She deployed to the three drones. Telemetry flooded in: stable heart rates, smooth trajectory corrections, and then, bleakly, one drone reported "lock mismatch: aim_lock_config.conf HOT". The canary refused the shadow config—the lock check happened locally before accepting any override.
She traced the lock's metadata to a zippy little microservice nicknamed Locksmith—a lightweight guardian intended to prevent concurrent configuration writes. Locksmith's metrics showed a heartbeat frozen at 03:12. Its PID was gone, but the kernel still held the inode as taken. That was impossible; file locks shouldn't survive process death.
Mira opened a new shell and began a manual orchestration: create a shadow config, replicate the exact parameters, and push changes to a small canary subset—three drones—leaving the rest untouched. If the canary behaved, she could roll the patch incrementally despite the lock. She crafted aim_lock_config_hotfix.conf, identical except for a timestamp and a safer update window flag.
"Design for ghosts," Mira said. "State loves to linger. Make it easy to be explicit about ownership, and always have a safe bypass."
She could force-release the lock. But the file was the aim controller for a dozen drones en route to a hazardous site. Forcing the lock risked inconsistency: half the fleet might receive settings they shouldn't. Her other choice was to wait for the lock manager's garbage collector to run, but the GC ran on a twenty-minute interval—and every minute their drones hovered in the sky cost battery and increased risk.