Description
Description
During nemoclaw onboard step [6/8] "Creating sandbox", when the sandbox base
image needs local rebuild (published base has glibc 2.36 but OpenShell sandbox
supervisor requires glibc >= 2.39), the full Docker build log (~200 lines) is
dumped to the user terminal. This includes all 11 Dockerfile steps, apt-get
output, debconf warnings, update-alternatives messages, and intermediate
container IDs.
Bug 6158195 (#3248) fixed the [2/8] gateway setup leak with suppressOutput,
but the [6/8] sandbox base image rebuild path was not covered.
Environment
Device: DGX Spark (spark-dadc, 10.173.104.110)
OS: Ubuntu 24.04 (kernel 6.17.0-1014-nvidia)
Architecture: aarch64
Node.js: v22.22.3
npm: 10.9.8
Docker: Docker 29.2.1
OpenShell CLI: openshell 0.0.39
NemoClaw: v0.0.43
OpenClaw: 2026.4.24
Steps to Reproduce
1. On DGX Spark with NemoClaw v0.0.43 installed
2. Run: nemoclaw onboard --non-interactive --yes-i-accept-third-party-software
3. Observe output at step [6/8] "Creating sandbox"
4. When sandbox base image has glibc 2.36 (< 2.39), local rebuild triggers
5. Full Docker build log appears in terminal
Expected Result
Clean progress output with build details suppressed, e.g.:
Warning: OpenClaw sandbox base image has glibc 2.36; requires >= 2.39.
Building OpenClaw sandbox base image locally (one-time)... done
Actual Result
~200 lines of raw Docker build output dumped to terminal including:
DEPRECATED: The legacy builder is deprecated...
Sending build context to Docker daemon 232.3MB
Step 1/11 : FROM node:22-trixie-slim@sha256:...
Step 2/11 : ENV DEBIAN_FRONTEND=noninteractive
Step 3/11 : RUN apt-get update && apt-get install -y ...
Get:1 http://deb.debian.org/debian trixie InRelease [140 kB]
... (full apt-get download + install for 100 packages)
Fetched 48.1 MB in 1s (71.5 MB/s)
Setting up libcom-err2:amd64 ...
... (all dpkg output, debconf warnings, update-alternatives)
Step 4/11 through Step 11/11 ...
---> Removed intermediate container ...
Logs
Trigger line in terminal:
Warning: OpenClaw sandbox base image ghcr.io/nvidia/nemoclaw/sandbox-base:latest
has glibc 2.36; OpenShell sandbox supervisor requires glibc >= 2.39.
Building OpenClaw sandbox base image locally because no compatible published
base image was found.
Then full Docker build log follows (see Actual Result above).
Bug Details
| Field |
Value |
| Priority |
Unprioritized |
| Action |
Dev - Open - To fix |
| Disposition |
Open issue |
| Module |
Machine Learning - NemoClaw |
| Keyword |
NemoClaw, NemoClaw_CLI&UX, NEMOCLAW_GH_SYNC_APPROVAL, NemoClaw_Sandbox |
[NVB#6180330]
Description
Description
Environment Steps to Reproduce Expected Result Actual Result~200 lines of raw Docker build output dumped to terminal including: DEPRECATED: The legacy builder is deprecated... Sending build context to Docker daemon 232.3MB Step 1/11 : FROM node:22-trixie-slim@sha256:... Step 2/11 : ENV DEBIAN_FRONTEND=noninteractive Step 3/11 : RUN apt-get update && apt-get install -y ... Get:1 http://deb.debian.org/debian trixie InRelease [140 kB] ... (full apt-get download + install for 100 packages) Fetched 48.1 MB in 1s (71.5 MB/s) Setting up libcom-err2:amd64 ... ... (all dpkg output, debconf warnings, update-alternatives) Step 4/11 through Step 11/11 ... ---> Removed intermediate container ...LogsBug Details
[NVB#6180330]