paul@aitopatom-0a7d:~$ nemoclaw debug --quick
[debug] Collecting diagnostics for sandbox 'my-assistant'...
[debug] Quick mode: true
═══ System ═══
Fri Jun 5 09:48:11 PM -05 2026
Linux aitopatom-0a7d 6.17.0-1021-nvidia #21-Ubuntu SMP PREEMPT_DYNAMIC Wed May 27 19:14:05 UTC 2026 aarch64 aarch64 aarch64 GNU/Linux
21:48:11 up 22 min, 3 users, load average: 0.18, 0.69, 0.55
total used free shared buff/cache available
Mem: 124546 117684 1114 107 7218 6861
Swap: 0 0 0
═══ Processes ═══
PID PPID CMD %MEM %CPU
88001 84513 node /home/paul/.nvm/versio 0.0 96.0
83408 82664 VLLM::EngineCore 2.6 54.7
82664 82642 /usr/bin/python /usr/local/ 3.4 10.2
82306 81979 openclaw 0.2 3.1
2252 1 /usr/bin/dockerd -H fd:// - 0.0 0.5
69606 1491 /home/paul/jupyterlab/.venv 0.0 0.3
2077 1 /usr/bin/containerd 0.0 0.2
1 0 /sbin/init splash 0.0 0.2
80687 80664 /opt/openshell/bin/openshel 0.0 0.2
1683 1 /usr/sbin/NetworkManager -- 0.0 0.1
1493 1 /opt/nvidia/dgx-dashboard-s 0.0 0.1
1525 1 /usr/bin/nvidia-persistence 0.0 0.1
81586 1 /home/paul/.local/bin/opens 0.0 0.1
15 2 [rcu_preempt] 0.0 0.1
174 2 [kswapd0] 0.0 0.1
385 2 [kworker/u80:3-ipv6_addrcon 0.0 0.0
84512 84339 sshd: paul@pts/1 0.0 0.0
1549 1 /usr/lib/snapd/snapd 0.0 0.0
616 1 /usr/lib/systemd/systemd-jo 0.0 0.0
1490 1 @dbus-daemon --system --add 0.0 0.0
656 1 /usr/lib/systemd/systemd-ud 0.0 0.0
3545 3303 sshd: paul@pts/0 0.0 0.0
1491 1 /opt/nvidia/dgx-dashboard/d 0.0 0.0
1660 1 /usr/sbin/atopacctd 0.0 0.0
3307 1 /usr/lib/systemd/systemd -- 0.0 0.0
1488 1 avahi-daemon: running [aito 0.0 0.0
149 2 [kcompactd0] 0.0 0.0
138 2 [kworker/u82:0-iou_exit] 0.0 0.0
544 2 [jbd2/nvme0n1p2-8] 0.0 0.0
═══ GPU ═══
Fri Jun 5 21:48:11 2026
+-----------------------------------------------------------------------------------------+
| NVIDIA-SMI 580.159.03 Driver Version: 580.159.03 CUDA Version: 13.0 |
+-----------------------------------------+------------------------+----------------------+
| GPU Name Persistence-M | Bus-Id Disp.A | Volatile Uncorr. ECC |
| Fan Temp Perf Pwr:Usage/Cap | Memory-Usage | GPU-Util Compute M. |
| | | MIG M. |
|=========================================+========================+======================|
| 0 NVIDIA GB10 On | 0000000F:01:00.0 Off | N/A |
| N/A 38C P0 9W / N/A | Not Supported | 0% Default |
| | | N/A |
+-----------------------------------------+------------------------+----------------------+
+-----------------------------------------------------------------------------------------+
| Processes: |
| GPU GI CI PID Type Process name GPU Memory |
| ID ID Usage |
|=========================================================================================|
| 0 N/A N/A 83408 C VLLM::EngineCore 10529... |
+-----------------------------------------------------------------------------------------+
═══ Docker ═══
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
f30bd9314990 nvcr.io/nvidia/vllm:26.05.post1-py3 "/bin/bash -lc 'expo…" 5 minutes ago Up 5 minutes 0.0.0.0:8000->8000/tcp, [::]:8000->8000/tcp nemoclaw-vllm
8590f4ae2327 openshell/sandbox-from:1780711331 "/opt/openshell/bin/…" 45 minutes ago Up 5 minutes (unhealthy) openshell-my-assistant-cad9f673-f2d0-4eb3-8948-e68014e4d92a
CONTAINER ID NAME CPU % MEM USAGE / LIMIT MEM % NET I/O BLOCK I/O PIDS
f30bd9314990 nemoclaw-vllm 3.63% 7.607GiB / 121.6GiB 6.25% 533kB / 170kB 24.7GB / 397MB 258
8590f4ae2327 openshell-my-assistant-cad9f673-f2d0-4eb3-8948-e68014e4d92a 0.35% 388.2MiB / 91GiB 0.42% 492kB / 296kB 268MB / 1.18MB 40
═══ OpenShell ═══
Server Status
Gateway: nemoclaw
Server: http://127.0.0.1:8080
Status: Connected
Version: 0.0.44
NAME CREATED PHASE
my-assistant 2026-06-06 02:02:42 Ready
Sandbox:
Id: cad9f673-f2d0-4eb3-8948-e68014e4d92a
Name: my-assistant
Phase: Ready
Resource version: 39
Policy source: sandbox
Revision: 4
Policy:
version: 1
filesystem_policy:
include_workdir: true
read_only:
- /usr
- /lib
- /dev/urandom
- /app
- /etc
- /var/log
- /run/nvidia-persistenced
read_write:
- /tmp
- /dev/null
- /sandbox/.openclaw
- /sandbox/.nemoclaw
- /home/linuxbrew
- /proc
- /sandbox
- /dev/nvidiactl
- /dev/nvidia-uvm
- /dev/nvidia-uvm-tools
- /dev/nvidia-modeset
- /dev/nvidia0
landlock:
compatibility: best_effort
process:
run_as_user: sandbox
run_as_group: sandbox
network_policies:
brave:
name: brave
endpoints:
- host: api.search.brave.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
binaries:
- path: /usr/local/bin/node
- path: /usr/bin/node
- path: /usr/bin/curl
brew:
name: brew
endpoints:
- host: formulae.brew.sh
port: 443
tls: skip
access: full
- host: github.com
port: 443
tls: skip
access: full
- host: ghcr.io
port: 443
tls: skip
access: full
- host: pkg-containers.githubusercontent.com
port: 443
tls: skip
access: full
- host: objects.githubusercontent.com
port: 443
tls: skip
access: full
- host: raw.githubusercontent.com
port: 443
tls: skip
access: full
binaries:
- path: /usr/bin/curl
- path: /usr/bin/git
- path: /usr/local/bin/brew
- path: /home/linuxbrew/.linuxbrew/bin/brew
- path: /home/linuxbrew/.linuxbrew/bin/*
- path: /home/linuxbrew/.linuxbrew/Homebrew/bin/*
clawhub:
name: clawhub
endpoints:
- host: clawhub.ai
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
binaries:
- path: /usr/local/bin/openclaw
- path: /usr/local/bin/node
github:
name: github
endpoints:
- host: github.com
port: 443
access: full
- host: api.github.com
port: 443
access: full
binaries:
- path: /usr/bin/git
huggingface:
name: huggingface
endpoints:
- host: huggingface.co
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- host: cdn-lfs.huggingface.co
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- host: router.huggingface.co
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
binaries:
- path: /usr/local/bin/python3
- path: /usr/local/bin/node
local_inference:
name: local_inference
endpoints:
- host: host.openshell.internal
port: 11434
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
allowed_ips:
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- host: host.openshell.internal
port: 11435
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
allowed_ips:
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
- host: host.openshell.internal
port: 8000
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
allowed_ips:
- '10.0.0.0/8'
- '172.16.0.0/12'
- '192.168.0.0/16'
binaries:
- path: /usr/local/bin/openclaw
- path: /usr/local/bin/node
- path: /usr/bin/node
- path: /usr/bin/curl
- path: /usr/bin/python3
managed_inference:
name: managed_inference
endpoints:
- host: inference.local
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
binaries:
- path: /usr/local/bin/openclaw
- path: /usr/local/bin/node
- path: /usr/bin/node
- path: /usr/bin/curl
- path: /usr/bin/python3
npm_registry:
name: npm_registry
endpoints:
- host: registry.npmjs.org
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
binaries:
- path: /usr/local/bin/openclaw
npm_yarn:
name: npm_yarn
endpoints:
- host: registry.npmjs.org
port: 443
tls: skip
access: full
- host: registry.yarnpkg.com
port: 443
tls: skip
access: full
binaries:
- path: /usr/local/bin/npm*
- path: /usr/local/bin/npx*
- path: /usr/local/bin/node*
- path: /usr/local/bin/yarn*
- path: /usr/bin/npm*
- path: /usr/bin/node*
nvidia:
name: nvidia
endpoints:
- host: integrate.api.nvidia.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: POST
path: /v1/chat/completions
- allow:
method: POST
path: /v1/completions
- allow:
method: POST
path: /v1/embeddings
- allow:
method: GET
path: /v1/models
- allow:
method: GET
path: /v1/models/**
- host: inference-api.nvidia.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: POST
path: /v1/chat/completions
- allow:
method: POST
path: /v1/completions
- allow:
method: POST
path: /v1/embeddings
- allow:
method: GET
path: /v1/models
- allow:
method: GET
path: /v1/models/**
binaries:
- path: /usr/local/bin/openclaw
openclaw-pricing:
name: openclaw-pricing
endpoints:
- host: raw.githubusercontent.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /BerriAI/litellm/main/model_prices_and_context_window.json
- host: openrouter.ai
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /api/v1/models
binaries:
- path: /usr/local/bin/node
- path: /usr/bin/node
openclaw_api:
name: openclaw_api
endpoints:
- host: openclaw.ai
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: POST
path: /**
binaries:
- path: /usr/local/bin/openclaw
- path: /usr/local/bin/node
openclaw_docs:
name: openclaw_docs
endpoints:
- host: docs.openclaw.ai
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
binaries:
- path: /usr/local/bin/openclaw
pypi:
name: pypi
endpoints:
- host: pypi.org
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: HEAD
path: /**
- host: files.pythonhosted.org
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /**
- allow:
method: HEAD
path: /**
binaries:
- path: /usr/bin/curl
- path: /usr/bin/python3*
