diff --git a/etc/grml/fai/config/scripts/DEBORPHAN/10-whitelist b/etc/grml/fai/config/scripts/DEBORPHAN/10-whitelist index ec97fc417..0bca410d3 100755 --- a/etc/grml/fai/config/scripts/DEBORPHAN/10-whitelist +++ b/etc/grml/fai/config/scripts/DEBORPHAN/10-whitelist @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # workaround for dnsutils transitional package, we can drop this as soon as the # bind9-dnsutils package is available in all our supported Debian releases if [[ -r "${target}/usr/share/doc/dnsutils" ]] && [ -x "${target}/usr/bin/deborphan" ] ; then diff --git a/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot b/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot index dce15d484..45181f1cd 100755 --- a/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot +++ b/etc/grml/fai/config/scripts/DEBORPHAN/98-clean-chroot @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # remove all packages not necessary anymore: echo "Executing apt-get -y --purge autoremove" $ROOTCMD apt-get -y --purge autoremove @@ -20,6 +23,7 @@ PURGE_PACKAGES=$($ROOTCMD dpkg --list | awk '/^rc/ {print $2}') if [ -n "$PURGE_PACKAGES" ] ; then echo "Getting rid of packages which have been removed but not yet purged: $PURGE_PACKAGES" + # shellcheck disable=SC2086 # PURGE_PACKAGES needs word-splitting. $ROOTCMD dpkg --purge $PURGE_PACKAGES fi @@ -29,6 +33,7 @@ if [ -x "$target"/usr/bin/deborphan ] ; then # remove packages until deborphan does not find anymore: while [ "$($ROOTCMD deborphan)" != "" ] ; do echo "Executing deborphan" + # shellcheck disable=SC2046 # deborphan result needs word-splitting. $ROOTCMD apt-get -y --purge remove $($ROOTCMD deborphan) done fi diff --git a/etc/grml/fai/config/scripts/GRMLBASE/01-packages b/etc/grml/fai/config/scripts/GRMLBASE/01-packages index aae58ae82..6f46b0bbd 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/01-packages +++ b/etc/grml/fai/config/scripts/GRMLBASE/01-packages @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + echo -n > "${LOGDIR}"/package_errors.log # ensure we start with an empty file if ! [ -e "${LOGDIR}"/software.log ] ; then diff --git a/etc/grml/fai/config/scripts/GRMLBASE/02-run b/etc/grml/fai/config/scripts/GRMLBASE/02-run index b133a62af..71aa78898 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/02-run +++ b/etc/grml/fai/config/scripts/GRMLBASE/02-run @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # This is what initscripts would do if everything would be fine. if [ -L "$target/run" ] ; then rm -f "$target/run" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/03-get-sources b/etc/grml/fai/config/scripts/GRMLBASE/03-get-sources index 3a3023e90..90a175621 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/03-get-sources +++ b/etc/grml/fai/config/scripts/GRMLBASE/03-get-sources @@ -6,6 +6,9 @@ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + if ifclass SOURCES ; then echo "Class SOURCES set, retrieving source packages." else @@ -27,6 +30,7 @@ mkdir -p "${target}${SOURCES_PATH}" $ROOTCMD apt-get update # Collect *source* package names +# shellcheck disable=SC2016 # Embedded $ is correct. $ROOTCMD dpkg-query -W -f='${Source} ${Package}\n' | sed -e 's/^ //' | awk '{ print $1 }' | sort -u | \ chroot "${target}" /bin/bash -c "cd \"${SOURCES_PATH}\" && xargs --max-args=32 --max-procs=12 apt-get --download-only source" 2> "${ERRORS_LOG}" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/05-hostname b/etc/grml/fai/config/scripts/GRMLBASE/05-hostname index cf55d8dea..4b7e46335 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/05-hostname +++ b/etc/grml/fai/config/scripts/GRMLBASE/05-hostname @@ -9,18 +9,22 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" # the hostname of the chroot usually isn't the same as the one for the live-system BUILD_HOSTNAME="$($ROOTCMD hostname)" [ -n "$BUILD_HOSTNAME" ] || BUILD_HOSTNAME="grml" -echo "$HOSTNAME" > $target/etc/hostname -echo "$HOSTNAME" > $target/etc/mailname +echo "$HOSTNAME" > "$target"/etc/hostname +echo "$HOSTNAME" > "$target"/etc/mailname -if [ -r $target/etc/postfix/main.cf ] ; then - sed -i "s/^mydestination = .*/mydestination = $HOSTNAME, localhost, localhost.localdomain/" $target/etc/postfix/main.cf - sed -i "s/^myhostname = .*/myhostname = $HOSTNAME/" $target/etc/postfix/main.cf +if [ -r "$target"/etc/postfix/main.cf ] ; then + sed -i "s/^mydestination = .*/mydestination = $HOSTNAME, localhost, localhost.localdomain/" "$target"/etc/postfix/main.cf + sed -i "s/^myhostname = .*/myhostname = $HOSTNAME/" "$target"/etc/postfix/main.cf echo "postfix postfix/mailname string $HOSTNAME" | $ROOTCMD debconf-set-selections echo "postfix postfix/destinations string ${HOSTNAME}, localhost.grml.org, localhost" \ | $ROOTCMD debconf-set-selections diff --git a/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup b/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup index 4b63a99b9..053740231 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup +++ b/etc/grml/fai/config/scripts/GRMLBASE/15-initsetup @@ -8,6 +8,11 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" systemd_setup() { diff --git a/etc/grml/fai/config/scripts/GRMLBASE/16-depmod b/etc/grml/fai/config/scripts/GRMLBASE/16-depmod index 047a50ec9..fae3d04a5 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/16-depmod +++ b/etc/grml/fai/config/scripts/GRMLBASE/16-depmod @@ -9,13 +9,16 @@ set -u set -e -if ! [ -x $target/sbin/depmod ] ; then +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +if ! [ -x "$target"/sbin/depmod ] ; then echo "Warning: depmod not installed" exit 0 fi -for kernel in ${target}/boot/vmlinuz-* ; do - kernelversion=${kernel##$target} +for kernel in "$target"/boot/vmlinuz-* ; do + kernelversion=${kernel##"$target"} kernelversion=${kernelversion##/boot/vmlinuz-} echo "Updating modules.dep for kernel ${kernelversion}" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/18-timesetup b/etc/grml/fai/config/scripts/GRMLBASE/18-timesetup index d44efb262..d9860de00 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/18-timesetup +++ b/etc/grml/fai/config/scripts/GRMLBASE/18-timesetup @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # tell if hwclock is running in UTC or local time # by default it's set to UTC=no if [ -n "$UTC" ] && [ "$UTC" = "yes" ] ; then @@ -20,14 +23,14 @@ fi if [ -n "$TIMEZONE" ] ; then echo "Setting default timezone to $TIMEZONE" # update debconf - area=$(echo $TIMEZONE | cut -d '/' -f1) - zone=$(echo $TIMEZONE | cut -d '/' -f2) + area=$(echo "$TIMEZONE" | cut -d '/' -f1) + zone=$(echo "$TIMEZONE" | cut -d '/' -f2) echo "tzdata tzdata/Areas select $area" | $ROOTCMD debconf-set-selections echo "tzdata tzdata/Zones/$area select $zone" | $ROOTCMD debconf-set-selections # update files - echo $TIMEZONE > $target/etc/timezone - rm -f $target/etc/localtime - cp -f $target/usr/share/zoneinfo/$TIMEZONE $target/etc/localtime + echo "$TIMEZONE" > "$target"/etc/timezone + rm -f "$target"/etc/localtime + cp -f "$target"/usr/share/zoneinfo/"$TIMEZONE" "$target"/etc/localtime fi ## END OF FILE ################################################################ diff --git a/etc/grml/fai/config/scripts/GRMLBASE/20-sudo b/etc/grml/fai/config/scripts/GRMLBASE/20-sudo index f6934ea7d..240041c99 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/20-sudo +++ b/etc/grml/fai/config/scripts/GRMLBASE/20-sudo @@ -8,12 +8,17 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" fcopy -v /etc/sudoers -sed -i "s/\$USERNAME/$USERNAME/" $target/etc/sudoers -chmod 440 $target/etc/sudoers -chown 0:0 $target/etc/sudoers +sed -i "s/\$USERNAME/$USERNAME/" "$target"/etc/sudoers +chmod 440 "$target"/etc/sudoers +chown 0:0 "$target"/etc/sudoers ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/21-usersetup b/etc/grml/fai/config/scripts/GRMLBASE/21-usersetup index 50d43e613..bd21a978a 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/21-usersetup +++ b/etc/grml/fai/config/scripts/GRMLBASE/21-usersetup @@ -8,25 +8,30 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" -if grep -q "$USERNAME:x:1000" $target/etc/group ; then +if grep -q "$USERNAME:x:1000" "$target"/etc/group ; then echo "group $USERNAME exists already, skipping" else - $ROOTCMD addgroup --gid 1000 $USERNAME + $ROOTCMD addgroup --gid 1000 "$USERNAME" fi -if grep -q "$USERNAME:x:1000" $target/etc/passwd ; then +if grep -q "$USERNAME:x:1000" "$target"/etc/passwd ; then echo "user $USERNAME exists already, skipping" else - $ROOTCMD useradd -d /home/$USERNAME -m -s /bin/zsh -g 1000 $USERNAME + $ROOTCMD useradd -d /home/"$USERNAME" -m -s /bin/zsh -g 1000 "$USERNAME" fi # make sure to add the user to all relevant groups: add_user_to_group() { [ -n "$1" ] || return 1 - if grep -q $1 $target/etc/group ; then - grep "$1:x:.*$USERNAME" $target/etc/group || $ROOTCMD adduser $USERNAME $1 + if grep -q "$1" "$target"/etc/group ; then + grep "$1:x:.*$USERNAME" "$target"/etc/group || $ROOTCMD adduser "$USERNAME" "$1" fi } @@ -55,12 +60,12 @@ add_user_to_group video add_user_to_group vlock add_user_to_group voice -sed -i 's/^root::/root:*:/' $target/etc/shadow -sed -i "s/^$USERNAME:!:/$USERNAME:*:/" $target/etc/shadow +sed -i 's/^root::/root:*:/' "$target"/etc/shadow +sed -i "s/^$USERNAME:!:/$USERNAME:*:/" "$target"/etc/shadow if $ROOTCMD [ -r /bin/zsh ] ; then $ROOTCMD chsh -s /bin/zsh root - $ROOTCMD chsh -s /bin/zsh $USERNAME + $ROOTCMD chsh -s /bin/zsh "$USERNAME" fi ## END OF FILE ################################################################# diff --git a/etc/grml/fai/config/scripts/GRMLBASE/25-locales b/etc/grml/fai/config/scripts/GRMLBASE/25-locales index 59a4e7160..0ac3650e7 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/25-locales +++ b/etc/grml/fai/config/scripts/GRMLBASE/25-locales @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # set up /etc/locale.gen, only GRML_FULL and LOCALES have # the full setup, GRMLBASE installs a minimal configuration fcopy -v /etc/locale.gen @@ -23,7 +26,7 @@ set -u echo 'Removing /usr/share/locale' # get rid of the original - rm -rf $target/usr/share/locale + rm -rf "$target"/usr/share/locale # restore *empty* directories because otherwise installation/upgrade of packages might fail [ -d "$target"/usr/share/locale ] || mkdir "$target"/usr/share/locale @@ -45,7 +48,7 @@ if $ROOTCMD dpkg --list localepurge 2>&1 | grep -q '^ii' ; then $ROOTCMD dpkg-reconfigure -f noninteractive localepurge fi -if ! [ -x $target/usr/sbin/localepurge ] ; then +if ! [ -x "$target"/usr/sbin/localepurge ] ; then echo "Warning: localepurge not installed" else echo "Running localepurge." @@ -55,7 +58,7 @@ fi if $ROOTCMD dpkg-query -s locales-all >/dev/null 2>&1 ; then echo "locales-all installed, skipping locales generation" else - if ! [ -x ${target}/usr/sbin/locale-gen ] ; then + if ! [ -x "$target"/usr/sbin/locale-gen ] ; then echo 'Warning: locale-gen [package locales] not installed' else echo "Running locale-gen" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/30-fstab b/etc/grml/fai/config/scripts/GRMLBASE/30-fstab index c316ec6ec..01e46c157 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/30-fstab +++ b/etc/grml/fai/config/scripts/GRMLBASE/30-fstab @@ -8,10 +8,15 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" fcopy -v /etc/fstab -sed -i "s/uid=USERNAME,gid=USERNAME/uid=$USERNAME,gid=$USERNAME/" $target/etc/fstab +sed -i "s/uid=USERNAME,gid=USERNAME/uid=$USERNAME,gid=$USERNAME/" "$target"/etc/fstab ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/32-xorg b/etc/grml/fai/config/scripts/GRMLBASE/32-xorg index 238af5da5..f85b535fd 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/32-xorg +++ b/etc/grml/fai/config/scripts/GRMLBASE/32-xorg @@ -9,13 +9,16 @@ set -u set -e -if [ -r "$target/etc/X11/xorg.conf" ] ; then +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +if [ -r "$target"/etc/X11/xorg.conf ] ; then mv -f "$target"/etc/X11/xorg.conf "$target"/etc/X11/xorg.conf.debian fi -if [ "$(readlink $target/etc/X11/X)" = "/bin/true" ] ; then +if [ "$(readlink "$target"/etc/X11/X)" = "/bin/true" ] ; then echo "Warning: /etc/X11/X is a symlink to /bin/true - fixing for you">&2 - ln -sf /usr/bin/Xorg $target/etc/X11/X + ln -sf /usr/bin/Xorg "$target"/etc/X11/X fi ## END OF FILE ################################################################# diff --git a/etc/grml/fai/config/scripts/GRMLBASE/33-aptsetup b/etc/grml/fai/config/scripts/GRMLBASE/33-aptsetup index 234bd1a7c..37f927938 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/33-aptsetup +++ b/etc/grml/fai/config/scripts/GRMLBASE/33-aptsetup @@ -8,10 +8,14 @@ set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # use snapshot.debian.org based on build date for release if ifclass RELEASE ; then set -u - perl -pi -e 'BEGIN { $d="'$(date +%Y%m%d)'"; } s#^(\s+)(deb.* )(.*://ftp.debian.org.*?)\s+([a-z-]+)\s+(.*)$#$1$2http://snapshot.debian.org/archive/debian/$d/ $4 $5#' \ + current_date=$(date +%Y%m%d) + perl -pi -e 'BEGIN { $d="'"$current_date"'"; } s#^(\s+)(deb.* )(.*://ftp.debian.org.*?)\s+([a-z-]+)\s+(.*)$#$1$2http://snapshot.debian.org/archive/debian/$d/ $4 $5#' \ "${target}/etc/apt/sources.list.d/debian.list" fi diff --git a/etc/grml/fai/config/scripts/GRMLBASE/34-hosts b/etc/grml/fai/config/scripts/GRMLBASE/34-hosts index a08c3b9cc..37258e469 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/34-hosts +++ b/etc/grml/fai/config/scripts/GRMLBASE/34-hosts @@ -8,12 +8,17 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" fcopy -v /etc/hosts # replace $HOSTNAME with the real hostname: -sed -i "s/\$HOSTNAME/$HOSTNAME/" $target/etc/hosts +sed -i "s/\$HOSTNAME/$HOSTNAME/" "$target"/etc/hosts ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/38-udev b/etc/grml/fai/config/scripts/GRMLBASE/38-udev index d5c89d1f3..ae30b3463 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/38-udev +++ b/etc/grml/fai/config/scripts/GRMLBASE/38-udev @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + CONFFILE="$target/etc/udev/rules.d/70-persistent-net.rules" STRING='This file was automatically generated by the /lib/udev/write_net_rules' diff --git a/etc/grml/fai/config/scripts/GRMLBASE/39-modprobe b/etc/grml/fai/config/scripts/GRMLBASE/39-modprobe index 51b543720..24e038c0f 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/39-modprobe +++ b/etc/grml/fai/config/scripts/GRMLBASE/39-modprobe @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # Install all present modprobe.d configuration files fcopy -v -i -r /etc/modprobe.d diff --git a/etc/grml/fai/config/scripts/GRMLBASE/45-grub-images b/etc/grml/fai/config/scripts/GRMLBASE/45-grub-images index 76c0e1054..4e999b231 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/45-grub-images +++ b/etc/grml/fai/config/scripts/GRMLBASE/45-grub-images @@ -9,6 +9,9 @@ set -e set -u +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + TMP_CONFIG="/tmp/grub_config_efi" # this allows us to find this specific Grml ISO, @@ -70,10 +73,10 @@ for arch in "${ARCHS[@]}" ; do arm64-efi) filename=/boot/bootaa64.efi ;; esac - $ROOTCMD grub-mkimage -O $arch -o "$filename" --prefix=/boot/grub/ --config="$TMP_CONFIG" \ + $ROOTCMD grub-mkimage -O "$arch" -o "$filename" --prefix=/boot/grub/ --config="$TMP_CONFIG" \ echo iso9660 part_msdos search_fs_file test \ fat ext2 reiserfs xfs btrfs squash4 part_gpt lvm \ - ${ADDITIONAL_MODULES[$arch]} + "${ADDITIONAL_MODULES[$arch]}" done rm -f "${target}/${TMP_CONFIG}" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/46-grml-version b/etc/grml/fai/config/scripts/GRMLBASE/46-grml-version index f2e8d0bf9..c3c979c21 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/46-grml-version +++ b/etc/grml/fai/config/scripts/GRMLBASE/46-grml-version @@ -8,13 +8,17 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" echo "Setting /etc/grml_version to $GRML_NAME $VERSION Release Codename $RELEASENAME [$DATE]" -echo "$GRML_NAME $VERSION Release Codename $RELEASENAME [$DATE]" > $target/etc/grml_version +echo "$GRML_NAME $VERSION Release Codename $RELEASENAME [$DATE]" > "$target"/etc/grml_version chmod 644 "${target}/etc/grml_version" echo "Setting /etc/issue to $GRML_NAME $VERSION" printf "%s %s %s %s\n\n" "$GRML_NAME" "$VERSION" '\n' '\l' > "${target}/etc/issue" chmod 644 "${target}/etc/issue" - diff --git a/etc/grml/fai/config/scripts/GRMLBASE/47-update-wallpaper b/etc/grml/fai/config/scripts/GRMLBASE/47-update-wallpaper index bd5f8c464..937e0b99d 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/47-update-wallpaper +++ b/etc/grml/fai/config/scripts/GRMLBASE/47-update-wallpaper @@ -6,13 +6,17 @@ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" FONTFILE=${FONTFILE:-/usr/share/grml-live/fonts/graphicoreBitmapFont0-Light.otf} TITLE_FONTSIZE=${TITLE_FONTSIZE:-200} VERSION_FONTSIZE=${VERSION_FONTSIZE:-100} -GRML_BG=${GRML_BG:-$target/usr/share/grml/desktop-bg.png} -GRML_WALLPAPER=${GRML_WALLPAPER:-$target/usr/share/grml/desktop.jpg} +GRML_BG=${GRML_BG:-"$target"/usr/share/grml/desktop-bg.png} +GRML_WALLPAPER=${GRML_WALLPAPER:-"$target"/usr/share/grml/desktop.jpg} if [ ! -x "$(which