Ensure that permissions are set properly on daemon boot

This commit is contained in:
Dane Everitt 2019-04-06 15:39:57 -07:00
parent 23df075253
commit 6e2a442846
No known key found for this signature in database
GPG Key ID: EEA66103B3D71F53
2 changed files with 59 additions and 0 deletions

View File

@ -2,12 +2,17 @@ package config
import ( import (
"fmt" "fmt"
"go.uber.org/zap"
"gopkg.in/yaml.v2" "gopkg.in/yaml.v2"
"io/ioutil" "io/ioutil"
"os" "os"
"os/exec" "os/exec"
"os/user" "os/user"
"path"
"regexp"
"strconv"
"strings" "strings"
"sync"
) )
type Configuration struct { type Configuration struct {
@ -233,9 +238,56 @@ func (c *Configuration) EnsurePterodactylUser() (*user.User, error) {
// Ensures that the configured data directory has the correct permissions assigned to // Ensures that the configured data directory has the correct permissions assigned to
// all of the files and folders within. // all of the files and folders within.
func (c *Configuration) EnsureFilePermissions() error { func (c *Configuration) EnsureFilePermissions() error {
// Don't run this unless it is configured to be run. On large system this can often slow
// things down dramatically during the boot process.
if !c.System.SetPermissionsOnBoot {
return nil
}
r := regexp.MustCompile("^[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}$")
files, err := ioutil.ReadDir(c.System.Data)
if err != nil {
return err
}
su, err := user.Lookup(c.System.User)
if err != nil {
return err
}
wg := new(sync.WaitGroup)
for _, file := range files {
wg.Add(1)
// Asynchronously run through the list of files and folders in the data directory. If
// the item is not a folder, or is not a folder that matches the expected UUIDv4 format
// skip over it.
//
// If we do have a positive match, run a chown aganist the directory.
go func(f os.FileInfo) {
defer wg.Done()
if !f.IsDir() || !r.MatchString(f.Name()) {
return
}
uid, _ := strconv.Atoi(su.Uid)
gid, _ := strconv.Atoi(su.Gid)
if err := os.Chown(path.Join(c.System.Data, f.Name()), uid, gid); err != nil {
zap.S().Warnw("failed to chown server directory", zap.String("directory", f.Name()), zap.Error(err))
}
}(file)
}
wg.Wait()
return nil return nil
} }
// Gets the system release name.
func getSystemName() (string, error) { func getSystemName() (string, error) {
cmd := exec.Command("lsb_release", "-is") cmd := exec.Command("lsb_release", "-is")

View File

@ -46,6 +46,13 @@ func main() {
zap.S().Infow("configured system user", zap.String("username", su.Username), zap.String("uid", su.Uid), zap.String("gid", su.Gid)) zap.S().Infow("configured system user", zap.String("username", su.Username), zap.String("uid", su.Uid), zap.String("gid", su.Gid))
} }
zap.S().Infow("beginnning file permission setting on server data directories")
if err := c.EnsureFilePermissions(); err != nil {
zap.S().Errorw("failed to properly chown data directories", zap.Error(err))
} else {
zap.S().Infow("finished ensuring file permissions")
}
servers, err := server.LoadDirectory("data/servers", c.System) servers, err := server.LoadDirectory("data/servers", c.System)
if err != nil { if err != nil {
zap.S().Fatalw("failed to load server configurations", zap.Error(err)) zap.S().Fatalw("failed to load server configurations", zap.Error(err))