Intelligence Radar / Origin Node
GitHub Issue

Codex CLI: bubblewrap (bwrap) sandbox fails on Synology NAS β€” apply_patch broken

Discovered On Mar 28, 2026
Primary Metric open
### Image Variant Full (latest / dev) ### Image Tag / Version Latest ### Host OS Linux ### What happened? **Environment** - Host: Synology NAS (DSM 7.x) - HolyClaude: latest - Platform: linux/amd64 - Deployment: Docker Compose behind Traefik + Authentik **Problem** When using the Codex CLI inside HolyClaude on a Synology NAS, the `apply_patch` tool fails with the following error: > bwrap: Creating new namespace failed: Operation not permitted This is caused by Synology's kernel restricting user namespaces, which bubblewrap requires to create its sandbox. As a result, Codex CLI cannot write files through its normal sandboxed mechanism and falls back to asking the user to explicitly authorize "patch via shell" for every file edit. ### What did you expect? No fail ### Steps to reproduce 1. Deploy HolyClaude on a Synology NAS using the provided docker-compose 2. Start a Codex CLI session 3. Ask Codex to edit any file 4. Observe: `Failed to apply patch` / `bwrap: Creating new namespace failed` **Expected behavior** Codex CLI should be able to edit files without requiring explicit shell fallback authorization on every patch. **Suggested fix** Install `bubblewrap` in the image with the setuid bit set, which allows it to work without user namespace support: ```dockerfile RUN apt-get install -y bubblewrap && chmod u+s /usr/bin/bwrap ### Docker Compose / Run command ```yaml ``` ### Logs / Error output ```shell ```
View Raw Thread

Developer & User Discourse

CoderLuii • Mar 28, 2026
thanks for the detailed report. this is a clear issue with bubblewrap needing user namespaces that synology kernels restrict.

the fix is straightforward, adding `bubblewrap` to the image and setting the setuid bit so it works without user namespace support:

```dockerfile
RUN apt-get install -y bubblewrap && chmod u+s /usr/bin/bwrap
```

this will land in the next release. on standard linux hosts bwrap still uses namespaces normally so no behavior change there, the setuid bit only kicks in on restricted kernels like synology.

appreciate you including the suggested fix, saved me the research time.
tchirou • Mar 28, 2026
You are welcome, this is Claude who did the heavy lifting of writing the issue πŸ˜‚
Awesome project !
Do you have a buymeacoffee or what ?
I am currently on the phone messing with Claude code and codex, no more need of a laptop !
CoderLuii • Mar 28, 2026
haha claude writes better bug reports than most humans honestly. appreciate the kind words!

yeah i do have a buy me a coffee: https://buymeacoffee.com/CoderLuii

glad its working well for you on mobile, thats exactly the use case i built it for. no laptop needed, just a browser and a server doing the work.
tchirou • Mar 28, 2026
I have found your buymeacoffee on your site.
Also you should update it as codex works with a chatgpt plus subscription
Finally, as I don’t know what I am talking about as a non coder, there are a bunch of tools to be allowed in the permissions settings of Claude but there are not in the codex permissions. Is it a limitation or could they be implemented ? It asked me 9 times to proceed with node, it was cumbersome to select yes each time on the phone
Many thanks
CoderLuii • Mar 28, 2026
haha claude writing its own bug reports, love it. glad its working well on your phone too, thats exactly the use case i had in mind. no laptop, just a browser and your server doing the work.

just got your 5 euros, seriously appreciate it. youre the first supporter ever. actually just finished setting up the membership tiers on buymeacoffee because of you lol.

the bubblewrap fix is done and tested locally. waiting for the build to finish and ill tag v1.1.6. ill reply here once its live so you can pull the latest.