cargo.toml
- Add module-level cfg gate to loader.rs (only compiles on Linux+ebpf)
- Update cfg attributes in main.rs to require both ebpf feature AND Linux
- Add #[allow(unused_variables)] for raw_event_tx on non-Linux platforms

The audit sidecar now runs in "stub mode" on macOS (no eBPF monitoring)
while preserving full functionality on Linux.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@denverbaumgartner