Cursor's sandbox unable to run any command: missing zsh mount in sandbox

Ten0 · May 4, 2026, 5:43pm

Where does the bug appear (feature/product)?

Cursor IDE

Describe the Bug

Cursor’s sandbox is missing mount path to zsh, making all commands fail with the following error:

Failed to exec /run/current-system/sw/bin/zsh: No such file or directory (os error 2)

This is because on NixOS, the generated /etc/passwd specifies that path as shell path, but it looks like in Cursor’s custom sandbox /run is fully replaced, only re-mounting specific paths from original system’s /run in the sandbox.

/nix/store is mounted however, so commands are accessible if pointing directly to them.

In general, with $PATH being:

/run/wrappers/bin:/home/user/.nix-profile/bin:/nix/profile/bin:/home/user/.local/state/nix/profile/bin:/etc/profiles/per-user/user/bin:/nix/var/nix/profiles/default/bin:/run/current-system/sw/bin

since some of these are missing (specifically /run/current-system/sw/bin/zsh), all commands fail.

Steps to Reproduce

Run Cursor on NixOS and have an agent try to run commands in the sandbox.

Operating System

Linux

Version Information

Version: 3.1.15
VSCode Version: 1.105.1
Commit: 3a67af7b780e0bfc8d32aefa96b8ff1cb8817f80
Date: 2026-04-15T01:46:06.515Z
Layout: editor
Build Type: Stable
Release Track: Default
Electron: 39.8.1
Chromium: 142.0.7444.265
Node.js: 22.22.1
V8: 14.2.231.22-electron.0
OS: Linux x64 6.12.82

Additional Information

As far as I can tell, the /run rebuild correctly remounts /run/wrappers, so it’s probably just a matter of adding the mount of /run/current-system or /run/current-system/sw to the list - maybe based on presence of corresponding entries in $PATH or in the $SHELL environment variable.

Does this stop you from using Cursor

Yes - Cursor is unusable

deanrie · May 5, 2026, 7:56am

Hey, thanks for the detailed report. The root cause is clear.

This is a known bug on our side. The sandbox does a tmpfs mount over /run, which on NixOS hides /run/current-system/sw/bin where the system binaries live, including $SHELL. The same thing breaks DNS resolving via systemd-resolved on other distros. We’re already tracking the issue, and I’ll add your case as a more serious impact since it breaks all commands, not just DNS. I can’t share an ETA for a fix yet.

Workarounds on NixOS:

Disable the sandbox for the terminal: Cursor Settings > Agents > Terminal > turn off auto-run or disable sandbox, depends on your UI version. Commands will run outside the sandbox.
Or override $SHELL to a direct path in /nix/store, for example via a wrapper script or an env var in Cursor. /nix/store is still visible inside the sandbox, unlike /run.

Once the fix ships, we’ll follow up in this thread.

Topic		Replies	Views
Linux sandbox fails — cannot find ripgrep in mount namespace Bug Reports sandbox , linux	3	103	April 4, 2026
Bug: Native Agent Sandbox fails with "ripgrep execution failed (os error 2)" during pre-discovery on Linux Bug Reports sandbox , terminal , linux	2	72	April 4, 2026
Recent update's sandbox feature breaks cursor on multi-user machines Bug Reports sandbox , linux	3	275	March 18, 2026
RuboCop pre-commit fails: user cache stores sandbox path, breaks Terminal.app and commits Bug Reports sandbox , terminal , ruby	2	27	April 1, 2026
Linux Sandbox: Error: Failed to apply sandbox: IO error: Step 4/7 (mount denies) failed: Mount count limit reached (1000) Bug Reports sandbox , cli , linux	3	94	March 1, 2026