[BUG] apply-seccomp loses executable permission on every session launch (WSL2 / npm via nvm)

Resolved 💬 3 comments Opened Apr 10, 2026 by K8theGreat99 Closed Apr 14, 2026

Preflight Checklist

  • [x] I have searched existing issues and this hasn't been reported yet
  • [x] This is a single bug report (please file separate reports for different bugs)
  • [x] I am using the latest version of Claude Code

What's Wrong?

On WSL2 (Ubuntu), the apply-seccomp binary at vendor/seccomp/x64/apply-seccomp loses its executable permission on every new Claude Code session. Running chmod +x on the binary fixes it for that session, but the next time Claude Code launches, the file has been rewritten (confirmed via timestamp change) and the executable bit is gone again. This causes all Bash tool commands to fail.

This started after updating to a version that ships the apply-seccomp helper (per changelog: "Linux sandbox now ships the apply-seccomp helper in both npm and native builds"). Prior versions worked fine with no sandbox errors.

ls -l after a fresh session launch shows -rw-r--r-- (no executable bit) with a new timestamp, confirming the file was rewritten without the executable bit set.

What Should Happen?

The apply-seccomp binary should retain its executable permission across sessions, or the startup/update process should set the executable bit after extracting/rewriting the file.

Error Messages/Logs

Error: Exit code 126
/bin/bash: line 4: /home/<user>/.nvm/versions/node/v25.6.0/lib/node_modules/@anthropic-ai/claude-code/vendor/seccomp/x64/apply-seccomp: Permission denied

Steps to Reproduce

  1. Install Claude Code globally via npm on WSL2 using nvm
  2. Run chmod +x on vendor/seccomp/x64/apply-seccomp
  3. Confirm Bash tool commands succeed
  4. Close the session and open a new Claude Code session
  5. All Bash tool commands fail with exit code 126 / Permission denied
  6. ls -l on the binary shows -rw-r--r-- (no executable bit) and a fresh timestamp

Claude Model

Opus

Is this a regression?

Yes, this worked in a previous version

Last Working Version

2.1.87

Claude Code Version

2.1.100

Platform

Anthropic API

Operating System

Ubuntu/Debian Linux

Terminal/Shell

WSL (Windows Subsystem for Linux)

Additional Information

  • Not sure exactly which was the last working Claude Code version. Problem started today, 4-10-26
  • Installed via npm (global, via nvm); Node v25.6.0
  • The binary is on the native Linux filesystem (not /mnt/c/), so this is not a Windows filesystem permission issue
  • stat confirms the file is a regular file, not a symlink
  • The file timestamp changes between sessions (e.g., rewritten at 09:28 after being chmod'd at 08:57), suggesting Claude Code re-extracts or overwrites the binary on launch or during auto-update
  • Current workaround: a shell alias in .bashrc that runs chmod +x on the binary before every launch

View original on GitHub ↗

This issue has 3 comments on GitHub. Read the full discussion on GitHub ↗