sjagoe
commented
5 years ago Note: This actually will not work with existing data in the /app, /data and /backup directories. After making the PR, I realized this is a showstopper issue.
I will look into an automatic migration to seamlessly upgrage, but the /backup directory was a huge number of small files, which would take ages to change the ownership of. I'll work around that and update this PR.
To prevent accidental priviledge escalation on the host, this change uses https://github.com/tianon/gosu to drop root privileges at startup time, after changing directory ownership to allow the new
roonserveruser to write todata,backupandappdirectories.