exec-server: expose arg0 alias root to fs sandbox

[bolinfest]

Why

The post-merge rust-ci-full run for #18999 still failed the Ubuntu remote suite::remote_env sandboxed filesystem tests. That run checked out merge commit ddde50c611e4800cb805f243ed3c50bbafe7d011, so the arg0 guard lifetime fix was present.

The Docker-backed failure had two remaining pieces:

• The sandboxed filesystem helper needs to execute Codex through the codex-linux-sandbox arg0 alias path. The helper sandbox was only granting read access to the real Codex executable parent, so the alias parent also has to be visible inside the helper sandbox.
• The remote-env tests were building sandbox contexts with FileSystemSandboxContext::new(), which captures the local test runner cwd. In the Docker remote exec-server, that host checkout path does not exist, so spawning the filesystem helper failed with No such file or directory before the helper could process the request.

While validating the PR, the Windows Bazel unit-test shard also exposed a marginal 2s timing assertion in output_and_exit_are_retained_after_notification_receiver_closes. The test command intentionally waits before emitting output on Windows, so the old deadline could fail under CI load even when the behavior was correct.

What Changed

• Track all helper runtime read roots instead of a single root.
• Add both the real Codex executable parent and the codex-linux-sandbox alias parent to sandbox readable roots.
• Avoid sending an unused local cwd in remote filesystem sandbox contexts when the permission profile has no cwd-dependent entries.
• Build the Docker remote-env test sandbox contexts with a cwd path that exists inside the container.
• Relax the exec-server handler test close deadline from 2s to 5s.
• Add unit coverage for the alias-parent root and remote sandbox cwd handling.

Verification

• cargo test -p codex-exec-server
• cargo test -p codex-exec-server output_and_exit_are_retained_after_notification_receiver_closes
• cargo test -p codex-core remote_test_env_sandboxed_read_allows_readable_root
• just fix -p codex-exec-server
• just fix -p codex-core

[bolinfest]

Windows build seems to keep failing:

• Attempt 1: https://app.buildbuddy.io/invocation/6ce17f36-dd56-4640-8523-f8bba624b34c
• Attempt 2: https://app.buildbuddy.io/invocation/a9858105-e3ea-402d-8ed0-e7ec565d7457

Executing tests from //codex-rs/exec-server:exec-server-unit-tests
-----------------------------------------------------------------------------

running 44 tests
test environment::tests::create_local_environment_does_not_connect ... ok
test environment::tests::disabled_environment_manager_has_no_default_environment ... ok
test client::tests::process_events_are_delivered_in_seq_order_when_notifications_are_reordered ... ok
test environment::tests::environment_manager_carries_local_runtime_paths ... ok
test environment::tests::environment_manager_default_environment_caches_environment ... ok
test environment::tests::environment_manager_keeps_local_lookup_when_default_disabled ... ok
test environment::tests::environment_manager_normalizes_empty_url ... ok
test environment::tests::environment_manager_reports_remote_url ... ok
test environment::tests::environment_manager_treats_none_value_as_disabled ... ok
test environment::tests::get_environment_returns_none_for_unknown_id ... ok
test environment::tests::test_environment_rejects_sandboxed_filesystem_without_runtime_paths ... ok
test fs_helper::tests::helper_requests_use_fs_method_names ... ok
test fs_sandbox::tests::helper_env_preserves_path_for_system_bwrap_discovery_without_leaking_secrets ... ok
test fs_sandbox::tests::helper_env_carries_only_allowlisted_runtime_vars ... ok
test fs_sandbox::tests::helper_env_preserves_windows_path_key_for_system_bwrap_discovery ... ok
test fs_sandbox::tests::helper_permissions_enable_minimal_reads_for_read_only_access ... ok
test fs_sandbox::tests::helper_permissions_include_helper_read_root_without_additional_permissions ... ok
test fs_sandbox::tests::helper_permissions_enable_minimal_reads_for_workspace_read_access ... ok
test fs_sandbox::tests::helper_permissions_preserve_existing_writes ... ok
test fs_sandbox::tests::sandbox_cwd_rejects_cwd_dependent_profile_without_context_cwd ... ok
test fs_sandbox::tests::helper_permissions_include_linux_sandbox_alias_parent ... ok
test fs_sandbox::tests::sandbox_cwd_uses_context_cwd ... ok
test fs_sandbox::tests::sandbox_exec_request_carries_helper_env ... ok
test local_process::tests::child_env_applies_policy_then_overlay ... ok
test local_process::tests::child_env_defaults_to_exact_env ... ok
test process::tests::event_history_replay_is_bounded_by_retained_bytes ... ok
test remote_file_system::tests::remote_sandbox_context_drops_unused_cwd ... ok
test local_file_system::tests::symlink_points_to_directory_handles_dangling_directory_symlinks ... ok
test remote_file_system::tests::remote_sandbox_context_preserves_required_cwd ... ok
test remote_file_system::tests::transport_errors_map_to_broken_pipe ... ok
test rpc::tests::rpc_client_matches_out_of_order_responses_by_request_id ... ok
test server::handler::tests::active_session_resume_is_rejected ... ok
test server::file_system_handler::tests::no_platform_sandbox_policies_do_not_require_configured_sandbox_helper ... ok
test environment::tests::default_environment_has_ready_local_executor ... ok
test client::tests::wake_notifications_do_not_block_other_sessions ... ok
test server::handler::tests::terminate_reports_false_after_process_exit ... ok
test server::processor::tests::transport_disconnect_detaches_session_during_in_flight_read ... ok
test server::transport::transport_tests::parse_listen_url_accepts_default_websocket_url ... ok
test server::transport::transport_tests::parse_listen_url_accepts_websocket_url ... ok
test server::transport::transport_tests::parse_listen_url_rejects_invalid_websocket_url ... ok
test server::transport::transport_tests::parse_listen_url_rejects_unsupported_url ... ok
test server::handler::tests::duplicate_process_ids_allow_only_one_successful_start ... ok
test server::handler::tests::long_poll_read_fails_after_session_resume ... ok
test server::handler::tests::output_and_exit_are_retained_after_notification_receiver_closes ... FAILED

failures:

---- server::handler::tests::output_and_exit_are_retained_after_notification_receiver_closes stdout ----

thread 'server::handler::tests::output_and_exit_are_retained_after_notification_receiver_closes' (8856) panicked at exec-server/src\server\handler\tests.rs:347:9:
process should close within 2s
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace


failures:
    server::handler::tests::output_and_exit_are_retained_after_notification_receiver_closes

test result: FAILED. 43 passed; 1 failed; 0 ignored; 0 measured; 0 filtered out; finished in 2.24s