From e8218a2ab5efee94ff1d00dfe03eaa6508d012c8 Mon Sep 17 00:00:00 2001 From: support Date: Wed, 27 May 2026 17:21:36 +0800 Subject: [PATCH] Fix weixin state path for sts --- lib/channel/weixin.js | 25 +++++++++++++++++-------- package-lock.json | 4 ++-- package.json | 2 +- 3 files changed, 20 insertions(+), 11 deletions(-) diff --git a/lib/channel/weixin.js b/lib/channel/weixin.js index bbc316b..ba89493 100644 --- a/lib/channel/weixin.js +++ b/lib/channel/weixin.js @@ -20,7 +20,7 @@ const crypto = require('crypto'); const fs = require('fs'); const path = require('path'); -const os = require('os'); +const { execFileSync } = require('child_process'); const log = require('../logger'); // ── Constants (from reference script) ──────────────────────────────────────── @@ -45,11 +45,15 @@ function _buildClientVersion(version) { // ── State-dir helpers (mirrors reference script) ───────────────────────────── function _resolveStateDir() { - return ( - (process.env.OPENCLAW_STATE_DIR || '').trim() || - (process.env.CLAWDBOT_STATE_DIR || '').trim() || - path.join(os.homedir(), '.openclaw') - ); + return path.join('/home/sts', '.openclaw'); +} + +function _ensureStsOwnership(filePath) { + try { + execFileSync('chown', ['sts:sts', filePath], { stdio: 'ignore' }); + } catch (err) { + log.warn('weixin', `chown sts:sts failed for ${filePath}: ${err.message}`); + } } function _resolveWeixinStateDir() { return path.join(_resolveStateDir(), 'openclaw-weixin'); } @@ -81,7 +85,9 @@ function _registerAccountId(accountId) { fs.mkdirSync(_resolveWeixinStateDir(), { recursive: true }); const existing = _listIndexedAccountIds(); if (existing.includes(accountId)) return; - fs.writeFileSync(_resolveAccountIndexPath(), JSON.stringify([...existing, accountId], null, 2), 'utf8'); + const indexPath = _resolveAccountIndexPath(); + fs.writeFileSync(indexPath, JSON.stringify([...existing, accountId], null, 2), 'utf8'); + _ensureStsOwnership(indexPath); } function _loadAccount(accountId) { @@ -113,6 +119,7 @@ function _saveAccount(accountId, update) { }; const filePath = _resolveAccountPath(accountId); fs.writeFileSync(filePath, JSON.stringify(data, null, 2), 'utf8'); + _ensureStsOwnership(filePath); try { fs.chmodSync(filePath, 0o600); } catch (_) {} return filePath; } @@ -126,7 +133,9 @@ function _clearStaleAccountsForUserId(currentAccountId, userId) { log.info('weixin', `removing stale account with same userId: ${id}`); try { fs.unlinkSync(_resolveAccountPath(id)); } catch (_) {} const existing = _listIndexedAccountIds(); - fs.writeFileSync(_resolveAccountIndexPath(), JSON.stringify(existing.filter(x => x !== id), null, 2), 'utf8'); + const indexPath = _resolveAccountIndexPath(); + fs.writeFileSync(indexPath, JSON.stringify(existing.filter(x => x !== id), null, 2), 'utf8'); + _ensureStsOwnership(indexPath); } } } diff --git a/package-lock.json b/package-lock.json index d0a698e..dcc691e 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,12 +1,12 @@ { "name": "clawd", - "version": "1.4.9", + "version": "1.4.10", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "clawd", - "version": "1.4.9", + "version": "1.4.10", "license": "MIT", "dependencies": { "ssh2": "^1.17.0", diff --git a/package.json b/package.json index 2d69403..61b80f2 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "clawd", - "version": "1.4.9", + "version": "1.4.10", "description": "Claw Box daemon - connects local Linux box to claw.cutos.ai via WebSocket", "main": "lib/client.js", "bin": {