msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

V8.00.000.2025.06.17
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 55s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-09-04 20:27:31 +02:00
parent 83fe747a45
commit 8491b01be4
14 changed files with 59 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
includes/target/etc/initramfs-tools/files/unlock_wrapper.sh
View File

@@ -345,7 +345,7 @@ trap_on_exit() {
trap_on_term() {
trap - ERR INT TERM
stty echo
printf "%s" "${NL}"
printf "%b" "${NL}"
color_echo "${RED}" "✘ Received termination signal. System Power Off in 3 seconds." >&2
# TODO: REMOVE DEBUGGER FOR PRODUCTION
drop_bash
@@ -362,7 +362,6 @@ trap_on_term() {
# 0: Script Name
#######################################
verify_script() {
# TODO: TEST THIS FUNC()
declare dir
# shellcheck disable=SC2312
dir="$(dirname "$(readlink -f "${0}")")"
@@ -378,10 +377,11 @@ verify_script() {
color_echo "${MAG}" "🔏 Verifying signature of: [${hashfile}]"
if ! gpgv --keyring /etc/keys/pubring.gpg "${sigfile}" "${hashfile}"; then
if ! gpgv --keyring /etc/keys/unlock_wrapper_pubring.gpg "${sigfile}" "${hashfile}"; then
color_echo "${RED}" "✘ Signature verification failed for: [${hashfile}]"
color_echo "${RED}" "✘ System Power Off in 3 seconds ...."
power_off 3
drop_bash
#power_off 3
else
color_echo "${GRE}" "🔏 Verifying signature of: [${hashfile}] successful."
fi
@@ -395,7 +395,8 @@ verify_script() {
if [[ "${computed}" != "${expected}" ]]; then
color_echo "${RED}" "✘ Recomputed hash mismatch for : [${item}]" >&2
color_echo "${RED}" "✘ System Power Off in 3 seconds ...." >&2
power_off 3
drop_bash
#power_off 3
fi
color_echo "${GRE}" "🔢 Recomputing Hash: [${item}] successful."
@@ -422,13 +423,20 @@ main() {
trap 'trap_on_exit' EXIT
trap 'trap_on_term' INT TERM
if [[ -r /etc/dropbear/banner ]]; then
cat /etc/dropbear/banner >&2
elif [[ -r /etc/dropbear/initramfs/banner ]]; then
cat /etc/dropbear/initramfs/banner >&2
fi
uname -a
printf "%b" "${NL}"
color_echo "${RED}" "Coresecret Connection established."
color_echo "${RED}" "Starting Time: ${CURRENTDATE}"
printf "%b" "${NL}"
color_echo "${MAG}" "Integrity self-check ..."
#verify_script
verify_script
### Read newline-separated output into an array.
printf "%b" "${NL}"