Fix/desktop sandbox fallback#94
Conversation
…al mode When embedded VZ sandbox is not available (no kernel/rootfs configured), Bridge was incorrectly falling back to 127.0.0.1:19002, assuming a Docker sandbox was running. This caused Worker to send requests to a non-existent address, resulting in connection refused errors. Instead of hardcoding a fake address, switch execution mode back to local when sandbox is unavailable, ensuring file operations and shell commands run on the host machine. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
… 19002
P0: Sidecar now auto-detects kernel/rootfs in ~/.arkloop/vm/ and sets
ARKLOOP_SANDBOX_KERNEL_IMAGE / ARKLOOP_SANDBOX_ROOTFS so that
StartEmbeddedSandbox() can actually launch the VZ VM pool.
P1: Remove desktopDockerSandboxAvailable()'s hardcoded health check to
127.0.0.1:19002. In Desktop mode there is no standalone Docker sandbox;
only VZ embedded sandbox exists. Also simplify desktopFirecrackerAvailable()
by removing the incorrect addr!=19002 guard.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
When VZ sandbox kernel/rootfs images are not found: - Sidecar now logs actionable hints to stdout showing where images should be placed (~/.arkloop/vm/) and that local mode will be used. - StartEmbeddedSandbox provides structured slog warnings with 'hint' and 'fallback' fields for easier debugging. This helps users understand why VM isolation is unavailable instead of silently falling back to local execution. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
![chatgpt-codex-connector[bot]](https://avatars.githubusercontent.com/in/1144995?s=60&v=4){kind=small}
There was a problem hiding this comment.
💡 Codex Review
Here are some automated review suggestions for this pull request.
Reviewed commit: 1a9601ac32
ℹ️ About Codex in GitHub
Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you
- Open a pull request for review
- Mark a draft as ready
- Comment "@codex review".
If Codex has suggestions, it will comment; otherwise it will react with 👍.
When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".
| if desktop.GetSandboxAddr() == "" { | ||
| desktop.SetSandboxAddr("127.0.0.1:19002") | ||
| if desktop.GetExecutionMode() == "vm" { | ||
| desktop.SetExecutionMode("local") |
There was a problem hiding this comment.
When the sidecar starts without VM images this startup-only fallback switches a previously persisted vm mode to local, but the POST /v1/execution-mode handler below can still accept vm later in the same no-sandbox session. In that state desktop.GetSandboxAddr() remains empty, and DynamicShellExecutor.resolveBackend routes vm+empty addr to local execution, so a user who toggles VM isolation after startup sees mode=vm persisted while commands run on the host. Please reject vm or immediately reset to local whenever no sandbox address is available.
Useful? React with 👍 / 👎.
2 participants
修复 sandbox 会错误 fallback 到一个不存在的服务的问题。vm 服务不存在后会正常 fallback 到 local 模式