V8.13.512.2025.11.27
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m26s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m26s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -44,8 +44,6 @@ fi
|
||||
|
||||
cp -f "${_BUSYBOX_BIN}" "${_TMP_DIR}/bin/busybox"
|
||||
|
||||
###
|
||||
|
||||
#######################################
|
||||
# Copy required shared libs into the initramfs (if the busybox is dynamic).
|
||||
# Globals:
|
||||
@@ -76,7 +74,7 @@ copy_libs() {
|
||||
|
||||
copy_libs "${_BUSYBOX_BIN}"
|
||||
|
||||
### Generate /init script
|
||||
### Generate '/init' script ----------------------------------------------------------------------------------------------------
|
||||
cat << 'EOF' >| "${_TMP_DIR}/init"
|
||||
#!/bin/busybox sh
|
||||
# SPDX-Version: 3.0
|
||||
@@ -184,7 +182,7 @@ EOF
|
||||
|
||||
chmod +x "${_TMP_DIR}/init"
|
||||
|
||||
### Create the initramfs archive.
|
||||
### Create the initramfs archive -----------------------------------------------------------------------------------------------
|
||||
( cd "${_TMP_DIR}" && find . -print0 | cpio --null -ov --format=newc ) | gzip -9 > /boot/ciss-memwipe/initrd.img
|
||||
|
||||
### Default configuration.
|
||||
@@ -210,7 +208,7 @@ CISS_WIPE_TMPFS_PCT=95 # percentage of MemTotal to allocate
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=conf
|
||||
EOF
|
||||
|
||||
### Helper script
|
||||
### Helper script --------------------------------------------------------------------------------------------------------------
|
||||
cat << 'EOF' >| /usr/local/sbin/ciss-memwipe
|
||||
#!/bin/bash
|
||||
# SPDX-Version: 3.0
|
||||
@@ -273,7 +271,7 @@ esac
|
||||
EOF
|
||||
chmod 0755 /usr/local/sbin/ciss-memwipe
|
||||
|
||||
### Systemd service: load at boot, execute on shutdown.
|
||||
### Systemd service: load at boot, execute on shutdown. ------------------------------------------------------------------------
|
||||
cat << 'EOF' >| /etc/systemd/system/ciss-memwipe.service
|
||||
[Unit]
|
||||
Description=CISS: preload and execute kexec-based RAM wipe on shutdown
|
||||
|
||||
@@ -1,69 +0,0 @@
|
||||
#!/bin/bash
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: 2025-10-11; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-FileType: SOURCE
|
||||
# SPDX-License-Identifier: LicenseRef-CNCL-1.1 OR LicenseRef-CCLA-1.1
|
||||
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
|
||||
# SPDX-PackageName: CISS.debian.live.builder
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
set -Ceuo pipefail
|
||||
|
||||
printf "\e[95m++++ ++++ ++++ ++++ ++++ ++++ ++ 🧪 '%s' starting ... \e[0m\n" "${0}"
|
||||
|
||||
# shellcheck disable=SC2155
|
||||
declare -r VAR_DATE="$(date +%F)"
|
||||
|
||||
mv /etc/network/interfaces /root/.ciss/cdlb/backup/interfaces.chroot
|
||||
rm -f /etc/network/interfaces
|
||||
|
||||
cat << EOF >| /etc/network/interfaces
|
||||
# SPDX-Version: 3.0
|
||||
# SPDX-CreationInfo: ${VAR_DATE}; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
|
||||
# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
|
||||
# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
|
||||
# SPDX-FileType: SOURCE
|
||||
# SPDX-License-Identifier: LicenseRef-CNCL-1.1 OR LicenseRef-CCLA-1.1
|
||||
# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
|
||||
# SPDX-PackageName: CISS.debian.live.builder
|
||||
# SPDX-Security-Contact: security@coresecret.eu
|
||||
|
||||
# This file describes the network interfaces available on your system
|
||||
# and how to activate them. For more information, see interfaces(5).
|
||||
|
||||
EOF
|
||||
|
||||
cat << 'EOF' >> /etc/network/interfaces
|
||||
### The loopback network interface
|
||||
auto lo
|
||||
iface lo inet loopback
|
||||
|
||||
### Fully dynamic interface
|
||||
auto dynamic
|
||||
iface dynamic inet dhcp
|
||||
pre-up \
|
||||
IFACE=$(ip -o link show \
|
||||
| awk -F': ' '{print $2}' \
|
||||
| grep -m1 -v lo) && \
|
||||
echo "Using interface $IFACE as dynamic" && \
|
||||
ip link set dev "$IFACE" up && \
|
||||
ip link set dev "$IFACE" name dynamic
|
||||
|
||||
post-down \
|
||||
ip link set dev dynamic name "$IFACE" && \
|
||||
echo "Restored interface name $IFACE"
|
||||
|
||||
source /etc/network/interfaces.d/*
|
||||
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
EOF
|
||||
|
||||
chmod 0644 /etc/network/interfaces
|
||||
|
||||
printf "\e[92m++++ ++++ ++++ ++++ ++++ ++++ ++ ✅ '%s' applied successfully. \e[0m\n" "${0}"
|
||||
|
||||
exit 0
|
||||
# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh
|
||||
Reference in New Issue
Block a user