#!/bin/bash # SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.installer # SPDX-Security-Contact: security@coresecret.eu guard_sourcing ####################################### # Use do_in_target() for: # simple commands (e.g., dpkg, ln, mkdir, apt, etc.) # Use do_in_target_script() for: # all shell scripts, redirects, pipes, conditions, loops, or subshells ####################################### ####################################### # Wrapper for executing commands in the desired chroot environment. # Globals: # ERR_CHRT_COMMAND # TERM # Arguments: # 1: Target of the chroot environment. # 2: Commands and options and parameters to be executed in chroot. # Returns: # 0: on success # ERR_CHRT_COMMAND: on failure ####################################### do_in_target() { declare var_chroot_target="$1" shift declare -a ary_chroot_command=("$@") if (( ${#ary_chroot_command[@]} == 0 )); then do_log "emergency" "file_only" "Empty command passed to 'do_in_target()'." return "${ERR_CHRT_COMMAND}" fi if chroot "${var_chroot_target}" /usr/bin/env -i \ HOME=/root \ PATH=/usr/sbin:/usr/bin:/sbin:/bin \ TERM="${TERM}" \ LANG=C.UTF-8 \ LC_ALL=C.UTF-8 \ "${ary_chroot_command[@]}" then do_log "info" "file_only" "Success: chroot '${var_chroot_target}': '${ary_chroot_command[*]}'." return 0 else do_log "emergency" "file_only" "Failed: chroot '${var_chroot_target}': '${ary_chroot_command[*]}'." return "${ERR_CHRT_COMMAND}" fi } ####################################### # Execute a full shell script line inside the chroot via bash -c. # Supports interactive debug shell on error. # Globals: # ERR_CHRT_COMMAND # TERM # DEBUG_INTERACTIVE (optional boolean) # Arguments: # 1: Target of the chroot environment # 2: Command string to execute inside a shell (quoted) # Returns: # 0: on success # ERR_CHRT_COMMAND: on failure ####################################### do_in_target_script() { declare var_chroot_target="$1" shift declare var_chroot_script="$1" if [[ -z "${var_chroot_script}" ]]; then do_log "emergency" "file_only" "Empty command passed to 'do_in_target_script()'." return "${ERR_CHRT_COMMAND}" fi # do_log "debug" "file_only" "Evaluating chroot script in '${var_chroot_target}': '${var_chroot_script}'." if chroot "${var_chroot_target}" /usr/bin/env -i \ HOME=/root \ PATH=/usr/sbin:/usr/bin:/sbin:/bin \ TERM="${TERM}" \ LANG=C.UTF-8 \ LC_ALL=C.UTF-8 \ /bin/bash -c "${var_chroot_script}" then do_log "info" "file_only" "Success: chroot '${var_chroot_target}': '${var_chroot_script}'." return 0 else declare -i var_chroot_rc="${?}" do_log "emergency" "file_only" "Failure: chroot '${var_chroot_target}': '${var_chroot_script}'." do_log "info" "file_only" "Return code: '${var_chroot_rc}'." # TODO: Test with Dialog Wrapper in interactive mode. #if [[ "${DEBUG_INTERACTIVE}" == "true" ]]; then # do_log "warning" "true" "Launching interactive debug shell in chroot: '${var_chroot_target}'." # chroot "${var_chroot_target}" /bin/bash -l #fi return "${ERR_CHRT_COMMAND}" fi } # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh