What version of Codex CLI is running?
codex-cli 0.118.0
What subscription do you have?
ChatGPT Plus
Which model were you using?
gpt-5.4
What platform is your computer?
Microsoft Windows NT 10.0.26100.0 x64
What terminal emulator and version are you using (if applicable)?
Windows Terminal + PowerShell 7
What issue are you seeing?
On Windows, in a session configured with sandbox_mode = "workspace-write", simple read-only commands targeting files inside the current workspace fail before the actual command starts.
The failure is not caused by file access to the workspace itself. Internal logs show that Codex first tries to launch its own intermediate runner, codex-command-runner.exe, and that launch fails before process
start with error=1385.
• Running Get-ChildItem -Force
• Ran Get-ChildItem -Force
└ execution error: Io(Custom { kind: Other, error: "windows sandbox: CreateProcessWithLogonW failed: 1385" })
• Ran rg --files
└ execution error: Io(Custom { kind: Other, error: "windows sandbox: CreateProcessWithLogonW failed: 1385" })
This is confusing because it looks like a normal shell/file access failure, but the actual command never starts.
Relevant config:
model = "gpt-5.4"
approval_policy = "on-failure"
sandbox_mode = "workspace-write"
experimental_windows_sandbox = false
[projects.'\\?\D:\code\skills-manager\agent-skills']
trust_level = "trusted"
[windows]
sandbox = "elevated"
Relevant logs:
[2026-04-04T11:31:53.778702700+00:00] read ACL run completed
[2026-04-04 19:32:04.861 codex.exe] START: C:\Program Files\PowerShell\7\pwsh.exe -NoProfile -Command [Console]::OutputEncoding=[System.Text.Encoding]::UTF8;
Get-ChildItem -Force
[2026-04-04 19:32:04.862 codex.exe] START: C:\Program Files\PowerShell\7\pwsh.exe -NoProfile -Command [Console]::OutputEncoding=[System.Text.Encoding]::UTF8;
rg --files
[2026-04-04 19:32:04.891 codex.exe] setup refresh: spawning C:\Users\cppgo\AppData\Local\mise\installs\node\24.13.0\node_modules@openai\codex\node_modules@openai\codex-win32-x64\vendor\x86_64-pc-windows-
msvc\codex\codex-windows-sandbox-setup.exe (cwd=D:\code\skills-manager\agent-skills, payload_len=7352)
[2026-04-04 19:32:04.891 codex.exe] setup refresh: spawning C:\Users\cppgo\AppData\Local\mise\installs\node\24.13.0\node_modules@openai\codex\node_modules@openai\codex-win32-x64\vendor\x86_64-pc-windows-
msvc\codex\codex-windows-sandbox-setup.exe (cwd=D:\code\skills-manager\agent-skills, payload_len=7352)
[2026-04-04T11:32:04.926530+00:00] setup refresh: processed 3 write roots (read roots delegated); errors=[]
[2026-04-04 19:32:04.926 codex-windows-sandbox-setup.exe] setup binary completed
[2026-04-04 19:32:04.932 codex.exe] helper copy: using in-memory cache for command-runner -> C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.932 codex.exe] helper launch resolution: using copied command-runner path C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.932 codex.exe] runner launch: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe --pipe-in=\.\pipe\codex-
runner-57363f836aa005506c9997aeba1c1b07-in --pipe-out=\.\pipe\codex-runner-e71649835bb23388493adfe43d7438f1-out cwd=D:\code\skills-manager\agent-skills
[2026-04-04T11:32:04.934572700+00:00] setup refresh: processed 3 write roots (read roots delegated); errors=[]
[2026-04-04 19:32:04.934 codex-windows-sandbox-setup.exe] setup binary completed
[2026-04-04 19:32:04.936 codex.exe] runner launch failed before process start: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
--pipe-in=\.\pipe\codex-runner-57363f836aa005506c9997aeba1c1b07-in --pipe-out=\.\pipe\codex-runner-e71649835bb23388493adfe43d7438f1-out error=1385
[2026-04-04 19:32:04.940 codex.exe] helper copy: using in-memory cache for command-runner -> C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.940 codex.exe] helper launch resolution: using copied command-runner path C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.941 codex.exe] runner launch: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe --pipe-in=\.\pipe\codex-
runner-cfb7dda8dc5bdf1738b8d1e8a98f24d7-in --pipe-out=\.\pipe\codex-runner-e776f0fa7b795b0dee66b2e66d8fa3dc-out cwd=D:\code\skills-manager\agent-skills
[2026-04-04 19:32:04.944 codex.exe] runner launch failed before process start: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
--pipe-in=\.\pipe\codex-runner-cfb7dda8dc5bdf1738b8d1e8a98f24d7-in --pipe-out=\.\pipe\codex-runner-e776f0fa7b795b0dee66b2e66d8fa3dc-out error=1385
[2026-04-04T11:32:04.964347600+00:00] read-acl-only mode: applying read ACLs
[2026-04-04T11:32:04.971490200+00:00] read ACL helper already running; skipping
[2026-04-04T11:32:04.978308700+00:00] read ACL run completed
What steps can reproduce the bug?
