Issue Station
Sign In
Tools hereToolbox

claude-code - 💡(How to fix) Fix `--permission-mode dontAsk` denies Write even when `Write(/tmp/**)` is in allowlist; Bash with same glob breadth works [1 comments, 2 participants]

Official PRs (…)
ON THIS PAGE

Recommended Tools

×6

Utilities matched from this issue’s tags and category — try them while you read without losing context.

GitHub issue graph ai analysis

Paste a GitHub issue URL. We fetch that issue, discover linked issues from bodies/comments/timeline, collect linked pull requests, and produce a structured English report.

The report is written in English Markdown for sharing and archival.

Helpful · Quick feedback

Loading…
GitHub stats
anthropics/claude-code#52962Fetched 2026-04-25 06:16:05
View on GitHub
Comments
1
Participants
2
Timeline
5
Reactions
0
Author
ph47s74xph47s74x
Participants
github-actions[bot]github-actions[bot]ph47s74xph47s74x
Timeline (top)
labeled ×4commented ×1

With --permission-mode dontAsk and .claude/settings.local.json containing "Write(/tmp/**)" in the allow list, the Write tool is still silently denied for paths like /tmp/reserve-payload-builder.md. The agent reports the tool being blocked and halts. The same session can successfully invoke Bash(cat > /tmp/foo.md <<EOF …) because "Bash(*)" is also in the allowlist.

Root Cause

With --permission-mode dontAsk and .claude/settings.local.json containing "Write(/tmp/**)" in the allow list, the Write tool is still silently denied for paths like /tmp/reserve-payload-builder.md. The agent reports the tool being blocked and halts. The same session can successfully invoke Bash(cat > /tmp/foo.md <<EOF …) because "Bash(*)" is also in the allowlist.

Fix Action

Fix / Workaround

Workaround: instruct the agent to use Bash(cat > /tmp/foo.md <<EOF … EOF) instead. That path works consistently — 25+ consecutive successes across parallel peers.

Code Example

{
  "permissions": {
    "allow": [
      "Bash(*)",
      "Read(**)",
      "Read(/mnt/**)",
      "Read(/tmp/**)",
      "Write(**)",
      "Write(/**)",
      "Write(/tmp/**)",
      "Edit(**)"
    ]
  }
}
RAW_BUFFERClick to expand / collapse

Summary

With --permission-mode dontAsk and .claude/settings.local.json containing "Write(/tmp/**)" in the allow list, the Write tool is still silently denied for paths like /tmp/reserve-payload-builder.md. The agent reports the tool being blocked and halts. The same session can successfully invoke Bash(cat > /tmp/foo.md <<EOF …) because "Bash(*)" is also in the allowlist.

Reproduction

.claude/settings.local.json:

{
  "permissions": {
    "allow": [
      "Bash(*)",
      "Read(**)",
      "Read(/mnt/**)",
      "Read(/tmp/**)",
      "Write(**)",
      "Write(/**)",
      "Write(/tmp/**)",
      "Edit(**)"
    ]
  }
}

Launch with --permission-mode dontAsk, then have the agent attempt Write(/tmp/foo.md, "hello"). The agent surfaces:

The Write tool is being blocked by the don't-ask permission mode. I need Write access to /tmp/foo.md to complete this task

Despite Write(/tmp/**) matching.

Workaround: instruct the agent to use Bash(cat > /tmp/foo.md <<EOF … EOF) instead. That path works consistently — 25+ consecutive successes across parallel peers.

Scope

  • Reproduces consistently with Claude Code 2.1.117 headless sessions launched via screen + claude --permission-mode dontAsk.
  • Happens for both top-level Write(/tmp/**) and broader Write(**) globs.
  • Bash(*) with the same glob breadth works (so it's specific to the Write tool's match path, not a general dontAsk bug).
  • Interactive sessions with the same allowlist can prompt → approve → success, so the allowlist entry is structurally correct.

Suggested fix / investigation

  • The dontAsk permission resolver may be matching against a different canonicalized path than the allowlist glob (e.g. symlink-resolved, whereas the allowlist sees literal).
  • Or dontAsk may fall back to "only allow exact-path matches" vs the dialog path which allows glob matches.
  • Compare the code path for askPermission(Write, path) between default mode (opens dialog, dialog checks allowlist via one matcher) and dontAsk mode (denies silently, uses another matcher?).

Environment

  • Claude Code: 2.1.117
  • OS: Windows 11 + WSL2 Ubuntu 22.04 (peer sessions run inside WSL)
  • Launch: screen -dmS <name> claude --model sonnet --mcp-config ... --permission-mode dontAsk -- <prompt>

extent analysis

TL;DR

The Write tool is being blocked by the dontAsk permission mode despite a matching allowlist entry, suggesting a potential issue with path matching or canonicalization.

Guidance

  • Investigate the dontAsk permission resolver to determine if it's using a different path canonicalization than the allowlist, which could cause the mismatch.
  • Compare the code paths for askPermission(Write, path) between default and dontAsk modes to identify potential differences in matcher usage.
  • Verify that the Write tool's path matching is consistent with the allowlist glob patterns, and consider modifying the allowlist to use exact paths instead of globs.
  • Test the Write tool with different path formats (e.g., absolute, relative, symlink-resolved) to see if the issue is specific to a particular type of path.

Example

No code snippet is provided as the issue is more related to configuration and permission settings.

Notes

The issue seems to be specific to the Write tool and the dontAsk permission mode, and may not be a general problem with the allowlist or permission system. The fact that the Bash tool works with the same allowlist entry suggests that the issue is specific to the Write tool's path matching.

Recommendation

Apply a workaround by using the Bash tool with cat command instead of the Write tool, as it has been shown to work consistently. This will allow the task to complete while the underlying issue with the Write tool is investigated and resolved.

Vote matrix · Quick signals

Works
Did the solution work? Tap to confirm.
Easy Fix
Was it a quick fix?
Time Saver
Did it save you time?
Blocking
Was it severely blocking?
Common Issue
Are others likely hitting this too?
Flaky / Intermittent
Is it intermittent?
Verified / Reproducible
Can you reproduce it reliably?
Loading…
#api#ssr#vector store#embedding generation#cache error

Still need to ship something?

×6

Another batch ranked right after the header list — different links, same matching logic.

Back to top recommendations

TRENDING

claude-code - 💡(How to fix) Fix `--permission-mode dontAsk` denies Write even when `Write(/tmp/**)` is in allowlist; Bash with same glob breadth works [1 comments, 2 participants]