fix(sandbox): add python -> python3 symlink in base image#1455
fix(sandbox): add python -> python3 symlink in base image#1455BenediktSchackenberg wants to merge 5 commits intoNVIDIA:mainfrom
Conversation
Scripts using the bare `python` command fail inside the sandbox with 'python: command not found' because the base image only installs python3. This causes tool call failures that can trigger agent hallucination (NVIDIA#1452). Adding a python -> python3 symlink at /usr/local/bin/python makes `python script.py`, shebangs like #!/usr/bin/env python, and any dependency that calls python without a version suffix work out of the box. Fixes (partially) NVIDIA#1452 — the python symlink eliminates the specific trigger; the broader hallucination-on-tool-failure issue is tracked upstream in OpenClaw. Signed-off-by: Benedikt Schackenberg <6381261+BenediktSchackenberg@users.noreply.github.com>
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (1)
🚧 Files skipped from review as they are similar to previous changes (1)
📝 WalkthroughWalkthroughThe Changes
Estimated code review effort🎯 1 (Trivial) | ⏱️ ~3 minutes Poem
🚥 Pre-merge checks | ✅ 6✅ Passed checks (6 passed)
✏️ Tip: You can configure your own custom pre-merge checks in the settings. ✨ Finishing Touches🧪 Generate unit tests (beta)
Comment |
There was a problem hiding this comment.
Pull request overview
This PR updates the NemoClaw sandbox base image to ensure python is available on PATH by adding a symlink to python3, preventing failures for scripts and tool calls that invoke python (as described in #1452).
Changes:
- Add a
python -> python3symlink during the base image apt layer build step.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| && rm -rf /var/lib/apt/lists/* \ | ||
| # Create python -> python3 symlink so scripts using the bare `python` | ||
| # command work inside the sandbox without additional setup. (#1452) | ||
| && ln -s /usr/bin/python3 /usr/local/bin/python |
There was a problem hiding this comment.
ln -s will fail the image build if /usr/local/bin/python already exists (e.g., if the upstream base image or a future layer introduces it). Consider making this idempotent (e.g., conditional creation or forcing/replacing the link) so rebuilds remain robust while still ensuring python resolves to python3.
| && ln -s /usr/bin/python3 /usr/local/bin/python | |
| && ln -sf /usr/bin/python3 /usr/local/bin/python |
wscurran
added
Platform: Ubuntu
|
✨ Thanks for submitting this pull request, which proposes a way to fix tool call failures in the sandbox by adding a python → python3 symlink in the base image. Possibly related open issues: |
wscurran
added
status: rebase
Summary
Partially fixes #1452.
The sandbox base image installs
python3but has nopythonbinary. Scripts using the barepythoncommand (shebangs, subprocess calls, AI-generated code) fail withpython: command not found. This is the specific trigger described in #1452 that causes tool call failures, which in turn can lead to agent hallucination.Change
Adds
ln -s /usr/bin/python3 /usr/local/bin/pythonin the base imageapt-getlayer sopythonresolves topython3without any user action.Scope
This PR addresses the sandbox-side trigger. The broader agent hallucination behaviour on tool failure is an OpenClaw agent loop issue outside the scope of NemoClaw.
Signed-off-by: Benedikt Schackenberg 6381261+BenediktSchackenberg@users.noreply.github.com
Summary by CodeRabbit
pythoncommand run correctly without additional setup. This improves out-of-the-box compatibility for Python-based workflows and tooling.