diff --git a/Dockerfile b/Dockerfile
index d89705c..351c48e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -31,7 +31,7 @@ COPY --from=builder /app/publish .
 RUN mkdir -p /app/logs
 
 # 非 root 运行，安全加固
-RUN adduser --disabled-password --no-create-home obsidian-mcp \
+RUN useradd --system --no-create-home --shell /usr/sbin/nologin obsidian-mcp \
     && chown -R obsidian-mcp:obsidian-mcp /app
 
 USER obsidian-mcp