- path: /usr/bin/pip*
- path: /usr/local/bin/curl
- path: /usr/local/bin/python3*
- path: /usr/local/bin/pip*
- path: /usr/local/bin/uv
- path: /sandbox/.venv/bin/python*
- path: /sandbox/.venv/bin/pip*
- path: /sandbox/.uv/python/**/python*
- path: /sandbox/.local/bin/pip*
telegram_bot:
name: telegram_bot
endpoints:
- host: api.telegram.org
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /bot<REDACTED>/**
- allow:
method: POST
path: /bot<REDACTED>/**
- allow:
method: GET
path: /file/bot<REDACTED>/**
binaries:
- path: /usr/local/bin/node
- path: /usr/bin/node
weather:
name: weather
endpoints:
- host: api.open-meteo.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /v1/forecast
- allow:
method: HEAD
path: /v1/forecast
- allow:
method: GET
path: /v1/elevation
- allow:
method: HEAD
path: /v1/elevation
- host: geocoding-api.open-meteo.com
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /v1/search
- allow:
method: HEAD
path: /v1/search
- allow:
method: GET
path: /v1/get
- allow:
method: HEAD
path: /v1/get
- host: api.weather.gov
port: 443
protocol: rest
enforcement: enforce
rules:
- allow:
method: GET
path: /points/**
- allow:
method: HEAD
path: /points/**
- allow:
method: GET
path: /gridpoints/**
- allow:
method: HEAD
path: /gridpoints/**
- allow:
method: GET
path: /alerts
- allow:
method: HEAD
path: /alerts
- allow:
method: GET
path: /alerts/**
- allow:
method: HEAD
path: /alerts/**
- allow:
method: GET
path: /stations
- allow:
method: HEAD
path: /stations
- allow:
method: GET
path: /stations/**
- allow:
method: HEAD
path: /stations/**
- allow:
method: GET
path: /zones
- allow:
method: HEAD
path: /zones
- allow:
method: GET
path: /zones/**
- allow:
method: HEAD
path: /zones/**
- allow:
method: GET
path: /offices
- allow:
method: HEAD
path: /offices
- allow:
method: GET
path: /offices/**
- allow:
method: HEAD
path: /offices/**
- allow:
method: GET
path: /products
- allow:
method: HEAD
path: /products
- allow:
method: GET
path: /products/**
- allow:
method: HEAD
path: /products/**
- allow:
method: GET
path: /openapi.json
- allow:
method: HEAD
path: /openapi.json
- allow:
method: GET
path: /openapi.yaml
- allow:
method: HEAD
path: /openapi.yaml
binaries:
- path: /usr/local/bin/openclaw
- path: /usr/local/bin/node
- path: /usr/bin/node
- path: /usr/local/bin/hermes
- path: /opt/hermes/.venv/bin/python
- path: /usr/bin/python3
- path: /usr/bin/python3.11
- path: /usr/bin/curl
- path: /usr/local/bin/curl
[1780713735.543] [gateway] [INFO ] [openshell_server::compute] Resumed sandbox during gateway startup
[1780713735.546] [gateway] [INFO ] [openshell_server::compute] Sandbox phase changed
[1780713732.103] [sandbox] [INFO ] [openshell_sandbox] Starting sandbox command=["env", "CHAT_UI_URL=http://127.0.0.1:18789", "NEMOCLAW_DASHBOARD_PORT=18789", "OPENCLAW_HOME=/sandbox", "OPENCLAW_STATE_DIR=/sandbox/.openclaw", "OPENCLAW_WORKSPACE_DIR=/sandbox/.openclaw/workspace", "nemoclaw-start"]
[1780713732.103] [sandbox] [INFO ] [openshell_sandbox] Fetching sandbox policy via gRPC endpoint=http://host.openshell.internal:8080/ sandbox_id=cad9f673-f2d0-4eb3-8948-e68014e4d92a
[1780713732.103] [sandbox] [WARN ] [openshell_sandbox] Policy fetch failed, retrying attempt=1 error=failed to connect to OpenShell server max_attempts=5
[1780713733.104] [sandbox] [WARN ] [openshell_sandbox] Policy fetch failed, retrying attempt=2 error=failed to connect to OpenShell server max_attempts=5
[1780713735.106] [sandbox] [WARN ] [openshell_sandbox] Policy fetch failed, retrying attempt=3 error=failed to connect to OpenShell server max_attempts=5
[1780713739.145] [gateway] [INFO ] [openshell_server::grpc::policy] GetSandboxProviderEnvironment request completed successfully
[1780713739.216] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: accepted
[1780713739.137] [sandbox] [INFO ] [openshell_sandbox] Creating OPA engine from proto policy data
[1780713739.141] [sandbox] [OCSF ] [ocsf] CONFIG:VALIDATED [INFO] Validated 'sandbox' user exists in image
[1780713739.145] [sandbox] [OCSF ] [ocsf] CONFIG:LOADED [INFO] Fetched provider environment [env_count:2]
[1780713739.151] [sandbox] [OCSF ] [ocsf] CONFIG:ENABLED [INFO] TLS termination enabled: ephemeral CA generated
[1780713739.152] [sandbox] [OCSF ] [ocsf] CONFIG:CREATING [INFO] Creating network namespace [ns:sandbox-2b72c391 host_veth:veth-h-2b72c391 sandbox_veth:veth-s-2b72c391]
