V8.03.768.2025.06.18
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
All checks were successful
🛡️ Shell Script Linting / 🛡️ Shell Script Linting (push) Successful in 1m28s
Signed-off-by: Marc S. Weidner <msw@coresecret.dev>
This commit is contained in:
@@ -149,6 +149,13 @@ Example: `8.03.384.2025.06.03`
|
||||
Date (YYYY.MM.DD) denotes the build or release date, facilitating clear tracking of incremental changes and ensuring
|
||||
reproducibility and traceability.
|
||||
|
||||
### 1.6. Keywords
|
||||
|
||||
The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
|
||||
"MAY", and "OPTIONAL" in this Repo are to be interpreted as described in [[BCP 14](https://www.rfc-editor.org/info/bcp14)],
|
||||
[[RFC2119](https://datatracker.ietf.org/doc/html/rfc2119)], [[RFC8174](https://datatracker.ietf.org/doc/html/rfc8174)] when,
|
||||
and only when, they appear in all capitals, as shown here.
|
||||
|
||||
# 2. Features & Rationale
|
||||
|
||||
Below is a breakdown of each hardening component, with a summary of why each is critical to your security posture.
|
||||
|
||||
@@ -19,26 +19,26 @@ check_pkgs() {
|
||||
apt-get update -y
|
||||
|
||||
if [[ -z "$(command -v lsb_release || true)" ]]; then
|
||||
apt-get install --no-install-recommends lsb-release -y
|
||||
apt-get install -y --no-install-recommends lsb-release
|
||||
fi
|
||||
|
||||
if [[ -z "$(command -v debootstrap || true)" ]]; then
|
||||
if grep -RqsE '^[[:space:]]*deb .*backports' /etc/apt/sources.list /etc/apt/sources.list.d; then
|
||||
# shellcheck disable=SC2155
|
||||
declare codename=$(lsb_release -sc)
|
||||
apt-get -t "${codename}-backports" install debootstrap -y
|
||||
apt-get install -y -t "${codename}-backports" debootstrap
|
||||
else
|
||||
apt-get install debootstrap -y
|
||||
apt-get install -y debootstrap
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ ! -f /usr/share/live/build/VERSION ]]; then
|
||||
apt-get install live-build -y
|
||||
apt-get install -y live-build
|
||||
fi
|
||||
|
||||
if [[ -z "$(command -v dialog || true)" ]]; then
|
||||
if ! $VAR_HANDLER_AUTOBUILD; then
|
||||
apt-get install --no-install-recommends dialog -y;
|
||||
if [[ "${VAR_HANDLER_AUTOBUILD}" == false ]]; then
|
||||
if [[ -z "$(command -v dialog || true)" ]]; then
|
||||
apt-get install -y --no-install-recommends dialog
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
Reference in New Issue
Block a user