- Run Codex CLI on Windows with a config like:
approval_policy = "on-failure"
sandbox_mode = "workspace-write"
experimental_windows_sandbox = false
[windows]
sandbox = "elevated"
- Open a trusted workspace, for example:
D:\code\skills-manager\agent-skills
- Ask Codex to read the current codebase or run simple read-only commands in the workspace, such as:
- Get-ChildItem -Force
- rg --files
- Observe that Codex logs START lines for the shell commands, but then internally launches:
- codex-windows-sandbox-setup.exe
- codex-command-runner.exe
- Observe that codex-command-runner.exe fails before process start with:
error=1385
In my case, the commands never actually started.
What is the expected behavior?
Simple read-only commands targeting files inside the current workspace should run successfully in workspace-write.
If Codex chooses to route execution through an internal Windows runner, and that runner cannot be started, the error should clearly state that:
- the actual shell command never started
- the failure happened while launching
codex-command-runner.exe
- the selected runner/backend and config resolution should be logged clearly
At minimum, the failure mode should not look like a normal workspace file access failure when the real problem is runner process creation.
Additional information
I also checked local security policy for Windows logon rights because error 1385 usually indicates a logon-type permission problem.
I explicitly added the relevant sandbox-related principals and my user to Log on as a batch job (SeBatchLogonRight), then rebooted the machine, but the problem still reproduced.
In my environment, the policy already includes entries such as:
CodexSandboxOfflineCodexSandboxOnline- my local user
Administrators
So this does not appear to be resolved by simply granting batch logon rights locally.
The key problem here is that the target path is already inside the configured workspace, so this does not appear to be a workspace path access issue.
From the logs, the failure happens before pwsh.exe or rg actually runs. The issue appears to be entirely in Codex's Windows runner-launch path.
It would help a lot if Codex exposed:
- the final effective config for this session
- why this runner/backend was selected
- the Win32 error text for
1385
- whether any fallback execution path was attempted
What version of Codex CLI is running?
codex-cli 0.118.0
What subscription do you have?
ChatGPT Plus
Which model were you using?
gpt-5.4
What platform is your computer?
Microsoft Windows NT 10.0.26100.0 x64
What terminal emulator and version are you using (if applicable)?
Windows Terminal + PowerShell 7
What issue are you seeing?
On Windows, in a session configured with
sandbox_mode = "workspace-write", simple read-only commands targeting files inside the current workspace fail before the actual command starts.The failure is not caused by file access to the workspace itself. Internal logs show that Codex first tries to launch its own intermediate runner,
codex-command-runner.exe, and that launch fails before processstart with
error=1385.This is confusing because it looks like a normal shell/file access failure, but the actual command never starts.
