V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-10-07 17:27:17 +01:00
parent 914539f166
commit 72dcf355d9
17 changed files with 100 additions and 45 deletions
--- a/func/cdi_3200_partitioning/3200_partitioning.sh
+++ b/func/cdi_3200_partitioning/3200_partitioning.sh
@@ -306,16 +306,22 @@ partitioning() {
      udevadm settle

      for i in {1..10}; do
+
        var_uuid=$(blkid -s PARTUUID -o value "/dev/${var_dev}${var_part}") && [[ -n "${var_uuid}" ]] && break
        sleep 0.25
+
      done

      if [[ -z "${var_uuid}" ]]; then
+
        do_log "fatal" "file_only" "3200() Partition: '/dev/${var_dev}${var_part}' could not read PARTUUID."
        return "${ERR_PART_READ}"
+
      else
+
        HMP_PATH_PARTUUID["${var_mount_path}"]="${var_uuid}"
        do_log "debug" "file_only" "3200() [HMP_PATH_PARTUUID]: '${var_mount_path}' -> '${HMP_PATH_PARTUUID["${var_mount_path}"]}'."
+
      fi

      ### Gathering information for forthcoming modules 32n0().
@@ -339,17 +345,21 @@ partitioning() {

      ### Gathering information for '/etc/fstab'-generation in 4200().
      if [[ "${var_mount_true}" == "true" ]]; then
+
        # shellcheck disable=SC2034
        ARY_FSTAB_MOUNT_PATHS+=("${var_mount_path}")
        do_log "debug" "file_only" "3200() [ARY_FSTAB_MOUNT_PATHS]: '${var_mount_path}'."
        HMP_FSTAB_MOUNT_FTYPE["${var_mount_path}"]="${var_fs}"
        do_log "debug" "file_only" "3200() [HMP_FSTAB_MOUNT_FTYPE]: '${var_mount_path}' -> '${HMP_FSTAB_MOUNT_FTYPE["${var_mount_path}"]}'."
+
      fi

      ### Gathering information for '/etc/initramfs-tools/conf.d/fsroot'-generation in 4121().
      if [[ "${var_mount_path}" == "/" ]]; then
+
        # shellcheck disable=SC2034
        VAR_ROOT_FS="${var_fs}"
+
      fi

    done
--- a/func/cdi_3200_partitioning/3220_partition_encryption.sh
+++ b/func/cdi_3200_partitioning/3220_partition_encryption.sh
@@ -141,15 +141,6 @@ partition_encryption() {

          var_filesystem_label=$(get_label "${var_encryption_path}" "${var_fs}" "file")

-          #mkfs.ext4 -L "${var_filesystem_label}" "/dev/${var_dev}" 1M
-          #do_log "info" "file_only" "3220() Ephemeral: '${var_encryption_path}' prepared on: '/dev/${var_dev}'."
-
-          #var_fs_uuid=$(blkid -s UUID -o value "/dev/${var_dev}")
-          ### Gathering information for '/etc/fstab'-generation in 4040() and '/etc/crypttab'-generation in 4060().
-          # shellcheck disable=SC2034
-          #HMP_PATH_FSUUID["${var_encryption_path}"]="${var_fs_uuid}"
-          #do_log "debug" "file_only" "3220() [HMP_PATH_FSUUID]       : '${var_encryption_path}' -> '${HMP_PATH_FSUUID["${var_encryption_path}"]}'"
-
          HMP_EPHEMERAL_ENCLABEL["${var_encryption_path}"]="${var_encryption_label}"
          HMP_EPHEMERAL_FS_LABEL["${var_encryption_path}"]="${var_filesystem_label}"

