fix(exec): avoid shell startup-file env overrides

NewdlDewdl · NewdlDewdl · commit ff642cfd2c85 · 2026-04-22T04:43:22.000-05:00
diff --git a/src/agents/shell-utils.test.ts b/src/agents/shell-utils.test.ts
@@ -56,28 +56,39 @@ describe("getShellConfig", () => {
   it("prefers bash when fish is default and bash is on PATH", () => {
     const binDir = createTempCommandDir(tempDirs, [{ name: "bash" }]);
     process.env.PATH = binDir;
-    const { shell } = getShellConfig();
+    const { shell, args } = getShellConfig();
     expect(shell).toBe(path.join(binDir, "bash"));
+    expect(args).toEqual(["--noprofile", "--norc", "-c"]);
   });
 
   it("falls back to sh when fish is default and bash is missing", () => {
     const binDir = createTempCommandDir(tempDirs, [{ name: "sh" }]);
     process.env.PATH = binDir;
-    const { shell } = getShellConfig();
+    const { shell, args } = getShellConfig();
     expect(shell).toBe(path.join(binDir, "sh"));
+    expect(args).toEqual(["-c"]);
   });
 
   it("falls back to env shell when fish is default and no sh is available", () => {
     process.env.PATH = "";
-    const { shell } = getShellConfig();
+    const { shell, args } = getShellConfig();
     expect(shell).toBe("/usr/bin/fish");
+    expect(args).toEqual(["-c"]);
+  });
+
+  it("uses zsh no-rc mode to avoid startup-file env overrides", () => {
+    process.env.SHELL = "/bin/zsh";
+    const { shell, args } = getShellConfig();
+    expect(shell).toBe("/bin/zsh");
+    expect(args).toEqual(["-f", "-c"]);
   });
 
   it("uses sh when SHELL is unset", () => {
     delete process.env.SHELL;
     process.env.PATH = "";
-    const { shell } = getShellConfig();
+    const { shell, args } = getShellConfig();
     expect(shell).toBe("sh");
+    expect(args).toEqual(["-c"]);
   });
 
   it("falls back to sh on PATH when SHELL is /usr/bin/false", () => {
diff --git a/src/agents/shell-utils.ts b/src/agents/shell-utils.ts
@@ -38,17 +38,18 @@ export function resolvePowerShellPath(): string {
   return "powershell.exe";
 }
 
-// Non-interactive placeholder shells that reject "-c"-style invocations.
-// macOS LaunchDaemon service users commonly use /usr/bin/false so login sessions
-// cannot be opened; honoring SHELL in that case causes every exec to exit 1.
-// See https://github.com/openclaw/openclaw/issues/69077.
-const NON_INTERACTIVE_SHELLS = new Set(["false", "nologin"]);
+function resolvePosixShellArgs(shellPath: string): string[] {
+  const shellName = normalizeShellName(shellPath);
 
-function isNonInteractiveShell(shellPath: string): boolean {
-  if (!shellPath) {
-    return false;
+  // Keep exec commands deterministic: avoid user startup files overriding inherited
+  // daemon environment variables (for example launchd-provided secrets on macOS).
+  if (shellName === "zsh") {
+    return ["-f", "-c"];
   }
-  return NON_INTERACTIVE_SHELLS.has(path.basename(shellPath));
+  if (shellName === "bash") {
+    return ["--noprofile", "--norc", "-c"];
+  }
+  return ["-c"];
 }
 
 export function getShellConfig(): { shell: string; args: string[] } {
@@ -71,20 +72,15 @@ export function getShellConfig(): { shell: string; args: string[] } {
   if (shellName === "fish") {
     const bash = resolveShellFromPath("bash");
     if (bash) {
-      return { shell: bash, args: ["-c"] };
+      return { shell: bash, args: resolvePosixShellArgs(bash) };
     }
     const sh = resolveShellFromPath("sh");
     if (sh) {
-      return { shell: sh, args: ["-c"] };
+      return { shell: sh, args: resolvePosixShellArgs(sh) };
     }
   }
-  if (envShell) {
-    return { shell: envShell, args: ["-c"] };
-  }
-  // Placeholder SHELL (or unset): prefer a resolved sh/bash on PATH so we do not
-  // re-invoke the placeholder and get a spurious exitCode=1.
-  const sh = resolveShellFromPath("sh") ?? resolveShellFromPath("bash");
-  return { shell: sh ?? "sh", args: ["-c"] };
+  const shell = envShell && envShell.length > 0 ? envShell : "sh";
+  return { shell, args: resolvePosixShellArgs(shell) };
 }
 
 export function resolveShellFromPath(name: string): string | undefined {
