From 1fae65227d830fb242263f1e82d77f99ca4a3172 Mon Sep 17 00:00:00 2001
From: cysamurai <cy30225559@163.com>
Date: Thu, 16 Apr 2026 18:07:22 +0800
Subject: [PATCH] 1

---
 scripts/docker/run-build.sh | 27 +++++++++++++++++++++++++++
 1 file changed, 27 insertions(+)

diff --git a/scripts/docker/run-build.sh b/scripts/docker/run-build.sh
index ed3de62..c64f3b0 100644
--- a/scripts/docker/run-build.sh
+++ b/scripts/docker/run-build.sh
@@ -140,6 +140,33 @@ else
     bash /work/scripts/docker/container-entry.sh "${SELECTED_PROJECTS[@]}"
 fi
 
+normalize_artifact_ownership() {
+  if ! command -v docker >/dev/null 2>&1; then
+    return 0
+  fi
+  if ! command -v id >/dev/null 2>&1; then
+    return 0
+  fi
+
+  local uid gid
+  uid="$(id -u 2>/dev/null || true)"
+  gid="$(id -g 2>/dev/null || true)"
+  if [[ -z "$uid" || -z "$gid" ]]; then
+    return 0
+  fi
+
+  # 容器内构建产物可能由 root 写入，回收为当前用户避免后续注入/重打包失败。
+  docker run --rm \
+    --platform linux/amd64 \
+    -v "$REPO_ROOT:/work" \
+    -w /work \
+    "$IMAGE_TAG" \
+    bash -lc "chown -R $uid:$gid /work/dist/linux-deb /work/dist/repo 2>/dev/null || true"
+}
+
+echo "==> normalize artifact ownership for host user"
+normalize_artifact_ownership
+
 if [[ "$INJECT_DEB_BOOTSTRAP" == "1" ]]; then
   echo "==> inject deb bootstrap (postinst + keyring)"
   APT_GPG_KEY_ID="$APT_GPG_KEY_ID" APT_GPG_AUTO_CREATE="$APT_GPG_AUTO_CREATE" \