V8.03.768.2025.06.23

Signed-off-by: Marc S. Weidner <msw@coresecret.dev>

ciss_live_builder.sh

@@ -40,23 +40,18 @@
 [[ ${#} -eq 0 ]] && {
   . ./lib/lib_usage.sh; usage; exit 1; }
 
-declare -gx VAR_CONTACT="security@coresecret.eu"
-declare -gx VAR_VERSION="Master V8.03.768.2025.06.23"
+### SOURCING MUST SET EARLY VARIABLES AND GUARD_SOURCING()
+. ./var/early.var.sh
+. ./lib/lib_guard_sourcing.sh
 
-### CHECK FOR CONTACT, HELP, AND VERSION STRING
+### CHECK FOR CONTACT, HELP, VERSION STRING, AND XTRACE DEBUG
 for arg in "$@"; do case "${arg,,}" in -c|--contact) . ./lib/lib_contact.sh; contact; exit 0;; esac; done
 for arg in "$@"; do case "${arg,,}" in -h|--help)    . ./lib/lib_usage.sh; usage; exit 0;; esac; done
 for arg in "$@"; do case "${arg,,}" in -v|--version) printf "\e[95mCISS.debian.live.builder Version: %s\e[0m\n" "${VAR_VERSION}"; exit 0;; esac; done
-declare -gx VAR_SETUP="true"
 
-### CHECK FOR XTRACE DEBUG
-if [[ $* == *" --debug "* ]]; then
-  . ./lib/lib_debug.sh
-  . ./lib/lib_debug_header.sh
-  debugger "${@}"
-else
-  declare -gx VAR_EARLY_DEBUG="false"
-fi
+### ALL CHECKS DONE. READY TO START THE SCRIPT
+for arg in "$@"; do case "${arg,,}" in -d|--debug)   . ./meta_sources_debug.sh; check_git; debugger "${@}";; esac; done
+declare -gx VAR_SETUP="true"
 
 ### SOURCING VARIABLES
 [[ "${VAR_SETUP}" == true ]] && {
@@ -109,9 +104,7 @@ if ! flock -x -n 127; then
 fi
 
 ### CHECK FOR AUTOBUILD MODE
-declare -gx VAR_HANDLER_AUTOBUILD="false"
-for arg in "$@"; do case "${arg,,}" in -a=*|--autobuild=*) declare -gx VAR_HANDLER_AUTOBUILD="true"; declare -gx VAR_KERNEL="${arg#*=}";; esac; done
-unset arg
+for arg in "$@"; do case "${arg,,}" in -a=*|--autobuild=*) declare -gx VAR_HANDLER_AUTOBUILD="true"; declare -gx VAR_KERNEL="${arg#*=}";; esac; done; unset arg
 for dir in /usr/local/sbin /usr/sbin; do case ":${PATH}:" in *":${dir}:"*) ;; *) PATH="${PATH}:${dir}" ;; esac; done; export PATH; unset dir
 
 ### CHECKING REQUIRED PACKAGES

lib/lib_arg_parser.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Argument Parser
 # Globals:

lib/lib_arg_priority_check.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Check and setup Script Priorities
 # Globals:

lib/lib_boot_screen.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Set up a gauge Dialog Wrapper.
 # Globals:

lib/lib_cdi.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # CISS.2025.debian.installer GRUB and Autostart Generator
 # Globals:

lib/lib_change_splash.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Change Grub Boot Screen Splash
 # Globals:

lib/lib_check_dhcp.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Check if hardened Centurion DNS servers are desired.
 # Globals:

lib/lib_check_hooks.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Check and apply 0755 Permissions on every ./config/hooks/live/*.chroot file
 # Globals:

lib/lib_check_kernel.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Kernel Image Selector
 # Globals:

lib/lib_check_pkgs.sh

@@ -10,13 +10,15 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Check for required Deb Packages to run the script.
 # Arguments:
 #  None
 #######################################
 check_pkgs() {
-  apt-get update -y
+  apt-get update -y > /dev/null 2>&1
 
   if [[ -z "$(command -v lsb_release || true)" ]]; then
     apt-get install -y --no-install-recommends lsb-release

lib/lib_check_provider.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Notes Textbox
 # Arguments:

lib/lib_check_stats.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Check if analysis run is desired only.
 # Globals:

lib/lib_check_var.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Unbound Variable Check and call Trap on ERR
 # Globals:

lib/lib_clean_screen.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Terminal cleaner before Trap on Error
 # Arguments:

lib/lib_clean_up.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Clean Up Wrapper on Trap on 'ERR' and 'EXIT'.
 # Globals:

lib/lib_copy_integrity.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Copy Initial ISO aide Database into Host System
 # Globals:

lib/lib_debug.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Debugger Wrapper for xtrace to Debug Log
 # Globals:
@@ -34,7 +36,7 @@ debugger() {
       declare -p "${var}" 2>/dev/null
     done < <(compgen -v | grep -Ev '^(BASH|_).*')
   } | sort >| "${VAR_DUMP_VARS_INITIAL}"
-  declare -gx VAR_EARLY_DEBUG=true
+  declare -gx VAR_EARLY_DEBUG="true"
   ### Set a verbose PS4 prompt including timestamp, source, line, exit status, and function name
   declare -grx PS4='\e[97m+\e[0m\e[96m$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)\e[0m\e[97m:\e[0m\e[92m[${BASH_SOURCE[0]}:${LINENO}]\e[0m\e[97m|\e[0m\e[93m${?}\e[0m\e[97m>\e[0m\e[95m${FUNCNAME[0]:-main}()\e[0m \e[97m>>\e[0m '
   # shellcheck disable=SC2155

lib/lib_debug_header.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Generates Debug Log Header
 # Globals:
@@ -30,11 +32,9 @@
 debug_header() {
   declare -r arg_counter="$1"
   declare -r arg_string="$2"
-  # shellcheck disable=SC2155
-  declare git_head=$(git rev-parse HEAD)
   {
     printf "\e[97m+\e[0m\e[92m%s: CISS.debian.live.builder Debug Log \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)"
-    printf "\e[97m+\e[0m\e[92m%s: Git Commit                : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${git_head}"
+    printf "\e[97m+\e[0m\e[92m%s: Git Commit                : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${VAR_GIT_HEAD_FULL}"
     printf "\e[97m+\e[0m\e[92m%s: Version                   : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${VAR_VERSION}"
     printf "\e[97m+\e[0m\e[92m%s: Epoch                     : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${EPOCHREALTIME}"
     printf "\e[97m+\e[0m\e[92m%s: Bash MAJ Release          : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${BASH_VERSINFO[0]}"
@@ -45,6 +45,7 @@ debug_header() {
     printf "\e[97m+\e[0m\e[92m%s: UID                       : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${UID}"
     printf "\e[97m+\e[0m\e[92m%s: EUID                      : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${EUID}"
     printf "\e[97m+\e[0m\e[92m%s: Hostname                  : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${HOSTNAME}"
+    printf "\e[97m+\e[0m\e[92m%s: Hostsystem                : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${VAR_SYSTEM}"
     printf "\e[97m+\e[0m\e[92m%s: Script name               : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "$0"
     printf "\e[97m+\e[0m\e[92m%s: Argument Counter          : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${arg_counter}"
     printf "\e[97m+\e[0m\e[92m%s: Argument String Original  : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${arg_string}"
@@ -53,6 +54,7 @@ debug_header() {
     printf "\e[97m+\e[0m\e[92m%s: Script work DIR           : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${PWD}"
     printf "\e[97m+\e[0m\e[92m%s: Shell Options             : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "$-"
     printf "\e[97m+\e[0m\e[92m%s: BASHOPTS                  : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${BASHOPTS}"
+    printf "\e[97m+\e[0m\e[92m%s: SHELLOPTS                 : %s \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)" "${SHELLOPTS}"
     printf "\e[97m+\e[0m\e[92m%s: ==== Debug Log Begin ==== : \e[0m\n" "$(date -u +%Y-%m-%dT%H:%M:%S.%4N%z)"
   } >&42
 }

