openclaw - 💡(How to fix) Fix [Bug]: The command openclaw logs --follow is failing. Could you please help me check what's wrong? [2 comments, 2 participants]

Bug type

Regression (worked before, now fails)

Beta release blocker

No

Summary

It seems like the gateway connection is failing because pairing is required. Here is the output: zentek@spark-2159:/data/spark-openclaw-install$ openclaw logs --follow

咽 OpenClaw 2026.4.1 (da64a97) — Greetings, Professor Falken

gateway connect failed: GatewayClientRequestError: pairing required Gateway not reachable. Is it running and accessible? Gateway target: ws://127.0.0.1:18789 Source: local loopback Config: /home/zentek/.openclaw/openclaw.json Bind: loopback Hint: run openclaw doctor. zentek@spark-2159:/data/spark-openclaw-install$ zentek@spark-2159:/data/spark-openclaw-install$ openclaw gateway status

咽 OpenClaw 2026.4.1 (da64a97) — The lobster in your shell. 咽

│ ◇
Service: systemd (enabled) File logs: /tmp/openclaw/openclaw-2026-04-03.log Command: /usr/bin/node /home/zentek/.npm-global/lib/node_modules/openclaw/dist/index.js gateway --port 18789 Service file: ~/.config/systemd/user/openclaw-gateway.service Service env: OPENCLAW_GATEWAY_PORT=18789

Config (cli): ~/.openclaw/openclaw.json Config (service): ~/.openclaw/openclaw.json

Gateway: bind=loopback (127.0.0.1), port=18789 (service args) Probe target: ws://127.0.0.1:18789 Dashboard: http://127.0.0.1:18789/ Probe note: Loopback-only gateway; only local clients can connect.

Runtime: running (pid 1565744, state active, sub running, last exit 0, reason 0) RPC probe: ok

Listening: 127.0.0.1:18789 Troubles: run openclaw status Troubleshooting: https://docs.openclaw.ai/troubleshooting zentek@spark-2159:/data/spark-openclaw-install$ zentek@spark-2159:/data/spark-openclaw-install$ openclaw gateway status

咽 OpenClaw 2026.4.1 (da64a97) — The lobster in your shell. 咽

│ ◇
Service: systemd (enabled) File logs: /tmp/openclaw/openclaw-2026-04-03.log Command: /usr/bin/node /home/zentek/.npm-global/lib/node_modules/openclaw/dist/index.js gateway --port 18789 Service file: ~/.config/systemd/user/openclaw-gateway.service Service env: OPENCLAW_GATEWAY_PORT=18789

Config (cli): ~/.openclaw/openclaw.json Config (service): ~/.openclaw/openclaw.json

Gateway: bind=loopback (127.0.0.1), port=18789 (service args) Probe target: ws://127.0.0.1:18789 Dashboard: http://127.0.0.1:18789/ Probe note: Loopback-only gateway; only local clients can connect.

Runtime: running (pid 1565744, state active, sub running, last exit 0, reason 0) RPC probe: ok

Listening: 127.0.0.1:18789 Troubles: run openclaw status Troubleshooting: https://docs.openclaw.ai/troubleshooting zentek@spark-2159:/data/spark-openclaw-install$ openclaw status

咽 OpenClaw 2026.4.1 (da64a97) — Running on your hardware, reading your logs, judging nothing (mostly).

│ gateway connect failed: GatewayClientRequestError: pairing required ◇
│ ◇
Secret diagnostics:

• status: failed to resolve channels.feishu.accounts.main.appSecret locally (Environment variable "FEISHU_APP_SECRET" is missing or empty.).
• status: channels.feishu.accounts.main.appSecret is unavailable in this command path; continuing with degraded read-only config.
• status: gateway secrets.resolve unavailable (gateway closed (1008): pairing required Gateway target: ws://127.0.0.1:18789 Source: local loopback Config: /home/zentek/.openclaw/openclaw.json Bind: loopback); attempted local command-secret resolution.

