Add an NFS proxy server for cross-sandbox persistence #1738

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Draft

djeebus wants to merge 31 commits into main from add-nfs-server

Contributor

djeebus commented Jan 17, 2026

No description provided.

djeebus added 5 commits

January 15, 2026 14:52


          progress

4cd8da3


          progress

4ce72eb


          progress!

fedbeb1


          more progress!

f4312ec


          bare bones test works!

14a0bab

e2b-request-same-site-reviewers bot assigned levb


          revert a change

8a2d81c

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/main.go Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/main.go Outdated Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/jailed/handler.go Outdated Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/gcs/gcsfile.go Outdated Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/main.go Outdated

    
              }

              func (p *Proxy) getPrefixFromSandbox(conn net.Conn) (string, error) {

              	sbx, err := p.sandboxes.GetByHostPort(conn.RemoteAddr().String())

claude bot Jan 17, 2026

Security issue: Sandbox isolation could be bypassed. The GetByHostPort method matches based on IP address, but conn.RemoteAddr() returns the client's IP which could be spoofed or shared between sandboxes if they use NAT. Consider using a more secure authentication mechanism.

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/gcs/fs.go Outdated Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/sandbox/network/slot.go Show resolved Hide resolved

claude bot reviewed

View reviewed changes

packages/orchestrator/internal/nfs/jailed/handler.go Show resolved Hide resolved

djeebus added 5 commits

January 16, 2026 17:36


          implement envd, network slot, linting

3847b34


          add a few more parameters to the GetPrefix function

9ed0830


          Merge branch 'main' into add-nfs-server

6580e15


          tweaks and clean up, but didn't make a difference

6d14622


          implement more things

8cbe3cd

github-advanced-security bot found potential problems

View reviewed changes

packages/envd/internal/api/init.go Fixed Show fixed Hide fixed

djeebus added 7 commits

January 20, 2026 16:11


          such progress! everything works except for repeat reads

cd5efb4


          linting, try to fix file handle issue

dbfa610


          more clean up

1e08fac


          better logging, fix the error

bff14e0


          Merge remote-tracking branch 'origin/main' into add-nfs-server

16a3b9c


          clean up tests, fix some bugs, linting

8c8971d


          linting, expose the api

c930399

github-advanced-security bot found potential problems

View reviewed changes

packages/envd/internal/api/init.go

Comment on lines +149 to +153

    
              	data, err := exec.CommandContext(ctx, "bash", "-c", fmt.Sprintf(`

              set -e

              mkdir -p %q

              mount -v -t nfs -o mountproto=tcp,mountport=2049,proto=tcp,port=2049,nfsvers=3,noacl %q %q

              `, path, nfsTarget, path)).CombinedOutput()

Check failure

Code scanning / CodeQL

Command built from user-controlled sources Critical

This command depends on a

.

Contributor Author

djeebus Jan 22, 2026

This is executed in their sandbox with sudo credentials. There's nothing for them to hack, they already have root.


          add feature flag to volume support

ebca825

djeebus force-pushed the add-nfs-server branch from 03d6852 to ebca825 Compare

January 22, 2026 18:03

djeebus added 12 commits

January 22, 2026 10:13


          review errors

79a7087


          update codegen

3a91e5e


          skip test if no gcs credentials exist

0c7829e


          face palm

91da71d


          clean up

d4609a0


          Merge branch 'main' into add-nfs-server

bcf0e7f


          remove unused code

9facbca


          linting

e7e99b5


          linting, fix some truncate flag issues

2b483f5


          add tests, fix errors

67ed07b


          Revert "face palm"

b9f4c07

This reverts commit 91da71d.


          stop returning errors on unsupported features

9c85352

nfs needs them, quietly fail to adhere to spec instead

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

claude[bot] claude[bot] left review comments

ValentaTomas Awaiting requested review from ValentaTomas ValentaTomas will be requested when the pull request is marked ready for review ValentaTomas is a code owner

jakubno Awaiting requested review from jakubno jakubno will be requested when the pull request is marked ready for review jakubno is a code owner

dobrac Awaiting requested review from dobrac dobrac will be requested when the pull request is marked ready for review dobrac is a code owner

At least 1 approving review is required to merge this pull request.

Labels

None yet