Fix Sandbox.jl integration and type issues

Keno · claude · Keno · commit dbed24aac99c · 2025-09-25T14:44:22.000Z
- Fixed SandboxConfig constructor type from Dict{String,Any} to Dict{String,Sandbox.MountInfo} - Added proper mounts for Julia depot and workspace directories - Mounted /tmp as read-write for socket creation in sandbox mode - Fixed Sandbox.jl UUID to correct value (9307e30f-c43e-9ca7-d17c-c2dc59df670d) - Note: Socket passing through fd not yet fully implemented, requires Sandbox.jl modifications 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
diff --git a/Manifest.toml b/Manifest.toml
@@ -2,12 +2,22 @@
 
 julia_version = "1.13.0-DEV"
 manifest_format = "2.0"
-project_hash = "4b3c2014fa9be900c59f5ea3b2106ed48a689c6d"
+project_hash = "39c83b73b84b4ed04a3cf369d85506b2a1714fbf"
+
+[[deps.ArgTools]]
+uuid = "0dad84c5-d112-42e6-8d28-ef12dabb789f"
+version = "1.1.2"
 
 [[deps.Artifacts]]
 uuid = "56f22d72-fd6d-98f1-02f0-08ddc0907c33"
 version = "1.11.0"
 
+[[deps.Attr_jll]]
+deps = ["Artifacts", "JLLWrappers", "Libdl"]
+git-tree-sha1 = "b8747cda97b6cedbd8dc9fc6218e1d53ce8de32f"
+uuid = "1fd713ca-387f-5abc-8002-d8b8b1623b73"
+version = "2.5.3+0"
+
 [[deps.Base64]]
 uuid = "2a0f44e3-6c83-55bd-87e4-b1978d98bd5f"
 version = "1.11.0"
@@ -30,11 +40,31 @@ deps = ["Printf"]
 uuid = "ade2ca70-3891-5945-98fb-dc099432e06a"
 version = "1.11.0"
 
+[[deps.Downloads]]
+deps = ["ArgTools", "FileWatching", "LibCURL", "NetworkOptions"]
+uuid = "f43a241f-c20a-4ad4-852c-f6b1247861c6"
+version = "1.7.0"
+
+[[deps.EnumX]]
+git-tree-sha1 = "bddad79635af6aec424f53ed8aad5d7555dc6f00"
+uuid = "4e289a0a-7415-4d19-859d-a7e5c4648b56"
+version = "1.0.5"
+
+[[deps.FileWatching]]
+uuid = "7b1f6079-737a-58dc-b8bc-7a2ca5c1b5ee"
+version = "1.11.0"
+
 [[deps.InteractiveUtils]]
 deps = ["Markdown"]
 uuid = "b77e0a4c-d291-57a0-90e8-8db25a27a240"
 version = "1.11.0"
 
+[[deps.JLLWrappers]]
+deps = ["Artifacts", "Preferences"]
+git-tree-sha1 = "0533e564aae234aff59ab625543145446d8b6ec2"
+uuid = "692b3bcd-3c85-4b1f-b108-f13ce0eb3210"
+version = "1.7.1"
+
 [[deps.JSON]]
 deps = ["Dates", "Mmap", "Parsers", "Unicode"]
 git-tree-sha1 = "31e996f0a15c7b280ba9f76636b3ff9e2ae58c9a"
@@ -47,7 +77,7 @@ uuid = "ac6e5ff7-fb65-4e79-a425-ec3bc9c03011"
 version = "1.12.0"
 
 [[deps.LLMBenchMCPServer]]
-deps = ["ClaudeMCPTools", "Dates", "JSON", "LLMBenchSimple", "Sockets", "Test"]
+deps = ["ClaudeMCPTools", "Dates", "JSON", "LLMBenchSimple", "Sandbox", "Sockets", "Test"]
 path = "."
 uuid = "78754875-2f68-464a-ac60-858ac662827f"
 version = "0.1.0"
@@ -60,6 +90,21 @@ repo-url = "git@github.com:JuliaComputing/LLMBenchSimple.jl.git"
 uuid = "a7b3c4d5-e6f7-8901-2345-678901234567"
 version = "0.1.0"
 