OpenClaw status

Overview ┌──────────────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Item │ Value │ ├──────────────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────┤ │ Dashboard │ http://127.0.0.1:18789/ │ │ OS │ linux 6.14.0-1013-nvidia (arm64) · node 22.22.0 │ │ Tailscale │ off │ │ Channel │ stable (default) │ │ Update │ pnpm · up to date · npm latest 2026.4.1 │ │ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · reachable 24ms · auth token · spark-2159 (10.10.15.176) app │ │ │ 2026.4.1 linux 6.14.0-1013-nvidia │ │ Gateway service │ systemd installed · enabled · running (pid 1565744, state active) │ │ Node service │ systemd not installed │ │ Agents │ 1 · 1 bootstrap file present · sessions 2 · default main active 2m ago │ │ Memory │ 0 files · 0 chunks · sources memory · plugin memory-core · vector unknown · fts ready · cache on (0) │ │ Plugin compatibility │ none │ │ Probes │ skipped (use --deep) │ │ Events │ none │ │ Tasks │ none │ │ Heartbeat │ 30m (main) │ │ Sessions │ 2 active · default Qwen3.5-35B-A3B-FP8 (128k ctx) · ~/.openclaw/agents/main/sessions/sessions.json │ └──────────────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

Security audit Summary: 5 critical · 5 warn · 1 info CRITICAL Exec security=full is configured Full exec trust is enabled for: main. Open channel access was also detected at: - channels.feishu.accounts.default.groupPolicy Fix: Prefer tools.exec.security="allowlist" with ask prompts, and reserve "full" for tightly scoped break-glass agents only. CRITICAL Open channels can reach exec-enabled agents Open DM/group access detected at: - channels.feishu.accounts.default.groupPolicy Exec-enabled scopes: - main: security=full, host=gateway Fix: Tighten dmPolicy/groupPolicy to pairing or allowlist, or disable exec for agents reachable from shared/public channels. CRITICAL Small models require sandboxing and web tools disabled Small models (<=300B params) detected: - vllm/Qwen3.5-35B-A3B-FP8 (35B) @ agents.defaults.model.primary (unsafe; sandbox=off; web=[web_search, web_fetch, brows… Fix: If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode="all") and disable web_search/web_fetch/browser (tools.deny=["group:web","browser"]). CRITICAL Open groupPolicy with elevated tools enabled Found groupPolicy="open" at: - channels.feishu.accounts.default.groupPolicy With tools.elevated enabled, a prompt injection in those rooms can become a high-im… Fix: Set groupPolicy="allowlist" and keep elevated allowlists extremely tight. CRITICAL Open groupPolicy with runtime/filesystem tools exposed Found groupPolicy="open" at: - channels.feishu.accounts.default.groupPolicy Risky tool exposure contexts: - agents.defaults (sandbox=off; runtime=[exec, proces… Fix: For open groups, prefer tools.profile="messaging" (or deny group:runtime/group:fs), set tools.fs.workspaceOnly=true, and use agents.defaults.sandbox.mode="all" for exposed agents. WARN Reverse proxy headers are not trusted gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client c… Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only. … +4 more Full report: openclaw security audit Deep probe: openclaw security audit --deep

Channels ┌──────────┬─────────┬────────┬────────────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Channel │ Enabled │ State │ Detail │ ├──────────┼─────────┼────────┼────────────────────────────────────────────────────────────────────────────────────────────────────────┤ │ Feishu │ ON │ SETUP │ not configured │ └──────────┴─────────┴────────┴────────────────────────────────────────────────────────────────────────────────────────────────────────┘

Sessions ┌─────────────────────────────────────────────────────────────────────────┬────────┬─────────┬─────────────────────┬───────────────────┐ │ Key │ Kind │ Age │ Model │ Tokens │ ├─────────────────────────────────────────────────────────────────────────┼────────┼─────────┼─────────────────────┼───────────────────┤ │ agent:main:feishu:direct:ou_097… │ direct │ 2m ago │ Qwen3.5-35B-A3B-FP8 │ unknown/128k (?%) │ │ agent:main:main │ direct │ 42m ago │ Qwen3.5-35B-A3B-FP8 │ unknown/128k (?%) │ └─────────────────────────────────────────────────────────────────────────┴────────┴─────────┴─────────────────────┴───────────────────┘

FAQ: https://docs.openclaw.ai/faq Troubleshooting: https://docs.openclaw.ai/troubleshooting

Next steps: Need to share? openclaw status --all Need to debug live? openclaw logs --follow Need to test channels? openclaw status --deep zentek@spark-2159:/data/spark-openclaw-install$

Steps to reproduce

It seems like the gateway connection is failing because pairing is required. Here is the output: zentek@spark-2159:/data/spark-openclaw-install$ openclaw logs --follow

咽 OpenClaw 2026.4.1 (da64a97) — Greetings, Professor Falken

gateway connect failed: GatewayClientRequestError: pairing required Gateway not reachable. Is it running and accessible? Gateway target: ws://127.0.0.1:18789 Source: local loopback Config: /home/zentek/.openclaw/openclaw.json Bind: loopback Hint: run openclaw doctor. zentek@spark-2159:/data/spark-openclaw-install$ zentek@spark-2159:/data/spark-openclaw-install$ openclaw gateway status

