From ea5ee199b6f3a474dc6a485b8a16109302bc1ac6 Mon Sep 17 00:00:00 2001
From: shaw <shaw-wei@foxmail.com>
Date: Sat, 19 Jul 2025 02:20:09 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E5=BD=BB=E5=BA=95=E4=BF=AE=E5=A4=8D?=
 =?UTF-8?q?=E6=9D=83=E9=99=90=E9=97=AE=E9=A2=98=EF=BC=8C=E7=A1=AE=E4=BF=9D?=
 =?UTF-8?q?data=E7=9B=AE=E5=BD=95=E5=8F=AF=E5=86=99?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

- 修复Dockerfile中权限设置顺序，避免递归覆盖
- 设置data目录权限为775，确保claude用户可写入init.json
- 为config目录和配置文件设置正确权限(775/664)
- 添加调试信息显示用户和目录权限状态
- 移除-R标志，精确控制每个目录的权限
- 确保setup.js能够成功创建/app/data/init.json文件

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
---
 Dockerfile           | 9 +++++----
 docker-entrypoint.sh | 5 +++++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b6bb0e3e..60d01354 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -36,9 +36,9 @@ RUN chmod +x /usr/local/bin/docker-entrypoint.sh
 
 # 📁 创建必要目录并设置权限
 RUN mkdir -p logs data temp && \
-    chown -R claude:nodejs /app logs data temp && \
-    chmod -R 755 /app && \
-    chmod -R 775 logs data temp
+    chown -R claude:nodejs /app && \
+    chmod 755 /app && \
+    chmod 775 logs data temp config
 
 # 🔧 预先创建配置文件避免权限问题
 RUN if [ ! -f "/app/config/config.js" ] && [ -f "/app/config/config.example.js" ]; then \
@@ -47,7 +47,8 @@ RUN if [ ! -f "/app/config/config.js" ] && [ -f "/app/config/config.example.js"
     if [ ! -f "/app/.env" ] && [ -f "/app/.env.example" ]; then \
         cp /app/.env.example /app/.env; \
     fi && \
-    chown claude:nodejs /app/config/config.js /app/.env 2>/dev/null || true
+    chown claude:nodejs /app/config/config.js /app/.env 2>/dev/null || true && \
+    chmod 664 /app/config/config.js /app/.env 2>/dev/null || true
 
 # 🔐 切换到非 root 用户
 USER claude
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
index 49ca3b16..03c327e0 100644
--- a/docker-entrypoint.sh
+++ b/docker-entrypoint.sh
@@ -65,6 +65,11 @@ export ENCRYPTION_KEY
 if [ ! -f "/app/data/init.json" ]; then
   echo "📋 首次启动，执行初始化设置..."
   
+  # 调试权限信息
+  echo "🔍 当前用户: $(whoami)"
+  echo "🔍 data 目录权限: $(ls -ld /app/data 2>/dev/null || echo 'directory not found')"
+  echo "🔍 data 目录内容: $(ls -la /app/data 2>/dev/null || echo 'directory empty or not accessible')"
+  
   # 如果设置了环境变量，显示提示
   if [ -n "$ADMIN_USERNAME" ] || [ -n "$ADMIN_PASSWORD" ]; then
     echo "📌 检测到预设的管理员凭据"