+[[deps.LazyArtifacts]]
+deps = ["Artifacts", "Pkg"]
+uuid = "4af54fe1-eca0-43a8-85a7-787d91b784e3"
+version = "1.11.0"
+
+[[deps.LibCURL]]
+deps = ["LibCURL_jll", "MozillaCACerts_jll"]
+uuid = "b27032c2-a3e7-50c8-80cd-2d36dbcbfd21"
+version = "0.6.4"
+
+[[deps.LibCURL_jll]]
+deps = ["Artifacts", "CompilerSupportLibraries_jll", "LibSSH2_jll", "Libdl", "OpenSSL_jll", "Zlib_jll", "Zstd_jll", "nghttp2_jll"]
+uuid = "deac9b47-8bc7-5906-a0fe-35ac56dc84c0"
+version = "8.16.0+0"
+
 [[deps.LibGit2]]
 deps = ["LibGit2_jll", "NetworkOptions", "Printf", "SHA"]
 uuid = "76f85450-5226-5b5a-8eaa-529ad045b433"
@@ -79,6 +124,12 @@ version = "1.11.3+1"
 uuid = "8f399da3-3557-5675-b5ff-fb832c97cbdb"
 version = "1.11.0"
 
+[[deps.Libiconv_jll]]
+deps = ["Artifacts", "JLLWrappers", "Libdl"]
+git-tree-sha1 = "be484f5c92fad0bd8acfef35fe017900b0b73809"
+uuid = "94ce4f54-9a6c-5748-9c1c-f9c7231a4531"
+version = "1.18.0+0"
+
 [[deps.Logging]]
 uuid = "56ddb016-857b-54e1-b83d-db4d58db5568"
 version = "1.11.0"
@@ -92,6 +143,10 @@ version = "1.11.0"
 uuid = "a63ad114-7e13-5084-954f-fe012c677804"
 version = "1.11.0"
 
+[[deps.MozillaCACerts_jll]]
+uuid = "14a3606d-f60d-562e-9121-12d972cd8159"
+version = "2025.9.9"
+
 [[deps.NetworkOptions]]
 uuid = "ca575930-c2e3-43a9-ace4-1e988b2c1908"
 version = "1.3.0"
@@ -112,6 +167,17 @@ git-tree-sha1 = "7d2f8f21da5db6a806faf7b9b292296da42b2810"
 uuid = "69de0a69-1ddd-5017-9359-2bf0b02dc9f0"
 version = "2.8.3"
 
+[[deps.Pkg]]
+deps = ["Artifacts", "Dates", "Downloads", "FileWatching", "LibGit2", "Libdl", "Logging", "Markdown", "Printf", "Random", "SHA", "TOML", "Tar", "UUIDs", "p7zip_jll"]
+uuid = "44cfe95a-1eb2-52ea-b672-e2afdf69b78f"
+version = "1.13.0"
+
+    [deps.Pkg.extensions]
+    REPLExt = "REPL"
+
+    [deps.Pkg.weakdeps]
+    REPL = "3fa0cd96-eef1-5676-8a61-b3b8758bbffb"
+
 [[deps.PrecompileTools]]
 deps = ["Preferences"]
 git-tree-sha1 = "07a921781cab75691315adc645096ed5e370cb77"
@@ -138,6 +204,18 @@ version = "1.11.0"
 uuid = "ea8e919c-243c-51af-8825-aaa63cd721ce"
 version = "0.7.0"
 
+[[deps.Sandbox]]
+deps = ["EnumX", "LazyArtifacts", "Libdl", "Preferences", "Random", "SHA", "Scratch", "TOML", "Tar", "Tar_jll", "UserNSSandbox_jll"]
+git-tree-sha1 = "560311be5e024eb0777f3dc9beed3c6a08b2a2a7"
+uuid = "9307e30f-c43e-9ca7-d17c-c2dc59df670d"
+version = "2.1.1"
+
+[[deps.Scratch]]
+deps = ["Dates"]
+git-tree-sha1 = "9b81b8393e50b7d4e6d0a9f14e192294d3b7c109"
+uuid = "6c6a2e73-6563-6170-7368-637461726353"
+version = "1.3.0"
+
 [[deps.Serialization]]
 uuid = "9e88b42a-f829-5b0c-bbe9-9e923198166b"
 version = "1.11.0"
@@ -155,6 +233,17 @@ deps = ["Dates"]
 uuid = "fa267f1f-6049-4f14-aa54-33bafae1ed76"
 version = "1.0.3"
 
