V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-08-07 00:07:10 +02:00
parent 91ca75e45a
commit 2fdde3cca8
6 changed files with 41 additions and 21 deletions
--- a/func/cdi_4200_boot/4220_installation_cryptsetup.sh
+++ b/func/cdi_4200_boot/4220_installation_cryptsetup.sh
@@ -36,6 +36,8 @@ installation_cryptsetup() {
    echo ExitCode: $? >> '"${var_logfile}"'
  '

+  do_log "info" "file_only" "4220() Installation [cryptsetup cryptsetup-initramfs] successful."
+
  return 0
 }
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
--- a/func/cdi_4200_boot/4250_update_grub_bootparameter.sh
+++ b/func/cdi_4200_boot/4250_update_grub_bootparameter.sh
@@ -61,7 +61,8 @@ update_grub_bootparameter() {

  do_in_target "${TARGET}" update-grub

-  do_log "info" "file_only" "4250() Setting GRUB kernel parameters: ${VAR_GRUB_CMDLINE_LINUX_DEFAULT}"
+  do_log "info" "file_only" "4250() Setting GRUB_CMDLINE_LINUX_DEFAULT: ${VAR_GRUB_CMDLINE_LINUX_DEFAULT}"
+  do_log "info" "file_only" "4250() Setting GRUB_CMDLINE_LINUX: ${VAR_GRUB_CMDLINE_LINUX}"

  return 0
 }
--- a/func/cdi_4300_network/4300_installation_network.sh
+++ b/func/cdi_4300_network/4300_installation_network.sh
@@ -44,7 +44,7 @@ installation_network() {
  declare     var_supersede="" var_supersede_ipv6=""

  do_in_target "${TARGET}" apt-get install -y isc-dhcp-client ifupdown
-  mkdir -p "${TARGET}/etc/network/interfaces/interfaces.d"
+  mkdir -p "${TARGET}/etc/network/interfaces.d"

  ### Create a network configuration file header.
  if [[ -f "${TARGET}/etc/network/interfaces" ]]; then
@@ -94,7 +94,7 @@ EOF
    # For systems with dynamic or removable network devices (e.g., laptops or USB adapters).
    # To avoid boot delays when interfaces are unavailable.

-    cat << EOF >| "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-dhcp"
+    cat << EOF >| "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
 # SPDX-Version: 3.0
 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
 # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
@@ -116,12 +116,12 @@ iface ${VAR_FINAL_NIC} inet dhcp

 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF
-    chmod 0644 "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-dhcp"
+    chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
    do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."

  elif [[ "${network_autoconfig_enable}" == "true" && "${network_choose_interface_auto}" == "false" ]]; then

-    cat << EOF >| "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-dhcp"
+    cat << EOF >| "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
 # SPDX-Version: 3.0
 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
 # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
@@ -143,7 +143,7 @@ iface ${VAR_FINAL_NIC} inet dhcp

 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF
-    chmod 0644 "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-dhcp"
+    chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv4-dhcp"
    do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."

  fi
@@ -151,7 +151,7 @@ EOF
  if [[ "${network_autoconfig_enable}" == "false" ]]; then

    # shellcheck disable=SC2153
-    cat << EOF >| "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-static"
+    cat << EOF >| "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
 # SPDX-Version: 3.0
 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
 # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
@@ -177,7 +177,7 @@ iface ${VAR_FINAL_NIC} inet static

 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF
-    chmod 0644  "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv4-static"
+    chmod 0644  "${TARGET}/etc/network/interfaces.d/10-ipv4-static"
    do_log "info" "file_only" "4300() IPv4 on the primary NIC: '${VAR_FINAL_NIC}' configured statically."

  fi
@@ -185,7 +185,7 @@ EOF
  ### Configure network interfaces based on 'preseed.yaml' and create network configuration files for IPv6.
  if [[ "${network_autoconfig_enable}" == "true" && "${VAR_LINK_IPV6}" == "true" ]]; then

-    cat << EOF >| "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv6-dhcp"
+    cat << EOF >| "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
 # SPDX-Version: 3.0
 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
 # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
@@ -207,7 +207,7 @@ iface ${VAR_FINAL_NIC} inet6 dhcp

 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF
-    chmod 0644 "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv6-dhcp"
+    chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv6-dhcp"
    do_log "info" "file_only" "4300() IPv6 on the primary NIC: '${VAR_FINAL_NIC}' configured with DHCP."

  fi
@@ -215,7 +215,7 @@ EOF
  if [[ "${network_autoconfig_enable}" == "false" && -n "${network_static_ipv6address}" ]]; then

    # shellcheck disable=SC2153
-    cat << EOF >| "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv6-static"
+    cat << EOF >| "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
 # SPDX-Version: 3.0
 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; <msw@coresecret.dev>
 # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git
@@ -236,7 +236,7 @@ iface ${VAR_FINAL_NIC} inet6 static

 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF
-    chmod 0644 "${TARGET}/etc/network/interfaces/interfaces.d/10-ipv6-static"
+    chmod 0644 "${TARGET}/etc/network/interfaces.d/10-ipv6-static"
    do_log "info" "file_only" "4300() IPv6 on the primary NIC: '${VAR_FINAL_NIC}' configured statically."

