msw/CISS.debian.installer
SHA256
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
5f36d27c62a507651facc8165a20eea82b5f4f978e79c1414f70ef04c7060be8
CISS.debian.installer/lib/cdi_0005_guard/README.md
Marc S. Weidner 45ff672479
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m0s
Details
V8.00.000.2025.06.17 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
2025-07-31 23:04:30 +02:00

62 lines
2.6 KiB
Markdown
Raw Blame History

This file contains invisible Unicode characters
This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
---
gitea: none
include_toc: true
---
# 1. CISS.debian.installer
**Centurion Intelligence Consulting Agency Information Security Standard**<br>
*The CISS Debian Installer provides a fully automated and hardened installation process.*<br>
**Master Version**: 8.00<br>
**Build**: V8.00.000.2025.06.17<br>
# 2. Guarding and Safe Execution `cdi_0005_guard`
This directory provides minimalistic but critical utility functions to ensure safe and idempotent sourcing and execution
semantics within the `CISS.debian.installer` framework. These wrappers act as foundational safeguards against redundant
sourcing, which are frequent sources of bugs and side effects in modular Bash-based systems.
## 2.1. Purpose and Functionality
- **0005_guard_sourcing.sh**
Defines the `guard_sourcing()` function, which programmatically prevents a Bash library file from being sourced multiple
times. It constructs a uniquely scoped read-only environment variable guard to mark the sourced state.
- **0006_source_guard.sh**
Implements the `source_guard()` function, which sources a given file only once. It uses the files basename to construct a
similarly structured guard variable. Intended for cases where sourcing decisions must be made dynamically.
- **0011_guard_safe_exec.sh**
Provides a generic `safe_exec()` wrapper to execute external commands in a structured and error-controlled manner. It emits
meaningful error logs using `do_log()` and allows associating custom error codes per invocation context. This is essential
for defensive script execution when `pipefail` and strict traps are enabled.
## 2.2. Requirements
- Bash version ≥ 5.1
- Active error trapping via `trap 'trap_err' ERR`
- `do_log()` must be declared elsewhere in the global context
- All libraries must be sourced via `source_guard()` and invoke `guard_sourcing` on top
## 2.3. Dependencies
- Pure Bash implementation
- Uses `declare -grx` to enforce immutability and exportability of guard variables
- `safe_exec()` expects a predefined `do_log()` implementation
## 2.4. License
This component is dual-licensed under the **European Union Public License v1.2 (EUPL-1.2),** or the
**CoreSecret Custom Contributor License Agreement (CCLA-1.0)**. You may choose either license as per your usage context.
Usage is permitted under the condition that no warranty is implied. Use at your own risk.
## 2.5. Author
Developed and maintained by
**Marc S. Weidner**
*Centurion Intelligence Consulting Agency*
---
**[no tracking | no logging | no advertising | no profiling | no bullshit](https://coresecret.eu/)**
<!-- vim: set number et ts=2 sw=2 sts=2 ai tw=128 ft=markdown -->
Reference in New Issue View Git Blame Copy Permalink