# SPDX-Version: 3.0 # SPDX-CreationInfo: 2025-06-17; WEIDNER, Marc S.; # SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.installer.git # SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency # SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; # SPDX-FileType: SOURCE # SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0 # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-PackageName: CISS.debian.installer # SPDX-Security-Contact: security@coresecret.eu [[ $- != *i* ]] && return # shellcheck disable=SC2312 if [[ "$(id -u)" -eq 0 ]]; then umask 0022 PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin" else umask 0077 PATH="/usr/local/bin:/usr/bin:/bin" fi export PATH trap ' "${SHELL}" "${HOME}/.ciss/clean_logout.sh" ' EXIT . "${HOME}/.ciss/alias" . "${HOME}/.ciss/f2bchk.sh" . "${HOME}/.ciss/scan_libwrap" . "${HOME}/.ciss/shortcuts" ### Never use 'errexit' | 'nounset' | 'pipefail' in interactive shells. set +o errexit +o nounset +o pipefail ### Preferred editor for local and remote sessions. export EDITOR="nano" ### History-Settings # -'ignoreboth' Do not put duplicate lines or lines starting with space in the history. # -'erasedups' Causes all previous lines matching the current line to be removed from the history before that line is saved. export HISTCONTROL='ignoreboth:erasedups' # The name of the file in which command history is saved. The default value is ~/.bash_history. If unset, the command history # is not saved when a shell exits. export HISTFILE=~/.bash_history # The maximum number of lines contained in the history file. export HISTFILESIZE="16384" # The number of commands to remember in the command history. If the value is 0, commands are not saved in the history list. # Numeric values less than zero result in every command being saved on the history list (there is no limit). export HISTSIZE="16384" # If this variable is set, time stamps are written to the history file, so they may be preserved across shell sessions. export HISTTIMEFORMAT='%F %T %z ' # Optional, cautious filters (avoids trivial leaks, but not foolproof). Caution: HISTIGNORE is coarse-grained, don't overdo it. export HISTIGNORE='*PASS*:*pass*:*secret*:*token*:*API_KEY*:*' # With only histappend, entries can be lost or merge with each other in the event of a crash or multiple sessions. # "-a": Appends new entries from RAM to the file. # "-c": Then empties only the RAM buffer. Not used here for performance reasons. # "-r": Loads the file back into RAM. __ciss_hist_pc__='history -a; history -n' if [[ ${PROMPT_COMMAND-} != *"history -a; history -n"* ]]; then PROMPT_COMMAND="${PROMPT_COMMAND:+${PROMPT_COMMAND}; }${__ciss_hist_pc__}" fi unset __ciss_hist_pc__ export PROMPT_COMMAND # Check the window size after each command and, if necessary, update the values of "LINES" and "COLUMNS". shopt -s checkwinsize # Append to the history file, don't overwrite it. shopt -s histappend # If set, the pattern "**" used in a pathname expansion context will match all files and zero or more directories and subdirectories. shopt -s globstar # Multi-line entries (line breaks using \ or via PS2) are stored in the history as a single entry. shopt -s cmdhist # Works in addition to cmdhist: Multi-line commands are stored in the history with real newlines, i.e., in their original format. shopt -s lithist # Check History permissions. [[ -f "${HISTFILE}" ]] && chmod 0600 "${HISTFILE}" ### Define colors for bash prompt. export CRED='\033[1;91m' export CGRE='\033[1;92m' export CYEL='\033[1;93m' export CBLU='\033[1;94m' export CMAG='\033[1;95m' export CCYA='\033[1;96m' export CWHI='\033[1;97m' export CRES='\033[0m' export NL='\n' ### Define color prompt incl. 'Exit Code' feedback. export PS1="\ \[\033[1;91m\]\d\[\033[0m\]|\ \[\033[1;91m\]\u\[\033[0m\]@\ \[\033[1;95m\]\h\[\033[0m\]:\ \[\033[1;96m\]\w\[\033[0m\]/>>\ \$(if [[ \$? -eq 0 ]]; then \ echo -e \"\[\033[1;92m\]\$?\[\033[0m\]\"; \ else \ echo -e \"\[\033[1;91m\]\$?\[\033[0m\]\"; \ fi)\ \$(if [[ \$(id -u) -eq 0 ]]; then echo -e \" \[\033[1;91m\]#\[\033[0m\] \"; else echo -e \" \[\033[1;92m\]\\\$\[\033[0m\] \"; fi)" ### Overwrite Protection. set -o noclobber alias cp='cp -iv' alias mv='mv -iv' alias rm='rm -iv' ### Welcome message after login. #printf "\n" #printf "\e[91m🔐 Coresecret Channel Established. \e[0m\n" #printf "\e[92m✅ Welcome back\e[0m"; printf "\e[95m '%s' \e[0m" "${USER}"; printf "\e[92m! Type\e[0m"; printf "\e[95m 'celp'\e[0m"; printf "\e[92m for shortcuts. \e[0m\n" #printf "\n" #printf "\n" printf "\n" printf "%b🔐 Coresecret Channel Established. %b%b" "${CRED}" "${CRES}" "${NL}" printf "%b✅ Welcome back %b " "${CGRE}" "${CRES}" printf "%b'%s'%b" "${CMAG}" "${USER}" "${CRES}" printf "%b! Type%b" "${CGRE}" "${CRES}" printf "%b 'celp'%b" "${CMAG}" "${CRES}" printf "%b for shortcuts. %b%b" "${CGRE}" "${CRES}" "${NL}" printf "\n" printf "\n" # vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh