Description
Description
PR: fix(sandbox): restrict /sandbox to read-only via Landlock
Using the security/read-only-sandbox-filesystem branch, running nemoclaw onboard fails during sandbox creation (step 6/8) with:
/usr/local/bin/nemoclaw-start: line 203: _SANDBOX_HOME: unbound variable
The variable _SANDBOX_HOME is referenced at 3 locations in scripts/nemoclaw-start.sh (lines 178, 203, and 246), but it is never defined anywhere in the file. Because the script uses set -euo pipefail, the unbound variable causes an immediate exit.
Environment
- OS: Ubuntu (Linux 6.17.0-1008-nvidia, aarch64)
- Node.js: v22.22.2
- Docker: 29.1.3
- NemoClaw: v0.1.0
- Branch:
security/read-only-sandbox-filesystem (commit 0d85225)
Steps to Reproduce
- Clone the repo:
git clone -b security/read-only-sandbox-filesystem https://github.com/prekshivyas/NemoClaw.git
- Install dependencies and build:
npm install && npm link && cd nemoclaw && npm install && npm run build && cd ../nemoclaw-blueprint && uv sync && cd ..
- Run
nemoclaw onboard and complete steps 1-5 (preflight, gateway, inference, provider, messaging). - At step 6, enter a sandbox name and wait for image build and sandbox creation.
- Sandbox creation fails with
_SANDBOX_HOME: unbound variable.
Logs
[SECURITY] CAP_SETPCAP not available -- runtime already restricts capabilities
Setting up NemoClaw...
[gateway] Running as non-root (uid=998) -- privilege separation disabled
/usr/local/bin/nemoclaw-start: line 203: _SANDBOX_HOME: unbound variable
Error: x ssh exited with status exit status: 1
Try: openshell sandbox list # check gateway state
Hint: sandbox creation started but the create stream did not finish cleanly.
Recovery: nemoclaw onboard --resume
Analysis
_SANDBOX_HOME is used in three places but never assigned:
- Line 178:
export_gateway_token() - cleanup stale tokens from rc files - Line 203:
export_gateway_token() - persist token to .bashrc/.profile - Line 246:
install_configure_guard() - guard openclaw configure
The variable likely needs to be defined as _SANDBOX_HOME="/sandbox", or resolved dynamically via getent passwd sandbox, before these references are used.
Expected Behavior
nemoclaw onboard should complete successfully.
Actual Behavior
nemoclaw onboard gets stuck at the sandbox creation step and exits with _SANDBOX_HOME: unbound variable.
Bug Details
| Field |
Value |
| Priority |
Unprioritized |
| Action |
Dev - Open - To fix |
| Disposition |
Open issue |
| Module |
Machine Learning - NemoClaw |
| Keyword |
NemoClaw, NEMOCLAW_GH_SYNC_APPROVAL, NemoClaw-SWQA-RelBlckr-Recommended, NemoClaw-SWQA-Test-Blocker |
[NVB# 6059349]
[NVB#6059349]
Description
Description
PR: fix(sandbox): restrict /sandbox to read-only via Landlock
Using the
security/read-only-sandbox-filesystembranch, runningnemoclaw onboardfails during sandbox creation (step 6/8) with:The variable
_SANDBOX_HOMEis referenced at 3 locations inscripts/nemoclaw-start.sh(lines 178, 203, and 246), but it is never defined anywhere in the file. Because the script usesset -euo pipefail, the unbound variable causes an immediate exit.Environment
security/read-only-sandbox-filesystem(commit0d85225)Steps to Reproduce
nemoclaw onboardand complete steps 1-5 (preflight, gateway, inference, provider, messaging)._SANDBOX_HOME: unbound variable.Logs
Analysis
_SANDBOX_HOMEis used in three places but never assigned:export_gateway_token()- cleanup stale tokens from rc filesexport_gateway_token()- persist token to.bashrc/.profileinstall_configure_guard()- guardopenclaw configureThe variable likely needs to be defined as
_SANDBOX_HOME="/sandbox", or resolved dynamically viagetent passwd sandbox, before these references are used.Expected Behavior
nemoclaw onboardshould complete successfully.Actual Behavior
nemoclaw onboardgets stuck at the sandbox creation step and exits with_SANDBOX_HOME: unbound variable.Bug Details
[NVB# 6059349]
[NVB#6059349]