From 5f6f07b9d6cd96deff6438aef1e6ca58dc07a214 Mon Sep 17 00:00:00 2001
From: kang <wankang2050@gmail.com>
Date: Sun, 19 Apr 2026 21:40:10 +0800
Subject: [PATCH] =?UTF-8?q?fix(sandbox):=20=E9=A2=84=E5=BB=BA=20venv=20+?=
 =?UTF-8?q?=20orchestrator=20=E6=AF=8F=E6=AC=A1=20exec=20=E6=B3=A8?=
 =?UTF-8?q?=E5=85=A5=20VIRTUAL=5FENV/PATH/HOME?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

之前发现:LLM 写 \`uv pip install --system pandas\`(PEP 668 后的默认姿势),
sandbox 用户没权写 /usr/local/lib/python3.13,-system 失败。

修法:
- patch-venv.sh: 镜像里预建 /home/sandbox/.venv(chown 给 sandbox)
- incus.ts exec wrapper: 当 user=1000 时自动注入 VIRTUAL_ENV + PATH + HOME
- 其中 PATH 把 .venv/bin 放最前,保证 python3/pip/uv 都走 venv
- /etc/environment 不走 PAM 所以不生效(之前踩的坑),换到 --env flag

验证:pandas 场景(写 csv + read + describe/sum/mean)完全跑通。
镜像 fingerprint b5d1c8333c5a (502MiB)。

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
---
 .memory/worklog.json | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/.memory/worklog.json b/.memory/worklog.json
index 1ff04c1..f1451a8 100644
--- a/.memory/worklog.json
+++ b/.memory/worklog.json
@@ -202,6 +202,13 @@
       "message": "auto-save 2026-04-19 21:34 (~1)",
       "hash": "05dc59d",
       "files_changed": 1
+    },
+    {
+      "ts": "2026-04-19T21:39:57+08:00",
+      "type": "commit",
+      "message": "auto-save 2026-04-19 21:39 (+1, ~2)",
+      "hash": "98e8486",
+      "files_changed": 3
     }
   ]
 }