Summary

On a headless Raspberry Pi 5 running OpenClaw as a local gateway, all exec commands from the agent require approval and timeout waiting for it, despite exec-approvals.json being correctly configured with security=full and ask=off. The exec-approvals.sock socket file is never created.

Commands eventually execute after ~1-2 minutes (presumably a gateway fallback/timeout path), but the delay makes interactive use painful.

Environment

• OpenClaw version: 2026.2.24 (df9a474)
• OS: Debian GNU/Linux 12 (bookworm)
• Hardware: Raspberry Pi 5, aarch64
• Kernel: 6.12.70+rpt-rpi-2712 fix: add @lid format support and allowFrom wildcard handling #1 SMP PREEMPT (2026-02-16)
• Node.js: v22.22.0
• Gateway: Local mode, systemd service (openclaw-gateway.service), bound to loopback (ws://127.0.0.1:18789)
• Install method: npm global install

Symptoms

1. Every exec call from the agent returns "Approval required (id xxx)" immediately
2. The approval ID does not resolve to a running session (process list / process poll return nothing)
3. Commands DO eventually execute after ~60-120 seconds (gateway fallback)
4. The delay is intermittent — sometimes commands execute instantly, sometimes they timeout
5. After a gateway restart, exec sometimes works immediately for a period, then reverts to requiring approval
6. exec-approvals.sock is never created on disk — only exec-approvals.json exists

Configuration

{
  "version": 1,
  "socket": {
    "path": "/home/ffyring/.openclaw/exec-approvals.sock",
    "token":  <MY_TOKEN>
  },
  "defaults": {
    "security": "full",
    "ask": "off",
    "askFallback": "full",
    "autoAllowSkills": true
  },
  "agents": {}
}

Both openclaw approvals get and openclaw approvals get --gateway show identical config with security=full, ask=off.

What I've Tried

• Verified exec-approvals.json has security: "full" and ask: "off"
• Checked both local and gateway approval configs — both correct
• Restarted gateway multiple times via openclaw gateway restart
• Used security=full parameter on exec tool calls — no effect
• Confirmed no per-agent overrides exist (agents: {})
• Checked for socket file after gateway restart — never appears

Steps to reproduce

1. Install OpenClaw globally on a headless Raspberry Pi 5 (arm64): npm i -g openclaw
2. Configure local gateway mode
3. Set exec-approvals.json defaults to security: "full", ask: "off"
4. Start gateway: openclaw gateway start
5. Verify socket is missing: ls ~/.openclaw/exec-approvals.sock → not found
6. From an agent session, run any exec command: echo "hello"
7. Observe: "Approval required" → ~60-120s delay → command eventually executes

Expected behavior

With security=full and ask=off, exec commands should execute immediately without any approval flow. Either:

• The socket daemon should start and auto-approve, OR
• The gateway should skip the approval flow entirely when defaults allow it

Actual behavior

1. Gateway starts → agent tries exec → "Approval required"
2. No socket exists for the approval daemon to listen on
3. Gateway waits for approval response via socket → times out
4. After timeout (~60-120s), command executes anyway (fallback path?)
5. Occasionally, commands execute instantly (unclear why — possibly a race condition or caching)

OpenClaw version

2026.2.24 (df9a474)

Operating system

Debian GNU/Linux 12 (bookworm)

Install method

npm global

Logs, screenshots, and evidence

Impact and severity

• Interactive agent use is severely degraded (every tool call delayed 1-2 min)
• Heartbeats and cron jobs that rely on exec are unreliable
• Workaround exists (commands do eventually execute) but UX is poor

Additional information

Related Issues

• [Bug]: exec-approvals.sock not created on headless Linux node, causing SYSTEM_RUN_DENIED timeout #6874 — exec-approvals.sock not created on headless Linux node, causing SYSTEM_RUN_DENIED timeout (same root cause, different setup)
• [Feature]: Add gateway.trustedNetworks to allow ws:// over encrypted mesh networks (WireGuard/VPNs) #21192 — ws:// security check on non-loopback IPs (possibly related to gateway communication)