+[[deps.Tar]]
+deps = ["ArgTools", "SHA"]
+uuid = "a4e569a6-e804-4fa4-b0f3-eef7a1d5b13e"
+version = "1.10.0"
+
+[[deps.Tar_jll]]
+deps = ["Artifacts", "Attr_jll", "JLLWrappers", "Libdl", "Libiconv_jll"]
+git-tree-sha1 = "85e7d0ef5248971fbd824f29c52ab6168b895dfd"
+uuid = "9b64493d-8859-5bf3-93d7-7c32dd38186f"
+version = "1.35.0+0"
+
 [[deps.Test]]
 deps = ["InteractiveUtils", "Logging", "Random", "Serialization"]
 uuid = "8dfed614-e22c-5e08-85e1-65c5234f0b40"
@@ -169,7 +258,28 @@ version = "1.11.0"
 uuid = "4ec0a83e-493e-50e2-b9ac-8f72acf5a8f5"
 version = "1.11.0"
 
+[[deps.UserNSSandbox_jll]]
+deps = ["Artifacts", "JLLWrappers", "Libdl"]
+git-tree-sha1 = "79dc57555c873394aa67457f9c6022068da7b04a"
+uuid = "b88861f7-1d72-59dd-91e7-a8cc876a4984"
+version = "2025.1.28+0"
+
 [[deps.Zlib_jll]]
 deps = ["Libdl"]
 uuid = "83775a58-1f1d-513f-b197-d71354ab007a"
 version = "1.3.1+2"
+
+[[deps.Zstd_jll]]
+deps = ["CompilerSupportLibraries_jll", "Libdl"]
+uuid = "3161d3a3-bdf6-5164-811a-617609db77b4"
+version = "1.5.7+1"
+
+[[deps.nghttp2_jll]]
+deps = ["Artifacts", "CompilerSupportLibraries_jll", "Libdl"]
+uuid = "8e850ede-7688-5339-a07c-302acd2aaf8d"
+version = "1.67.1+0"
+
+[[deps.p7zip_jll]]
+deps = ["Artifacts", "Libdl"]
+uuid = "3f19e933-33d8-53b3-aaab-bd5110c3b7a0"
+version = "17.6.0+0"
diff --git a/src/server.jl b/src/server.jl
@@ -296,7 +296,7 @@ function launch_in_sandbox(args::Vector{String}, use_socket::Bool, socket_path::
     
     # Create minimal mounts for the sandbox
     # We'll use a minimal Debian rootfs and mount the Julia installation
-    mounts = Dict{String, Any}(
+    mounts = Dict{String, Sandbox.MountInfo}(
         "/" => Sandbox.MountInfo(Sandbox.debian_rootfs(; platform=host_platform), Sandbox.MountType.Overlayed),
         "/workspace" => Sandbox.MountInfo(pwd(), Sandbox.MountType.ReadWrite),
     )
@@ -311,6 +311,18 @@ function launch_in_sandbox(args::Vector{String}, use_socket::Bool, socket_path::
     # Mount the current project directory (where LLMBenchMCPServer is)
     project_dir = dirname(dirname(@__FILE__))
     mounts["/opt/llmbench"] = Sandbox.MountInfo(project_dir, Sandbox.MountType.ReadOnly)
+
+    # Mount Julia packages/artifacts/compiled directories
+    julia_depot = get(ENV, "JULIA_DEPOT_PATH", joinpath(homedir(), ".julia"))
+    if isdir(julia_depot)
+        mounts["/root/.julia"] = Sandbox.MountInfo(julia_depot, Sandbox.MountType.ReadOnly)
+    end
+
+    # Also mount the workspace root for ClaudeMCPTools and other local packages
+    workspace_root = dirname(project_dir)  # Get /workspace from /workspace/LLMBenchMCPServer
+    if isdir(workspace_root)
+        mounts["/opt/workspace"] = Sandbox.MountInfo(workspace_root, Sandbox.MountType.ReadOnly)
+    end
     
