From 6ee518247742c00a7d42b30716bdce566a659089 Mon Sep 17 00:00:00 2001
From: Dave Chevell <dchevell@atlassian.com>
Date: Tue, 29 Aug 2017 17:41:40 +1000
Subject: [PATCH] Added permissions check before re-applying permissions

---
 entrypoint.sh | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/entrypoint.sh b/entrypoint.sh
index b5e5576..beb2205 100755
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -21,10 +21,13 @@ export JAVA_OPTS="${JAVA_OPTS} ${CATALINA_OPTS}"
 
 # Start Bamboo as the correct user
 if [ "${UID}" -eq 0 ]; then
-    echo "User is currently root. Will change directories to daemon control, then downgrade permission to daemon"
-    mkdir -p "${CONFLUENCE_HOME}/lib" &&
+    echo "User is currently root. Will change directory ownership to ${RUN_USER}:${RUN_GROUP}, then downgrade permission to ${RUN_USER}"
+    PERMISSIONS_SIGNATURE=$(stat -c "%u:%U:%a" "${CONFLUENCE_HOME}")
+    EXPECTED_PERMISSIONS=$(id -u ${RUN_USER}):${RUN_USER}:700
+    if [ "${PERMISSIONS_SIGNATURE}" != "${EXPECTED_PERMISSIONS}" ]; then
         chmod -R 700 "${CONFLUENCE_HOME}" &&
-        chown -R "${RUN_USER}:${RUN_GROUP}" "${CONFLUENCE_HOME}"
+            chown -R "${RUN_USER}:${RUN_GROUP}" "${CONFLUENCE_HOME}"
+    fi
     # Now drop privileges
     exec su -s /bin/bash "${RUN_USER}" -c "$CONFLUENCE_INSTALL_DIR/bin/start-confluence.sh $@"
 else