Relevant config:
Relevant logs:
[2026-04-04T11:31:53.778702700+00:00] read ACL run completed
[2026-04-04 19:32:04.861 codex.exe] START: C:\Program Files\PowerShell\7\pwsh.exe -NoProfile -Command [Console]::OutputEncoding=[System.Text.Encoding]::UTF8;
Get-ChildItem -Force
[2026-04-04 19:32:04.862 codex.exe] START: C:\Program Files\PowerShell\7\pwsh.exe -NoProfile -Command [Console]::OutputEncoding=[System.Text.Encoding]::UTF8;
rg --files
[2026-04-04 19:32:04.891 codex.exe] setup refresh: spawning C:\Users\cppgo\AppData\Local\mise\installs\node\24.13.0\node_modules@openai\codex\node_modules@openai\codex-win32-x64\vendor\x86_64-pc-windows-
msvc\codex\codex-windows-sandbox-setup.exe (cwd=D:\code\skills-manager\agent-skills, payload_len=7352)
[2026-04-04 19:32:04.891 codex.exe] setup refresh: spawning C:\Users\cppgo\AppData\Local\mise\installs\node\24.13.0\node_modules@openai\codex\node_modules@openai\codex-win32-x64\vendor\x86_64-pc-windows-
msvc\codex\codex-windows-sandbox-setup.exe (cwd=D:\code\skills-manager\agent-skills, payload_len=7352)
[2026-04-04T11:32:04.926530+00:00] setup refresh: processed 3 write roots (read roots delegated); errors=[]
[2026-04-04 19:32:04.926 codex-windows-sandbox-setup.exe] setup binary completed
[2026-04-04 19:32:04.932 codex.exe] helper copy: using in-memory cache for command-runner -> C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.932 codex.exe] helper launch resolution: using copied command-runner path C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.932 codex.exe] runner launch: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe --pipe-in=\.\pipe\codex-
runner-57363f836aa005506c9997aeba1c1b07-in --pipe-out=\.\pipe\codex-runner-e71649835bb23388493adfe43d7438f1-out cwd=D:\code\skills-manager\agent-skills
[2026-04-04T11:32:04.934572700+00:00] setup refresh: processed 3 write roots (read roots delegated); errors=[]
[2026-04-04 19:32:04.934 codex-windows-sandbox-setup.exe] setup binary completed
[2026-04-04 19:32:04.936 codex.exe] runner launch failed before process start: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
--pipe-in=\.\pipe\codex-runner-57363f836aa005506c9997aeba1c1b07-in --pipe-out=\.\pipe\codex-runner-e71649835bb23388493adfe43d7438f1-out error=1385
[2026-04-04 19:32:04.940 codex.exe] helper copy: using in-memory cache for command-runner -> C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.940 codex.exe] helper launch resolution: using copied command-runner path C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
[2026-04-04 19:32:04.941 codex.exe] runner launch: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe --pipe-in=\.\pipe\codex-
runner-cfb7dda8dc5bdf1738b8d1e8a98f24d7-in --pipe-out=\.\pipe\codex-runner-e776f0fa7b795b0dee66b2e66d8fa3dc-out cwd=D:\code\skills-manager\agent-skills
[2026-04-04 19:32:04.944 codex.exe] runner launch failed before process start: exe=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe cmdline=C:\Users\cppgo.codex.sandbox-bin\codex-command-runner.exe
--pipe-in=\.\pipe\codex-runner-cfb7dda8dc5bdf1738b8d1e8a98f24d7-in --pipe-out=\.\pipe\codex-runner-e776f0fa7b795b0dee66b2e66d8fa3dc-out error=1385
[2026-04-04T11:32:04.964347600+00:00] read-acl-only mode: applying read ACLs
[2026-04-04T11:32:04.971490200+00:00] read ACL helper already running; skipping
[2026-04-04T11:32:04.978308700+00:00] read ACL run completed
What steps can reproduce the bug?
D:\code\skills-manager\agent-skills
error=1385
In my case, the commands never actually started.
What is the expected behavior?
Simple read-only commands targeting files inside the current workspace should run successfully in
workspace-write.If Codex chooses to route execution through an internal Windows runner, and that runner cannot be started, the error should clearly state that:
codex-command-runner.exeAt minimum, the failure mode should not look like a normal workspace file access failure when the real problem is runner process creation.
Additional information
I also checked local security policy for Windows logon rights because error 1385 usually indicates a logon-type permission problem.
I explicitly added the relevant sandbox-related principals and my user to Log on as a batch job (
SeBatchLogonRight), then rebooted the machine, but the problem still reproduced.In my environment, the policy already includes entries such as:
CodexSandboxOfflineCodexSandboxOnlineAdministratorsSo this does not appear to be resolved by simply granting batch logon rights locally.
The key problem here is that the target path is already inside the configured workspace, so this does not appear to be a workspace path access issue.
From the logs, the failure happens before
pwsh.exeorrgactually runs. The issue appears to be entirely in Codex's Windows runner-launch path.It would help a lot if Codex exposed:
1385