Is it ok to run multiple commands in parallel on a same sandbox?

[erndob]

I have multiple commands like this:

isolate --box-id=14 --cg --cg-mem=262144 --processes --wall-time=3 --run -- /usr/bin/node /usr/bin/qunit --filter test3 --runner tap test.js

Basically running different test cases in parallel on a same isolate box, but I randomly get this error:

internal/fs/utils.js:230
          throw err;
          ^

      Error: EACCES: permission denied, scandir '/box'
          at Object.readdirSync (fs.js:872:3)
          at findFilesInternal (/usr/lib/node_modules/qunit/src/cli/utils.js:26:5)
          at findFiles (/usr/lib/node_modules/qunit/src/cli/utils.js:50:9)
          at Object.getFilesFromArgs (/usr/lib/node_modules/qunit/src/cli/utils.js:76:16)
          at run (/usr/lib/node_modules/qunit/src/cli/run.js:23:22)
          at Object.<anonymous> (/usr/lib/node_modules/qunit/bin/qunit.js:56:2)
          at Module._compile (internal/modules/cjs/loader.js:1133:30)
          at Object.Module._extensions..js (internal/modules/cjs/loader.js:1153:10)
          at Module.load (internal/modules/cjs/loader.js:977:32)
          at Function.Module._load (internal/modules/cjs/loader.js:877:14) {
        errno: -13,
        syscall: 'scandir',
        code: 'EACCES',
        path: '/box'
      }
      Exited with error status 1

Is this scenario not supported by isolate, or should I be looking into node here?

[gollux]

This is definitely not supported by Isolate: when you run a command, the ownership of files in the box directory is transferred to the internal UID of the sandbox; when the command finishes, the ownership is transferred back to the calling user. Hence if you run multiple instances of the same box in parallel, you can expect inconsistent permissions.

[erndob]

@gollux Makes sense, thank you