The reason the script run_in_container.sh might override your --approval-mode flag by hardcoding a different value, such as --full-auto, is due to the way that the script was implemented or configured to ensure a specific startup behavior when running inside a container environment. This behavior has been observed notably in certain applications or versions where the script includes a literal --full-auto parameter in its command line invocation, which then overrides any user-provided --approval-mode argument.
Here is a detailed explanation of why this happens, how the script interacts with flags, and why such an override might be in place, based on current reports and technical community discussions:
Hardcoding of Approval Mode in run_in_container.sh
The script run_in_container.sh includes a hardcoded --full-auto flag (or other fixed approval mode parameters) within its execution commands. This means that no matter what the user passes to the script via the command line with the --approval-mode flag, the script forcibly sets the approval mode to full-auto during container startup. This causes the user-provided approval mode value to be effectively ignored.
- This has been explicitly reported as a bug in at least one issue tracker where users wanted to pass --approval-mode suggest or other values but observed that Codex always started in full-auto mode nonetheless.
- The hardcoded parameter was introduced or maintained in the script possibly to simplify running the application within containers where full automation or full approval might be deemed necessary for smooth execution without interactive approval pauses.
Reasons Behind the Hardcoding Override
1. Container Environment Simplification: Containers often serve as isolated, repeatable execution environments where interaction or partial approval modes can cause blockages or failure. Hardcoding full-auto mode ensures that the containerized application runs uninterrupted with automated approvals.
2. Legacy or Stability Purposes: The override may originate from an older design decision where container runs were strictly limited to full-auto approval mode for stability or security reasons. This could prevent accidental operation modes that require manual approval or user interaction which are less feasible in containers.
3. Unintentional Consequence or Oversight: Sometimes scripts get updated with hardcoded flags for testing or temporary adjustments that remain in place unintentionally. This might be the case if the option wasn't meant to be hardcoded long term but wasn't removed in subsequent updates.
4. Lack of Dynamic Override Handling: The script might not be parsing or dynamically incorporating user flags correctly, instead relying on a fixed command line string or command construction where some arguments are appended or hardcoded without conditional handling.
Technical Explanation in Usage Context
- When run_in_container.sh is executed, it typically launches Docker or another container runtime with specific command line parameters, including flags passed internally.
- If the script explicitly includes `--full-auto` inside its command invocation or environment configuration, Docker or the container runtime receives these flags.
- When the contained application (like Codex) starts, it reads the flags and sets the approval mode accordingly. Because `--full-auto` appears in its invocation, it takes precedence due to being passed last or being embedded in the script call.
- User-passed command line options like `--approval-mode suggest` are either discarded by the script or overridden by the fixed full-auto parameter within the container launch command line.
Example from Community Issue Discussions
A concrete example reported in a public GitHub issue shows the exact situation:
shell
run_in_container.sh --work-dir ~/dev/ai/codex "Hello world" --approval-mode suggest --model o3
Despite passing `--approval-mode suggest`, the output banner shows:
approval: full-auto
Investigation revealed the script has a hardcoded `--full-auto` flag that supersedes user input. The proposed fix was to remove this literal from the script's command line construction so the user's `--approval-mode` flag could have effect.
Possible Solutions and Workarounds
- Editing the Script: Removing the hardcoded flag from run_in_container.sh can restore expected behavior, allowing user flags to work. This might require understanding the script's flow to ensure nothing else implicitly forces full-auto.
- Mounting Configuration Files: Another enhancement discussed in related issues is mounting the user config directory (`~/.codex`) into the container so that configuration files inside the container reflect user choices including approval mode.
- Explicit Argument Passing Adjustments: Make sure the user flags are passed after the container invocation and are properly incorporated by the script, avoiding any overrides from fixed literals.
Broader Context of Flag Overrides in Container Scripts
This kind of override is not unusual with container launch scripts. Because containers define whole execution environments, scripts that automate their launch sometimes enforce specific runtime parameters for consistency or security. As a result:
- User-supplied flags may be ignored if a script or Dockerfile prescribes certain start-up parameters.
- Entrypoint scripts or container commands that embed flags directly will have priority.
- Override behavior can also come from environment variables, configuration files, or default settings baked into container images or scripts.
Technical Details on How Docker and Shell Scripts Influence This
- Docker's `ENTRYPOINT` and `CMD` directives define executable and parameters; these can be overridden at runtime but defaults prevail in scripts.
- Shell scripts (like run_in_container.sh) build command lines for Docker run commands, so hardcoded literals appear as fixed arguments.
- If a script does not parse input flags (like `--approval-mode`) correctly or appends positional arguments after fixed flags, user flags may be shadowed.
- Docker run commands accept arguments after the image name as command parameters; scripts must handle these correctly to pass user flags downstream.
In summary, run_in_container.sh overrides the `--approval-mode` flag because it includes a hardcoded parameter like `--full-auto` in its container launch commands. This override likely exists to enforce a non-interactive, automated approval mode common to containerized environments but can inadvertently ignore user preferences. Fixing this involves modifying the script to respect user flags and allowing proper flag parsing and forwarding so the intended approval mode takes effect.
This explanation covers the why and how of the override issue in technical depth based on recent reports and common container scripting principles and offers insight into resolving or working around this behavior.