lib/lib_debug_var_git.sh

@@ -0,0 +1,36 @@
+#!/bin/bash
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework.
+# SPDX-PackageName: CISS.debian.live.builder
+# SPDX-Security-Contact: security@coresecret.eu
+
+guard_sourcing
+
+#######################################
+# Define Git Repo related Variables.
+# Globals:
+#   VAR_GIT_HEAD
+#   VAR_GIT_REL
+#   VAR_GIT_REL_DATE
+#   VAR_GIT_REL_DATE_TIME
+#   VAR_GIT_REL_SHORT
+# Arguments:
+#   None
+#######################################
+check_git() {
+  # shellcheck disable=SC2155
+  if git rev-parse --is-inside-work-tree &>/dev/null; then
+    declare -grx VAR_GIT_REL="$(git log --format='%h %ci' -1 2>/dev/null | awk '{ print $1" "$2" "$3 }')"
+    declare -grx VAR_GIT_REL_SHORT="${VAR_GIT_REL%% *}"
+    declare -grx VAR_GIT_REL_DATE_TIME="${VAR_GIT_REL#* }"
+    declare -grx VAR_GIT_REL_DATE="${VAR_GIT_REL_DATE_TIME% *}"
+    declare -grx VAR_GIT_HEAD_FULL="$(git rev-parse HEAD)"
+  fi
+}
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

lib/lib_guard_sourcing.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.hardened.installer framework.
+# SPDX-PackageName: CISS.debian.live.builder
+# SPDX-Security-Contact: security@coresecret.eu
+
+#######################################
+# Prevent the caller LIB-file from being sourced twice.
+# Derive a safe guard-variable name from the caller script filename.
+# Globals:
+#   BASH_SOURCE
+# Arguments:
+#   $1: Explicitly provided Argument: filename of the caller LIB. (Better let the guard_sourcing() determine dynamically.
+# Returns:
+#   0: Returns '0' in both cases as they are intended to be successful.
+#######################################
+guard_sourcing() {
+  ### Determine the caller script (the library being sourced).
+  declare var_src="${1:-${BASH_SOURCE[1]}}"
+  ### Strip path, keep only filename
+  declare var_file_name="${var_src##*/}"
+  ### Sanitize to valid var name.
+  declare var_safe_name="${var_file_name//[^a-zA-Z0-9_]/_}"
+  ### Build guard-variable name.
+  declare var_guard_var="_${var_safe_name}_LOADED"
+
+  ### If already loaded, abort sourcing
+  if [[ -n "${!var_guard_var:-}" ]]; then
+    return 0
+  fi
+
+  ### Mark as loaded (readonly + exported)
+  declare -grx "${var_guard_var}"=1
+  return 0
+}
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

lib/lib_hardening_root_pw.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Updates the Live ISO to use root password authentication for local console access.
 # Globals:

lib/lib_hardening_ssh.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # SSH Hardening Ultra via TCP Wrapper
 # Globals:

lib/lib_hardening_ultra.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Wrapper for accompanying all CISS.debian.hardening features into the Live ISO image.
 # Globals:

lib/lib_helper_ip.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # IP Notation cleaner for pure IP output only
 # Globals:

lib/lib_lb_build_start.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Wrapper to write a new 'lb config' environment.
 # Globals:

lib/lib_lb_config_start.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Wrapper for 'lb config' - set up a build environment or deleting old build artifacts.
 # Globals:

lib/lib_lb_config_write.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Wrapper to write a new 'lb config' environment.
 # Globals:

lib/lib_provider_netcup.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Notes Textbox
 # Arguments:

lib/lib_run_analysis.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Wrapper for statistic functions of the final build.
 # Globals:

lib/lib_sanitizer.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Argument Check Wrapper
 # Arguments:

lib/lib_trap_on_err.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Print Error Message for Trap on 'ERR' in ${ERROR_LOG}
 # Globals:
@@ -35,7 +37,7 @@ print_file_err() {
   {
     printf "❌ CISS.debian.live.builder Script failed. \n"
     printf "❌ Version             : %s \n" "${VAR_VERSION}"
-    printf "❌ Environment         : %s \n" "${VAR_SYSTEM}"
+    printf "❌ Hostsystem          : %s \n" "${VAR_SYSTEM}"
     printf "❌ Error               : %s \n" "${ERRCODE}"
     printf "❌ Line                : %s \n" "${ERRLINE}"
     printf "❌ Script              : %s \n" "${ERRSCRT}"
@@ -78,7 +80,7 @@ print_file_err() {
 print_scr_err() {
   printf "\e[91m❌ CISS.debian.live.builder Script failed. \e[0m\n" >&2
   printf "\e[91m❌ Version             : %s \e[0m\n" "${VAR_VERSION}" >&2
-  printf "\e[91m❌ Environment         : %s \e[0m\n" "${VAR_SYSTEM}" >&2
+  printf "\e[91m❌ Hostsystem          : %s \e[0m\n" "${VAR_SYSTEM}" >&2
   printf "\e[91m❌ Error               : %s \e[0m\n" "${ERRCODE}" >&2
   printf "\e[91m❌ Line                : %s \e[0m\n" "${ERRLINE}" >&2
   printf "\e[91m❌ Script              : %s \e[0m\n" "${ERRSCRT}" >&2