[1780713739.187] [sandbox] [OCSF ] [ocsf] CONFIG:CREATED [INFO] Network namespace created [ns:sandbox-2b72c391 host_ip:10.200.0.1 sandbox_ip:10.200.0.2]
[1780713739.187] [sandbox] [OCSF ] [ocsf] CONFIG:DEGRADED [MED] nft not found; bypass detection rules will not be installed [ns:sandbox-2b72c391]
[1780713739.188] [sandbox] [INFO ] [openshell_sandbox] Fetching inference route bundle from gateway endpoint=http://host.openshell.internal:8080/
[1780713739.190] [sandbox] [OCSF ] [ocsf] CONFIG:LOADED [INFO] Loaded inference route bundle [route_count:1 revision:0e5876c398144fd0]
[1780713739.190] [sandbox] [OCSF ] [ocsf] CONFIG:ENABLED [INFO] Inference routing enabled with local execution [route_count:1]
[1780713739.212] [sandbox] [OCSF ] [ocsf] NET:LISTEN [INFO] 10.200.0.1:3128
[1780713739.212] [sandbox] [WARN ] [openshell_sandbox::proxy] host.openshell.internal maps to a non-link-local IP; trusted-gateway SSRF exemption disabled ip=172.18.0.1
[1780713739.215] [sandbox] [OCSF ] [ocsf] SSH:LISTEN [INFO]
[1780713739.215] [sandbox] [OCSF ] [ocsf] LIFECYCLE:INSTALL [INFO] OpenShell Sandbox Supervisor success
[1780713739.215] [sandbox] [INFO ] [openshell_sandbox] supervisor session task spawned
[1780713739.215] [sandbox] [OCSF ] [ocsf] CONFIG:PROBED [INFO] Landlock filesystem sandbox available [abi:v7 compat:BestEffort ro:7 rw:12]
[1780713739.215] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780713739.215] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780713739.218] [sandbox] [OCSF ] [ocsf] PROC:LAUNCH [INFO] env(90)
[1780713739.221] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] host.openshell.internal:8080
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox] Container filesystem accessible, resolving policy binary symlinks attempt=1 pid=90
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/local/bin/hermes container_path=/proc/90/root/usr/local/bin/hermes pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/opt/hermes/.venv/bin/python container_path=/proc/90/root/opt/hermes/.venv/bin/python pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/bin/python3 resolved=/usr/bin/python3.13 pid=90
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/python3.11 container_path=/proc/90/root/usr/bin/python3.11 pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/local/bin/curl container_path=/proc/90/root/usr/local/bin/curl pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/bin/python3 resolved=/usr/bin/python3.13 pid=90
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/local/bin/python3 container_path=/proc/90/root/usr/local/bin/python3 pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.720] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/bin/python3 resolved=/usr/bin/python3.13 pid=90
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/home/linuxbrew/.linuxbrew/bin/brew resolved=/home/linuxbrew/.linuxbrew/Homebrew/bin/brew pid=90
[1780713739.720] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.721] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.721] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.721] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.721] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.721] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/local/bin/curl container_path=/proc/90/root/usr/local/bin/curl pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.721] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/local/bin/uv container_path=/proc/90/root/usr/local/bin/uv pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.721] [sandbox] [INFO ] [openshell_sandbox::opa] Resolved policy binary symlink via container filesystem: original=/usr/local/bin/openclaw resolved=/usr/local/lib/node_modules/openclaw/openclaw.mjs pid=90
[1780713739.721] [sandbox] [WARN ] [openshell_sandbox::opa] Cannot access container filesystem for symlink resolution: path=/usr/bin/node container_path=/proc/90/root/usr/bin/node pid=90 error=No such file or directory (os error 2). Binary paths in policy will be matched literally. If this binary is a symlink (e.g., /usr/bin/python3 -> python3.11), use the canonical path instead, or run with CAP_SYS_PTRACE.
[1780713739.722] [sandbox] [INFO ] [openshell_sandbox] Policy binary symlink resolution complete (check logs above for per-binary results) pid=90
[1780713744.801] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713744.971] [sandbox] [OCSF ] [ocsf] HTTP:GET [INFO] ALLOWED GET http://api.telegram.org:443/bot<REDACTED>/getMe [policy:telegram_bot engine:l7]
[1780713745.691] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713745.693] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713745.853] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/deleteWebhook [policy:telegram_bot engine:l7]
[1780713745.860] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/deleteMyCommands [policy:telegram_bot engine:l7]
[1780713746.347] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/deleteMyCommands [policy:telegram_bot engine:l7]
[1780713746.518] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713746.688] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713746.828] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/setMyCommands [policy:telegram_bot engine:l7]
[1780713747.055] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713747.259] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/sendChatAction [policy:telegram_bot engine:l7]
[1780713747.436] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713747.700] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/setMyCommands [policy:telegram_bot engine:l7]
[1780713747.725] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED inference.local:443
[1780713747.725] [sandbox] [INFO ] [openshell_router] routing proxy inference request (streaming) endpoint=http://host.openshell.internal:8000/v1 method=POST path=/v1/chat/completions protocols=openai_chat_completions,openai_completions,openai_responses,model_discovery
[1780713747.727] [sandbox] [OCSF ] [ocsf] NET:FAIL [LOW] inference.local:443
[1780713748.189] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED inference.local:443
[1780713748.189] [sandbox] [INFO ] [openshell_router] routing proxy inference request (streaming) endpoint=http://host.openshell.internal:8000/v1 method=POST path=/v1/chat/completions protocols=openai_chat_completions,openai_completions,openai_responses,model_discovery
[1780713748.190] [sandbox] [OCSF ] [ocsf] NET:FAIL [LOW] inference.local:443
[1780713749.119] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED inference.local:443
[1780713749.119] [sandbox] [INFO ] [openshell_router] routing proxy inference request (streaming) endpoint=http://host.openshell.internal:8000/v1 method=POST path=/v1/chat/completions protocols=openai_chat_completions,openai_completions,openai_responses,model_discovery
[1780713749.120] [sandbox] [OCSF ] [ocsf] NET:FAIL [LOW] inference.local:443
[1780713749.173] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/sendMessage [policy:telegram_bot engine:l7]
[1780713777.588] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713777.755] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713808.289] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713808.456] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713838.998] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713839.160] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713869.683] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713869.838] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713900.349] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713900.513] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713931.053] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713931.217] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713957.021] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780713957.021] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=4ebdfe4c-399c-4a79-b8b3-345006460d84, target=unix:/run/openshell/ssh.sock)]
[1780713957.022] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780713957.031] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780713957.032] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780713957.078] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=4ebdfe4c-399c-4a79-b8b3-345006460d84, target=unix:/run/openshell/ssh.sock)]
[1780713957.174] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780713957.174] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=d2155832-ec00-4c00-aaa8-78b2806e8fd0, target=unix:/run/openshell/ssh.sock)]
[1780713957.174] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780713957.182] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780713957.182] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780713957.270] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=d2155832-ec00-4c00-aaa8-78b2806e8fd0, target=unix:/run/openshell/ssh.sock)]
