--add-dir of /dev directories doesn't seem to work for the sandbox

[BNieuwenhuizen]

What version of Codex CLI is running?

codex-cli 0.121.0

What subscription do you have?

Plus

Which model were you using?

gpt-5.4

What platform is your computer?

Linux 6.19.6-arch1-1 x86_64 unknown

What terminal emulator and version are you using (if applicable)?

konsole 25.12.3

What issue are you seeing?

I'm trying to make the model be able to test-run my graphics application For that I need access to /dev/dri as that contains the HW files, but mapping those into the sandbox doesn't seem to work.

What steps can reproduce the bug?

Run codex --add-dir /dev --add-dir /dev/dri and ask the model to "ls /dev/dri" (or similar commands, like "strace vulkaninfo" if you have relevant GPUs).

What is the expected behavior?

The model can access /dev/dri to execute graphics applications.

Additional information

I'm guessing that this needs a "--dev-bind" in bubblewrap because bubblewrap maps a "fake" /dev into the sandbox.

e.g. looking at "codex-rs/linux-sandbox/src/bwrap.rs", you might get something like

$ bwrap --ro-bind / / --dev /dev /bin/ls /dev/dri
ls: cannot access '/dev/dri': No such file or directory

while

$ bwrap --ro-bind / / --dev /dev --dev-bind /dev/dri /dev/dri /bin/ls /dev/dri
by-path  card0  card1  renderD128  renderD129

[github-actions]

Potential duplicates detected. Please review them and close your issue if it is a duplicate.

• Linux sandbox regression: default backend denies /dev/null and /dev/zero; legacy Landlock works #16451

Powered by Codex Action