convert)" ]; then echo "convert not installed, skipping wallpaper." @@ -33,7 +37,7 @@ echo "Creating standard wallpaper" convert "$GRML_BG" -gravity center \ -fill white -font "$FONTFILE" \ - -pointsize $TITLE_FONTSIZE \ + -pointsize "$TITLE_FONTSIZE" \ -draw "text 0,0 \"$GRML_NAME\"" \ - -pointsize $VERSION_FONTSIZE \ + -pointsize "$VERSION_FONTSIZE" \ -draw "text 0,$((TITLE_FONTSIZE+50)) \"$VERSION\"" "$GRML_WALLPAPER" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/49-sshd b/etc/grml/fai/config/scripts/GRMLBASE/49-sshd index f2d40ed61..89497f610 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/49-sshd +++ b/etc/grml/fai/config/scripts/GRMLBASE/49-sshd @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + if ! [ -r "${target}/etc/ssh/sshd_config" ] ; then echo "File /etc/ssh/sshd_config doesn't exist, skipping execution of script." exit 0 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/50-lvm b/etc/grml/fai/config/scripts/GRMLBASE/50-lvm index 1f6527974..41b25b7af 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/50-lvm +++ b/etc/grml/fai/config/scripts/GRMLBASE/50-lvm @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + if [ -f "${target}/lib/udev/rules.d/69-lvm.rules" ] ; then # lvm2 >=2.03.15 echo "Clearing /lib/udev/rules.d/69-lvm.rules to avoid automatic LVM scanning" echo '# this file was generated by grml-live script GRMLBASE/50-lvm' > "${target}/lib/udev/rules.d/69-lvm.rules" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/52-mdadm b/etc/grml/fai/config/scripts/GRMLBASE/52-mdadm index 625065f73..7ec5de465 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/52-mdadm +++ b/etc/grml/fai/config/scripts/GRMLBASE/52-mdadm @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + echo "Removing /lib/udev/rules.d/64-md-raid-assembly.rules to avoid automatic mdadm scanning" echo '# this file was generated by grml-live script GRMLBASE/52-mdadm' > "${target}/lib/udev/rules.d/64-md-raid-assembly.rules" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/55-aoetools b/etc/grml/fai/config/scripts/GRMLBASE/55-aoetools index eaf18e693..74966e7cc 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/55-aoetools +++ b/etc/grml/fai/config/scripts/GRMLBASE/55-aoetools @@ -8,6 +8,9 @@ set -eu +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # see https://github.com/grml/grml/issues/32 echo "Removing /usr/lib/modules-load.d/aoetools.conf to avoid automatic aoe discovery" rm -f "${target}/usr/lib/modules-load.d/aoetools.conf" diff --git a/etc/grml/fai/config/scripts/GRMLBASE/80-initramfs b/etc/grml/fai/config/scripts/GRMLBASE/80-initramfs index de694cc76..0b3f892dc 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/80-initramfs +++ b/etc/grml/fai/config/scripts/GRMLBASE/80-initramfs @@ -9,18 +9,21 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + fcopy -v /etc/initramfs-tools/hooks/000-udev-shutup fcopy -v /etc/initramfs-tools/conf.d/xz-compress fcopy -v /etc/initramfs-tools/modules -if ! [ -f $target/usr/share/initramfs-tools/scripts/live ] ; then +if ! [ -f "$target"/usr/share/initramfs-tools/scripts/live ] ; then echo "Error: live-boot/-initramfs does not seem to be present, can not create initramfs. Exiting.">&2 exit 1 fi echo "Rebuilding initramfs" -for initrd in "$(basename $target/boot/vmlinuz-*)" ; do +for initrd in $(basename "$target"/boot/vmlinuz-*) ; do if ! $ROOTCMD update-initramfs -k "${initrd##vmlinuz-}" -c ; then echo "Creating fresh initramfs did not work, trying update instead:" $ROOTCMD update-initramfs -k "${initrd##vmlinuz-}" -u diff --git a/etc/grml/fai/config/scripts/GRMLBASE/85-systemd b/etc/grml/fai/config/scripts/GRMLBASE/85-systemd index 4ea424743..1b3ff39e8 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/85-systemd +++ b/etc/grml/fai/config/scripts/GRMLBASE/85-systemd @@ -8,6 +8,8 @@ set -u set -e + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" fcopy -M -i -B -v -r /etc/tmpfiles.d diff --git a/etc/grml/fai/config/scripts/GRMLBASE/90-update-alternatives b/etc/grml/fai/config/scripts/GRMLBASE/90-update-alternatives index 808a866d2..580664da6 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/90-update-alternatives +++ b/etc/grml/fai/config/scripts/GRMLBASE/90-update-alternatives @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # starting with vim v2:8.1.2136-1 it uses /usr/libexec/vim for the vim.* binaries if $ROOTCMD update-alternatives --list editor 2>/dev/null | grep -q /usr/libexec/vim ; then VIM_PATH=/usr/libexec/vim @@ -69,7 +72,7 @@ fi # sadly isn't available via update-alternates, anyway - use # ntfs-3g (if available) as default for ntfs -if [ -r $target/sbin/mount.ntfs-3g ] || [ -L $target/sbin/mount.ntfs-3g ] ; then +if [ -r "$target"/sbin/mount.ntfs-3g ] || [ -L "$target"/sbin/mount.ntfs-3g ] ; then $ROOTCMD ln -sf /sbin/mount.ntfs-3g /sbin/mount.ntfs fi diff --git a/etc/grml/fai/config/scripts/GRMLBASE/91-update-pciids b/etc/grml/fai/config/scripts/GRMLBASE/91-update-pciids index f5a3e5d55..0048ffb5f 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/91-update-pciids +++ b/etc/grml/fai/config/scripts/GRMLBASE/91-update-pciids @@ -13,6 +13,9 @@ fi set -u +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + bailout() { if [ "${1:-}" = "4" ] || [ "${1:-}" = "1" ] ; then echo "Warning: update-pciids returned with exit code ${1:-}." >&2 @@ -31,7 +34,6 @@ bailout() { } - if ! [ -x "${target}/usr/sbin/update-pciids" ] && ! [ -x "${target}/usr/bin/update-pciids" ] ; then echo "Warning: update-pciids not installed (neither /usr/sbin/update-pciids nor /usr/bin/update-pciids exists" exit 0 diff --git a/etc/grml/fai/config/scripts/GRMLBASE/92-update-freshclam b/etc/grml/fai/config/scripts/GRMLBASE/92-update-freshclam