Is your feature request related to a problem? Please describe.
Every toolbox exec, code-run, session create, and PTY spawn resolves the user's shell by spawning sh -c "grep '^[^#]' /etc/shells" before launching the actual command. That doubles the execve count on the daemon's hottest paths for a value that cannot change while the sandbox runs. Under degraded filesystem conditions the probe is also the first thing to fail, silently downgrading users to sh even when bash/zsh are installed.
Describe the solution you'd like
Read and parse /etc/shells in-process (no subprocess) and cache the resolved shell for the daemon's lifetime. A failed resolution should not be cached, so a transient failure does not pin the sh fallback forever.
Acceptance criteria:
Describe alternatives you've considered
Caching the current subprocess result (keeps an unnecessary execve on first use and the grep dependency). Per-request resolution with a TTL (complexity without benefit; /etc/shells is static in a running sandbox).
Additional context
Small change, but it removes one syscall-heavy step from every interactive operation and makes the exec path more robust exactly when the filesystem is unhappy.
Is your feature request related to a problem? Please describe.
Every toolbox exec, code-run, session create, and PTY spawn resolves the user's shell by spawning
sh -c "grep '^[^#]' /etc/shells"before launching the actual command. That doubles the execve count on the daemon's hottest paths for a value that cannot change while the sandbox runs. Under degraded filesystem conditions the probe is also the first thing to fail, silently downgrading users tosheven when bash/zsh are installed.Describe the solution you'd like
Read and parse
/etc/shellsin-process (no subprocess) and cache the resolved shell for the daemon's lifetime. A failed resolution should not be cached, so a transient failure does not pin theshfallback forever.Acceptance criteria:
Describe alternatives you've considered
Caching the current subprocess result (keeps an unnecessary execve on first use and the grep dependency). Per-request resolution with a TTL (complexity without benefit;
/etc/shellsis static in a running sandbox).Additional context
Small change, but it removes one syscall-heavy step from every interactive operation and makes the exec path more robust exactly when the filesystem is unhappy.