咽 OpenClaw 2026.4.1 (da64a97) — The lobster in your shell. 咽

│ ◇
Service: systemd (enabled) File logs: /tmp/openclaw/openclaw-2026-04-03.log Command: /usr/bin/node /home/zentek/.npm-global/lib/node_modules/openclaw/dist/index.js gateway --port 18789 Service file: ~/.config/systemd/user/openclaw-gateway.service Service env: OPENCLAW_GATEWAY_PORT=18789

Config (cli): ~/.openclaw/openclaw.json Config (service): ~/.openclaw/openclaw.json

Gateway: bind=loopback (127.0.0.1), port=18789 (service args) Probe target: ws://127.0.0.1:18789 Dashboard: http://127.0.0.1:18789/ Probe note: Loopback-only gateway; only local clients can connect.

Runtime: running (pid 1565744, state active, sub running, last exit 0, reason 0) RPC probe: ok

Listening: 127.0.0.1:18789 Troubles: run openclaw status Troubleshooting: https://docs.openclaw.ai/troubleshooting zentek@spark-2159:/data/spark-openclaw-install$ zentek@spark-2159:/data/spark-openclaw-install$ openclaw gateway status

咽 OpenClaw 2026.4.1 (da64a97) — The lobster in your shell. 咽

│ ◇
Service: systemd (enabled) File logs: /tmp/openclaw/openclaw-2026-04-03.log Command: /usr/bin/node /home/zentek/.npm-global/lib/node_modules/openclaw/dist/index.js gateway --port 18789 Service file: ~/.config/systemd/user/openclaw-gateway.service Service env: OPENCLAW_GATEWAY_PORT=18789

Config (cli): ~/.openclaw/openclaw.json Config (service): ~/.openclaw/openclaw.json

Gateway: bind=loopback (127.0.0.1), port=18789 (service args) Probe target: ws://127.0.0.1:18789 Dashboard: http://127.0.0.1:18789/ Probe note: Loopback-only gateway; only local clients can connect.

Runtime: running (pid 1565744, state active, sub running, last exit 0, reason 0) RPC probe: ok

Listening: 127.0.0.1:18789 Troubles: run openclaw status Troubleshooting: https://docs.openclaw.ai/troubleshooting zentek@spark-2159:/data/spark-openclaw-install$ openclaw status

咽 OpenClaw 2026.4.1 (da64a97) — Running on your hardware, reading your logs, judging nothing (mostly).

│ gateway connect failed: GatewayClientRequestError: pairing required ◇
│ ◇
Secret diagnostics:

• status: failed to resolve channels.feishu.accounts.main.appSecret locally (Environment variable "FEISHU_APP_SECRET" is missing or empty.).
• status: channels.feishu.accounts.main.appSecret is unavailable in this command path; continuing with degraded read-only config.
• status: gateway secrets.resolve unavailable (gateway closed (1008): pairing required Gateway target: ws://127.0.0.1:18789 Source: local loopback Config: /home/zentek/.openclaw/openclaw.json Bind: loopback); attempted local command-secret resolution.

OpenClaw status

Overview ┌──────────────────────┬───────────────────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Item │ Value │ ├──────────────────────┼───────────────────────────────────────────────────────────────────────────────────────────────────────────────┤ │ Dashboard │ http://127.0.0.1:18789/ │ │ OS │ linux 6.14.0-1013-nvidia (arm64) · node 22.22.0 │ │ Tailscale │ off │ │ Channel │ stable (default) │ │ Update │ pnpm · up to date · npm latest 2026.4.1 │ │ Gateway │ local · ws://127.0.0.1:18789 (local loopback) · reachable 24ms · auth token · spark-2159 (10.10.15.176) app │ │ │ 2026.4.1 linux 6.14.0-1013-nvidia │ │ Gateway service │ systemd installed · enabled · running (pid 1565744, state active) │ │ Node service │ systemd not installed │ │ Agents │ 1 · 1 bootstrap file present · sessions 2 · default main active 2m ago │ │ Memory │ 0 files · 0 chunks · sources memory · plugin memory-core · vector unknown · fts ready · cache on (0) │ │ Plugin compatibility │ none │ │ Probes │ skipped (use --deep) │ │ Events │ none │ │ Tasks │ none │ │ Heartbeat │ 30m (main) │ │ Sessions │ 2 active · default Qwen3.5-35B-A3B-FP8 (128k ctx) · ~/.openclaw/agents/main/sessions/sessions.json │ └──────────────────────┴───────────────────────────────────────────────────────────────────────────────────────────────────────────────┘

