Bug: tools.exec.security set to "full" in openclaw.json but runtime still returns SYSTEM_RUN_DISABLED. Persists across gateway restarts, full stop/start cycles, and version upgrades (tested on 2026.4.26 and 2026.5.7). Config path confirmed correct. Single config file at ~/.openclaw/openclaw.json.
#Bug: tools.exec.security
pulsar stone
green flameBOT
tame hareBOT
I’d triage this as “effective exec policy is still resolving to security=deny”, not simply “openclaw.json ignored”. I checked current docs/source: SYSTEM_RUN_DISABLED: security=deny is emitted only on that exact effective policy path.
The common gotcha is there are two layers:
- requested config:
tools.exec.security - host-local approvals file:
~/.openclaw/exec-approvals.json
Effective policy is the stricter merge, so a host approvals default/agent entry of security: "deny" can still win over tools.exec.security: "full". Per-agent agents.list[].tools.exec.security can also override global config.
Quick checks:
openclaw config get tools.exec.host
openclaw config get tools.exec.security
openclaw config get tools.exec.ask
openclaw approvals get --gateway
openclaw exec-policy show --json
If tools.exec.host is node, also check the node-side policy:
openclaw approvals get --node <id-or-name>
To force the local/gateway YOLO policy back into alignment:
openclaw config set tools.exec.host gateway
openclaw config set tools.exec.security full
openclaw config set tools.exec.ask off
openclaw approvals set --gateway --stdin <<'EOF'
{
version: 1,
defaults: {
security: "full",
ask: "off",
askFallback: "full"
}
}
EOF
openclaw gateway restart
If openclaw approvals get --gateway already reports effective security=full for the active agent and you still get SYSTEM_RUN_DISABLED, that’s much stronger evidence of a real bug — please file it with the outputs above plus openclaw status --all: https://github.com/openclaw/openclaw/issues