Why did OpenClaw 2026.4.1 break exec?

The update silently enabled Docker sandbox containerization for all setups without migration guide, startup warning, or documented opt-out. Single-operator setups lost all exec functionality.

How to fix OpenClaw exec not working after 2026.4.1 update?

Manually destroy Docker container with docker rm -f openclaw-sbx-agent-main-*, remove registry entry from ~/.openclaw/sandbox/containers.json, then restart.

OpenClaw sandbox breaks exec workaround

Set tools.exec.security to allowlist instead of deny, destroy persistent sandbox containers, and configure exec-approvals.json (undocumented file).

OpenClaw 2026.4.1 exec approval mechanism broken

Three separate GitHub issues (#58885, #59006, #59855) report the same root cause: sandbox enabled by default with no config to disable it properly.

How to disable OpenClaw sandbox?

tools.exec.ask=off does nothing. Use tools.exec.security=allowlist and manually configure exec-approvals.json. Destroy existing Docker containers first.

← Back to dashboard

clawsmith.com/signal/openclaw-v2026-4-1-exec-sandbox-breaks-all-setups

⚠ IssueWide OpenBugLive

OpenClaw v2026.4.1 Silently Enables Sandbox, Breaks Exec for All Single-Operator Setups

The v2026.4.1 update silently enabled Docker sandbox containerization for all existing setups with no migration guide, no startup warning, and no documented opt-out. Exec completely stopped working for single-operator deployments. Three separate GitHub issues filed (#58885, #59006, #59855) plus community discussion. Workaround requires manually destroying Docker containers.

Product Idea from this Signal

A CLI tool that snapshots your OpenClaw state before updates, runs the upgrade in a sandboxed dry-run against your live config, and auto-rolls back if any health check fails

OpenClaw ships updates every 2-3 days and each one risks breaking exec permissions, crashing the gateway, saturating CPU with plugin loading bugs, or silently deleting cron jobs. Four separate regressions in April 2026 alone (v2026.4.1 sandbox, v2026.4.5 CPU, v2026.4.14 memory timeouts, update command wiping Feishu and crons) hit thousands of self-hosters with no rollback path. The built-in openclaw doctor only validates config schema after the fact. This tool wraps the entire update lifecycle: snapshot state, dry-run the upgrade against your actual agent/cron/channel config, diff the before/after, and block or auto-rollback if anything regresses.

CLIOPEN-SOURCEDEVTOOLSELF-HOSTEDRELIABILITY

CompetitiveView Opportunity →