fix(sandboxagent): tolerate chmod EINVAL on VirtioFS bind mounts (closes #311) (#318) (!3) · Merge requests · ericli / beehive

ericli requested to merge v0.45-github-sync into main Apr 22, 2026

Initial commit
fix(sandboxagent): tolerate chmod EINVAL on VirtioFS bind mounts

macOS Docker Desktop's VirtioFS (and gRPC-FUSE) bind mounts do not honour POSIX mode bits for mount-owner semantics, so os.Chmod on the unix socket returns EINVAL. The current code treats every chmod error as fatal, which means sandbox-agent crashloops on first run for every macOS developer (ENABLE_SANDBOX=true scripts/e2e/start.sh 0% success).

Narrow the failure mode: if chmod fails with EINVAL specifically, log a WARN and continue — on those filesystems the socket permissions are fixed by the mount options anyway, so there is nothing we can do. Any other chmod error still aborts NewRunner so Linux prod keeps its owner-only socket guarantee.

The chmod call is routed through a package-local chmodFunc var so the test can inject a stub that returns EINVAL / EPERM without needing a real bind-mount filesystem. Two new tests cover: (1) EINVAL tolerated

WARN emitted, (2) non-EINVAL chmod error still fatal.

Closes #311

Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com

Co-authored-by: ericli ericli@formless.com.ai Co-authored-by: Aquaird aquaird@MacBook-Pro-3.local Co-authored-by: Claude Opus 4.7 (1M context) noreply@anthropic.com

fix(sandboxagent): tolerate chmod EINVAL on VirtioFS bind mounts (closes #311) (#318)

Merge request reports