index ac0b316e2..cfc6dbaba 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/92-update-freshclam +++ b/etc/grml/fai/config/scripts/GRMLBASE/92-update-freshclam @@ -19,6 +19,9 @@ fi set -u +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + bailout() { if [ "${1:-}" = "124" ] ; then echo "Warning: freshclam returned with exit code 124." >&2 @@ -37,7 +40,7 @@ bailout() { exit "${1:-0}" } -if ! [ -x $target/usr/bin/freshclam ] ; then +if ! [ -x "$target"/usr/bin/freshclam ] ; then echo "freshclam not installed" exit 0 fi diff --git a/etc/grml/fai/config/scripts/GRMLBASE/95-package-information b/etc/grml/fai/config/scripts/GRMLBASE/95-package-information index 05b9a330a..235be5880 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/95-package-information +++ b/etc/grml/fai/config/scripts/GRMLBASE/95-package-information @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + if ! [ -w "$LOGDIR" ] ; then echo "Error: can not write to ${LOGDIR}. Exiting.">&2 exit 1 @@ -17,7 +20,8 @@ else COLUMNS=200 $ROOTCMD dpkg --list > "${LOGDIR}"/dpkg.list COLUMNS=200 $ROOTCMD dpkg --get-selections > "${LOGDIR}"/dpkg.selections # store list of packages sorted by size: - if [ -x $target/usr/bin/dpkg-query ] ; then + if [ -x "$target"/usr/bin/dpkg-query ] ; then + # shellcheck disable=SC2016 # Embedded $ is correct. $ROOTCMD dpkg-query -W --showformat='${Package}\t${Installed-Size}\n' > \ "${LOGDIR}"/packages.size fi @@ -26,7 +30,7 @@ else echo "The following packages from the Debian non-free section are included in this release" \ > "${LOGDIR}"/nonfree-licenses.txt echo >> "${LOGDIR}"/nonfree-licenses.txt - for pkg in `$ROOTCMD aptitude search '~i ~snon-free' -F '%p'` ; do + for pkg in $($ROOTCMD aptitude search '~i ~snon-free' -F '%p') ; do echo "Package: ${pkg}" >> "${LOGDIR}"/nonfree-licenses.txt echo "========================================================================" \ >> "${LOGDIR}"/nonfree-licenses.txt diff --git a/etc/grml/fai/config/scripts/GRMLBASE/96-apt-listbugs b/etc/grml/fai/config/scripts/GRMLBASE/96-apt-listbugs index 499971497..196f7b08c 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/96-apt-listbugs +++ b/etc/grml/fai/config/scripts/GRMLBASE/96-apt-listbugs @@ -9,20 +9,23 @@ set -u set -e -if [ -r $target/etc/apt/apt.conf.d/10apt-listbugs ] ; then - if [ -x $target/usr/sbin/apt-listbugs ] ; then - sed -i 's#//DPkg::#DPkg::#' $target/etc/apt/apt.conf.d/10apt-listbugs +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +if [ -r "$target"/etc/apt/apt.conf.d/10apt-listbugs ] ; then + if [ -x "$target"/usr/sbin/apt-listbugs ] ; then + sed -i 's#//DPkg::#DPkg::#' "$target"/etc/apt/apt.conf.d/10apt-listbugs fi fi set +u if ifclass RELEASE ; then set -u - if [ -x $target/usr/sbin/apt-listbugs -a -x $target/usr/bin/apt-show-source ] && \ - [ -x $target/etc/apt/grml/listbugs ] ; then + if [ -x "$target"/usr/sbin/apt-listbugs ] && [ -x "$target"/usr/bin/apt-show-source ] && \ + [ -x "$target"/etc/apt/grml/listbugs ] ; then for severity in critical grave serious ; do SEVERITY=$severity $ROOTCMD /etc/apt/grml/listbugs > \ - $LOGDIR/bugs.${severity} || true # make sure it does not fail + "$LOGDIR/bugs.${severity}" || true # make sure it does not fail done fi diff --git a/etc/grml/fai/config/scripts/GRMLBASE/97-apt-listchanges b/etc/grml/fai/config/scripts/GRMLBASE/97-apt-listchanges index 02372dbd2..6e5f00c69 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/97-apt-listchanges +++ b/etc/grml/fai/config/scripts/GRMLBASE/97-apt-listchanges @@ -9,6 +9,9 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # Defaults: #apt-listchanges apt-listchanges/confirm boolean false #apt-listchanges apt-listchanges/email-address string root @@ -16,14 +19,14 @@ set -e #apt-listchanges apt-listchanges/frontend select pager #apt-listchanges apt-listchanges/save-seen boolean true -if [ -x $target/usr/bin/apt-listchanges ] ; then +if [ -x "$target"/usr/bin/apt-listchanges ] ; then echo 'apt-listchanges apt-listchanges/confirm boolean true' | $ROOTCMD debconf-set-selections echo 'apt-listchanges apt-listchanges/which select both' | $ROOTCMD debconf-set-selections fi -if [ -r $target/etc/apt/listchanges.conf ] ; then - sed -i "s/^which=news/which=both/" $target/etc/apt/listchanges.conf - sed -i "s/^confirm=0/confirm=1/" $target/etc/apt/listchanges.conf +if [ -r "$target"/etc/apt/listchanges.conf ] ; then + sed -i "s/^which=news/which=both/" "$target"/etc/apt/listchanges.conf + sed -i "s/^confirm=0/confirm=1/" "$target"/etc/apt/listchanges.conf fi ## END OF FILE ################################################################# diff --git a/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot b/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot index 51fc2a10d..587a52e66 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot +++ b/etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot @@ -9,17 +9,20 @@ set -u set -e -if ! ls $target/boot/config-* &>/dev/null ; then +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +if ! ls "$target"/boot/config-* &>/dev/null ; then echo "No kernel config files (/boot/config-*) found. No kernel-image package installed?" >&2 exit 1 fi echo "Creating ~/.zshrc" -touch $target/root/.zshrc +touch "$target"/root/.zshrc $ROOTCMD rm -f /etc/apt/apt.conf.d/90grml-apt-proxy.conf -if [ -x $target/usr/sbin/localepurge ] ; then +if [ -x "$target"/usr/sbin/localepurge ] ; then echo "Running localepurge" $ROOTCMD localepurge else @@ -44,7 +47,7 @@ if $ROOTCMD dpkg-divert --list | grep -q '/usr/sbin/grub-probe' ; then fi # revert udev workaround of hooks/updatebase.GRMLBASE -if grep -q 'updatebase.GRMLBASE' ${target}/etc/udev/kernel-upgrade 