msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m0s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-07-27 23:14:35 +02:00
parent cbb9f6cec0
commit 0fe2a74bf0
11 changed files with 73 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
func/system/4040_generate_fstab.sh
View File

@@ -28,7 +28,7 @@ guard_sourcing
write_fstab() {
declare _uuid="$1" _path="$2" _fs="$3" _opts="$4" _pass="$5"
printf "UUID=%s %s %s %s 0 %s\n" "${_uuid}" "${_path}" "${_fs}" "${_opts}" "${_pass}" >> "${TARGET}/etc/fstab"
do_log "info" "file_only" "fstab entry generated: 'UUID=${_uuid} ${_path} ${_fs} ${_opts} 0 ${_pass}'."
do_log "info" "file_only" "4040() fstab entry generated: [UUID=${_uuid} ${_path} ${_fs} ${_opts} 0 ${_pass}]."
return 0
}
@@ -52,18 +52,30 @@ generate_fstab() {
chmod 0600 "${TARGET}/etc/fstab"
cat << 'EOF' >> "${TARGET}/etc/fstab"
# SPDX-Version: 3.0
# SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
# SPDX-FileType: SOURCE
# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.installer
# SPDX-Security-Contact: security@coresecret.eu
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this may be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
# Use 'blkid' to print the universally unique identifier for a device; this may be used with [UUID=] as a more robust way to
# name devices that work even if disks are added and removed. See fstab(5).
#
# systemd generates mount units based on this file, see systemd.mount(5).
# Please run 'systemctl daemon-reload' after making changes here.
# 'systemd' generates mount units based on this file. See systemd.mount(5). Please run 'systemctl daemon-reload' after making
# changes here.
#
# <file system> <mount point> <type> <options> <dump> <pass>
# Secure tmpfs mounts for a hardened system
### Secure tmpfs mounts for a hardened system
# Mount the proc filesystem to provide process and kernel information
proc /proc proc nodev,nosuid,noexec,hidepid=2 0 0
# Mount sysfs to expose kernel device information to user space