macOS Seatbelt sandbox missing write access to ~/.claude.json and ~/.claude #2
Description
The macOS SeatbeltSandbox implementation doesn't include ~/.claude.json and ~/.claude directory in the writable paths, causing Claude Code to fail with EPERM: operation not permitted when trying to write its config file.
The Linux BubblewrapSandbox correctly binds these paths:
"--bind", claudeJson, path.join(home, ".claude.json"),
"--bind", claudeConfig, path.join(home, ".claude"),
But SeatbeltSandbox.wrap() only adds PROJECT_DIR, TMPDIR, LOGFILE_DIR, and SLASH_TMP to writablePaths.
To Reproduce
- Run claudebox
- Claude Code crashes when trying to write ~/.claude.json
Expected behavior
Claude Code should start successfully with write access to its config files (~/.claude.json and ~/.claude/).
System information
- claudebox: b65806c (2025-12-22 from flake)
- claude-code: 2.0.72
- macOS: Darwin 25.2.0 (aarch64)
- Node.js: v22.21.1
Additional context
Error output:
Error: EPERM: operation not permitted, open '/Users/$user/.claude.json'
at Module.openSync (node:fs:561:18)
at file:///nix/store/.../claude-code/cli.js:9:999
...
Suggested fix in SeatbeltSandbox.wrap():
const writablePaths = [
'(subpath (param "PROJECT_DIR"))',
'(subpath (param "TMPDIR"))',
'(subpath (param "LOGFILE_DIR"))',
'(subpath (param "CLAUDE_HOME"))', // Add ~/.claude
'(literal (param "CLAUDE_JSON"))', // Add ~/.claude.json
];
With corresponding -D parameters for the canonical paths.