search

langgenius / dify-sandbox

A lightweight, fast, and secure code execution environment that supports multiple programming languages
https://docs.dify.ai/development/backend/sandbox
Apache License 2.0
350 stars 77 forks source link

could not create filter #33

Open luckylhb90 opened 1 month ago

luckylhb90 commented 1 month ago

  1. Excuse me, I have a workflow that needs to import pandas/numpy. But when I executed the workflow, I got the error shown below.

    image

  2. Then I deliberately added some logs in the following location and I got the following error message.

    image 
DifySeccomp could not create filter
error occurred
main.DifySeccomp
    /app/cmd/lib/python/main.go:17
_cgoexp_0f9b1b59b4bd_DifySeccomp
    _cgo_gotypes.go:44
runtime.cgocallbackg1
    /usr/local/go/src/runtime/cgocall.go:420
runtime.cgocallbackg
    /usr/local/go/src/runtime/cgocall.go:339
runtime.cgocallback
    /usr/local/go/src/runtime/asm_amd64.s:1079
runtime.goexit
    /usr/local/go/src/runtime/asm_amd64.s:1695
  1. With this error, I suspected that the problem was caused by the inability to create the system call, so I removed the relevant code in the python script where I could get the correct result.
image
  1. I saw this issues (https://github.com/langgenius/dify-sandbox/issues/12), but the problems, don't look the same. I also looked up some information and found that there is very little information about it, so could you give me some help to solve this problem?
dafang commented 1 month ago

缺少了 libstdc++.so 这个文件,需要打包进去 @luckylhb90

dafang commented 1 month ago

SeeFAQ

luckylhb90 commented 1 month ago
image

According to the FAQ, I debugged it and found that with these two packages, there were too many missing libraries, so I just added this folder... Are there any risks?

Yeuoly commented 1 month ago
image

According to the FAQ, I debugged it and found that with these two packages, there were too many missing libraries, so I just added this folder... Are there any risks?

Generally, it will not if you copied no files to this path, the risk is blocked by Seccomp, but it may cause init process to be slower.

luckylhb90 commented 1 month ago
image

According to the FAQ, I debugged it and found that with these two packages, there were too many missing libraries, so I just added this folder... Are there any risks?

Generally, it will not if you copied no files to this path, the risk is blocked by Seccomp, but it may cause init process to be slower.

OK, yes, the service will start a little slower, and if there is no other risk, it will have no impact on our usage.