--- a/func/cdi_3200_partitioning/3240_partition_formatting.sh
+++ b/func/cdi_3200_partitioning/3240_partition_formatting.sh
@@ -139,4 +139,7 @@ partition_formatting() {

  guard_dir && return 0
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f partition_formatting
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
--- a/func/cdi_3200_partitioning/3280_mount_partition.sh
+++ b/func/cdi_3200_partitioning/3280_mount_partition.sh
@@ -15,7 +15,6 @@ guard_sourcing
 #######################################
 # Function to create the mount command, incl. mount path and options, and mount the respective device.
 # Globals:
-#   ERR_MOUNTING_DEV
 #   TARGET
 # Arguments:
 #   1: MOUNT_PATH
@@ -24,6 +23,7 @@ guard_sourcing
 #   4: MOUNT_FILESYSTEM
 # Returns:
 #   0: on success
+#   ERR_MOUNTING_DEV: on failure
 #######################################
 mount_with_dir() {
  declare var_mount_path="${1}" var_mount_device="${2}" var_mount_options="${3:-}" var_mount_fs="${4:-}"
@@ -60,7 +60,7 @@ mount_with_dir() {
  ### Already absolute path.
  elif [[ "${var_mount_device}" == /dev/* ]]; then

-    : ### Do nothing
+    : ### Do nothing.

  ### Alternative checks for LABEL and PARTUUID.
  else
@@ -104,16 +104,23 @@ mount_with_dir() {

  return 0
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f mount_with_dir

 #######################################
 # Device Path Resolver.
 # Outputs '/dev/mapper/<encryption_label>'
 # Outputs '/dev/<dev><partition>'
+# Globals:
+#   none
 # Arguments:
 #   1: Device
 #   2: Partition
 #   3: Boolean Encryption
 #   4: Encryption Label
+# Returns:
+#   0: on success
 #######################################
 resolve_device() {
  declare local_var_dev="$1" local_var_partition="$2" local_var_enc_boolean="$3" local_var_enc_label="$4"
@@ -130,15 +137,20 @@ resolve_device() {

  return 0
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f resolve_device

 #######################################
 # Validates btrfs compression algo and level.
+# Globals:
+#   none
 # Arguments:
 #   1: var_fs_btrfs_compress
 #   2: var_fs_btrfs_level
 # Returns:
 #   0: Valid combination.
-#   1: Invalid combination.
+#   ERR_BTRFS_OPTION: on failure
 #######################################
 validate_btrfs_compression() {
  declare var_algo="$1" var_level="$2"
@@ -151,19 +163,20 @@ validate_btrfs_compression() {

  esac
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f validate_btrfs_compression

 #######################################
 # Function for mounting all partitions for debootstrap, including the generation of btrfs subvolumes.
 # Globals:
+#   ARY_CRYPT_MOUNT_PATHS
 #   ARY_PATHS_SORTED
 #   DIR_LOG
-#   ERR_BTRFS_INITPH
-#   ERR_BTRFS_OPTION
-#   ERR_BTRFS_SUBVOL
-#   ERR_MOUNTING_DEV
 #   HMP_FSTAB_MOUNT_OPTS
 #   HMP_PATH_DEV_PART
 #   HMP_PATH_FSUUID
+#   HMP_PATH_PARTUUID
 #   NL
 #   TARGET
 #   VAR_RECIPE_STRING
@@ -173,11 +186,10 @@ validate_btrfs_compression() {
 #   None
 # Returns:
 #   0: on success
-#   ERR_BTRFS_INITPH
-#   ERR_BTRFS_OPTION
-#   ERR_BTRFS_SUBVOL
-#   ERR_MOUNTING_DEV
-#   ERR_MOUNTING_ROOT
+#   ERR_BTRFS_INITPH: on failure
+#   ERR_BTRFS_OPTION: on failure
+#   ERR_BTRFS_SUBVOL: on failure
+#   ERR_MOUNTING_DEV: on failure
 #######################################
 mount_partition() {
  ### Declare Arrays, HashMaps, and Variables.
@@ -212,22 +224,13 @@ mount_partition() {
      var_encryption_label=$(get_label "${var_mount_path}" "${var_fs_version}" "luks")
    fi

-    var_partuuid="${HMP_PATH_PARTUUID["${var_mount_path}"]}"
-
-    #if [[ -z "${var_fs_uuid}" ]]; then
-    #  do_log "error" "file_only" "3280() FS-UUID for mount path: '${var_mount_path}' not found in: 'HMP_PATH_FSUUID'."
-    #  return "${ERR_MOUNTING_DEV}"
-    #fi
-
    ### Mounting of Ephemeral 'SWAP' and '/tmp' as per https://wiki.archlinux.org/title/Dm-crypt/Swap_encryption#UUID_and_LABEL
    if [[ "${var_mount_path,,}" == "swap" ]]; then

