Skip to content

MacOS strict-open seatbelt profile not available #19275

@westonruter

Description

@westonruter

What happened?

I added to my ~/.bash_profile:

export SEATBELT_PROFILE="strict-open"

When I try launching with sandboxing I get an error:

$ gemini  -s
Fatal error: Failed to relaunch the CLI process.
Error: Missing macos seatbelt profile file '.gemini/sandbox-macos-strict-open.sb'
    at start_sandbox (file:///opt/homebrew/Cellar/gemini-cli/0.28.2/libexec/lib/node_modules/@google/gemini-cli/dist/src/utils/sandbox.js:37:23)
    at file:///opt/homebrew/Cellar/gemini-cli/0.28.2/libexec/lib/node_modules/@google/gemini-cli/dist/src/gemini.js:309:44
    at relaunchOnExitCode (file:///opt/homebrew/Cellar/gemini-cli/0.28.2/libexec/lib/node_modules/@google/gemini-cli/dist/src/utils/relaunch.js:12:36)
    at main (file:///opt/homebrew/Cellar/gemini-cli/0.28.2/libexec/lib/node_modules/@google/gemini-cli/dist/src/gemini.js:309:19)

This does not occur when I have:

export SEATBELT_PROFILE="permissive-open"

According to the docs, strict-open should be valid:

What did you expect to happen?

Gemini CLI should start as normal with strict-open appearing in the footer.

Client information

Client Information

Run gemini to enter the interactive CLI, then run the /about command.

> /about
│ CLI Version                                                 0.28.2                                                                                                         │
│ Git Commit                                                  da5e47ae3                                                                                                      │
│ Model                                                       auto-gemini-3                                                                                                  │
│ Sandbox                                                     sandbox-exec (permissive-open)                                                                                 │
│ OS                                                          darwin                                                                                                         │
│ Auth Method                                                 Logged in with Google 

Login information

Google Account

Anything else we need to know?

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/coreIssues related to User Interface, OS Support, Core Functionalitystatus/need-triageIssues that need to be triaged by the triage automation.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions