V8.00.000.2025.06.17

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

.preseed/preseed.yaml

@@ -480,7 +480,7 @@ network:
   ipv6: true                   # Specify if you want to use IPv6.
   timeout:
     dhcp: 60                   # If the dhcp server is slow, and the installer times out waiting for it, this might be useful.
-    linkwait: 60               # To set a different link detection timeout (default is 3 seconds).
+    linkwait: 3                # To set a different link detection timeout (default is 3 seconds).
   static:
     enable: true               # If you want the preconfiguration file to work on systems both with and without a dhcp
                                # server, change 'network.static.enable' from "false" to "true" and configure the static

func/cdi_1250_yaml/1252_yaml_validator.sh

@@ -117,10 +117,12 @@ yaml_validator() {
   fi
 
   # shellcheck disable=SC2312
-  var_link_ipv4=$(ping -q -c 1 -W 1 -4 debian.org > /dev/null 2>&1 && echo "true" || echo "false")
+  var_link_ipv4="$(probe_link 4 heise.de)"
+  #var_link_ipv4=$(ping -q -c 1 -W 1 -4 heise.de > /dev/null 2>&1 && echo "true" || echo "false")
 
   # shellcheck disable=SC2312
-  var_link_ipv6=$(ping -q -c 1 -W 1 -6 debian.org > /dev/null 2>&1 && echo "true" || echo "false")
+  var_link_ipv6="$(probe_link 6 heise.de)"
+  #var_link_ipv6=$(ping -q -c 1 -W 1 -6 heise.de > /dev/null 2>&1 && echo "true" || echo "false")
 
   # shellcheck disable=SC2312
   var_auto_fqdn="$( getent hosts "${var_auto_ipv4}" | awk '{print $2}' | head -n1 )"
@@ -173,7 +175,7 @@ yaml_validator() {
 
   fi
 
-  if [[ "${network_autoconfig_enable}" == "true" && "${var_link_ipv6}" == "true" ]]; then
+  if [[ "${network_autoconfig_enable}" == "true" ]]; then
 
     # shellcheck disable=SC2034
     VAR_FINAL_IPV6="${var_auto_ipv6}"
@@ -209,4 +211,37 @@ yaml_validator() {
 
   guard_dir && return 0
 }
+
+#######################################
+# Network connectivity prober.
+# Arguments:
+#   1: IP-Family
+#   2: TLD to probe
+# Returns:
+#   0: on success
+#######################################
+probe_link() {
+  declare -r  var_fam="${1:-4}"           # "4" or "6"
+  declare -r  var_target="${2:-heise.de}" # hostname or IP
+  declare     var_ok="false"
+
+  ### 1) Try ping (quiet, 1 probe, 3s deadline)
+  if ping -q -c 1 -W "${network_timeout_linkwait:-3}" "-${var_fam}" "${var_target}" >/dev/null 2>&1; then
+    var_ok="true"
+  else
+    ### 2) Fallback: mtr in report mode (non-interactive), no DNS to avoid TUI/delays.
+    if command -v mtr >/dev/null 2>&1; then
+      ### Treat as success if ANY hop resolves to something other than "???".
+      ### '-r = report', '-c 2 = two cycles', -n = no DNS, -4/-6 = address family
+      # shellcheck disable=SC2312
+      if mtr "-${var_fam}" -r -c 3 -n "${var_target}" 2>/dev/null \
+        | awk 'NR>2 && $2!="???"{ok=1} END{exit ok?0:1}'; then
+        var_ok="true"
+      fi
+    fi
+  fi
+
+  printf '%s' "${var_ok}"
+  return 0
+}
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

func/cdi_4000_debootstrap/4030_setup_hostname.sh

@@ -27,7 +27,7 @@ guard_sourcing
 #   0: on success
 #######################################
 setup_hostname() {
-  ### Create '${TARGET}/etc/hostname' file.
+  ### Create the '${TARGET}/etc/hostname' file.
   cat << EOF >| "${TARGET}/etc/hostname"
 ${VAR_FINAL_FQDN}
 EOF
@@ -35,7 +35,7 @@ EOF
   do_log "info" "file_only" "4030() File generated: '${TARGET}/etc/hostname' | hostname '${VAR_FINAL_FQDN}'."
 
