init: fix issues found by shellcheck in init scripts
Most of them are missing quotes, `` -> $(), and -o/-a usage in conditions. Also add few directives disabling checks where were too verbose.
This commit is contained in:
Marek Marczykowski-Górecki
parent
9c839d789f
commit
8bb152f76e
@ -27,7 +27,7 @@ under_systemd() {
|
||||
|
||||
systemd_version_changed() {
|
||||
under_systemd || return
|
||||
systemd_pkg_version=`systemctl --version|head -n 1`
|
||||
systemd_pkg_version=$(systemctl --version|head -n 1)
|
||||
if dmesg | grep -q "$systemd_pkg_version running in system mode."; then
|
||||
return 1
|
||||
fi
|
||||
@ -38,7 +38,7 @@ possibly_run_save_script() {
|
||||
ENCODED_SCRIPT=$(qubesdb-read /qubes-save-script)
|
||||
if [ -z "$ENCODED_SCRIPT" ] ; then return ; fi
|
||||
tmpfile=$(mktemp /tmp/qubes-save-script.XXXXXXXXX)
|
||||
echo $ENCODED_SCRIPT|base64 -d >"$tmpfile"
|
||||
echo "$ENCODED_SCRIPT"|base64 -d >"$tmpfile"
|
||||
chmod 755 "$tmpfile"
|
||||
DISPLAY=:0 su - user -c "$tmpfile"
|
||||
ret=$?
|
||||
@ -94,7 +94,6 @@ is_updateable() {
|
||||
|
||||
reload_random_seed() {
|
||||
local seed
|
||||
local decoded
|
||||
seed=$(qubesdb-read /qubes-random-seed)
|
||||
echo "$seed" | base64 -d > /dev/urandom
|
||||
qubesdb-rm /qubes-random-seed
|
||||
@ -122,7 +121,7 @@ umount_retry() {
|
||||
initialize_home() {
|
||||
local home_root
|
||||
local mode
|
||||
local user
|
||||
#local user
|
||||
local uid
|
||||
local gid
|
||||
local homedir
|
||||
@ -141,7 +140,7 @@ initialize_home() {
|
||||
return 64
|
||||
fi
|
||||
|
||||
if [ "$mode" != "unconditionally" -a "$mode" != "ifneeded" ] ; then
|
||||
if [ "$mode" != "unconditionally" ] && [ "$mode" != "ifneeded" ] ; then
|
||||
echo "initialize_home() second parameter must be 'unconditionally' or 'ifneeded'" >&2
|
||||
return 64
|
||||
fi
|
||||
@ -153,13 +152,13 @@ initialize_home() {
|
||||
|
||||
# Chown home if users' UIDs have changed - can be the case on template switch.
|
||||
for pair in $(getent passwd | awk -F : '/\/home/ { print $1":"$3":"$4":"$6 } ') ; do
|
||||
user=$(echo "$pair" | awk -F : ' { print $1 } ')
|
||||
#user=$(echo "$pair" | awk -F : ' { print $1 } ')
|
||||
uid=$(echo "$pair" | awk -F : ' { print $2 } ')
|
||||
gid=$(echo "$pair" | awk -F : ' { print $3 } ')
|
||||
homedir=$(echo "$pair" | awk -F : ' { print $4 } ')
|
||||
homedirwithouthome=$(echo "$homedir" | sed 's|^/home/||')
|
||||
homedirwithouthome=${homedir#/home/}
|
||||
if ! test -d "$home_root/$homedirwithouthome" || [ "$mode" = "unconditionally" ] ; then
|
||||
if [ "$homedir" == "/home/user" -a -d "/home.orig/$homedirwithouthome" ] ; then
|
||||
if [ "$homedir" == "/home/user" ] && [ -d "/home.orig/$homedirwithouthome" ] ; then
|
||||
echo "initialize_home: populating $mode $home_root/$homedirwithouthome from /home.orig/$homedirwithouthome" >&2
|
||||
mkdir -p "$home_root/$homedirwithouthome"
|
||||
cp -af -T "/home.orig/$homedirwithouthome" "$home_root/$homedirwithouthome"
|
||||
@ -178,8 +177,8 @@ initialize_home() {
|
||||
for waitpid in $waitpids ; do wait "$waitpid" ; done ; waitpids=
|
||||
fi
|
||||
waitpids=
