apply_patch fails in Android repo subprojects when .git is a symlink to a directory (`bwrap: .../.git: Is a directory`)

[yangxiang92]

What issue are you seeing?

On Linux, apply_patch fails when editing files inside an Android repo tool managed subproject whose .git entry is a symlink to a directory under .repo/projects/....

The failure happens in Codex's sandboxed apply_patch path and produces an error like:

bwrap: Can't create file at /path/to/subproject/.git: Is a directory

Example Android repo layout:

workspace/
  .repo/projects/<subproject>.git/
  <subproject>/.git -> ../.repo/projects/<subproject>.git

Important detail: calling the apply_patch binary directly from the shell succeeds. The failure appears when the apply_patch tool is executed through Codex's Linux sandbox / bubblewrap path.

Environment observed on my side:

codex-cli 0.117.0
bubblewrap 0.6.1
Linux 6.8.0-106-generic x86_64 GNU/Linux

What steps can reproduce the bug?

1. Use Linux and run Codex CLI in workspace-write mode.
2. Work inside a checkout managed by the Android repo tool.
3. Enter a subproject whose .git is a symlink to a directory under .repo/projects/....
4. Ask Codex to use apply_patch on any file in that subproject.
5. Observe the sandbox setup failure:

bwrap: Can't create file at .../.git: Is a directory

Minimal bwrap reproducer:

mkdir -p /tmp/repro/workspace/subproject /tmp/repro/workspace/gitdir
ln -s ../gitdir /tmp/repro/workspace/subproject/.git
bwrap --ro-bind / / --ro-bind /dev/null /tmp/repro/workspace/subproject/.git -- true

This reproduces:

bwrap: Can't create file at /tmp/repro/workspace/subproject/.git: Is a directory

What is the expected behavior?

apply_patch should not fail just because a protected path like .git is a symlink to a directory.

Codex should either:

• mask that protected path in a way compatible with bwrap, or
• fall back to a different safe masking strategy for symlinked directory targets.

Additional information

This looks like a Linux sandbox bug rather than an Android repo project bug.

The likely root cause is in codex-rs/linux-sandbox/src/bwrap.rs:

• append_read_only_subpath_args()
• append_unreadable_root_args()

Today, symlinked protected paths are masked with:

--ro-bind /dev/null <symlink-path>

That works for symlinks to files, but not for symlinks to directories. When the symlink target is a directory, bubblewrap follows it and aborts with:

Is a directory

A likely fix is to branch on the resolved target type:

• symlink to file: keep using a file-style mask such as /dev/null
• symlink to directory: use a directory-style read-only mask instead of /dev/null

This is a realistic trigger for Android repo workspaces because subprojects commonly have:

subproject/.git -> ../.repo/projects/<subproject>.git

This is not specific to any one private codebase. It should affect any workspace managed by the Android repo tool where subprojects use the standard .git -> ../.repo/projects/... layout.

[github-actions]

Potential duplicates detected. Please review them and close your issue if it is a duplicate.

• Linux sandbox fails with "bwrap: Can't create file ... Is a directory" when protected workspace path is a symlinked directory #15725

Powered by Codex Action

[yangxiang92]

Confirmed duplicated issue. Close this one.