Skip to content

fix: allow permissionMode to override yolo in claude_code provider#322

Open
zz327455573 wants to merge 2 commits into
awslabs:mainfrom
zz327455573:fix/claude-code-yolo-root
Open

fix: allow permissionMode to override yolo in claude_code provider#322
zz327455573 wants to merge 2 commits into
awslabs:mainfrom
zz327455573:fix/claude-code-yolo-root

Conversation

@zz327455573

@zz327455573 zz327455573 commented Jun 22, 2026

Copy link
Copy Markdown

Problem

When running CAO as root/sudo with a third-party model (e.g. LongCat via custom ANTHROPIC_BASE_URL), the yolo mode unconditionally passes --dangerously-skip-permissions to Claude Code. Claude Code refuses this flag under root privileges with:

--dangerously-skip-token-permissions cannot be used with root/sudo privileges for security reasons

This causes Claude Code initialization to hang and eventually time out (30s).

Root Cause

In claude_code.py line 167, the condition was:

if profile and profile.permissionMode and not yolo:

When yolo=True (allowedTools: ["*"] in profile), the code always fell through to the else branch which passed --dangerously-skip-permissions — a flag that Claude Code rejects under root.

Fix

Changed the condition so profile.permissionMode always takes precedence regardless of yolo mode:

if profile and profile.permissionMode:
    command_parts = ["claude", "--permission-mode", profile.permissionMode]
elif yolo:
    command_parts = ["claude"]
else:
    command_parts = ["claude", "--dangerously-skip-permissions"]

Users running as root can now set permissionMode: auto or permissionMode: bypassPermissions in their agent profile to avoid the blocked flag.

Test Plan

  • Verified on root user with LongCat (third-party Anthropic-compatible endpoint)
  • CAO headless task completes successfully (Claude Code auto-accepts tool calls)
  • Non-root user with --dangerously-skip-token-permissions still works (unchanged path)

@zz327455573
fix: allow permissionMode to override yolo in claude_code provider
147b8c9 
When running as root/sudo, Claude Code refuses --dangerously-skip-permissions.
The yolo mode was unconditionally passing that flag, causing initialization to fail.
This change lets profile.permissionMode take precedence over yolo, so users can
configure 'auto' or 'bypassPermissions' to avoid the blocked flag.
@haofeif haofeif requested a review from Copilot June 23, 2026 03:13
Copilot AI reviewed Jun 23, 2026
View reviewed changes

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adjusts how the Claude Code provider selects its base permission flags so agent profile permissionMode can override “yolo” behavior, avoiding Claude Code startup failures when run under root/sudo.

Changes:

  • Updates _build_claude_command() to prioritize profile.permissionMode even when allowedTools: ["*"] (yolo) is active.
  • Changes the yolo path to omit --dangerously-skip-permissions (intended to avoid root/sudo rejection).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread src/cli_agent_orchestrator/providers/claude_code.py
Comment on lines +169 to +172
elif yolo:
# yolo mode: no --dangerously-skip-permissions flag because
# Claude Code refuses it under root/sudo. Let CAO handle permissions.
command_parts = ["claude"]
@haofeif haofeif added the bug Something isn't working label Jun 23, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@zz327455573 @haofeif