2>/dev/null ; then +if grep -q 'updatebase.GRMLBASE' "$target"/etc/udev/kernel-upgrade 2>/dev/null ; then echo "Removing /etc/udev/kernel-upgrade created by updatebase.GRMLBASE" $ROOTCMD rm -f /etc/udev/kernel-upgrade fi @@ -55,79 +58,77 @@ $ROOTCMD dpkg --clear-avail $ROOTCMD apt-cache gencaches 2>/dev/null $ROOTCMD apt-get clean -rm -f $target/var/lib/dpkg/status-old $target/var/lib/dpkg/available-old +rm -f "$target"/var/lib/dpkg/status-old "$target"/var/lib/dpkg/available-old -if ! [ -x $target/usr/bin/grep-dctrl ] ; then +if ! [ -x "$target"/usr/bin/grep-dctrl ] ; then echo "Warning: grep-dctrl not installed" else echo "Cleaning up /var/lib/dpkg/status" if $ROOTCMD grep-dctrl -v -F Status "purge ok not-installed" \ - /var/lib/dpkg/status > $target/var/lib/dpkg/status.new ; then - mv $target/var/lib/dpkg/status.new $target/var/lib/dpkg/status - chmod 644 $target/var/lib/dpkg/status - chown root:root $target/var/lib/dpkg/status + /var/lib/dpkg/status > "$target"/var/lib/dpkg/status.new ; then + mv "$target"/var/lib/dpkg/status.new "$target"/var/lib/dpkg/status + chmod 644 "$target"/var/lib/dpkg/status + chown root:root "$target"/var/lib/dpkg/status fi fi echo "Removing host ssh-keys" -rm -f $target/etc/ssh/*key* +rm -f "$target"/etc/ssh/*key* echo "Removing dbus machine-id" -rm -f $target/var/lib/dbus/machine-id +rm -f "$target"/var/lib/dbus/machine-id -if [ -d $target/var/spool/squid/ ] ; then +if [ -d "$target"/var/spool/squid/ ] ; then echo "Cleaning /var/spool/squid/0*" - rm -rf $target/var/spool/squid/0* + rm -rf "$target"/var/spool/squid/0* fi echo "Cleaning and removing some misc files and directories" -find $target/etc -type f -name *.pre_fcopy -delete -find $target/etc -type l -name *.pre_fcopy -delete -rm -rf --one-file-system $target/etc/sysconfig/* \ - $target/etc/motd.dpkg-* $target/etc/auto.master.*dpkg* \ - $target/etc/samba/*.SID $target/etc/samba/*.tdb \ - $target/var/log/ksymoops/* \ - $target/var/state/* $target/var/log/nessus/* \ - $target/halt $target/reboot $target/ash.static \ - $target/etc/dhcpc/*.info $target/etc/dhcpc/resolv* \ - $target/etc/*passwd- $target/etc/*shadow- \ - $target/etc/*group- $target/var/spool/postfix/maildrop/* \ - $target/etc/*.old $target/etc/*.original \ - $target/etc/lvm/.cache $target/etc/lvm/cache/.cache \ - $target/etc/lvm/backup/* $target/tmp/* \ - $target/var/tmp/* $target/var/backups/* \ - $target/var/lib/mysql $target/var/log/lilo_log.* $target/core* \ - $target/etc/blkid.tab +find "$target"/etc -type f -name '*.pre_fcopy' -delete +find "$target"/etc -type l -name '*.pre_fcopy' -delete +rm -rf --one-file-system "$target"/etc/sysconfig/* \ + "$target"/etc/motd.dpkg-* "$target"/etc/auto.master.*dpkg* \ + "$target"/etc/samba/*.SID "$target"/etc/samba/*.tdb \ + "$target"/var/log/ksymoops/* \ + "$target"/var/state/* "$target"/var/log/nessus/* \ + "$target"/halt "$target"/reboot "$target"/ash.static \ + "$target"/etc/dhcpc/*.info "$target"/etc/dhcpc/resolv* \ + "$target"/etc/*passwd- "$target"/etc/*shadow- \ + "$target"/etc/*group- "$target"/var/spool/postfix/maildrop/* \ + "$target"/etc/*.old "$target"/etc/*.original \ + "$target"/etc/lvm/.cache "$target"/etc/lvm/cache/.cache \ + "$target"/etc/lvm/backup/* "$target"/tmp/* \ + "$target"/var/tmp/* "$target"/var/backups/* \ + "$target"/var/lib/mysql "$target"/var/log/lilo_log.* "$target"/core* \ + "$target"/etc/blkid.tab # remove only "temporary" or saved files in the given directories nuke(){ - for i in $(find "$@" -name \*.gz -o -name \*.bz2 -o -name \*.xz -o -name \*.0 2>/dev/null); do - rm -f --one-file-system "$i" - done + find "$@" \( -name "*.gz" -o -name "*.bz2" -o -name "*.xz" -o -name "*.0" \) -delete } # set all files in the given directories to a length of zero zero(){ - for i in $(find "$@" -type f -size +0 -not -name \*.ini -not -path '*/fai/*' -not -name install_packages.list 2>/dev/null); do - :> "$i" - done + while IFS= read -r -d '' file ; do + :> "$file" + done < <(find "$@" -type f -size +0 -not -name \*.ini -not -path '*/fai/*' -not -name install_packages.list -print0 2>/dev/null) } echo "Removing possible leftovers from update-pciids runs" rm -f "${target}"/wget-log* echo "Cleaning log and cache directories" -nuke ${target}/var/log ${target}/var/cache -zero ${target}/var/account/pacct \ - ${target}/var/cache/man \ - ${target}/var/lib/games \ - ${target}/var/lib/nfs \ - ${target}/var/lib/xkb \ - ${target}/var/local \ - ${target}/var/log \ - ${target}/var/mail/grml - -if ! [ -x $target/usr/sbin/update-ca-certificates ] ; then +nuke "$target"/var/log "$target"/var/cache +zero "$target"/var/account/pacct \ + "$target"/var/cache/man \ + "$target"/var/lib/games \ + "$target"/var/lib/nfs \ + "$target"/var/lib/xkb \ + "$target"/var/local \ + "$target"/var/log \ + "$target"/var/mail/grml + +if ! [ -x "$target"/usr/sbin/update-ca-certificates ] ; then echo "Warning: update-ca-certificates not installed" else echo "Updating ca-certificates" @@ -135,21 +136,21 @@ else fi # regenerate ls.so.cache -if ! [ -x $target/sbin/ldconfig ] ; then +if ! [ -x "$target"/sbin/ldconfig ] ; then echo "Warning: ldconfig not installed" else echo "Updating ld.so.cache" $ROOTCMD ldconfig fi -if ! [ -x $target/usr/bin/update-menus ] ; then +if ! [ -x "$target"/usr/bin/update-menus ] ; then echo "Warning: update-menus not installed" else echo "Updating windowmanager menus" $ROOTCMD update-menus -v fi -if ! [ -x $target/usr/bin/mandb ] ; then +if ! [ -x "$target"/usr/bin/mandb ] ; then echo "Warning: mandb not installed" else echo "Updating mandb" @@ -157,52 +158,53 @@ else $ROOTCMD man doesnotexist >/dev/null 2>&1 || true fi -if ! [ -d $target/var/lib/clamav/ ] ; then +if ! [ -d "$target"/var/lib/clamav/ ] ; then echo "Warning: clamav[-freshclam] not installed" else echo "Cleaning /var/lib/clamav/" $ROOTCMD rm -rf /var/lib/clamav/clamav-* echo "Setting up daily.cvd and main.cvd symlinks" - if [ -f $target/var/lib/clamav/daily.cvd ] ; then - mkdir -p $target/usr/share/doc/clamav-freshclam/examples/ - ln -sf /var/lib/clamav/daily.cvd $target/usr/share/doc/clamav-freshclam/examples/ - ln -sf /var/lib/clamav/main.cvd $target/usr/share/doc/clamav-freshclam/examples/ + if [ -f "$target"/var/lib/clamav/daily.cvd ] ; then + mkdir -p "$target"/usr/share/doc/clamav-freshclam/examples/ + ln -sf /var/lib/clamav/daily.cvd "$target"/usr/share/doc/clamav-freshclam/examples/ + ln -sf /var/lib/clamav/main.cvd "$target"/usr/share/doc/clamav-freshclam/examples/ fi fi -if ! [ -r $target/etc/ld.so.nohwcap ] ; then +if ! [ -r "$target"/etc/ld.so.nohwcap ] ; then echo "Creating /etc/ld.so.nohwcap" - touch $target/etc/ld.so.nohwcap + touch "$target"/etc/ld.so.nohwcap fi -if ! [ -d $target/etc/resolvconf ] ; then +if ! [ -d "$target"/etc/resolvconf ] ; then echo "Warning: resolvconf not installed" else echo "Setting up resolvconf" - rm -f "${target}"/etc/resolvconf/resolv.conf.d/original - rm -f "${target}"/etc/resolv.conf + rm -f "$target"/etc/resolvconf/resolv.conf.d/original + rm -f "$target"/etc/resolv.conf # avoid "/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a # symbolic link to /etc/resolvconf/run/resolv.conf" for resolvconf versions # before 1.80 + # shellcheck disable=SC2016 # Embedded $ is correct. RESOLVCONF_VERSION=$($ROOTCMD dpkg-query -W -f='${Version}\n' resolvconf || true) echo "-> Identified resolvconf version '${RESOLVCONF_VERSION}'" if dpkg --compare-versions "${RESOLVCONF_VERSION}" lt 1.80 ; then echo "-> Installing resolvconf symlink for versions <1.80" - ln -s /etc/resolvconf/run/resolv.conf "${target}"/etc/resolv.conf + ln -s /etc/resolvconf/run/resolv.conf "$target"/etc/resolv.conf else echo "-> Installing resolvconf symlink for versions >=1.80" - ln -s /run/resolvconf/resolv.conf "${target}"/etc/resolv.conf + ln -s /run/resolvconf/resolv.conf "$target"/etc/resolv.conf fi fi # make sure we don't leak any mdadm configurations # that are present on the build system to the live system -if [ -f "${target}/etc/mdadm/mdadm.conf" ] ; then +if [ -f "$target/etc/mdadm/mdadm.conf" ] ; then echo "Found /etc/mdadm/mdadm.conf, getting rid of any possible enabled ARRAY settings." - sed -i '/^ARRAY/d' "${target}/etc/mdadm/mdadm.conf" + sed -i '/^ARRAY/d' "$target"/etc/mdadm/mdadm.conf fi if ! $ROOTCMD test -x /usr/bin/updatedb ; then @@ -212,9 +214,9 @@ else $ROOTCMD updatedb --prunepaths='/tmp /usr/tmp /var/tmp /grml /root /proc /sys' fi -if [ -r "${target}/etc/machine-id" ] ; then +if [ -r "$target"/etc/machine-id ] ; then echo "Removing /etc/machine-id generated by systemd" - rm -f "$target/etc/machine-id" + rm -f "$target"/etc/machine-id fi ## END OF FILE ################################################################# diff --git a/etc/grml/fai/config/scripts/GRMLBASE/99-finish-grml-build b/etc/grml/fai/config/scripts/GRMLBASE/99-finish-grml-build index 0f1b9d6d4..0b8ef8915 100755 --- a/etc/grml/fai/config/scripts/GRMLBASE/99-finish-grml-build +++ b/etc/grml/fai/config/scripts/GRMLBASE/99-finish-grml-build @@ -9,18 +9,21 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + # Restore original state from softupdate: -if [ -r $target/etc/policy-rc.d.conf ] ; then - sed -i "s/EXITSTATUS='101'/EXITSTATUS='0'/" $target/etc/policy-rc.d.conf +if [ -r "$target"/etc/policy-rc.d.conf ] ; then + sed -i "s/EXITSTATUS='101'/EXITSTATUS='0'/" "$target"/etc/policy-rc.d.conf fi # remove an existing /etc/debian_chroot file: -if [ -r $target/etc/debian_chroot ] ; then - rm -f $target/etc/debian_chroot +if [ -r "$target"/etc/debian_chroot ] ; then + rm -f "$target"/etc/debian_chroot fi # /etc/grml_cd makes the live system recognizable as a live system -touch $target/etc/grml_cd +touch "$target"/etc/grml_cd ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/GRML_SMALL/90-update-alternatives b/etc/grml/fai/config/scripts/GRML_SMALL/90-update-alternatives index afd440d57..abaabd853 100755 --- a/etc/grml/fai/config/scripts/GRML_SMALL/90-update-alternatives +++ b/etc/grml/fai/config/scripts/GRML_SMALL/90-update-alternatives @@ -9,13 +9,16 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + ## Editor: # Too many people don't expect to get that, so use it only for grml-small # avoid "debug: unbound variable": set +u if ifclass GRML_SMALL ; then set -u - if [ -r $target/usr/bin/vim.tiny ] ; then + if [ -r "$target"/usr/bin/vim.tiny ] ; then # update-alternates does not work without /usr/share/man because # it configures (in our case non-existent) manpages as well :-/ # $ROOTCMD update-alternatives --set editor /usr/bin/vim.tiny diff --git a/etc/grml/fai/config/scripts/GRML_SMALL/98-clean-chroot b/etc/grml/fai/config/scripts/GRML_SMALL/98-clean-chroot index 6e197e6ff..0cd44f95f 100755 --- a/etc/grml/fai/config/scripts/GRML_SMALL/98-clean-chroot +++ b/etc/grml/fai/config/scripts/GRML_SMALL/98-clean-chroot @@ -9,12 +9,15 @@ set -e set -u +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + echo "Removing /usr/share/ssh/blacklist.