     # Set up environment variables
     env = Dict{String, String}(
@@ -325,93 +337,40 @@ function launch_in_sandbox(args::Vector{String}, use_socket::Bool, socket_path::
     new_args = copy(args)
     push!(new_args, "--direct")
 
-    # Handle socket mode differently
-    server_socket = nothing
+    # For socket mode in sandbox, we'll mount /tmp as writable
+    # so the sandboxed process can create its own socket
     if use_socket
-        # Create the socket in the parent process
-        if isempty(socket_path)
-            # Generate a unique socket path in /tmp
-            timestamp = Dates.format(Dates.now(), "yyyymmdd_HHMMSS")
-            pid = getpid()
-            socket_path = "/tmp/mcp_$(args[1])_$(timestamp)_$(pid).sock"
-        end
-
-        # Clean up existing socket if it exists
-        if isfile(socket_path)
-            rm(socket_path)
-        end
-
-        # Create the Unix socket server
-        server_socket = Sockets.listen(socket_path)
+        # Mount /tmp as read-write for socket creation
+        mounts["/tmp"] = Sandbox.MountInfo("/tmp", Sandbox.MountType.ReadWrite)
 
         if verbose
-            println("Created socket: $socket_path")
-            println("Socket will be passed to sandbox as fd 3")
+            println("Socket mode enabled - /tmp mounted for socket creation")
         end
-
-        # Add --fd3 flag to tell child to use fd 3
-        push!(new_args, "--fd3")
-
-        # Remove any --socket or --bind-socket flags as they're handled by parent
-        new_args = filter(arg -> !(arg in ["--socket", "--bind-socket"] || startswith(arg, "/tmp/mcp_")), new_args)
     end
 
     # Build the Julia command
     cmd = Cmd(["/opt/julia/bin/julia", "--project=/opt/llmbench", "-m", "LLMBenchMCPServer"])
     cmd = `$cmd $new_args`
 
     # Create the sandbox configuration
-    if server_socket !== nothing
-        # Pass the socket as fd 3 (after stdin, stdout, stderr)
-        config = Sandbox.SandboxConfig(
-            mounts,
-            env;
-            stdin=Base.stdin,
-            stdout=Base.stdout,
-            stderr=Base.stderr,
-            pwd="/workspace"
-        )
-
-        # Run in the sandbox with the socket passed as an extra fd
-        exit_code = Cint(0)
-        try
-            Sandbox.with_executor() do exe
-                # Pass server_socket as the 4th argument (fd 3)
-                run(exe, config, cmd, Base.stdin, Base.stdout, Base.stderr, server_socket)
-            end
-        catch e
-            println(stderr, "Error running in sandbox: $e")
-            exit_code = Cint(1)
-        finally
-            # Clean up socket
-            close(server_socket)
-            if isfile(socket_path)
-                rm(socket_path)
-                if verbose
-                    println("Cleaned up socket: $socket_path")
-                end
-            end
-        end
-    else
-        # No socket, run normally
-        config = Sandbox.SandboxConfig(
-            mounts,
-            env;
-            stdin=Base.stdin,
-            stdout=Base.stdout,
-            stderr=Base.stderr,
-            pwd="/workspace"
-        )
+    config = Sandbox.SandboxConfig(
+        mounts,
+        env;
+        stdin=Base.stdin,
+        stdout=Base.stdout,
+        stderr=Base.stderr,
+        pwd="/workspace"
+    )
 
-        exit_code = Cint(0)
-        try
-            Sandbox.with_executor() do exe
-                run(exe, config, cmd)
-            end
-        catch e
-            println(stderr, "Error running in sandbox: $e")
-            exit_code = Cint(1)
+    # Run in the sandbox
+    exit_code = Cint(0)
+    try
+        Sandbox.with_executor() do exe
+            run(exe, config, cmd)
         end
+    catch e
+        println(stderr, "Error running in sandbox: $e")
+        exit_code = Cint(1)
     end
 
     return exit_code