 
-  ### Create '${TARGET}/etc/mailname' file.
+  ### Create the '${TARGET}/etc/mailname' file.
   cat << EOF >| "${TARGET}/etc/mailname"
 ${VAR_FINAL_FQDN}
 EOF

includes/target/etc/initramfs-tools/hooks/custom-initramfs.sh

@@ -23,7 +23,7 @@ esac
 
 # shellcheck disable=2292
 if [ ! -e /etc/initramfs-tools/files/unlock_wrapper.sh ]; then
-  echo "Missing unlock_wrapper.sh in /etc/initramfs-tools/files/"
+  echo -e "\e[91mMissing unlock_wrapper.sh in: [/etc/initramfs-tools/files/] \e[0m"
   exit 1
 fi
 
@@ -36,38 +36,38 @@ mkdir -p "${DESTDIR}/etc/initramfs-tools/scripts/init-premount"
 
 ### Include Bash
 copy_exec /usr/bin/bash /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/bash /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/bash /usr/bin] \e[0m"
 
 ### Include Busybox
 copy_exec /usr/bin/busybox /usr/bin
 copy_exec /usr/bin/busybox /bin
-echo "Successfully executed: [copy_exec /usr/bin/busybox /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/busybox /usr/bin] \e[0m"
 
 ### Include lsblk (block device info tool)
 copy_exec /usr/bin/lsblk /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/lsblk /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/lsblk /usr/bin] \e[0m"
 
 ### Include mkpasswd
 copy_exec /usr/bin/mkpasswd /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/mkpasswd /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/mkpasswd /usr/bin] \e[0m"
 
 ### Include udevadm (udev management tool)
 copy_exec /usr/bin/udevadm /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/udevadm /usr/bin."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/udevadm /usr/bin] \e[0m"
 
 ### Include sha512sum e.g.
 copy_exec /usr/bin/sha512sum /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/sha512sum /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/sha512sum /usr/bin] \e[0m"
 copy_exec /usr/bin/sha384sum /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/sha384sum /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/sha384sum /usr/bin] \e[0m"
 
 ### Include GPG
 copy_exec /usr/bin/gpg /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/gpgv /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/gpgv /usr/bin] \e[0m"
 
 ### Include Whois
 copy_exec /usr/bin/whois /usr/bin
-echo "Successfully executed: [copy_exec /usr/bin/whois /usr/bin]."
+echo -e "\e[92mSuccessfully executed: [copy_exec /usr/bin/whois /usr/bin] \e[0m"
 
 ### Link busybox applets for compatibility
 for dir in bin usr/bin; do
@@ -77,12 +77,15 @@ done
 
 ### Install Dropbear firewall configuration
 install -m 0444 /etc/initramfs-tools/files/dropbear_fw.conf "${DESTDIR}/etc/initramfs-tools/conf.d/dropbear_fw.conf"
+echo -e "\e[92mSuccessfully executed: [install -m 0444 /etc/initramfs-tools/files/dropbear_fw.conf ${DESTDIR}/etc/initramfs-tools/conf.d/dropbear_fw.conf] \e[0m"
 
 ### Install Dropbear configuration
 install -m 0444 /etc/dropbear/initramfs/dropbear.conf "${DESTDIR}/etc/dropbear/dropbear.conf"
+echo -e "\e[92mSuccessfully executed: [install -m 0444 /etc/dropbear/initramfs/dropbear.conf ${DESTDIR}/etc/dropbear/dropbear.conf] \e[0m"
 
 ### Install Dropbear Cryptroot Unlock Wrapper
 install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh "${DESTDIR}/usr/local/bin/unlock_wrapper.sh"
+echo -e "\e[92mSuccessfully executed: [install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh ${DESTDIR}/usr/local/bin/unlock_wrapper.sh] \e[0m"
 # TODO: Update preseed.yaml for pgp signing key AND / OR implementation of presigned unlock_wrapper.sh
 #install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha384 "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha384"
 #install -m 0444 /etc/initramfs-tools/files/unlock_wrapper.sh.sha512 "${DESTDIR}/usr/local/bin/unlock_wrapper.sh.sha512"
@@ -93,8 +96,9 @@ install -m 0555 /etc/initramfs-tools/files/unlock_wrapper.sh "${DESTDIR}/usr/loc
 #install -m 0444 /root/.ciss/keys/pubring.gpg "${DESTDIR}/etc/keys/pubring.gpg"
 
 ### Install Dropbear Banner
-#install -m 0444 /etc/dropbear/initramfs/banner "${DESTDIR}/etc/dropbear/banner"
+install -m 0444 /etc/dropbear/initramfs/banner "${DESTDIR}/etc/dropbear/banner"
+echo -e "\e[92mSuccessfully executed: [install -m 0444 /etc/dropbear/initramfs/banner ${DESTDIR}/etc/dropbear/banner] \e[0m"
 
-echo "Successfully executed: [/etc/initramfs-tools/hooks/custom-initramfs.sh]."
+echo -e "\e[92mSuccessfully executed: [/etc/initramfs-tools/hooks/custom-initramfs.sh] \e[0m"
 
 # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh