FIT Bootstrap is a core module of the FIT ecosystem, responsible for preparing and validating the operating system environment before executing FIT applications, including privilege escalation, system configuration, and security checks.
It is responsible for executing all required pre-flight checks, handling privilege separation, and performing OS-specific setup tasks that cannot be safely managed by the main application itself.
At the moment, FIT Bootstrap is used by:
- fit-web (scraper module)
- fit (bundled application)
In the future, it may be reused by additional FIT modules.
- Cross-platform support (macOS, Windows, Linux)
- Separation of user phase and admin/root phase
- Works both in:
- development mode (Poetry)
- bundled mode (PyInstaller)
- No graphical user interface (GUI)
- Controlled execution flow before launching the main application
FIT Bootstrap is responsible for:
- Verifying system prerequisites
- Detecting execution context (dev vs bundle)
- Managing execution phases (user / admin)
- Aborting execution if mandatory conditions are not met
- Handling Gatekeeper and quarantine flags
- Requesting and validating administrator privileges
- Temporarily configuring system proxy
- Installing and removing the mitmproxy Certificate Authority
- Managing tcpdump permissions and execution
FIT Bootstrap runs before the main FIT application and decides:
- Whether the environment is valid
- Whether elevated privileges are required
- Which actions must be executed as root
- When it is safe to launch the target application
The bootstrap process is fully deterministic and blocks execution if any mandatory step fails.
Used when running the application through Poetry.
poetry run python -m fit_bootstrap