From a9b6f2b2117f4cd04488e2259f5ab29706c10c84 Mon Sep 17 00:00:00 2001
From: liqiang-fit2cloud <liqiang@fit2cloud.com>
Date: Fri, 21 Nov 2025 10:35:47 +0800
Subject: [PATCH] refactor: change dir permissions.

---
 apps/common/utils/tool_code.py | 1 +
 installer/Dockerfile-base      | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/apps/common/utils/tool_code.py b/apps/common/utils/tool_code.py
index bc97edd25..7519b80f0 100644
--- a/apps/common/utils/tool_code.py
+++ b/apps/common/utils/tool_code.py
@@ -38,6 +38,7 @@ class ToolExecutor:
             return
         if self.sandbox:
             os.chmod("/dev/shm", 0o707)
+            os.chmod("/dev/mqueue", 0o707)
         if CONFIG.get("SANDBOX_TMP_DIR_ENABLED", '0') == "1":
             tmp_dir_path = os.path.join(self.sandbox_path, 'tmp')
             os.makedirs(tmp_dir_path, 0o700, exist_ok=True)
diff --git a/installer/Dockerfile-base b/installer/Dockerfile-base
index 643b1b733..4e4eccb9f 100644
--- a/installer/Dockerfile-base
+++ b/installer/Dockerfile-base
@@ -30,9 +30,9 @@ RUN ln -sf /usr/share/zoneinfo/Asia/Shanghai /etc/localtime && \
     chmod g-xr /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/17/bin/* && \
     chmod g+xr /usr/bin/ld.so && \
     chmod g+x /usr/local/bin/python* && \
-    chmod -R g-rwx /tmp /var/tmp /dev/mqueue /var/lock /var/lib/postgresql && \
+    chmod -R g-rwx /tmp /var/tmp /var/lock && \
     apt-get clean all && \
-    rm -rf /var/lib/apt/lists/* /usr/share/doc/* /usr/share/man/* /usr/share/info/* /usr/share/locale/* /usr/share/lintian/* /usr/share/linda/* /var/cache/* /var/log/* /var/tmp/* /tmp/*
+    rm -rf /var/lib/postgresql /var/lib/apt/lists/* /usr/share/doc/* /usr/share/man/* /usr/share/info/* /usr/share/locale/* /usr/share/lintian/* /usr/share/linda/* /var/cache/* /var/log/* /var/tmp/* /tmp/*
 COPY --from=vector-model --chmod=700 /opt/maxkb-app/model /opt/maxkb-app/model
 
 ENV PATH=/opt/py3/bin:$PATH \