[1780713961.768] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713961.940] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780713992.461] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780713992.617] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780714023.114] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780714023.268] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780714053.781] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780714053.946] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
[1780714060.979] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714061.039] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714061.094] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714060.978] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=5d1236f7-ae79-4c53-88d7-d74601462cc2, target=unix:/run/openshell/ssh.sock)]
[1780714060.979] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714060.986] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714060.986] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714061.032] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=5d1236f7-ae79-4c53-88d7-d74601462cc2, target=unix:/run/openshell/ssh.sock)]
[1780714061.038] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=c99beac5-3c90-47bc-9da3-929134071477, target=unix:/run/openshell/ssh.sock)]
[1780714061.038] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714061.043] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714061.043] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714061.088] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=c99beac5-3c90-47bc-9da3-929134071477, target=unix:/run/openshell/ssh.sock)]
[1780714061.094] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=109b26a6-069e-46a4-9762-2fe53f05fbcb, target=unix:/run/openshell/ssh.sock)]
[1780714061.094] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714061.146] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714061.146] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714061.193] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=109b26a6-069e-46a4-9762-2fe53f05fbcb, target=unix:/run/openshell/ssh.sock)]
[1780714067.127] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714067.126] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=fe85538d-6e72-40b3-818a-98a14381ab1e, target=unix:/run/openshell/ssh.sock)]
[1780714067.127] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714067.640] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.007] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714067.640] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=2aa493c6-c0dc-4755-8b29-9f43f8d10a36, target=unix:/run/openshell/ssh.sock)]
[1780714067.640] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714067.645] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714067.645] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714067.718] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=2aa493c6-c0dc-4755-8b29-9f43f8d10a36, target=unix:/run/openshell/ssh.sock)]
[1780714068.007] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=5f626314-bda7-4870-9cfe-5be0038add00, target=unix:/run/openshell/ssh.sock)]
[1780714068.007] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.059] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.059] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.105] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=5f626314-bda7-4870-9cfe-5be0038add00, target=unix:/run/openshell/ssh.sock)]
[1780714068.159] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.159] [gateway] [INFO ] [openshell_server::grpc::sandbox] ExecSandbox (relay): command started
[1780714068.300] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.300] [gateway] [INFO ] [openshell_server::grpc::sandbox] ExecSandbox (relay): command started
[1780714068.437] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.438] [gateway] [INFO ] [openshell_server::grpc::sandbox] ExecSandbox (relay): command started
[1780714068.159] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=1bd02b48-1356-4b1c-bf71-43ebbdf1de58, target=unix:/run/openshell/ssh.sock)]
