Actually set file permissions for servers when booting the daemon

cmd/root.go

@@ -146,13 +146,6 @@ func rootCmdRun(*cobra.Command, []string) {
 		}).Info("configured system user successfully")
 	}
 
-	log.Info("beginning file permission setting on server data directories")
-	if err := c.EnsureFilePermissions(); err != nil {
-		log.WithField("error", err).Error("failed to properly chown data directories")
-	} else {
-		log.Info("finished ensuring file permissions")
-	}
-
 	if err := server.LoadDirectory(); err != nil {
 		log.WithField("error", err).Fatal("failed to load server configurations")
 		return
@@ -172,6 +165,10 @@ func rootCmdRun(*cobra.Command, []string) {
 		log.WithField("server", s.Id()).Info("loaded configuration for server")
 	}
 
+	if !c.System.SetPermissionsOnBoot {
+		log.Warn("server file permission checking is currently disabled on boot!")
+	}
+
 	// Create a new WaitGroup that limits us to 4 servers being bootstrapped at a time
 	// on Wings. This allows us to ensure the environment exists, write configurations,
 	// and reboot processes without causing a slow-down due to sequential booting.
@@ -183,8 +180,14 @@ func rootCmdRun(*cobra.Command, []string) {
 		go func(s *server.Server) {
 			defer wg.Done()
 
-			s.Log().Info("ensuring server environment exists")
+			if c.System.SetPermissionsOnBoot {
+				s.Log().Info("chowning server data directory")
+				if err := s.Filesystem.Chown("/"); err != nil {
+					s.Log().WithField("error", err).Warn("error during server data directory chown")
+				}
+			}
 
+			s.Log().Info("ensuring server environment exists")
 			// Create a server environment if none exists currently. This allows us to recover from Docker
 			// being reinstalled on the host system for example.
 			if err := s.Environment.Create(); err != nil {

config/config.go

@@ -2,10 +2,8 @@ package config
 
 import (
 	"fmt"
-	"github.com/apex/log"
 	"github.com/cobaugh/osrelease"
 	"github.com/creasty/defaults"
-	"github.com/gammazero/workerpool"
 	"github.com/gbrlsnchs/jwt/v3"
 	"github.com/pkg/errors"
 	"gopkg.in/yaml.v2"
@@ -13,9 +11,6 @@ import (
 	"os"
 	"os/exec"
 	"os/user"
-	"path"
-	"regexp"
-	"runtime"
 	"strconv"
 	"strings"
 	"sync"
@@ -288,42 +283,6 @@ func (c *Configuration) setSystemUser(u *user.User) error {
 	return c.WriteToDisk()
 }
 
-var uuid4Regex = regexp.MustCompile("^[a-f0-9]{8}-[a-f0-9]{4}-4[a-f0-9]{3}-[89ab][a-f0-9]{3}-[a-f0-9]{12}$")
-
-// Ensures that the configured data directory has the correct permissions assigned to
-// all of the files and folders within.
-func (c *Configuration) EnsureFilePermissions() error {
-	// Don't run this unless it is configured to be run. On large system this can often slow
-	// things down dramatically during the boot process.
-	if !c.System.SetPermissionsOnBoot {
-		return nil
-	}
-
-	files, err := ioutil.ReadDir(c.System.Data)
-	if err != nil {
-		return errors.WithStack(err)
-	}
-
-	pool := workerpool.New(runtime.NumCPU())
-
-	for _, file := range files {
-		f := file
-		if !f.IsDir() || !uuid4Regex.MatchString(f.Name()) {
-			continue
-		}
-
-		pool.Submit(func() {
-			if err := os.Chown(path.Join(c.System.Data, f.Name()), c.System.User.Uid, c.System.User.Gid); err != nil {
-				log.WithField("error", err).WithField("directory", f.Name()).Warn("failed to chown server directory")
-			}
-		})
-	}
-
-	pool.StopWait()
-
-	return nil
-}
-
 // Writes the configuration to the disk as a blocking operation by obtaining an exclusive
 // lock on the file. This prevents something else from writing at the exact same time and
 // leading to bad data conditions.