From 5f25c87775aa11635e49162a036d2c10352c4c4e Mon Sep 17 00:00:00 2001
From: Hermes <hermes@lazyworkhorse.net>
Date: Wed, 20 May 2026 13:32:18 -0400
Subject: [PATCH] fix: add missing USER root before chown step

The chown -R hermes:hermes was running as non-root user 'hermes'
since USER hermes was set earlier. The new upstream base image
(v0.12.0+) has tools/ owned by root, so the chown fails.
Previous base image happened to have tools/ owned by hermes,
making the chown a silent no-op.
---
 ai/hermes/Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ai/hermes/Dockerfile b/ai/hermes/Dockerfile
index 1b775e7..c3a76fa 100644
--- a/ai/hermes/Dockerfile
+++ b/ai/hermes/Dockerfile
@@ -78,6 +78,7 @@ ENV CHROME_EXECUTABLE=/opt/hermes/.playwright/chromium/chrome-linux/chrome
 
 # Ensure tools directory and toolsets.py are writable by the hermes runtime user
 # so custom tools can be injected from the persistent volume at startup.
+USER root
 RUN chown -R hermes:hermes /opt/hermes/tools /opt/hermes/toolsets.py
 
 VOLUME [ "/opt/data" ]
\ No newline at end of file