diff options
| author | Claude <noreply@anthropic.com> | 2026-05-26 09:28:57 +0000 |
|---|---|---|
| committer | Claude <noreply@anthropic.com> | 2026-05-26 09:28:57 +0000 |
| commit | 561915c5182c3fb39cd6a8b6613c489b35b7c1bf (patch) | |
| tree | 10e7ba6e33784332ef15d5d359897e56ba51fde2 /internal/cli/project_test.go | |
| parent | fb7f8a4c07a8bf6539566aacbc8a92310c555992 (diff) | |
fix(executor): set IS_SANDBOX=1 so claude honors bypassPermissions under root
The spike found that `claude --permission-mode bypassPermissions` (emitted by
buildInnerCmd) is rejected when the process runs as root, and buildDockerArgs
maps the container --user to the host uid — which is 0 when claudomator runs as
root, breaking all claude tool execution in production.
The container is an isolated sandbox, exactly the case the claude CLI gates
behind IS_SANDBOX=1; setting it in the container env makes bypassPermissions
work regardless of the host uid. Verified empirically against claude 2.1.150
(rejected as root without it; succeeds with it). Harmless for gemini containers.
https://claude.ai/code/session_01SESwn7kQ7oP62trWw6pc39
Diffstat (limited to 'internal/cli/project_test.go')
0 files changed, 0 insertions, 0 deletions
