#!/bin/sh # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.installer # SPDX-Security-Contact: security@coresecret.eu set -e PREREQ="" prereqs() { echo "$PREREQ"; } case $1 in prereqs) prereqs; exit 0 ;; esac . /usr/share/initramfs-tools/hook-functions mkdir -p "${DESTDIR}/bin" "${DESTDIR}/usr/bin" "${DESTDIR}/usr/local/bin" "${DESTDIR}/etc/dropbear/initramfs" "${DESTDIR}/etc/keys" ### Include Busybox copy_exec /usr/bin/busybox /usr/bin copy_exec /usr/bin/busybox /bin ### Include Bash copy_exec /usr/bin/bash /usr/bin ### Include lsblk (block device info tool) copy_exec /usr/bin/lsblk /usr/bin ### Include udevadm (udev management tool) copy_exec /usr/bin/udevadm /usr/bin ### Include sha512sum e.g. copy_exec /usr/bin/sha512sum /usr/bin copy_exec /usr/bin/sha384sum /usr/bin ### Include Signature-Verifier copy_exec /usr/bin/gpgv /usr/bin for dir in bin usr/bin; do ln -sf busybox "${DESTDIR}/${dir}/cat" ln -sf busybox "${DESTDIR}/${dir}/sleep" done install -m 0555 /etc/initramfs-tools/files/coresecret.sh "${DESTDIR}/usr/local/bin/coresecret.sh" install -m 0444 /etc/initramfs-tools/files/coresecret.sh.sha384 "${DESTDIR}/usr/local/bin/coresecret.sh.sha384" install -m 0444 /etc/initramfs-tools/files/coresecret.sh.sha512 "${DESTDIR}/usr/local/bin/coresecret.sh.sha512" install -m 0444 /etc/initramfs-tools/files/coresecret.sh.sha384.sig "${DESTDIR}/usr/local/bin/coresecret.sh.sha384.sig" install -m 0444 /etc/initramfs-tools/files/coresecret.sh.sha512.sig "${DESTDIR}/usr/local/bin/coresecret.sh.sha512.sig" cp -a /root/.ciss/keys/pubring.gpg "${DESTDIR}/etc/keys/" chmod 0444 "${DESTDIR}/etc/keys/pubring.gpg" cp -a /etc/dropbear/initramfs/banner "${DESTDIR}/etc/dropbear/initramfs/banner"