Fresh portscan and vulnscan instances have permissions issues for cyhy-runner data

[mcdonnnj]

🐛 Bug Report

When spinning up fresh (no existing EBS volume for cyhy-runner data) portscan or vulnscan instances the cyhy-commander is unable to push work due to incorrect permissions on the scanner instance.

To Reproduce

• Spin up a fresh portscan or vulnscan instance.
• Watch the cyhy-commander log and see that it is unable to push work to the new instance.
• SSH to the new instance and see that the /var/cyhy/runner/running and/or /var/cyhy/runner/done directories are owned by root instead of cyhy.

Expected behavior

A fresh scanner instance is able to immediately receive work after successfully starting up.

[mcdonnnj]

Upon investigation I believe that what happens is a freshly created EBS volume is attached at the mountpoint (/var/cyhy/runner) and the mount point is chowned during cloud-init per

cyhy_amis/terraform/cyhy_nmap_cloud_init.tf

Lines 44 to 55 in 4feeacb

	part {
	content = templatefile("${path.module}/cloud-init/disk_setup.tpl.sh", {
	device_name = "/dev/xvdb"
	fs_type = "ext4"
	label = "cyhy_runner"
	mount_options = "defaults"
	mount_point = "/var/cyhy/runner"
	num_disks = 2
	})
	content_type = "text/x-shellscript"
	filename = "01_cyhy_runner_disk_setup.sh"
	}

However, the running and done sub-directories do not exist so once cyhy-runner starts up (running under root) it will create those directories and they will be owned by root. I believe the easiest path forward is to modify the cloud-init configuration for scanner instances to create and ensure appropriate ownership of these sub-directories as the cyhy-runner service waits for cloud-init to finish before starting.