#!/bin/bash # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-02-13; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://cendev.eu/marc.weidner/CISS.2025.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.2025.hardened.installer framework. # SPDX-PackageName: CISS.2025.hardened.installer # SPDX-Security-Contact: security@coresecret.eu ########################################################################################### # 3.7.1. Functions - installation - configure system # ########################################################################################### ########################################################################################### # Configure target system for chroot. # Globals: # MODULE_ERR # MODULE_TXT # TARGET # Arguments: # None ########################################################################################### 3_7_1_functions_installation_configure_system() { declare -g -x MODULE_ERR="3_7_1_functions_installation_configure_system" declare -g -x MODULE_TXT="Configure and prepare system after debootstrap for setup" do_show_header "${MODULE_TXT}" ### Reminder ### # --rbind: recursive binding. # --make-rslave: In this case, the mount point is marked as 'slave'. # This means changes to the source mount (e.g., /proc) are propagated to the target mount (e.g., "${TARGET}"/proc). # Conversely, changes to the target mount are not propagated back to the source mount. # This mode is necessary to avoid problems with double or erroneous propagation effects in chroot or container environments. if mount --make-rslave --rbind /proc "${TARGET}"/proc; then do_log "info" "true" "'mount --make-rslave --rbind /proc ${TARGET}/proc'." else do_log "emergency" "false" "Failed: 'mount --make-rslave --rbind /proc ${TARGET}/proc'." exit "${ERR_CHROOT_MOUNTS}" fi if mount --make-rslave --rbind /sys "${TARGET}"/sys; then do_log "info" "true" "'mount --make-rslave --rbind /sys ${TARGET}/sys'." else do_log "emergency" "false" "Failed: 'mount --make-rslave --rbind /sys ${TARGET}/sys'." exit "${ERR_CHROOT_MOUNTS}" fi if mount --make-rslave --rbind /dev "${TARGET}"/dev; then do_log "info" "true" "'mount --make-rslave --rbind /dev ${TARGET}/dev'." else do_log "emergency" "false" "Failed: 'mount --make-rslave --rbind /dev ${TARGET}/dev'." exit "${ERR_CHROOT_MOUNTS}" fi if mount --make-rslave --rbind /run "${TARGET}"/run; then do_log "info" "true" "'mount --make-rslave --rbind /run ${TARGET}/run'." else do_log "emergency" "false" "Failed: 'mount --make-rslave --rbind /run ${TARGET}/run'." exit "${ERR_CHROOT_MOUNTS}" fi if do_in_target "${TARGET}" mkdir -p /etc/systemd/system/multi-user.target.wants; then do_log "info" "true" "Command: 'mkdir -p /etc/systemd/system/multi-user.target.wants' executed in: '${TARGET}'." else do_log "emergency" "false" "Failed: Command: 'mkdir -p /etc/systemd/system/multi-user.target.wants' executed in: '${TARGET}'." exit "${ERR_CHROOT_MOUNTS}" fi do_show_footer "${MODULE_TXT}" } # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh: