Modified libsandbox and pysandbox is available in my github repository link :
https://github.com/palashmaran/libsandbox.git
Solution for Restricted Function with libsandbox and pysandbox
The RF result code was most likely due to unexpected syscalls for file operations (i.e. SYS_open(), SYS_close(), SYS_stat(), …). It so happens when (1) the target program actually does file operations, and (or) when (2) it was dynamically linked and needs to load .so libraries in runtime. Since your target program does not invoke file operations, it belongs to the latter case.
Then, to resolve the RF outcome, either,
statically link the target program to avoid dependencies on shared libraries; or,
extend the policy rules in the wrapper script to handle relevant SYSCALL / SYSRET events;
For statically linking system calls we use system call codes for ex 0,1,2 3-sys_read 1-sys_exit and so on Go through link for more details link for system call list with code : http://docs.cs.up.ac.za/programming/asm/derick_tut/syscalls.html
I change this:
x86_64=set([0,1,5,8,9,10,11,12,16,21,25,63,89,158,219,231])
for this:
x86_64=set([0,1,2,3,4,5,8,9,10,11,12,16,21,25,63,89,158,219,231,])
in sample2.py, and It works
Modified sample2.py is available in my github repository link :
https://github.com/palashmaran/libsandbox.git
Open Source Open Community 