Security audit Summary: 5 critical · 5 warn · 1 info CRITICAL Exec security=full is configured Full exec trust is enabled for: main. Open channel access was also detected at: - channels.feishu.accounts.default.groupPolicy Fix: Prefer tools.exec.security="allowlist" with ask prompts, and reserve "full" for tightly scoped break-glass agents only. CRITICAL Open channels can reach exec-enabled agents Open DM/group access detected at: - channels.feishu.accounts.default.groupPolicy Exec-enabled scopes: - main: security=full, host=gateway Fix: Tighten dmPolicy/groupPolicy to pairing or allowlist, or disable exec for agents reachable from shared/public channels. CRITICAL Small models require sandboxing and web tools disabled Small models (<=300B params) detected: - vllm/Qwen3.5-35B-A3B-FP8 (35B) @ agents.defaults.model.primary (unsafe; sandbox=off; web=[web_search, web_fetch, brows… Fix: If you must use small models, enable sandboxing for all sessions (agents.defaults.sandbox.mode="all") and disable web_search/web_fetch/browser (tools.deny=["group:web","browser"]). CRITICAL Open groupPolicy with elevated tools enabled Found groupPolicy="open" at: - channels.feishu.accounts.default.groupPolicy With tools.elevated enabled, a prompt injection in those rooms can become a high-im… Fix: Set groupPolicy="allowlist" and keep elevated allowlists extremely tight. CRITICAL Open groupPolicy with runtime/filesystem tools exposed Found groupPolicy="open" at: - channels.feishu.accounts.default.groupPolicy Risky tool exposure contexts: - agents.defaults (sandbox=off; runtime=[exec, proces… Fix: For open groups, prefer tools.profile="messaging" (or deny group:runtime/group:fs), set tools.fs.workspaceOnly=true, and use agents.defaults.sandbox.mode="all" for exposed agents. WARN Reverse proxy headers are not trusted gateway.bind is loopback and gateway.trustedProxies is empty. If you expose the Control UI through a reverse proxy, configure trusted proxies so local-client c… Fix: Set gateway.trustedProxies to your proxy IPs or keep the Control UI local-only. … +4 more Full report: openclaw security audit Deep probe: openclaw security audit --deep

Channels ┌──────────┬─────────┬────────┬────────────────────────────────────────────────────────────────────────────────────────────────────────┐ │ Channel │ Enabled │ State │ Detail │ ├──────────┼─────────┼────────┼────────────────────────────────────────────────────────────────────────────────────────────────────────┤ │ Feishu │ ON │ SETUP │ not configured │ └──────────┴─────────┴────────┴────────────────────────────────────────────────────────────────────────────────────────────────────────┘

Sessions ┌─────────────────────────────────────────────────────────────────────────┬────────┬─────────┬─────────────────────┬───────────────────┐ │ Key │ Kind │ Age │ Model │ Tokens │ ├─────────────────────────────────────────────────────────────────────────┼────────┼─────────┼─────────────────────┼───────────────────┤ │ agent:main:feishu:direct:ou_097… │ direct │ 2m ago │ Qwen3.5-35B-A3B-FP8 │ unknown/128k (?%) │ │ agent:main:main │ direct │ 42m ago │ Qwen3.5-35B-A3B-FP8 │ unknown/128k (?%) │ └─────────────────────────────────────────────────────────────────────────┴────────┴─────────┴─────────────────────┴───────────────────┘

FAQ: https://docs.openclaw.ai/faq Troubleshooting: https://docs.openclaw.ai/troubleshooting

Next steps: Need to share? openclaw status --all Need to debug live? openclaw logs --follow Need to test channels? openclaw status --deep zentek@spark-2159:/data/spark-openclaw-install$

Expected behavior

The expected behavior is that it should display the logs normally.

Actual behavior

The actual behavior is that viewing the logs results in an error.

OpenClaw version

2026.4.1

Operating system

ubuntu24.04

Install method

curl -fsSL https://openclaw.ai/install.sh | bash -s -- --no-onboard

Model

qwen3.5

Provider / routing chain

feishu

Additional provider/model setup details

No response

Logs, screenshots, and evidence

Impact and severity

No response

Additional information

No response