msw/CISS.debian.live.builder
SHA256
2
1
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 6 Wiki Activity

V8.13.400.2025.11.08
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m11s
Details

Browse Source 
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
Marc S. Weidner
2025-11-09 17:03:23 +01:00
parent 7f342bfe8e
commit 1e5b1e7ede
3 changed files with 22 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
config/hooks/live/0020_dropbear_build.chroot
View File

@@ -9,7 +9,7 @@
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework. # SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
# SPDX-PackageName: CISS.debian.live.builder # SPDX-PackageName: CISS.debian.live.builder
# SPDX-Security-Contact: security@coresecret.eu # SPDX-Security-Contact: security@coresecret.eu
set -Ceuo pipefail set -Ceuxo pipefail
printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "${0}" printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "${0}"
@@ -47,7 +47,7 @@ setsid bash -c '
# shellcheck disable=2312 # shellcheck disable=2312
make -j"$(nproc)" make -j"$(nproc)"
' >> "${var_logfile}" 2>&1 ' >| "${var_logfile}" 2>&1
rm -rf /root/dropbear rm -rf /root/dropbear

28
lib/lib_primordial.sh
View File

@@ -95,17 +95,27 @@ normalize_ssh_key_file() {
var_tmp_file="${var_key_file}.noCR.$$" var_tmp_file="${var_key_file}.noCR.$$"
### Remove only '\r', keep everything else as-is. ### Remove only '\r', keep everything else as-is.
tr -d '\r' < "${var_key_file}" > "${var_tmp_file}" || { if ! tr -d '\r' < "${var_key_file}" >| "${var_tmp_file}"; then
echo "ERROR: Failed to normalize CRLF in ${var_key_file}" >&2
rm -f "${var_tmp_file}"
return 1
}
mv "${var_tmp_file}" "${var_key_file}" || { printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ ❌ Failed to normalize CRLF: [%s] \e[0m\n" "${var_key_file}"
echo "ERROR: Failed to replace normalized file ${var_key_file}" >&2
rm -f "${var_tmp_file}" rm -f "${var_tmp_file}"
return 1 return "${ERR_SANITIZING}"
}
fi
mv "${var_tmp_file}" "${var_key_file}"
if command -v ssh-keygen >/dev/null 2>&1; then
if ! ssh-keygen -lf "${var_key_file}" >/dev/null; then
printf "\e[91m++++ ++++ ++++ ++++ ++++ ++++ ++ ❌ Failed check ssh-keygen -lf: [%s] \e[0m\n" "${var_key_file}"
return "${ERR_SANITIZING}"
fi
fi
fi fi
return 0 return 0

1
var/global.var.sh
View File

@@ -66,6 +66,7 @@ declare -gir ERR_FLOCK_WRTG=129 # Cannot open lockfile for writing
declare -gir ERR_FLOCK_COLL=130 # The Script is already running declare -gir ERR_FLOCK_COLL=130 # The Script is already running
declare -gir ERR_GUARD_SRCE=131 # Module tried to load twice. declare -gir ERR_GUARD_SRCE=131 # Module tried to load twice.
declare -gir ERR_GPG__AGENT=132 # GNUPG agent error. declare -gir ERR_GPG__AGENT=132 # GNUPG agent error.
declare -gir ERR_SANITIZING=133 # Error occurred while sanitizing file.
declare -gir ERR_SPLASH_PNG=200 # --change-splash MUST be 'club' or 'hexagon' declare -gir ERR_SPLASH_PNG=200 # --change-splash MUST be 'club' or 'hexagon'
declare -gir ERR_CONTROL_CT=201 # --control MUST be an integer between '1' and '65535' declare -gir ERR_CONTROL_CT=201 # --control MUST be an integer between '1' and '65535'
declare -gir ERR_RENICE_PRI=202 # --renice-priority MUST an integer between '-19' and '19' declare -gir ERR_RENICE_PRI=202 # --renice-priority MUST an integer between '-19' and '19'