v0.23.0-beta.2
Pre-releaseNetclaw 0.23.0-beta.2
0.23.0-beta.2 2026-06-03
Netclaw v0.23.0-beta.2 — beta channel fix release for non-root container deployments
This is a prerelease on the beta channel. Stable installs are unaffected and remain on 0.22.1; only opt-in beta testers are offered this build.
Try the beta
- Linux / macOS:
curl -sSL https://releases.netclaw.dev/install.sh | bash -s -- --channel beta - Windows: download
install.ps1, then./install.ps1 -Channel beta - Docker:
docker pull ghcr.io/netclaw-dev/netclaw:beta
Bug Fixes
Container no longer crash-loops on a read-only
/toolsmount — the bind-mount ownership repair added in 0.23.0-beta.1 (#1281) ran a recursivechownover/toolsand aborted fatally when the mount was read-only, crash-looping the container./toolsis a PATH directory the agent only reads from, so the entrypoint now treats it as best-effort: it never recursively chowns it and never fails when it is read-only or already correctly owned. (#1321)Non-root agent can install tools at runtime again — because the daemon runs as the unprivileged
netclawuser it cannot write systemPATHdirectories orapt-getwithout root. The image now ships user-writable, on-PATHinstall locations (~/.local/bin,~/.dotnet,~/.dotnet/tools, and a mounted/tools/bin) so a runtime-installeddotnet,pip --usertool, or .NET global tool resolves as a bare command in the agent's non-interactive shell. (#1321)