|
||||
homedir_uid=$(ls -dn "$home_root/$homedirwithouthome" | awk '{print $3}')
|
||||
homedir_gid=$(ls -dn "$home_root/$homedirwithouthome" | awk '{print $4}')
|
||||
homedir_uid=$(stat --format=%u "$home_root/$homedirwithouthome")
|
||||
homedir_gid=$(stat --format=%g "$home_root/$homedirwithouthome")
|
||||
if [ "$uid" -ne "$homedir_uid" ]; then
|
||||
echo "initialize_home: adjusting ownership on $home_root/$homedirwithouthome to $uid" >&2
|
||||
find "$home_root/$homedirwithouthome" -uid "$homedir_uid" -print0 | xargs -0 chown "$uid" &
|
||||
|
||||
@ -8,7 +8,7 @@ if [ -e "$dev" ] ; then
|
||||
# The private /dev/xvdb device is present.
|
||||
|
||||
# check if private.img (xvdb) is empty - all zeros
|
||||
private_size_512=`blockdev --getsz "$dev"`
|
||||
private_size_512=$(blockdev --getsz "$dev")
|
||||
if dd if=/dev/zero bs=512 count="$private_size_512" 2>/dev/null | diff "$dev" - >/dev/null; then
|
||||
# the device is empty, create filesystem
|
||||
echo "Virgin boot of the VM: creating private.img filesystem on $dev" >&2
|
||||
|
||||
@ -35,6 +35,7 @@ start()
|
||||
fi
|
||||
|
||||
echo -n $"Executing Qubes misc post scripts:"
|
||||
# shellcheck disable=SC2015
|
||||
/usr/lib/qubes/init/misc-post.sh && success || failure
|
||||
echo
|
||||
}
|
||||
@ -59,4 +60,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -14,10 +14,12 @@ start()
|
||||
have_qubesdb || return
|
||||
|
||||
echo -n $"Setting up Qubes persistent file systems:"
|
||||
# shellcheck disable=SC2015
|
||||
/usr/lib/qubes/init/mount-dirs.sh && success || failure
|
||||
echo
|
||||
|
||||
echo -n $"Executing Qubes random seed scripts:"
|
||||
# shellcheck disable=SC2015
|
||||
/usr/lib/qubes/init/qubes-random-seed.sh && success || failure
|
||||
echo
|
||||
|
||||
@ -41,4 +43,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -19,6 +19,7 @@ start()
|
||||
fi
|
||||
|
||||
echo -n $"Executing Qubes Core scripts NetVM:"
|
||||
# shellcheck disable=SC2015
|
||||
/usr/lib/qubes/init/network-proxy-setup && success || failure
|
||||
echo
|
||||
}
|
||||
@ -41,4 +42,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -28,7 +28,8 @@ stop()
|
||||
{
|
||||
if [ -r $PIDFILE ]; then
|
||||
echo -n "Stopping Qubes Firewall monitor:"
|
||||
kill -9 $(cat $PIDFILE) 2>/dev/null && success || failure
|
||||
# shellcheck disable=SC2015
|
||||
kill -9 "$(cat "$PIDFILE")" 2>/dev/null && success || failure
|
||||
echo ""
|
||||
fi
|
||||
return 0
|
||||
@ -47,4 +48,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -38,4 +38,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -10,6 +10,7 @@
|
||||
start()
|
||||
{
|
||||
echo -n $"Executing Qubes system initialization scripts:"
|
||||
# shellcheck disable=SC2015
|
||||
/usr/lib/qubes/init/qubes-sysinit.sh && success || failure ; echo
|
||||
}
|
||||
|
||||
@ -31,4 +32,5 @@ case "$1" in
|
||||
;;
|
||||
esac
|
||||
|
||||
# shellcheck disable=SC2086
|
||||
exit $RETVAL
|
||||
|
||||
@ -58,12 +58,12 @@ start() {
|
||||
|
||||
stop() {
|
||||
echo -n $"Stopping $prog: "
|
||||
killproc -p $pidfile $prog
|
||||
killproc -p $pidfile "$prog"
|
||||
retval=$?
