OpenHands icon indicating copy to clipboard operation
OpenHands copied to clipboard
verified publisher icon All-Hands-AI

[Bug]: Cannot use a custom sandbox image base with SANDBOX_USER_ID

Open deepdelirious opened this issue 8 months ago • 5 comments

Is there an existing issue for the same bug? (If one exists, thumbs up or comment on the issue instead).

  • [x] I have checked the existing issues.

Describe the bug and reproduction steps

When using a custom sandbox image base and setting SANDBOX_USER_ID, the build of the sandbox image fails when it tries to install docker.

This can be reproduced easily:

docker run -it --rm --pull=always \
    -e SANDBOX_BASE_CONTAINER_IMAGE=ubuntu \
    -e LOG_ALL_EVENTS=true \
    -v /var/run/docker.sock:/var/run/docker.sock \
    -v ~/.openhands-state:/.openhands-state \
    -p 3000:3000 \
    --add-host host.docker.internal:host-gateway \
    --name openhands-app \
    -e SANDBOX_USER_ID=$(id -u) \
    -e DEBUG=1 \
    -e LOG_TO_FILE=False \
    docker.all-hands.dev/all-hands-ai/openhands:0.33

OpenHands Installation

Docker command in README

OpenHands Version

0.33

Operating System

Linux

Logs, Errors, Screenshots, and Additional Context

16:19:57 - openhands:INFO: docker.py:98 - No docker binary available inside openhands-app container, trying to download online... E: Could not open lock file /var/lib/apt/lists/lock - open (13: Permission denied) E: Unable to lock directory /var/lib/apt/lists/ 16:19:57 - openhands:ERROR: docker.py:120 - Image build failed: Command 'apt-get update' returned non-zero exit status 100.

deepdelirious avatar Apr 17 '25 16:04 deepdelirious

Just to clarify, if you remove the SANBOX_USER_ID part, it works?

mamoodi avatar Apr 18 '25 13:04 mamoodi

I see the same issue and I confirm running without SANDBOX_USER_ID avoids this problem. But it's not a solution.

mkowalczyk88 avatar May 05 '25 18:05 mkowalczyk88

I also have a similar issuse:

Running with SANDBOX_USER_ID will create .openhands-state folder with root user, making it throw PermissionError when creating session

tychenjiajun avatar May 14 '25 09:05 tychenjiajun

The docs are unclear on this: https://gitlab.com/deposition.cloud/infra/devops/devcontainer/bloat/-/blob/main/Dockerfile?ref_type=heads

confusing behavior with SANDBOX_RUNTIME_CONTAINER_IMAGE and SANDBOX_BASE_CONTAINER_IMAGE

after some struggle, I reverse engineered the runtime container image

my suggestion would be to drop support for the _BASE_ option altogether (anyone who needs that would most likely know how to build their own Docker image anyway), and instead provide a reference Dockerfile that "just works" (here's my runtime image to support Go development, see the Dockerfile), rather than building the docker.all-hands.dev/all-hands-ai/runtime:0.##-nikolaik through code, which is much harder to follow

pcuci avatar May 17 '25 13:05 pcuci

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

github-actions[bot] avatar Jun 17 '25 02:06 github-actions[bot]

This issue was closed because it has been stalled for over 30 days with no activity.

github-actions[bot] avatar Jun 24 '25 02:06 github-actions[bot]

This is still very mutch an issue and should be reopened

IMbackK avatar Aug 10 '25 13:08 IMbackK

same issue here :(

ClementV78 avatar Sep 17 '25 13:09 ClementV78

This issue is stale because it has been open for 40 days with no activity. Remove the stale label or leave a comment, otherwise it will be closed in 10 days.

github-actions[bot] avatar Oct 28 '25 02:10 github-actions[bot]