*" -rm -f $target/usr/share/ssh/blacklist.DSA-1024 $target/usr/share/ssh/blacklist.RSA-2048 +rm -f "$target"/usr/share/ssh/blacklist.DSA-1024 "$target"/usr/share/ssh/blacklist.RSA-2048 echo "Cleaning documentation directories" -if [ -d $target/usr/share/doc/grml-docs ] ; then - mv $target/usr/share/doc/grml-docs $target/tmp/ +if [ -d "$target"/usr/share/doc/grml-docs ] ; then + mv "$target"/usr/share/doc/grml-docs "$target"/tmp/ fi ## END OF FILE ################################################################# diff --git a/etc/grml/fai/config/scripts/LATEX/98-clean-chroot b/etc/grml/fai/config/scripts/LATEX/98-clean-chroot index d407c9210..004d57ea5 100755 --- a/etc/grml/fai/config/scripts/LATEX/98-clean-chroot +++ b/etc/grml/fai/config/scripts/LATEX/98-clean-chroot @@ -9,14 +9,17 @@ set -u set -e -rm -rf ${target}/usr/share/doc/texlive-latex-recommended/latex/ \ - ${target}/usr/share/doc/texlive-latex-base/latex/ \ - ${target}/usr/share/doc/texlive-base-bin/pdftex/thanh/ \ - ${target}/usr/share/doc/texlive-latex-base/latex/base/ \ - ${target}/usr/share/doc/texlive-latex-base/latex/hyperref/ \ - ${target}/usr/share/doc/texlive-latex-base/generic/babel/ \ - ${target}/usr/share/doc/texlive-latex-recommended/latex/koma-script/ \ - ${target}/usr/share/doc/texmf/pgf/pgfmanual.pdf.gz +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +rm -rf "${target}"/usr/share/doc/texlive-latex-recommended/latex/ \ + "${target}"/usr/share/doc/texlive-latex-base/latex/ \ + "${target}"/usr/share/doc/texlive-base-bin/pdftex/thanh/ \ + "${target}"/usr/share/doc/texlive-latex-base/latex/base/ \ + "${target}"/usr/share/doc/texlive-latex-base/latex/hyperref/ \ + "${target}"/usr/share/doc/texlive-latex-base/generic/babel/ \ + "${target}"/usr/share/doc/texlive-latex-recommended/latex/koma-script/ \ + "${target}"/usr/share/doc/texmf/pgf/pgfmanual.pdf.gz ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2 diff --git a/etc/grml/fai/config/scripts/RELEASE/98-clean-chroot b/etc/grml/fai/config/scripts/RELEASE/98-clean-chroot index 626267f1d..6e1bfa931 100755 --- a/etc/grml/fai/config/scripts/RELEASE/98-clean-chroot +++ b/etc/grml/fai/config/scripts/RELEASE/98-clean-chroot @@ -8,32 +8,37 @@ set -u set -e + +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" echo "Removing /var/lib/apt/lists/*-stuff, dpkg-status-old and pkgcache.bin" -rm -f $target/var/lib/apt/lists/*Packages \ - $target/var/lib/apt/lists/*Release \ - $target/var/lib/apt/lists/*Sources \ - $target/var/lib/apt/lists/*Index* \ - $target/var/lib/apt/lists/*Translation* \ - $target/var/lib/apt/lists/*.gpg \ - $target/var/cache/apt-show-versions/* \ - $target/var/cache/debconf/*.dat-old \ - $target/var/cache/apt/*.bin +rm -f "$target"/var/lib/apt/lists/*Packages \ + "$target"/var/lib/apt/lists/*Release \ + "$target"/var/lib/apt/lists/*Sources \ + "$target"/var/lib/apt/lists/*Index* \ + "$target"/var/lib/apt/lists/*Translation* \ + "$target"/var/lib/apt/lists/*.gpg \ + "$target"/var/cache/apt-show-versions/* \ + "$target"/var/cache/debconf/*.dat-old \ + "$target"/var/cache/apt/*.bin echo "Removing /var/lib/aptitude/pkgstates.old" -rm -f "${target}/var/lib/aptitude/pkgstates.old" +rm -f "$target"/var/lib/aptitude/pkgstates.old # Remove all FAI logs from chroot via grml-live later then echo "Setting up /etc/grml_fai_release for grml-live" -touch $target/etc/grml_fai_release +touch "$target"/etc/grml_fai_release echo "Removing all files inside /root" -rm -rf $target/root -mkdir -m 0755 $target/root +rm -rf "$target"/root +mkdir -m 0755 "$target"/root echo "Removing all files inside /home/${USERNAME}" -rm -rf "${target}/home/${USERNAME}" +rm -rf "${target}/home/${USERNAME:?}" mkdir -m 0755 "${target}/home/${USERNAME}" $ROOTCMD chown "${USERNAME}:${USERNAME}" "/home/${USERNAME}" diff --git a/etc/grml/fai/config/scripts/RELEASE/99-update-wallpaper b/etc/grml/fai/config/scripts/RELEASE/99-update-wallpaper index 675f63a2d..564b93f81 100755 --- a/etc/grml/fai/config/scripts/RELEASE/99-update-wallpaper +++ b/etc/grml/fai/config/scripts/RELEASE/99-update-wallpaper @@ -6,6 +6,10 @@ # License: This file is licensed under the GPL v2 or any later version. ################################################################################ +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + +# shellcheck source=/dev/null . "$GRML_LIVE_CONFIG" FONTFILE=${FONTFILE:-/usr/share/grml-live/fonts/graphicoreBitmapFont0-Light.otf} @@ -33,6 +37,5 @@ fi convert "$GRML_BG" -gravity center \ -fill white -font "$FONTFILE" \ - -pointsize $TITLE_FONTSIZE \ + -pointsize "$TITLE_FONTSIZE" \ -draw "text 0,0 \"$VERSION\"" "$GRML_WALLPAPER" - diff --git a/etc/grml/fai/config/scripts/REMOVE_DOCS/98-clean-chroot b/etc/grml/fai/config/scripts/REMOVE_DOCS/98-clean-chroot index 289bb13e1..549c06936 100755 --- a/etc/grml/fai/config/scripts/REMOVE_DOCS/98-clean-chroot +++ b/etc/grml/fai/config/scripts/REMOVE_DOCS/98-clean-chroot @@ -8,26 +8,29 @@ set -u set -e +# FAI sets $target, but shellcheck does not know that. +target=${target:?} + echo "Cleaning documentation directories" -if [ -d $target/usr/share/doc/grml-docs ] ; then - mv $target/usr/share/doc/grml-docs $target/tmp/ +if [ -d "$target"/usr/share/doc/grml-docs ] ; then + mv "$target"/usr/share/doc/grml-docs "$target"/tmp/ fi -rm -rf $target/usr/share/doc -mkdir $target/usr/share/doc +rm -rf "$target"/usr/share/doc +mkdir "$target"/usr/share/doc -if [ -d $target/tmp/grml-docs ] ; then - mv $target/tmp/grml-docs $target/usr/share/doc/grml-docs +if [ -d "$target"/tmp/grml-docs ] ; then + mv "$target"/tmp/grml-docs "$target"/usr/share/doc/grml-docs fi -rm -rf $target/usr/share/gtk-doc/ \ - $target/usr/share/man/ \ - $target/usr/man \ - $target/usr/share/info \ - $target/var/cache/man/* +rm -rf "$target"/usr/share/gtk-doc/ \ + "$target"/usr/share/man/ \ + "$target"/usr/man \ + "$target"/usr/share/info \ + "$target"/var/cache/man/* echo "Creating /usr/share/info/..." -mkdir -p $target/usr/share/info/ +mkdir -p "$target"/usr/share/info/ ## END OF FILE ################################################################# # vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2