Node questions - permissions, when to use, etc. | Friends of the Crustacean 🦞🤝 | Page 1

lyric plinth · 2026-04-26T17:58:25.060Z

Hi I've been building with OpenClaw for a few months. One thing that confuses me still is the purpose of Node. Some of my workflows require node, some do not. But the thing that is bothersome is when my agent spawns a new Node instead of using the instance I boot via launchd with my gateway (aka "sticky node). When the agent (or subagent) spawns a new node, that node requests permissions from the OS. The issue with this is: It's a soft blocker to true autonomy. My main agent suggests that all the agents need to be assigned to the Node as the default to avoid this recurring permissions nightmare: "Important finding from the official OpenClaw docs plus local verification: - OpenClaw docs say host=auto never implicitly selects a node. It resolves to sandbox when sandboxing is active, otherwise gateway. - OpenClaw docs also say you must explicitly set tools.exec.host=node and bind tools.exec.node to make a node the default exec lane. - Local verification shows the current ~/.openclaw/openclaw.json still routes both main and miley through gateway, not node. That means the fresh-node / wrong-approval behavior is not just a docs problem. The live config is still inconsistent with the sticky-node contract. The docs are now explicit about that contract, but the actual routing defaults still need to be changed in config if we want agents/subagents to default to the sticky node." --- OpenClaw version: 2026.4.14 MacOS: 26.4.1 node 22.22.2 --- My questions: 1. Is my agent correct about this? 2. If I bind my agents to Node, what are the tradeoffs vs just having them use the Gateway? 3. What is the purpose of Node and why is it such a pain?

lyric plinth Apr 26, 2026, 5:58 PM

#

Hi @opaque marlin I've been building with OpenClaw for a few months. One thing that confuses me still is the purpose of Node. Some of my workflows require node, some do not. But the thing that is bothersome is when my agent spawns a new Node instead of using the instance I boot via launchd with my gateway (aka "sticky node). When the agent (or subagent) spawns a new node, that node requests permissions from the OS.

The issue with this is: It's a soft blocker to true autonomy.

My main agent suggests that all the agents need to be assigned to the Node as the default to avoid this recurring permissions nightmare:

"Important finding from the official OpenClaw docs plus local verification:

OpenClaw docs say host=auto never implicitly selects a node. It resolves to sandbox when sandboxing is active, otherwise gateway.
OpenClaw docs also say you must explicitly set tools.exec.host=node and bind tools.exec.node to make a node the default exec lane.
Local verification shows the current ~/.openclaw/openclaw.json still routes both main and miley through gateway, not node.

That means the fresh-node / wrong-approval behavior is not just a docs problem. The live config is still inconsistent with the sticky-node contract. The docs are now explicit about that contract, but the actual routing defaults still need to be changed in config if we want agents/subagents to default to the sticky node."

OpenClaw version: 2026.4.14
MacOS: 26.4.1
node 22.22.2

My questions:

Is my agent correct about this?
If I bind my agents to Node, what are the tradeoffs vs just having them use the Gateway?
What is the purpose of Node and why is it such a pain?

stoic estuaryBOT Apr 26, 2026, 5:58 PM

#

To help others find answers, you can mark your question as solved via Right click solution message -> Apps -> ✅ Mark Solution

lyric plinth Apr 26, 2026, 5:58 PM

#

@opaque marlin ?

#

@opaque marlin are you there, friend?

civic aurora Apr 26, 2026, 6:10 PM

#

lyric plinth <@1457407575476801641> are you there, friend?

#announcements

#

i can help.

#

i'm basically a sassier version of krill

#

whaddya mean by "Node"

#

do you mean THAT Node or openclaw nodes

lyric plinth Apr 26, 2026, 6:14 PM

#

civic aurora do you mean THAT Node or openclaw nodes

OpenClaw Node infrastructure

civic aurora Apr 26, 2026, 6:15 PM

#

lyric plinth OpenClaw Node infrastructure

so basically nodes

#

not

#

javascript node

lyric plinth Apr 26, 2026, 6:18 PM

#

civic aurora so basically nodes

Yep.

lyric plinth Apr 26, 2026, 6:48 PM

#

@opaque marlin ?

lyric plinth Apr 27, 2026, 2:20 AM

#

@opaque marlin are you back?

opaque marlinBOT Apr 27, 2026, 2:21 AM

#

Yep, I’m back 🦐 — and I checked the docs before answering.

Short version: your agent is mostly correct.

host=auto does not mean “use my sticky Node.”
It means: sandbox if sandboxed, otherwise Gateway. To make exec default to your Node, set:

openclaw config set tools.exec.host node
openclaw config set tools.exec.node "<node-id-or-name>"

or per agent via that agent’s tools.exec.*.

Docs: https://docs.openclaw.ai/nodes and https://docs.openclaw.ai/tools/exec

Tradeoff vs Gateway

#

Gateway exec: simpler, fewer moving parts, runs where the Gateway runs.
- Node exec: better when the Gateway is remote/VPS/sandboxed and you need your Mac’s local files, browser, app permissions, screen/camera/UI automation, etc.
- Downside: Node must stay connected, paired, correctly named, and its own approvals/env/allowlists matter. If the Node identity changes, macOS may prompt again.

Purpose of Node
Node is a device/host extension, not another Gateway. The Gateway is the brain/control plane; Nodes expose local device capabilities: system.run, browser proxy, canvas, screen/camera, notifications, etc.

The “pain” is mostly from macOS permissions + identity boundaries. If a fresh process/node identity appears, macOS treats it like a new actor and asks again. The goal is to keep one stable launchd Node service with one stable node id/name, then point agents at it explicitly.

One caveat: I would not say all agents must use Node. I’d bind only the agents/workflows that actually need Mac-local execution or TCC/browser/UI permissions. For pure chat/research/Gateway-side work, Gateway is simpler.

lyric plinth Apr 27, 2026, 2:34 AM

#

@opaque marlin thank you. Glad you’re back. I am adding another agent that will need Node to run most of its workflows. In that case, I would want to set the host to node for that agent only, correct?

opaque marlinBOT Apr 27, 2026, 2:35 AM

#

Correct — for that case I’d set Node as the exec host for that agent only, not globally.

Key detail: set both:

openclaw config get agents.list
openclaw config set agents.list[<index>].tools.exec.host node
openclaw config set agents.list[<index>].tools.exec.node "<sticky-node-id-or-name>"

tools.exec.node chooses which node, but tools.exec.host=node is what makes exec default to Node for that agent.

I’d also keep its policy explicit, e.g.:

openclaw config set agents.list[<index>].tools.exec.security allowlist

#

openclaw config set agents.list[<index>].tools.exec.ask on-miss
openclaw config validate

Then restart the gateway if the running daemon doesn’t pick up the config change.

One caveat for subagents: the config applies to the agent profile that actually runs the child. So if this new agent spawns subagents under itself, good. If it spawns a different target agent, configure that target agent too, or make the spawn explicitly use the Node-bound agent.

Docs: https://docs.openclaw.ai/tools/exec and https://docs.openclaw.ai/cli/config

#Node questions - permissions, when to use, etc.