refactor: make bubblewrap the default Linux sandbox (#13996)

## Summary - make bubblewrap the default Linux sandbox and keep `use_legacy_landlock` as the only override - remove `use_linux_sandbox_bwrap` from feature, config, schema, and docs surfaces - update Linux sandbox selection, CLI/config plumbing, and related tests/docs to match the new default - fold in the follow-up CI fixes for request-permissions responses and Linux read-only sandbox error text
2026-04-30 09:26:44 +00:00 · 2026-03-11 23:31:18 -07:00
parent b5f927b973
commit 04892b4ceb
29 changed files with 184 additions and 222 deletions
--- a/codex-rs/core/tests/suite/approvals.rs
+++ b/codex-rs/core/tests/suite/approvals.rs
@@ -1321,7 +1321,7 @@ fn scenarios() -> Vec<ScenarioSpec> {
            expectation: Expectation::FileNotCreated {
                target: TargetPath::Workspace("ro_never.txt"),
                message_contains: if cfg!(target_os = "linux") {
-                    &["Permission denied"]
+                    &["Permission denied|Read-only file system"]
                } else {
                    &[
                        "Permission denied|Operation not permitted|operation not permitted|\
@@ -1468,7 +1468,7 @@ fn scenarios() -> Vec<ScenarioSpec> {
            expectation: Expectation::FileNotCreated {
                target: TargetPath::OutsideWorkspace("ww_never.txt"),
                message_contains: if cfg!(target_os = "linux") {
-                    &["Permission denied"]
+                    &["Permission denied|Read-only file system"]
                } else {
                    &[
                        "Permission denied|Operation not permitted|operation not permitted|\
@@ -2290,20 +2290,17 @@ allow_local_binding = true
        test.config.permissions.network.is_some(),
        "expected managed network proxy config to be present"
    );
-    let runtime_proxy = test
-        .session_configured
+    test.session_configured
        .network_proxy
        .as_ref()
        .expect("expected runtime managed network proxy addresses");
-    let proxy_addr = runtime_proxy.http_addr.as_str();

    let call_id_first = "allow-network-first";
-    // Use the same urllib-based pattern as the other network integration tests,
-    // but point it at the runtime proxy directly so the blocked host reliably
-    // produces a network approval request without relying on curl.
-    let fetch_command = format!(
-        "python3 -c \"import urllib.request; proxy = urllib.request.ProxyHandler({{'http': 'http://{proxy_addr}'}}); opener = urllib.request.build_opener(proxy); print('OK:' + opener.open('http://codex-network-test.invalid', timeout=30).read().decode(errors='replace'))\""
-    );
+    // Use urllib without overriding proxy settings so managed-network sessions
+    // continue to exercise the env-based proxy routing path under bubblewrap.
+    let fetch_command =
+        "python3 -c \"import urllib.request; opener = urllib.request.build_opener(urllib.request.ProxyHandler()); print('OK:' + opener.open('http://codex-network-test.invalid', timeout=30).read().decode(errors='replace'))\""
+            .to_string();
    let first_event = shell_event(
        call_id_first,
        &fetch_command,