diff --git a/extra/entrypoint.sh b/extra/entrypoint.sh index 93895da52..634d6812a 100644 --- a/extra/entrypoint.sh +++ b/extra/entrypoint.sh @@ -3,28 +3,53 @@ # set -e Exit the script if an error happens set -e -#Setting the PUID and PGID variable to the ID's we've actually launched as, instead of some passed environment variable. -PUID=$(id -u) -PGID=$(id -g) files_ownership () { - # -h Changes the ownership of an encountered symbolic link and not that of the file or directory pointed to by the symbolic link. - # -R Recursively descends the specified directories - # -c Like verbose but report only when a change is made - chown -hRc "$PUID":"$PGID" /app/data + # Check if the /app/data folder is owned by the user invoking the container + if [ $(stat -c%u /app/data) != $(id -u) ]; then + echo "File ownership incorrect, attempting to fix." + chown -hRc "$(id -u)":"$(id -g)" /app/data || echo "ERROR: Failed to set file ownership. Please run 'sudo chown -R $(id -u):$(id -g) /path/to/container/volume' to resolve."; exit 1 + fi + + # Checks for R/W permissions + if [ $(stat -c%a /app/data) -ne 770 ]; then + echo "Directory permissions incorrect, attempting to fix." + find /app/data -type d -exec chmod 770 {} \; + + #Re-run the check + if [ $(stat -c%a /app/data) -ne 770 ]; then + echo "ERROR: Failed to set file permissions. Please run 'sudo find /path/to/container/volume -type d chmod 770 {} \;' to resolve." + exit 1 + fi + echo "Directory permission fix succesful! Continuing." + fi + + #Check the R/W permissions on the files + if [ $(stat -c%a /app/data/* | head -n 1) != 640 ]; then + echo "File permissions incorrect. Attempting to fix." + find /app/data -type f -exec chmod 640 {} \; + + #Re-run the check + if [ $(stat -c%a /app/data/* | head -n 1) != 640 ]; then + echo "ERROR: Failed to set file permissions. Please run 'sudo find /path/to/container/volume -type f chmod 640 {} \;' to resolve." + exit 1 + fi + echo "File permission fix succesful! Continuing." + fi } echo "==> Performing startup jobs and maintenance tasks" +echo "==> Checking file permissions" files_ownership -echo "==> Starting application with user $PUID group $PGID" +echo "==> Starting application as user: $(id -u) ($USER) and group $(id -g)" # --clear-groups Clear supplementary groups. if [ $(id -u) -eq 0 ]; then - #We're running as root, so we can use setpriv without problems. - exec setpriv --reuid "$PUID" --regid "$PGID" --clear-groups "$@" + #We're running as root, so we can use setpriv without problems. + exec setpriv --reuid "$PUID" --regid "$PGID" --clear-groups "$@" else - #We're running as a regular user, so we'll launch the app as one. - exec "$@" + #We're running as a regular user, so we'll launch the app as one. + exec "$@" fi