#I'm facing a persistent issue where Cron jobs running in an isolated session fail to deliver externa

1 messages ยท Page 1 of 1 (latest)

proud escarp
#

I'm facing a persistent issue where Cron jobs running in an isolated session fail to deliver external messages/notifications.

Symptom: The Cron job executes message or exec(curl) commands. The system reports "Executed Successfully", but the external recipient (Telegram Chat ID or Bark) never receives the message.
Diagnosis: The exact same commands work perfectly when run directly in the main session.
Attempted Fix: I explicitly granted exec and message tool permissions to isolated sessions in clawdbot.json, but the issue remains.

Question: Is there an underlying security or sandboxing policy that blocks external communication from the Cron isolated environment? What specific configuration is needed to lift this restriction?

sharp quartzBOT
#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> โœ… Mark Solution

proud escarp
#

Can someone help me?

#

@keen path

keen pathBOT
# proud escarp I'm facing a persistent issue where Cron jobs running in an isolated session fai...

Now I understand the issue. Let me provide a comprehensive answer:

Root Cause Identified:

Cron jobs running in isolated sessions are sandboxed by default, and the sandbox has two restrictions blocking external communication:

  1. Network is blocked by default: Sandbox containers use network: "none" which prevents any outbound/inbound network access
  2. message tool is not allowed in sandbox: The default sandbox tool policy only allows exec, process, read, write, edit, apply_patch, and session tools โ€” but NOT message

The Fix:

Add this to your clawdbot.json:

# 
{
  agents: {
    defaults: {
      sandbox: {
        mode: "non-main",
        docker: {
          network: "bridge"  // โ† THIS enables network access for isolated sessions
        }
      }
    }
  },
  tools: {
    sandbox: {
      tools: {
        allow: [
# 
          "exec", 
          "process", 
          "read", 
          "write", 
          "edit", 
          "apply_patch", 
          "sessions_list", 
          "sessions_history", 
          "sessions_send", 
          "sessions_spawn", 
          "session_status",
          "message"  // โ† ADD THIS for message delivery
        ],
        deny: ["browser", "canvas", "nodes", "cron", "discord", "gateway"]
      }
# 
    }
  }
}

After applying config:

clawdbot gateway config.patch --raw <your config>
# OR restart the gateway
clawdbot gateway restart

Verification:

clawdbot sandbox explain
#

This will show you the effective sandbox mode, tool policy, and confirm network access is enabled.

Alternative: Disable Sandbox for Cron Jobs

If you don't want sandboxing at all for cron jobs, you can disable it entirely:

{
  agents: {
    defaults: {
      sandbox: {
        mode: "off"  // Completely disable sandbox for all sessions
      }
    }
  }
}
#

Key takeaway: The issue isn't about permissions you grant to isolated sessions in the main config โ€” it's about the default sandbox restrictions that apply to all non-main sessions (including cron sessions). You need to explicitly enable network access and allow the message tool in the sandbox tool policy.

balmy depot
#

Did this help you OP? @proud escarp