lib/lib_trap_on_exit.sh

@@ -10,6 +10,8 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
+guard_sourcing
+
 #######################################
 # Trap function to be called on 'EXIT'.
 # Globals:

meta_sources_debug.sh

@@ -0,0 +1,32 @@
+#!/bin/bash
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
+# SPDX-PackageName: CISS.debian.live.builder
+# SPDX-Security-Contact: security@coresecret.eu
+
+### Prevent this file from being sourced twice. Derive a safe guard-variable name from the script filename.
+var_file_name="${BASH_SOURCE[0]##*/}"
+var_safe_name="${var_file_name//[^a-zA-Z0-9_]/_}"
+var_guard_var="_${var_safe_name}_LOADED"
+
+### If var_guard_var is already set, abort sourcing.
+if [[ -n "${!var_guard_var:-}" ]]; then
+  unset var_file_name var_safe_name var_guard_var
+  return 0
+fi
+
+### Set var_guard_var and make it readonly+exported
+declare -grx "${var_guard_var}"=1
+unset var_file_name var_safe_name var_guard_var
+
+### Sourcing Debug Libs
+. ./lib/lib_debug.sh
+. ./lib/lib_debug_header.sh
+. ./lib/lib_debug_var_git.sh
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

var/early.var.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# SPDX-Version: 3.0
+# SPDX-CreationInfo: 2025-05-05; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-ExternalRef: GIT https://git.coresecret.dev/msw/CISS.debian.live.builder.git
+# SPDX-FileContributor: WEIDNER, Marc S.; Centurion Intelligence Consulting Agency
+# SPDX-FileCopyrightText: 2024-2025; WEIDNER, Marc S.; <msw@coresecret.dev>
+# SPDX-FileType: SOURCE
+# SPDX-License-Identifier: EUPL-1.2 OR LicenseRef-CCLA-1.0
+# SPDX-LicenseComment: This file is part of the CISS.debian.installer.secure framework.
+# SPDX-PackageName: CISS.debian.live.builder
+# SPDX-Security-Contact: security@coresecret.eu
+
+### Definition of MUST set early Variables
+
+# shellcheck disable=SC2155
+declare -agx ARY_PARAM_ARRAY=("$@")
+declare -grx VAR_PARAM_COUNT="$#"
+declare -grx VAR_PARAM_STRNG="$*"
+declare -grx VAR_CONTACT="security@coresecret.eu"
+declare -grx VAR_VERSION="Master V8.03.768.2025.06.23"
+declare -grx VAR_SYSTEM="$(uname -a)"
+declare -gx  VAR_HANDLER_AUTOBUILD="false"
+umask 0022
+# vim: number et ts=2 sw=2 sts=2 ai tw=128 ft=sh

var/global.var.sh

@@ -10,17 +10,11 @@
 # SPDX-PackageName: CISS.debian.live.builder
 # SPDX-Security-Contact: security@coresecret.eu
 
-# shellcheck disable=SC2155
-declare -gr VAR_SYSTEM="$(uname -a)"
 # shellcheck disable=SC2155
 declare -gr VAR_ISO8601="$(date +%Y_%m_%d_%H_%M_%S)"
-# shellcheck disable=SC2155
 declare -gr VAR_KERNEL_INF="$(mktemp)"
-# shellcheck disable=SC2155
 declare -gr VAR_KERNEL_TMP="$(mktemp)"
-# shellcheck disable=SC2155
 declare -gr VAR_KERNEL_SRT="$(mktemp)"
-# shellcheck disable=SC2155
 declare -gr VAR_NOTES="$(mktemp)"
 
 if "${VAR_EARLY_DEBUG}"; then