попытка сделать изоляцию

Dockerfile

@@ -1,17 +1,18 @@
-FROM python:3.14-slim as base
+FROM python:3.14-slim AS base
 
 ENV PYTHONDONTWRITEBYTECODE=1 \
     PYTHONUNBUFFERED=1
 
 WORKDIR /app
-RUN apt update && apt install make -y
+RUN apt update && apt install make  -y
 
 ENV AGENT_USER="agent"
-RUN useradd --shell /bin/bash agent
 ENV WORKSPACE_DIR="/workspace/"
-RUN mkdir -p $WORKSPACE_DIR && chown $AGENT_USER:$AGENT_USER $WORKSPACE_DIR
+RUN useradd --shell /bin/bash $AGENT_USER \
+    && mkdir -p $WORKSPACE_DIR /home/$AGENT_USER \
+    && chown -R agent:agent $WORKSPACE_DIR /home/$AGENT_USER
 
-FROM base as builder
+FROM base AS builder
 
 RUN apt install git -y
 RUN pip install uv
@@ -20,7 +21,7 @@ COPY pyproject.toml uv.lock ./
 RUN uv sync --frozen --no-install-project --no-dev
 RUN uv pip install git+https://git.lambda.coredump.ru/platform/agent_api.git
 
-FROM base as production
+FROM base AS production
 
 COPY --from=builder /app/.venv /app/.venv
 ENV PATH="/app/.venv/bin:$PATH"
@@ -28,12 +29,15 @@ ENV PATH="/app/.venv/bin:$PATH"
 COPY src/ /app/src/
 COPY Makefile ./
 COPY .mk/ ./.mk/
+RUN chown root:root /app && chmod 700 /app
+RUN apt install sudo -y && \
+    echo "agent ALL=(ALL) NOPASSWD: /usr/bin/apt*" >> /etc/sudoers
 
 EXPOSE 8000
 
 CMD ["make", "uvicorn-prod"]
 
-FROM base as development
+FROM base AS development
 
 RUN pip install uv
 
@@ -47,6 +51,9 @@ ENV PATH="/app/.venv/bin:$PATH"
 
 COPY Makefile ./
 COPY .mk/ ./.mk/
+RUN chown root:root /app && chmod 700 /app
+RUN apt install sudo -y && \
+    echo "agent ALL=(ALL) NOPASSWD: /usr/bin/apt*" >> /etc/sudoers
 
 EXPOSE 8000
 

docker-compose.yml

@@ -23,5 +23,9 @@ services:
       - "8000:8000"
     env_file:
       - .env
+    cap_add: # для работы bwrap
+      - SYS_ADMIN
+    security_opt: # для работы bwrap
+      - seccomp:unconfined
     profiles:
       - dev

src/agent/backends/isolated_shell.py

@@ -3,7 +3,7 @@ import pwd
 import subprocess
 from typing import Any
 
-from deepagents.backends.local_shell import LocalShellBackend, DEFAULT_EXECUTE_TIMEOUT
+from deepagents.backends.local_shell import LocalShellBackend
 
 
 class IsolatedShellBackend(LocalShellBackend):
@@ -34,8 +34,9 @@ class IsolatedShellBackend(LocalShellBackend):
                 f"timeout must be positive, got {effective_timeout}"
             )
 
-        proc: subprocess.Popen[str] | None = None
+        proc: subprocess.Popen | None = None
         try:
+            print(f"Running shell: {command}")
             proc = subprocess.Popen(
                 command,
                 shell=True,
@@ -69,12 +70,13 @@ class IsolatedShellBackend(LocalShellBackend):
             if proc.returncode != 0:
                 output = f"{output.rstrip()}\n\nExit code: {proc.returncode}"
 
-            return self._make_response(output, proc.returncode, truncated)
+            result = self._make_response(output, proc.returncode, truncated)
+            print(result)
+            return result
 
         except subprocess.TimeoutExpired:
-            if proc:
+            proc.kill()
-                proc.kill()
+            proc.communicate()
-                proc.communicate()
             msg = f"Error: Command timed out after {effective_timeout} seconds."
             return self._make_response(msg, 124, False)
 

src/agent/base.py

@@ -15,7 +15,7 @@ def create_agent():
     )
 
     workspace_dir = os.environ["WORKSPACE_DIR"]
-    agent_user = os.environ["AGENT_USER"]
+    agent_user = os.environ.get("AGENT_USER", "agent")
 
     backend = IsolatedShellBackend(
         user=agent_user,