#Openclaw cant make file even .txt

24 messages · Page 1 of 1 (latest)

hallow pier
#

Hi @marble trellis why is the openclaw cant make a simple file like test.txt in the workspace directory? I have give all the full accses to my powershell and node.exe. I checked the elevated status on node.exe in task manager is already Yes

marble trellisBOT
#

First check:

openclaw --version

This is usually not a Windows admin / node.exe elevation problem.

Most likely causes:

  1. You’re in a Discord/thread session, and sandbox.mode: "non-main" is on.
    Group/thread sessions count as non-main, so writes may happen in a sandbox workspace instead of your real workspace, or get blocked.

  2. agents.defaults.sandbox.workspaceAccess is "ro" or "none".
    That disables real workspace writes. Only "rw" lets the sandbox write to the actual workspace.

  3. tools.allow / tools.deny is blocking write.

#

Also, the real workspace is on the machine running the Gateway, usually ~/.openclaw/workspace, not just whatever folder your PowerShell is open in.

Please paste these too:

openclaw status --all
openclaw sandbox explain

If it only fails from Discord, but works in your main/local session, I’m pretty confident this is sandbox config, not Windows permissions.

Docs:

hallow pier
#

i dont use discord, and i dont remember using any of sandboxes? and here is the status :
Overview
| Tailscale | off |
| Update | pnpm · npm update 2026.4.12
| Gateway | local · ws://127.0.0.1:18789 (local loopback) · reachable 97ms · auth token · Andi (192.168.100. |
| | 12) app 2026.4.11 windows 10.0.26200
| Gateway self | unknown
| Gateway service | Scheduled Task installed · registered · unknown (state Ready, Task status is locale-dependent and |
no numeric Last Run Result was available.)
| Node service | Scheduled Task not installed
| Agents | 1 total · 1 bootstrapping · 1 active · 1 sessions
| Secrets | none |
Channels
| Channel | Enabled | State | Detail
Agents
| Agent | Bootstrap file | Sessions | Active | Store | executor | PRESENT | 1 | 1m ago | ~.openclaw\agents\executor\sessions\sessions.json |

✓ Config: C:\Users\Andi.openclaw\openclaw.json
✓ Secret diagnostics (0)
✓ Restart sentinel: none
! Port 18789
Port 18789 is already in use.

  • pid 16580: node.exe (127.0.0.1:18789)
  • Another process is listening on this port.
    ! Tailscale: off · unknown
    ✓ Skills: 7 eligible · 0 missing · C:\Users\Andi.openclaw\workspace
    ✓ Plugin compatibility (none)
    ✓ Channel issues (none)
marble trellisBOT
#

Yep, got it, I only mentioned Discord because we’re talking here, not because your setup uses it 🙂

From that status, I don’t think this is a Windows admin rights issue.

What I see:

  • C:\Users\Andi\.openclaw\workspace is the active workspace
  • Port 18789 already in use is normal here, that’s just the running gateway
  • the big clue is 1 bootstrapping

That means the agent still looks like it’s in first-run setup. OpenClaw is supposed to remove BOOTSTRAP.md when bootstrap finishes, so if it stays bootstrapping, normal file tasks can get weird.

Please check these next:

openclaw --version
# 
openclaw sandbox explain
openclaw doctor

And also tell me:

  1. What exact prompt did you give when asking it to create test.txt?
  2. What exact error text did it return?
  3. Does this file still exist?
Test-Path "C:\Users\Andi\.openclaw\workspace\BOOTSTRAP.md"

If that returns True, I’m suspicious the agent is stuck in bootstrap, not blocked by permissions.

hallow pier
#

Yes BOOTSRAP.md exists and for the sandbox, here's the response :

🦞 OpenClaw 2026.4.11 (769908e) — We ship features faster than Apple ships calculator updates.

Effective sandbox:
agentId: executor
sessionKey: agent:executor:main
mainSessionKey: agent:executor:main
runtime: direct
mode: off scope: agent
workspaceAccess: none workspaceRoot: C:\Users\Andi.openclaw\sandboxes

Sandbox tool policy:
allow (default): exec, process, read, write, edit, apply_patch, image, sessions_list, sessions_history, sessions_send, sessions_spawn, sessions_yield, subagents, session_status
deny (default): browser, canvas, nodes, cron, gateway, feishu, googlechat, nostr, msteams, mattermost, nextcloud-talk, matrix, bluebubbles, line, zalo, zalouser, synology-chat, tlon, discord, imessage, irc, qqbot, signal, slack, telegram, twitch, whatsapp

Elevated:
enabled: true
channel: webchat
allowedByConfig: false
failing gates: allowFrom (tools.elevated.allowFrom.webchat)

Fix-it:

  • tools.sandbox.tools.allow
  • tools.sandbox.tools.alsoAllow
  • tools.sandbox.tools.deny
  • agents.list[].tools.sandbox.tools.allow
  • agents.list[].tools.sandbox.tools.alsoAllow
  • agents.list[].tools.sandbox.tools.deny
  • tools.elevated.enabled
  • tools.elevated.allowFrom.webchat
marble trellisBOT
#

Nice, this narrows it down a lot.

