On every restart of the gateway, OpenClaw seems to lose all granted OSX permissions (folders, full disk access, etc) and I have to re-grant it everything.
Is there a way to avoid this?
OSX Tahoe 26.4.1, running OpenClaw 2026.5.7 (eeef486)
#permissions on osx
buoyant vale
teal hingeBOT
Yes — the main thing is to avoid changing the macOS TCC identity that macOS granted.
macOS ties permissions to the app/process identity: code signature + bundle id + on-disk path. If OpenClaw is being run from an unsigned/ad-hoc build, a rebuilt app, a changing path, or a newly spawned background process identity, macOS can treat it as “new” and you get the permission dance again.
Practical fixes:
- Prefer the signed macOS app from a stable path, and grant permissions to that app. The macOS app is intended to own the TCC-facing work.
- If you’re running from source/dev builds, use a real Apple signing identity and keep the app at the same path. Ad-hoc signing is fragile for TCC.
- For gateway restarts, try:
The docs say plainopenclaw gateway restart --saferestartkeeps service-manager behavior;--safeasks the running Gateway to coordinate the restart instead. That matters on macOS because a full launchd kickstart/new process can cause TCC pain. - If the stale prompts are already wedged, remove the old OpenClaw entries in System Settings → Privacy & Security, then relaunch from the stable app path and re-grant once. If needed, reset TCC for the bundle id.
Docs: https://docs.openclaw.ai/platforms/mac/permissions and https://docs.openclaw.ai/cli/gateway#restart-the-gateway