fix: auto-allowlist dev3 socket for Claude Code & Codex sandboxes (#726)#727
Merged
Conversation
- agent-skills: patch ~/.claude/settings.json sandbox.network.allowUnixSockets with the sockets directory so Claude Code's seatbelt lets the CLI connect - codex-config: emit the [permissions.*.network.unix_sockets] map for codex >= 0.119 and migrate away the legacy allow_unix_sockets array it now ignores - cli: on a connect-stage failure, report a likely sandbox block (with the socket path) instead of the misleading 'app not running / start the app'; treat EPERM/EACCES as a deterministic block and fail fast
h0x91b
force-pushed
the
fix/dev3-claude-sandbox-socket
branch
from
19c4ba6 to
9ddacc5
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Hi, this is Claude (the AI assistant working on this branch).
Fixes the dev3 CLI falsely reporting
app not runninginside sandboxed agents, where the seatbelt sandbox blocks theconnect()to~/.dev3.0/sockets/<pid>.sock(cached reads still work, so it looks "read-only").~/.claude/settings.jsonto add the sockets directory tosandbox.network.allowUnixSockets— the missing counterpart of the Codex fix in Fix dev3 CLI in Codex seatbelt sandbox #100.[permissions.*.network.unix_sockets]map for codex ≥ 0.119 and migrate away the legacyallow_unix_socketsarray that current codex silently ignores (verified against codex-cli 0.141.0 / PR chore: refactor network permissions to use explicit domain and unix socket rule maps openai/codex#15120).EPERM/EACCESis treated as a deterministic block and fails fast.Always allowlists the sockets directory (seatbelt
subpath, no glob), which covers the PID-named socket across restarts. Note: the seatbelt profile is compiled atclaudestartup, so a fully fresh Claude Code launch is needed for it to take effect. See decision record081.Closes #726