|
||||
echo
|
||||
/sbin/iptables -t nat -D PR-QBS-SERVICES -i vif+ -d 10.137.255.254 -p tcp --dport 8082 -j REDIRECT
|
||||
/sbin/iptables -D INPUT -i vif+ -p tcp --dport 8082 -j ACCEPT
|
||||
[ $retval -eq 0 ] && rm -f $lockfile
|
||||
[ $retval -eq 0 ] && rm -f "$lockfile"
|
||||
return $retval
|
||||
}
|
||||
|
||||
@ -74,7 +74,7 @@ restart() {
|
||||
|
||||
reload() {
|
||||
echo -n $"Reloading $prog: "
|
||||
killproc -p $pidfile $prog -HUP
|
||||
killproc -p $pidfile "$prog" -HUP
|
||||
echo
|
||||
}
|
||||
|
||||
@ -83,7 +83,7 @@ force_reload() {
|
||||
}
|
||||
|
||||
rh_status() {
|
||||
status $prog
|
||||
status "$prog"
|
||||
}
|
||||
|
||||
rh_status_q() {
|
||||
|
||||
@ -45,6 +45,7 @@ start() {
|
||||
[ -x $exec ] || exit 5
|
||||
|
||||
echo -n $"Starting $prog (as Qubes updates proxy forwarder): "
|
||||
# shellcheck disable=SC2016
|
||||
start-stop-daemon \
|
||||
--exec $exec \
|
||||
--pidfile "$pidfile" \
|
||||
@ -61,7 +62,7 @@ start() {
|
||||
|
||||
stop() {
|
||||
echo -n $"Stopping $prog: "
|
||||
killproc -p $pidfile $prog
|
||||
killproc -p $pidfile "$prog"
|
||||
retval=$?
|
||||
echo
|
||||
[ $retval -eq 0 ] && rm -f $lockfile
|
||||
@ -78,7 +79,7 @@ force_reload() {
|
||||
}
|
||||
|
||||
rh_status() {
|
||||
status $prog
|
||||
status "$prog"
|
||||
}
|
||||
|
||||
rh_status_q() {
|
||||
|
||||
@ -5,8 +5,8 @@
|
||||
|
||||
/usr/lib/qubes/update-proxy-configs
|
||||
|
||||
if [ -n "`ls -A /usr/local/lib 2>/dev/null`" -o \
|
||||
-n "`ls -A /usr/local/lib64 2>/dev/null`" ]; then
|
||||
if [ -n "$(ls -A /usr/local/lib 2>/dev/null)" ] || \
|
||||
[ -n "$(ls -A /usr/local/lib64 2>/dev/null)" ]; then
|
||||
ldconfig
|
||||
fi
|
||||
|
||||
|
||||
@ -11,8 +11,8 @@ if [ "x$network" != "x" ]; then
|
||||
fi
|
||||
|
||||
gateway=$(qubesdb-read /qubes-netvm-gateway)
|
||||
netmask=$(qubesdb-read /qubes-netvm-netmask)
|
||||
primary_dns=$(qubesdb-read /qubes-netvm-primary-dns 2>/dev/null || echo $gateway)
|
||||
#netmask=$(qubesdb-read /qubes-netvm-netmask)
|
||||
primary_dns=$(qubesdb-read /qubes-netvm-primary-dns 2>/dev/null || echo "$gateway")
|
||||
secondary_dns=$(qubesdb-read /qubes-netvm-secondary-dns)
|
||||
modprobe netbk 2> /dev/null || modprobe xen-netback || "${modprobe_fail_cmd}"