[1780714068.159] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.204] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.204] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.250] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=1bd02b48-1356-4b1c-bf71-43ebbdf1de58, target=unix:/run/openshell/ssh.sock)]
[1780714068.300] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=d976248f-7a16-404c-9c34-9de2f042d4e7, target=unix:/run/openshell/ssh.sock)]
[1780714068.300] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.344] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.344] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.389] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=d976248f-7a16-404c-9c34-9de2f042d4e7, target=unix:/run/openshell/ssh.sock)]
[1780714068.437] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=58ff0f50-45c8-4994-b5da-ed12a2afde17, target=unix:/run/openshell/ssh.sock)]
[1780714068.437] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.481] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.481] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.563] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=58ff0f50-45c8-4994-b5da-ed12a2afde17, target=unix:/run/openshell/ssh.sock)]
[1780714068.612] [sandbox] [WARN ] [openshell_sandbox::ssh] data on unknown channel ChannelId(2)
[1780714068.613] [sandbox] [WARN ] [openshell_sandbox::ssh] channel_eof on unknown channel ChannelId(2)
[1780714068.660] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.661] [gateway] [INFO ] [openshell_server::grpc::sandbox] ExecSandbox (relay): command started
[1780714068.884] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.988] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714069.088] [gateway] [INFO ] [openshell_server::supervisor_session] supervisor session: relay opened successfully
[1780714068.660] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=b5ffd1b6-a872-405c-a984-dc405d7e8820, target=unix:/run/openshell/ssh.sock)]
[1780714068.660] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.704] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.704] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.727] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED inference.local:443
[1780714068.727] [sandbox] [INFO ] [openshell_router] routing proxy inference request (streaming) endpoint=http://host.openshell.internal:8000/v1 method=GET path=/v1/models protocols=openai_chat_completions,openai_completions,openai_responses,model_discovery
[1780714068.812] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=b5ffd1b6-a872-405c-a984-dc405d7e8820, target=unix:/run/openshell/ssh.sock)]
[1780714068.884] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=c995d64e-abd0-4705-ba4c-115eb5d03ec0, target=unix:/run/openshell/ssh.sock)]
[1780714068.884] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714068.936] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714068.936] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714068.982] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=c995d64e-abd0-4705-ba4c-115eb5d03ec0, target=unix:/run/openshell/ssh.sock)]
[1780714068.988] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=1d88e3db-79b8-49c0-ba89-25dab8014d46, target=unix:/run/openshell/ssh.sock)]
[1780714068.988] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714069.035] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714069.036] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714069.081] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=1d88e3db-79b8-49c0-ba89-25dab8014d46, target=unix:/run/openshell/ssh.sock)]
[1780714069.088] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] [msg:ssh relay open (channel_id=8694114a-9887-4623-8aac-984ca7f936b9, target=unix:/run/openshell/ssh.sock)]
[1780714069.088] [sandbox] [OCSF ] [ocsf] SSH:OPEN [INFO] ALLOWED
[1780714069.605] [gateway] [INFO ] [openshell_server::grpc::policy] GetSandboxProviderEnvironment request completed successfully
[1780714069.139] [sandbox] [OCSF ] [ocsf] CONFIG:APPLYING [INFO] Applying Landlock filesystem sandbox [abi:V2 compat:BestEffort ro:7 rw:12]
[1780714069.139] [sandbox] [OCSF ] [ocsf] CONFIG:BUILT [INFO] Landlock ruleset built [rules_applied:18 skipped:1]
[1780714069.185] [sandbox] [OCSF ] [ocsf] NET:CLOSE [INFO] [msg:ssh relay closed (channel_id=8694114a-9887-4623-8aac-984ca7f936b9, target=unix:/run/openshell/ssh.sock)]
[1780714069.600] [sandbox] [OCSF ] [ocsf] CONFIG:DETECTED [INFO] Settings poll: config change detected [old_revision:972912179946279107 new_revision:972912179946279107 policy_changed:false provider_env_changed:true]
