Skip to content

feat(exec): add packageAutoApprove for agent package installs#780

Open
konamgil wants to merge 1 commit intonextlevelbuilder:devfrom
konamgil:feat/package-auto-approve
Open

feat(exec): add packageAutoApprove for agent package installs#780
konamgil wants to merge 1 commit intonextlevelbuilder:devfrom
konamgil:feat/package-auto-approve

Conversation

@konamgil
Copy link
Copy Markdown

@konamgil konamgil commented Apr 9, 2026

Summary

Resolves two issues when agents request package installs (apk add, pip install, npm install) inside Docker containers:

  1. Approval timeout: Package install commands match deny patterns and route to the approval flow, but time out after 2 minutes if no admin approves in real time
  2. Permission denied: Even after auto-approve, the agent runs as non-root (goclaw, uid 1000), so apk add fails with Permission denied

Giải quyết hai vấn đề khi agent yêu cầu cài đặt package (apk add, pip install, npm install) trong Docker container:

  1. Approval timeout: Lệnh cài đặt package khớp deny pattern và chuyển đến approval flow, nhưng timeout sau 2 phút nếu không có admin duyệt
  2. Permission denied: Ngay cả sau khi auto-approve, agent chạy dưới quyền non-root (goclaw, uid 1000), nên apk add thất bại với Permission denied

Changes / Thay đổi

  • Add packageAutoApprove field to ExecApprovalConfig — configurable via "packageAutoApprove": true in config.json

  • When packageAutoApprove=true, detect apk commands and route them to the root-privileged pkg-helper Unix socket automatically

  • pip install and npm install work as non-root (via PIP_TARGET, NPM_CONFIG_PREFIX set in docker-entrypoint.sh), so auto-approve alone is sufficient

  • Thêm field packageAutoApprove vào ExecApprovalConfig — cấu hình qua "packageAutoApprove": true trong config.json

  • Khi packageAutoApprove=true, phát hiện lệnh apk và chuyển tự động đến pkg-helper Unix socket (chạy quyền root)

  • pip installnpm install hoạt động với non-root (nhờ PIP_TARGET, NPM_CONFIG_PREFIX trong docker-entrypoint.sh), nên chỉ cần auto-approve

Config example / Ví dụ cấu hình

{
  "tools": {
    "execApproval": {
      "security": "full",
      "ask": "off",
      "packageAutoApprove": true
    }
  }
}

Test plan

  • Set packageAutoApprove: true, ask agent to run apk add git → installs via pkg-helper
  • pip install requests → succeeds as non-root
  • npm install -g typescript → succeeds as non-root
  • packageAutoApprove: false (default) → existing approval flow works (no regression)
  • apk packages persist in /app/data/.runtime/apk-packages and reinstall on container restart

🤖 Generated with Claude Code

@konamgil @claude
feat(exec): add packageAutoApprove config to auto-approve and route p…
54d3511 
…ackage installs via pkg-helper

Agents running as non-root (goclaw user) cannot execute apk add/del directly.
Previously, package install commands hit the approval flow and timed out
when no admin was watching. This adds a `packageAutoApprove` config option
that skips the approval wait and routes apk commands through the root-privileged
pkg-helper Unix socket, while pip/npm commands proceed directly (already
writable via entrypoint env vars).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@konamgil