diff --git a/Dockerfile b/Dockerfile
index b156036..8e1aed4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -57,8 +57,10 @@ COPY --from=builder /app/tyapi-server .
 COPY --chown=tyapi:tyapi config.yaml .
 COPY --chown=tyapi:tyapi configs/ ./configs/
 
-# 创建日志目录
-RUN mkdir -p logs && chown -R tyapi:tyapi logs
+# 创建日志目录并设置权限
+RUN mkdir -p logs && \
+    chown -R tyapi:tyapi logs && \
+    chmod 755 logs
 
 # 切换到非root用户
 USER tyapi
diff --git a/configs/env.production.yaml b/configs/env.production.yaml
index 5f2fbac..addd715 100644
--- a/configs/env.production.yaml
+++ b/configs/env.production.yaml
@@ -41,7 +41,7 @@ logger:
     level: warn
     format: json
     output: "file"
-    log_dir: "/app/logs"
+    log_dir: "logs"  # 使用相对路径，与Dockerfile中的目录一致
     max_size: 100
     max_backups: 5
     max_age: 30
diff --git a/docker-compose.prod.yml b/docker-compose.prod.yml
index 720f1b7..aaa278e 100644
--- a/docker-compose.prod.yml
+++ b/docker-compose.prod.yml
@@ -122,8 +122,8 @@ services:
         ports:
             - "25000:8080"
         volumes:
-            - ./logs:/app/logs
-        user: "1001:1001"  # 使用tyapi用户运行容器 (UID 1001)
+            - app_logs:/app/logs
+        user: "1001:1001"  # 使用非root用户运行容器
         networks:
             - tyapi-network
         depends_on:
@@ -164,6 +164,8 @@ volumes:
         driver: local
     redis_data:
         driver: local
+    app_logs:
+        driver: local
 
 networks:
     tyapi-network:
diff --git a/scripts/debug-permissions.sh b/scripts/debug-permissions.sh
new file mode 100644
index 0000000..b6ee8e0
--- /dev/null
+++ b/scripts/debug-permissions.sh
@@ -0,0 +1,43 @@
+#!/bin/bash
+
+# 调试权限问题脚本
+
+echo "🔍 调试容器权限问题..."
+echo ""
+
+# 检查容器是否运行
+echo "1. 检查容器状态:"
+docker ps | grep tyapi-app-prod
+echo ""
+
+# 检查容器内用户信息
+echo "2. 检查容器内用户信息:"
+docker exec tyapi-app-prod id
+echo ""
+
+# 检查容器内日志目录权限
+echo "3. 检查容器内日志目录权限:"
+docker exec tyapi-app-prod ls -la /app/
+echo ""
+
+# 检查容器内logs目录权限
+echo "4. 检查容器内logs目录权限:"
+docker exec tyapi-app-prod ls -la /app/logs/
+echo ""
+
+# 检查宿主机logs目录权限
+echo "5. 检查宿主机logs目录权限:"
+ls -la logs/
+echo ""
+
+# 尝试在容器内创建测试文件
+echo "6. 测试容器内文件创建权限:"
+docker exec tyapi-app-prod sh -c "cd /app/logs && touch test.log && echo '测试成功' > test.log && cat test.log && rm test.log"
+echo ""
+
+# 检查容器内进程
+echo "7. 检查容器内进程:"
+docker exec tyapi-app-prod ps aux
+echo ""
+
+echo "✅ 调试完成！" 
\ No newline at end of file