  fi
--- a/func/cdi_4300_network/4310_dropbear_build.sh
+++ b/func/cdi_4300_network/4310_dropbear_build.sh
@@ -21,10 +21,11 @@ guard_sourcing
 # Arguments:
 #   None
 # Returns:
-#   ERR_PATH_NOT_VALID
 #   0: on success
+#   ERR_PATH_NOT_VALID
 #######################################
 dropbear_build() {
+  ### Declare Arrays, HashMaps, and Variables.
  declare var_dropbear_version="2025.88"
  declare var_tar="${VAR_SETUP_PATH}/upgrades/dropbear/dropbear-${var_dropbear_version}.tar.bz2"
  declare var_build_dir="${DIR_TMP}/build/dropbear-${var_dropbear_version}"
@@ -54,7 +55,7 @@ dropbear_build() {
  # shellcheck disable=2312
  make -j"$(nproc)"

-  do_log "info" "file_only" "Ultra Hardened dropbear-2025.88 build successfully from sources."
+  do_log "info" "file_only" "4310() Ultra Hardened [dropbear-${var_dropbear_version}] build successfully from sources."

  return 0
 }
--- a/func/cdi_4300_network/4311_dropbear_initramfs.sh
+++ b/func/cdi_4300_network/4311_dropbear_initramfs.sh
@@ -23,9 +23,23 @@ guard_sourcing
 #   0: on success
 #######################################
 dropbear_initramfs() {
-  declare var_file
-  do_in_target "${TARGET}" apt-get install -y dropbear-initramfs
-  do_in_target "${TARGET}" apt-mark hold -y dropbear dropbear-initramfs
+  ### Declare Arrays, HashMaps, and Variables.
+  declare     var_file=""
+  declare -r  var_logfile="/root/.ciss/cdi/log/4311_dropbear_initramfs.log"
+
+  touch "${TARGET}${var_logfile}" && chmod 0600 "${TARGET}${var_logfile}"
+
+  do_in_target_script "${TARGET}" '
+    export INITRD=No
+    apt-get install -y --no-install-recommends --no-install-suggests dropbear dropbear-initramfs 2>&1 | tee -a '"${var_logfile}"'
+    echo ExitCode: $? >> '"${var_logfile}"'
+  '
+
+  do_in_target_script "${TARGET}" '
+    export INITRD=No
+    apt-mark hold -y dropbear dropbear-initramfs 2>&1 | tee -a '"${var_logfile}"'
+    echo ExitCode: $? >> '"${var_logfile}"'
+  '

  mv "${TARGET}/usr/sbin/dropbear" "${TARGET}/usr/sbin/dropbear.2022.83"
  install -D -m 0755 -o root -g root "${DIR_TMP}/build/dropbear-2025.88/dropbear" "${TARGET}/usr/sbin/"
@@ -35,6 +49,8 @@ dropbear_initramfs() {
    install -D -m 0755 -o root -g root "${DIR_TMP}/build/dropbear-2025.88/${var_file}" "${TARGET}/usr/bin/"
  done

+  do_log "info" "file_only" "4311() Installation [dropbear dropbear-initramfs] successful."
+
  return 0
 }
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
--- a/func/cdi_4300_network/4312_dropbear_setup.sh
+++ b/func/cdi_4300_network/4312_dropbear_setup.sh
@@ -128,12 +128,12 @@ ${var_modules}
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
 EOF

-  ### Install the script to be called inside initramfs environment for preparing dropbear execution.
+  ### Install the script to be called inside the initramfs environment for preparing dropbear execution.
  do_in_target "${TARGET}" mv /usr/share/initramfs-tools/scripts/init-premount/dropbear /usr/share/initramfs-tools/scripts/init-premount/dropbear.2022.83
  install -D -m 0755 -o root -g root "${VAR_SETUP_PATH}/includes/usr/share/initramfs-tools/scripts/init-premount/dropbear" \
    "${TARGET}/includes/usr/share/initramfs-tools/scripts/init-premount/"

-  ### Install the variable file to be called inside initramfs environment for setting up dropbear firewall.
+  ### Install the variable file to be called inside the initramfs environment for setting up dropbear firewall.
  install -D -m 0600 -o root -g root "${VAR_SETUP_PATH}/includes/initramfs-tools/files/dropbear_fw.cnf" \
    "${TARGET}/includes/initramfs-tools/files/dropbear_fw.conf"

@@ -217,7 +217,7 @@ DROPBEAR_OPTIONS="-b /etc/dropbear/banner -c /usr/local/bin/unlock_wrapper.sh -E
 #DROPBEAR_SHUTDOWN_TIMEOUT=60
 EOF

-  do_log "info" "file_only" "Written: '${TARGET}/etc/dropbear/initramfs/dropbear.conf'."
+  do_log "info" "file_only" "4312() Written: '${TARGET}/etc/dropbear/initramfs/dropbear.conf'."
  return 0
 }