Hey,
Thanks for the detailed report, and especially your analysis across the companion threads. The AppArmor work is really thorough.
This is a known issue. On Linux, the sandbox mount namespace does not currently bind-mount the Cursor installation directory, which makes the ripgrep binary invisible during the pre-discovery step. A related thread reports the same root cause with the same error.
The team is aware and actively working on improvements to the Linux sandbox.
Workaround (to unblock yourself): you can bypass the sandbox for now:
-
Go to Cursor Settings → Agents → Terminal
-
Set Auto-Run Mode to Ask Every Time or Run Everything
-
Restart Cursor
This allows agent commands to run outside the sandbox while the mount namespace issue is being addressed.
@mnikl — for the CLI agent case, the same class of issue applies. If there’s a sandbox config option in your CLI setup, setting the sandbox policy to insecure_none should bypass it. Also noting that your non-standard home path (/apps/fs1/...) may compound the issue, since the sandbox may have assumptions about standard paths.
I’ve filed this with the engineering team so it’s tracked for the .deb install case specifically.
Best,
Mohit