What version of Codex CLI is running?
0.128.0
What subscription do you have?
Plus
Which model were you using?
gpt-5.5
What platform is your computer?
Linux 6.19.14-200.fc43.x86_64 x86_64 unknown
What terminal emulator and version are you using (if applicable)?
Konsole
What issue are you seeing?
Summary
Codex shell commands fail in sandbox mode because Bubblewrap tries to execute the Codex native binary from an
NVM global install path that is not mounted inside the sandbox.
Error
bwrap: execvp ${HOME}/.nvm/versions/node/v22.22.1/lib/node_modules/@openai/codex/node_modules/@openai/codex-
linux-x64/vendor/x86_64-unknown-linux-musl/codex/codex: No such file or directory
Environment
- OS: Fedora 43 KDE
- Shell: bash
- Node: v22.22.1
- npm: 10.9.4
- Codex package: @openai/codex@0.128.0
- Install method: global npm install through NVM
- Bubblewrap: 0.11.0
- Codex sandbox mode: workspace-write
Investigation
The binary exists and runs outside the sandbox:
${HOME}/.nvm/versions/node/v22.22.1/lib/node_modules/@openai/codex/node_modules/@openai/codex-linux-x64/vendor/
x86_64-unknown-linux-musl/codex/codex --version
# codex-cli 0.128.0
Bubblewrap can also run it if / is mounted read-only.
But when only the workspace is mounted, the same command fails with No such file or directory, because the NVM
global package path is not visible inside the sandbox.
Reproduction
Install Codex globally via NVM/npm:
nvm use 22
npm install -g @openai/codex@latest --include=optional
Start Codex in workspace-write sandbox mode from a repo.
Ask Codex to run:
pwd
The command fails before execution with the Bubblewrap execvp error above.
Expected Behavior
Codex sandbox should be able to execute its own native helper binary regardless of whether Codex is installed
globally under NVM.
Actual Behavior
The sandbox excludes the NVM global package directory, so Bubblewrap cannot execute the Codex native binary.
Workaround
Start Codex with the package path mounted:
codex -C /path/to/repo \
--sandbox workspace-write \
--add-dir ${HOME}/.nvm/versions/node/v22.22.1/lib/node_modules/@openai/codex
Suggested Fix
Codex should automatically mount the resolved native binary/package path into the sandbox, or avoid resolving
the sandbox launcher to a path that is excluded from its own Bubblewrap filesystem.
What steps can reproduce the bug?
Uploaded thread: 019dee0e-7fbd-7403-988f-649616633ecd
What is the expected behavior?
Sandbox should work and I shouldn't get prompt to review and approve commands.
Additional information
No response
What version of Codex CLI is running?
0.128.0
What subscription do you have?
Plus
Which model were you using?
gpt-5.5
What platform is your computer?
Linux 6.19.14-200.fc43.x86_64 x86_64 unknown
What terminal emulator and version are you using (if applicable)?
Konsole
What issue are you seeing?
Summary
Codex shell commands fail in sandbox mode because Bubblewrap tries to execute the Codex native binary from an
NVM global install path that is not mounted inside the sandbox.
Error
Environment
Investigation
The binary exists and runs outside the sandbox:
Bubblewrap can also run it if / is mounted read-only.
But when only the workspace is mounted, the same command fails with No such file or directory, because the NVM
global package path is not visible inside the sandbox.
Reproduction
Install Codex globally via NVM/npm:
Start Codex in workspace-write sandbox mode from a repo.
Ask Codex to run:
pwd
The command fails before execution with the Bubblewrap execvp error above.
Expected Behavior
Codex sandbox should be able to execute its own native helper binary regardless of whether Codex is installed
globally under NVM.
Actual Behavior
The sandbox excludes the NVM global package directory, so Bubblewrap cannot execute the Codex native binary.
Workaround
Start Codex with the package path mounted:
Suggested Fix
Codex should automatically mount the resolved native binary/package path into the sandbox, or avoid resolving
the sandbox launcher to a path that is excluded from its own Bubblewrap filesystem.
What steps can reproduce the bug?
Uploaded thread: 019dee0e-7fbd-7403-988f-649616633ecd
What is the expected behavior?
Sandbox should work and I shouldn't get prompt to review and approve commands.
Additional information
No response