-      #cryptsetup open --type plain --key-file /dev/random \
-      #  --offset 2048 --cipher aes-xts-plain64 --key-size 512 \
-      #  --sector-size 4096 "/dev/disk/by-uuid/${var_fs_uuid}" "${var_encryption_label}"
+      var_partuuid="${HMP_PATH_PARTUUID["${var_mount_path}"]}"

      cryptsetup open --type plain --hash=plain \
-        --key-file /dev/random --keyfile-size 256 \
+        --key-file /dev/random --keyfile-size 64 \
        --cipher aes-xts-plain64 --key-size 512 \
        "/dev/disk/by-partuuid/${var_partuuid}" "${var_encryption_label}"

@@ -244,12 +247,10 @@ mount_partition() {

    elif [[ "${var_mount_path,,}" == "/tmp" ]]; then

-      #cryptsetup open --type plain --key-file /dev/random \
-      #  --offset 2048 --cipher aes-xts-plain64 --key-size 512 \
-      #  --sector-size 4096 "/dev/disk/by-uuid/${var_fs_uuid}" "${var_encryption_label}"
+      var_partuuid="${HMP_PATH_PARTUUID["${var_mount_path}"]}"

      cryptsetup open --type plain --hash=plain \
-        --key-file /dev/random --keyfile-size 256 \
+        --key-file /dev/random --keyfile-size 64 \
        --cipher aes-xts-plain64 --key-size 512 \
        "/dev/disk/by-partuuid/${var_partuuid}" "${var_encryption_label}"

@@ -378,4 +379,7 @@ mount_partition() {

  guard_dir && return 0
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f mount_partition
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
--- a/func/cdi_3200_partitioning/3290_uuid_logger.sh
+++ b/func/cdi_3200_partitioning/3290_uuid_logger.sh
@@ -29,30 +29,41 @@ uuid_logger() {

  printf 'PARTITION UUID Partition:\n' >> "${LOG_UID}"
  for var_key in "${!HMP_PATH_PARTUUID[@]}"; do
+
    var_mountpoint="${var_key}"
    var_uuid="${HMP_PATH_PARTUUID[${var_key}]}"
    ### Left-aligned field width 63; "UUID=" starts directly after column 64.
    printf '%-63sUUID=%s\n' "${var_mountpoint}" "${var_uuid}" >> "${LOG_UID}"
+
  done

+
  printf '\n' >> "${LOG_UID}"
  printf 'LUKS CONTAINER UUID:\n' >> "${LOG_UID}"
  for var_key in "${!HMP_PATH_LUKSUUID[@]}"; do
+
    var_mountpoint="${var_key}"
    var_uuid="${HMP_PATH_LUKSUUID[${var_key}]}"
    ### Left-aligned field width 63; "UUID=" starts directly after column 64.
    printf '%-63sUUID=%s\n' "${var_mountpoint}" "${var_uuid}" >> "${LOG_UID}"
+
  done

+
  printf '\n' >> "${LOG_UID}"
  printf 'FILESYSTEM UUID:\n' >> "${LOG_UID}"
  for var_key in "${!HMP_PATH_FSUUID[@]}"; do
+
    var_mountpoint="${var_key}"
    var_uuid="${HMP_PATH_FSUUID[${var_key}]}"
    ### Left-aligned field width 63; "UUID=" starts directly after column 64.
    printf '%-63sUUID=%s\n' "${var_mountpoint}" "${var_uuid}" >> "${LOG_UID}"
+
  done

  guard_dir && return 0
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f uuid_logger
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
--- a/func/cdi_3200_partitioning/3295_get_label.sh
+++ b/func/cdi_3200_partitioning/3295_get_label.sh
@@ -117,4 +117,7 @@ get_label() {

  fi
 }
+### Prevents accidental 'unset -f'.
+# shellcheck disable=SC2034
+readonly -f get_label
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh