fix: update sandbox shell environment variable handling

liuruibin · liuruibin · commit 96edefb4dc3b · 2026-06-08T16:24:28.000+08:00
diff --git a/apps/application/flow/backend/sandbox_shell.py b/apps/application/flow/backend/sandbox_shell.py
@@ -4,29 +4,32 @@
 
 from deepagents.backends import LocalShellBackend
 from deepagents.backends.protocol import ExecuteResponse
-
 from maxkb.const import CONFIG
 
-_enable_sandbox = bool(int(CONFIG.get('SANDBOX', 0)))
-_run_user = 'sandbox' if _enable_sandbox else getpass.getuser()
-_sandbox_python_sys_path = CONFIG.get_sandbox_python_package_paths().replace(',', ':')
+_enable_sandbox = bool(int(CONFIG.get("SANDBOX", 0)))
+_run_user = "sandbox" if _enable_sandbox else getpass.getuser()
+_sandbox_python_sys_path = CONFIG.get_sandbox_python_package_paths().replace(",", ":")
 
 
 class SandboxShellBackend(LocalShellBackend):
     def __init__(self, root_dir: str, **kwargs):
-        if 'env' not in kwargs and not kwargs.get('inherit_env', False):
+        if "env" not in kwargs and not kwargs.get("inherit_env", False):
             env = os.environ.copy()
-            path = env.get('PATH', '/usr/bin:/bin')
+            python_path = env.get("PYTHONPATH", "")
 
-            # 将 sandbox 路径分解为列表，检查每个路径是否已存在
-            existing_paths = set(path.split(os.pathsep))
+            # 将 sandbox Python 包路径分解为列表，检查每个路径是否已存在
+            existing_paths = set(python_path.split(os.pathsep))
             sandbox_paths = _sandbox_python_sys_path.split(os.pathsep) if _sandbox_python_sys_path else []
             new_paths = [p for p in sandbox_paths if p and p not in existing_paths]
 
             if new_paths:
-                env['PATH'] = f"{os.pathsep.join(new_paths)}{os.pathsep}{path}"
+                env["PYTHONPATH"] = (
+                    f"{os.pathsep.join(new_paths)}{os.pathsep}{python_path}"
+                    if python_path
+                    else os.pathsep.join(new_paths)
+                )
 
-            kwargs['env'] = env
+            kwargs["env"] = env
         super().__init__(root_dir=root_dir, **kwargs)
 
     def _translate_virtual_paths(self, command: str) -> str:
@@ -51,18 +54,21 @@ def translate(m: re.Match) -> str:
         return re.sub(r'(?<![.\w\-])/[A-Za-z_][^\s\'"\\;|&><:,]*', translate, command)
 
     def execute(
-            self,
-            command: str,
-            *,
-            timeout: int | None = None,
+        self,
+        command: str,
+        *,
+        timeout: int | None = None,
     ) -> ExecuteResponse:
         if self.virtual_mode:
             command = self._translate_virtual_paths(command)
 
         if _enable_sandbox:
             # 用 runuser 在子进程里切换用户，父进程凭据保持不变，
             # 避免父进程 ruid/euid 不一致导致 execve 报 Permission denied
-            command = f"env -i LD_PRELOAD=/opt/maxkb-app/sandbox/lib/sandbox.so PATH=${{PATH}} gosu {_run_user} {command}"
+            command = (
+                "env -i LD_PRELOAD=/opt/maxkb-app/sandbox/lib/sandbox.so "
+                f'PATH="${{PATH}}" PYTHONPATH="${{PYTHONPATH}}" gosu {_run_user} {command}'
+            )
             # command = f"runuser -u {_run_user} -- env -i PATH=${{PATH}} {command}"
 
         # print(f"Executing command in sandbox: {command}")