[1780714069.605] [sandbox] [OCSF ] [ocsf] CONFIG:LOADED [INFO] Provider environment refreshed [revision:3292416169560067762 env_count:2]
[1780714084.480] [sandbox] [OCSF ] [ocsf] NET:OPEN [INFO] ALLOWED /usr/local/bin/node(415) -> api.telegram.org:443 [policy:telegram_bot engine:opa]
[1780714084.650] [sandbox] [OCSF ] [ocsf] HTTP:POST [INFO] ALLOWED POST http://api.telegram.org:443/bot<REDACTED>/getUpdates [policy:telegram_bot engine:l7]
═══ Onboard Session ═══
{
"version": 1,
"sessionId": "1780713734340-0fb257de-15d3-49b0-b033-91a2605eedeb",
"status": "complete",
"resumable": false,
"mode": "interactive",
"startedAt": "2026-06-06T02:42:14.340Z",
"updatedAt": "2026-06-06T02:47:49.188Z",
"sandboxName": "my-assistant",
"provider": "vllm-local",
"model": "nvidia/Qwen3.6-35B-A3B-NVFP4",
"endpointUrl": "http://host.openshell.internal:8000/v1",
"credentialEnv": null,
"hermesAuthMethod": null,
"preferredInferenceApi": "openai-completions",
"nimContainer": null,
"hermesToolGateways": [],
"policyPresets": [
"npm",
"pypi",
"huggingface",
"brew",
"weather",
"github",
"local-inference",
"openclaw-pricing",
"telegram",
"brave"
],
"gpuPassthrough": true,
"lastStepStarted": "policies",
"lastCompletedStep": "policies",
"failure": null,
"machine": {
"version": 1,
"state": "complete",
"stateEnteredAt": "2026-06-06T02:47:49.188Z",
"revision": 10
},
"steps": {
"preflight": {
"status": "complete",
"startedAt": "2026-06-06T02:42:14.341Z",
"completedAt": "2026-06-06T02:42:15.252Z",
"error": null
},
"gateway": {
"status": "complete",
"startedAt": "2026-06-06T02:42:15.362Z",
"completedAt": "2026-06-06T02:42:15.919Z",
"error": null
},
"sandbox": {
"status": "complete",
"startedAt": "2026-06-06T02:47:15.278Z",
"completedAt": "2026-06-06T02:47:47.584Z",
"error": null
},
"provider_selection": {
"status": "complete",
"startedAt": "2026-06-06T02:42:15.920Z",
"completedAt": "2026-06-06T02:46:06.687Z",
"error": null
},
"inference": {
"status": "complete",
"startedAt": "2026-06-06T02:46:56.994Z",
"completedAt": "2026-06-06T02:46:57.329Z",
"error": null
},
"openclaw": {
"status": "complete",
"startedAt": "2026-06-06T02:47:47.585Z",
"completedAt": "2026-06-06T02:47:47.720Z",
"error": null
},
"agent_setup": {
"status": "skipped",
"startedAt": null,
"completedAt": null,
"error": null
},
"policies": {
"status": "complete",
"startedAt": "2026-06-06T02:47:47.724Z",
"completedAt": "2026-06-06T02:47:47.772Z",
"error": null
}
}
}
═══ Sandbox Internals ═══
UID PID PPID C STIME TTY TIME CMD
root 1 0 0 02:42 ? 00:00:00 /opt/openshell/bin/openshell-sandbox env CHAT_UI_URL=http://127.0.0.1:18789 NEMOCLAW_DASHBOARD_PORT=18789 OPENCLAW_HOME=/sandbox OPENCLAW_STATE_DIR=/sandbox/.openclaw OPENCLAW_WORKSPACE_DIR=/sandbox/.openclaw/workspace nemoclaw-start
sandbox 90 1 0 02:42 ? 00:00:00 bash /usr/local/bin/nemoclaw-start
sandbox 96 90 0 02:42 ? 00:00:00 tee -a /tmp/nemoclaw-start.log
sandbox 97 90 0 02:42 ? 00:00:00 tee -a /tmp/nemoclaw-start.log
sandbox 415 90 3 02:42 ? 00:00:10 openclaw
sandbox 416 90 0 02:42 ? 00:00:00 bash /usr/local/bin/nemoclaw-start
sandbox 417 416 0 02:42 ? 00:00:00 tail -n +1 -F /tmp/gateway.log
sandbox 419 416 0 02:42 ? 00:00:00 sed -u s/^/[gateway-log:] /
sandbox 430 90 0 02:42 ? 00:00:00 bash /usr/local/bin/nemoclaw-start
sandbox 431 430 0 02:42 ? 00:00:00 tail -n +1 -F /tmp/gateway.log
sandbox 433 90 0 02:42 ? 00:00:00 python3 -
sandbox 1146 1 0 02:48 ? 00:00:00 ps -ef
total used free shared buff/cache available
Mem: 124546 117733 1053 107 7230 6812
Swap: 0 0 0
═══ Kernel Messages ═══
(kernel messages skipped: dmesg access is restricted for this user; /proc/sys/kernel/dmesg_restrict=1 prevents non-root users from reading kernel logs.
Re-run with `sudo nemoclaw debug --quick` to include kernel logs in this report.
Note: privileged diagnostics and kernel logs may contain sensitive data; review before sharing.)
[debug] Done. If filing a bug, run with --output and attach the tarball to your issue:
[debug] nemoclaw debug --output /tmp/nemoclaw-debug.tar.gz
paul@aitopatom-0a7d:~$
Description
vllm container dont start automatically after reboot
I have to run nemoclaw onboard --fresh --gpugpu for it to be configured again
Reproduction Steps
nemoclaw inference getnemoclaw inference getit failsdocker ps will show one container , no vllm running
Environment
Debug Output
Logs
Checklist