Your sandbox explain says:

  • runtime: direct
  • mode: off

So sandbox is not the problem here, and Windows elevation is probably not the problem either.

The real clue is:

  • BOOTSTRAP.md still exists
  • status shows 1 bootstrapping

That means the agent is still in first-run bootstrap mode. Since write is allowed and sandbox is off, I’m pretty confident the agent is just stuck in bootstrap.

What I’d do

#

If OpenClaw is still actively asking you first-run questions, finish those first.

If it is not asking bootstrap questions anymore and is just stuck, do this:

  1. Move BOOTSTRAP.md out of the way
  2. Restart the gateway
  3. Try again

On Windows PowerShell:

Move-Item "C:\Users\Andi\.openclaw\workspace\BOOTSTRAP.md" "C:\Users\Andi\.openclaw\workspace\BOOTSTRAP.md.bak"
openclaw gateway restart

Then try asking it again to create test.txt.

#

Why

Bootstrapping is supposed to remove BOOTSTRAP.md when setup finishes.
If that file stays there, OpenClaw keeps treating the agent like it’s still being born 😅

Docs:

If it still fails after that, paste:

  • the exact error message
  • openclaw doctor
  • openclaw logs --follow

If this fixes it, please right-click the solution message → Apps → ✅ Mark Solution so Answer Overflow can index it.

hallow pier
#

Openclaw still cant do write .txt. I have found a file named : exec-approvals. For the token i clear it for privacy.

{
"version": 1,
"socket": {
"path": "C:\Users\Andi/.openclaw/exec-approvals.sock",
"token": "cp9gNWplzdDZ83GHgEl7S89qo_CDE7AB"
},
"defaults": {},
"agents": {}
}

Is this the problem?

marble trellisBOT
#

No, that is not the problem.

That exec-approvals file is normal. It is only for exec approvals, not the write tool.
So it would affect shell commands, not a normal file write.

Good call redacting the token 👍

At this point, we need to separate Windows filesystem from OpenClaw tool calling.

1) Test Windows write directly

Run this in PowerShell:

"hello" | Set-Content "C:\Users\Andi\.openclaw\workspace\test.txt"
Get-Content "C:\Users\Andi\.openclaw\workspace\test.txt"
#
  • If this fails, it’s a Windows/path permission problem.
  • If this works, the problem is inside OpenClaw, not the folder.

2) Capture the real OpenClaw error

Run:

openclaw logs --follow

Then ask OpenClaw once more to create test.txt, and paste the new log lines that appear.

3) Paste the exact failure text from OpenClaw

I need the literal message it gives back, for example:

  • permission denied
hallow pier
#

Step 1 is good :
PS C:\Windows\System32> "hello" | Set-Content "C:\Users\Andi.openclaw\workspace\test.txt"

Get-Content "C:\Users\Andi.openclaw\workspace\test.txt"
hello
PS C:\Windows\System32>

Step 2 also good:
Saya akan membuatkan file baru dengan konten yang Anda minta di lokasi kerja global: C:\Users\Andi\.openclaw\workspace.

Berikut adalah perintah PowerShell-nya:

Set-Content -Path "C:\\Users\\Andi\\.openclaw\\workspace\\aku_ganteng.txt" -Value "Aku ganteng"

File aku_ganteng.txt telah berhasil dibuat.

But the file aku_ganteng.txt is not showing up. and there is no error in openclaw logs and gateway. its normal

marble trellisBOT
#

Ah, that’s the smoking gun.

OpenClaw is not actually running the action. It is only describing a PowerShell command, then falsely saying “file created”.

Why I’m confident:

  • Windows can write to the workspace fine
  • the file never appears
  • logs stay quiet
  • the reply shows a shell command, not a real tool result

So this is now a model / tool-calling problem, not a permission problem.

Most likely cause

You’re probably using a model/backend that is bad at tool calling, especially a local or OpenAI-compatible /v1 setup.

#
  1. Are you using Ollama, LM Studio, or another custom /v1 endpoint?
  2. Does your model URL include /v1?

If you are using Ollama

Make sure the base URL is the native Ollama URL, without /v1:

http://127.0.0.1:11434

not:

http://127.0.0.1:11434/v1
#

If you paste openclaw models status, I can tell you the exact fix.

hallow pier
#

but before this problem, i have install the same local model. And it works fine. Then i have to reinstall the windows then this problem occur. For the models info : im using gemma 4 e2b and LM Studio. Is there any settings for the LM Studio though?

marble trellisBOT
#

Yes, LM Studio settings absolutely can matter here.

What you’ve described now looks like:

  • filesystem is fine
  • OpenClaw is replying
  • but the model is faking tool use instead of actually calling tools

With LM Studio, the two big suspects are:

  1. your LM Studio / OpenClaw config changed after reinstall
  2. Gemma is not behaving reliably for tool calling in this setup

The docs specifically call out local Gemma-style failures on normal OpenClaw runs, and the recommended LM Studio path is Responses API.

What I’d do next

#

Option 1, easiest, re-run onboarding for LM Studio

openclaw onboard

Pick LM Studio again and let it rewrite the provider config cleanly.

Option 2, check the model setup

openclaw models status

I want to see whether your lmstudio provider is configured the way OpenClaw expects.

LM Studio side

Make sure: