No shell access for my OpenClaw | Friends of the Crustacean 🦞🤝 | Page 1

plush venture Mar 7, 2026, 2:53 AM

#

On my first mac mini everything works great.

But my second mac mini refuses to do the simpliest tasks like gateway restart or adding some cronjob. He always tells me I should do it in the console:

"What is exactly missing right now:

The shell execution tool itself is not exposed to this session.
I currently only have:

• message
• sessions_list
• sessions_history
• sessions_send
• session_status

Because there is no shell/exec tool in that list, I cannot run any terminal commands on your Mac from here."

OpenClaw status

Overview
┌─────────────────┬──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┐
│ Item │ Value │
├─────────────────┼──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┤
│ Dashboard │ http://127.0.0.1:18789/ │
│ OS │ macos 26.3.1 (arm64) · node 22.22.1 │
│ Tailscale │ off │
│ Channel │ stable (default) │
│ Update │ pnpm · npm latest 2026.3.2 │
│ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · reachable 12ms · auth token · OpenClaw-Testing.local (192.168.110.194) app 2026.3.2 macos 26.3.1 │
│ Gateway service │ LaunchAgent installed · loaded · running (pid 10801, state active) │
│ Node service │ LaunchAgent not installed │
│ Agents │ 1 · 1 bootstrap file present · sessions 2 · default main active just now │

│ Probes │ skipped (use --deep) │
│ Events │ none │
│ Heartbeat │ 30m (main) │
│ Sessions │ 2 active · default gpt-5.3-codex (200k ctx) · ~/.openclaw/agents/main/sessions/sessions.json │
└─────────────────┴──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

winged jewelBOT Mar 7, 2026, 2:53 AM

#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

zenith mortarBOT Mar 7, 2026, 2:57 AM

#

That tool list (message, sessions_list, sessions_history, sessions_send, session_status) matches tools.profile: "messaging" exactly. In that profile, OpenClaw intentionally does not expose runtime/automation tools (so no exec, no cron, no gateway restart).

1) Confirm what the second Mac is running with

On the second Mac mini, run:

openclaw config file
openclaw config get tools.profile
openclaw config get tools.allow
openclaw config get tools.deny

If it prints messaging, that’s the whole reason you’re seeing that “shell execution tool not exposed” message.

2) Fix: enable the tools you actually want

Option A (recommended): allow automation without giving full shell access
This enables “restart gateway” + cron management via the typed tools (gateway + cron), without enabling arbitrary shell:

#

openclaw config set tools.profile messaging
openclaw config set tools.allow '["group:automation"]' --strict-json
openclaw gateway restart

Option B: also allow shell execution (exec/process)
If you explicitly want the bot to run terminal commands:

openclaw config set tools.profile messaging
openclaw config set tools.allow '["group:automation","group:runtime"]' --strict-json
openclaw gateway restart

Option C: no restrictions

#

openclaw config set tools.profile full
openclaw gateway restart

After the restart, start a fresh chat session (/new) so the tool list is regenerated.

3) Important safety note (Discord)

Before enabling group:runtime (shell) in a Discord server channel, make sure your Discord access control is tight (allowlist your user, require mention, etc.). Otherwise you’re effectively giving “run commands on your Mac” to anyone who can talk to the bot.

Docs:

Tools / tool profiles: https://docs.openclaw.ai/tools
Discord access control: https://docs.openclaw.ai/channels/discord

If you paste the output of openclaw config get tools.profile from both Macs, I can tell you exactly what differs.

plush venture Mar 7, 2026, 4:06 AM

#

it worked. now it asks for node access every time on mac. how to make it auto accept?

zenith mortarBOT Mar 7, 2026, 4:07 AM

#

That prompt is the node exec-approvals safety interlock: your Mac node is currently set to “ask” for commands instead of auto-running them.

You have two sane ways to stop the constant prompts:

Option A (recommended): allowlist + “ask on miss”

This will only ask the first time it sees a new executable, then stop nagging once it’s allowlisted.

Find your node id/name:

openclaw nodes status

See what the node’s approvals policy is right now:

openclaw approvals get --node <id|name|ip>

#

Add the executables you keep getting prompted for (examples):

openclaw approvals allowlist add --node <id|name|ip> "/usr/bin/uname"
openclaw approvals allowlist add --node <id|name|ip> "/usr/bin/sw_vers"

Also: when the macOS prompt appears, there’s usually an “Always allow” choice — pick that, and it’ll add an allowlist entry so it won’t ask again for that binary.

Option B (dangerous): auto-accept everything (no prompts)

This effectively gives your Gateway silent command execution on that Mac node.

Edit the node’s ~/.openclaw/exec-approvals.json (on the Mac) so the agent is set to security:"full" + ask:"off", or push a file via CLI:

openclaw approvals set --node <id|name|ip> --file ./exec-approvals.json

#No shell access for my OpenClaw

1) Confirm what the second Mac is running with

2) Fix: enable the tools you actually want

3) Important safety note (Discord)

Option A (recommended): allowlist + “ask on miss”

Option B (dangerous): auto-accept everything (no prompts)