macOS fallback — DefenseClaw

Overview

OpenShell standalone sandbox setup is Linux-only in the current Python CLI. defenseclaw sandbox init and defenseclaw sandbox setup both reject non-Linux platforms.

What works on macOS

• DefenseClaw can still run in host mode.
• Guardrail inspection, scanners, policy evaluation, audit storage, and webhook/audit sinks remain available when configured.
• The Go OpenShell process check has a macOS-compatible ps fallback for PID validation, but that is not the same as supported standalone sandbox setup.

What does not work on macOS

• scripts/install-openshell-sandbox.sh exits unless uname -s is Linux.
• The Python sandbox init/setup commands exit with an error on non-Linux systems.
• The gateway CLI sandbox lifecycle commands wrap systemd and are therefore Linux/systemd-oriented.

What works on Windows

The source in this repo does not implement a Windows sandbox fallback.

What does not work on Windows

• OpenShell standalone setup.
• systemd lifecycle wrappers.
• The Linux installer script.

Implications

For production deployments that depend on OpenShell isolation, run the gateway and sandbox on Linux. For developer machines on macOS or Windows, use the non-sandboxed DefenseClaw controls and avoid presenting sandbox isolation as active.

Detection

defenseclaw sandbox init

On non-Linux hosts, the command exits with a Linux-required error. There is no macos-fallback or windows-fallback mode string in the current sandbox CLI.

Related

• Sandbox overview
• Install
• Firewall