15308555518/ MaxKB
1
0
Fork 0
mirror of https://github.com/1Panel-dev/MaxKB.git synced 2025-12-26 01:33:05 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

refactor: change lib dir.

This commit is contained in:
liqiang-fit2cloud 2025-11-27 10:29:20 +08:00
parent f341930795
commit 674e34a735
2 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
apps/common/utils/tool_code.py
View File

@ -29,7 +29,7 @@ class ToolExecutor:
else:
self.sandbox_path = os.path.join(PROJECT_DIR, 'data', 'sandbox')
self.user = None
self.sandbox_so_path = f'{self.sandbox_path}/sandbox.so'
self.sandbox_so_path = f'{self.sandbox_path}/lib/sandbox.so'
self.process_timeout_seconds = int(CONFIG.get("SANDBOX_PYTHON_PROCESS_TIMEOUT_SECONDS", '3600'))
try:
self._init_dir()
@ -60,10 +60,9 @@ class ToolExecutor:
tmp_dir_path = os.path.join(self.sandbox_path, 'tmp')
os.makedirs(tmp_dir_path, 0o700, exist_ok=True)
os.system(f"chown -R {self.user}:root {tmp_dir_path}")
if os.path.exists(self.sandbox_so_path):
os.chmod(self.sandbox_so_path, 0o440)
# 初始化sandbox配置文件
sandbox_conf_file_path = f'{self.sandbox_path}/.sandbox.conf'
sandbox_lib_path = os.path.dirname(self.sandbox_so_path)
sandbox_conf_file_path = f'{sandbox_lib_path}/.sandbox.conf'
if os.path.exists(sandbox_conf_file_path):
os.remove(sandbox_conf_file_path)
allow_subprocess = CONFIG.get("SANDBOX_PYTHON_ALLOW_SUBPROCESS", '0')
@ -75,7 +74,7 @@ class ToolExecutor:
with open(sandbox_conf_file_path, "w") as f:
f.write(f"SANDBOX_PYTHON_BANNED_HOSTS={banned_hosts}\n")
f.write(f"SANDBOX_PYTHON_ALLOW_SUBPROCESS={allow_subprocess}\n")
os.chmod(sandbox_conf_file_path, 0o440)
os.system(f"chmod -R g-wx {sandbox_lib_path}")
def exec_code(self, code_str, keywords):
_id = str(uuid.uuid7())

2
installer/Dockerfile
View File

@ -13,7 +13,7 @@ RUN apt-get update && \
apt-get clean all && \
rm -rf /var/lib/apt/lists/*
WORKDIR /opt/maxkb-app
RUN gcc -shared -fPIC -o ${MAXKB_SANDBOX_HOME}/sandbox.so /opt/maxkb-app/installer/sandbox.c -ldl && \
RUN gcc -shared -fPIC -o ${MAXKB_SANDBOX_HOME}/lib/sandbox.so /opt/maxkb-app/installer/sandbox.c -ldl && \
rm -rf /opt/maxkb-app/ui && \
pip install uv --break-system-packages && \
python -m uv pip install -r pyproject.toml && \