|
||||
echo "NS1=$primary_dns" > /var/run/qubes/qubes-ns
|
||||
|
||||
@ -5,13 +5,14 @@
|
||||
# but before sysinit.target is reached.
|
||||
|
||||
# Source Qubes library.
|
||||
# shellcheck source=init/functions
|
||||
. /usr/lib/qubes/init/functions
|
||||
|
||||
# Set the hostname
|
||||
if ! is_protected_file /etc/hostname ; then
|
||||
name=`qubesdb-read /name`
|
||||
name=$(qubesdb-read /name)
|
||||
if [ -n "$name" ]; then
|
||||
hostname $name
|
||||
hostname "$name"
|
||||
if [ -e /etc/debian_version ]; then
|
||||
ipv4_localhost_re="127\.0\.1\.1"
|
||||
else
|
||||
@ -24,7 +25,7 @@ fi
|
||||
|
||||
# Set the timezone
|
||||
if ! is_protected_file /etc/timezone ; then
|
||||
timezone=`qubesdb-read /qubes-timezone 2> /dev/null`
|
||||
timezone=$(qubesdb-read /qubes-timezone 2> /dev/null)
|
||||
if [ -n "$timezone" ]; then
|
||||
ln -sf ../usr/share/zoneinfo/"$timezone" /etc/localtime
|
||||
if [ -e /etc/debian_version ]; then
|
||||
|
||||
@ -26,8 +26,8 @@ qemu_devices="0x8086
|
||||
0x0001
|
||||
0x00b8
|
||||
"
|
||||
if [ -z "$(ls /sys/bus/pci/devices/)" -o \
|
||||
"$(cat /sys/bus/pci/devices/*/{vendor,device})" != "$qemu_devices" ]; then
|
||||
if [ -z "$(ls /sys/bus/pci/devices/)" ] || \
|
||||
[ "$(cat /sys/bus/pci/devices/*/{vendor,device})" != "$qemu_devices" ]; then
|
||||
# do not enable meminfo-writer (so qmemman for this domain) when any real PCI
|
||||
# device is present
|
||||
DEFAULT_ENABLED="$DEFAULT_ENABLED meminfo-writer"
|
||||
@ -43,7 +43,7 @@ if systemd_version_changed ; then
|
||||
fi
|
||||
|
||||
# Wait for xenbus initialization
|
||||
while [ ! -e /dev/xen/xenbus -a ! -e /proc/xen/xenbus ]; do
|
||||
while [ ! -e /dev/xen/xenbus ] && [ -e /proc/xen/xenbus ]; do
|
||||
sleep 0.1
|
||||
done
|
||||
|
||||
@ -74,24 +74,24 @@ is_templatevm && DEFAULT_ENABLED=$DEFAULT_ENABLED_TEMPLATEVM && touch /var/run/q
|
||||
|
||||
# Enable default services
|
||||
for srv in $DEFAULT_ENABLED; do
|
||||
touch /var/run/qubes-service/$srv
|
||||
touch "/var/run/qubes-service/$srv"
|
||||
done
|
||||
|
||||
# Enable services
|
||||
for srv in `qubesdb-multiread /qubes-service/ 2>/dev/null |grep ' = 1'|cut -f 1 -d ' '`; do
|
||||
touch /var/run/qubes-service/$srv
|
||||
for srv in $(qubesdb-multiread /qubes-service/ 2>/dev/null |grep ' = 1'|cut -f 1 -d ' '); do
|
||||
touch "/var/run/qubes-service/$srv"
|
||||
done
|
||||
|
||||
# Disable services
|
||||
for srv in `qubesdb-multiread /qubes-service/ 2>/dev/null |grep ' = 0'|cut -f 1 -d ' '`; do
|
||||
rm -f /var/run/qubes-service/$srv
|
||||
for srv in $(qubesdb-multiread /qubes-service/ 2>/dev/null |grep ' = 0'|cut -f 1 -d ' '); do
|
||||
rm -f "/var/run/qubes-service/$srv"
|
||||
done
|
||||
|
||||
# Prepare environment for other services
|
||||
echo > /var/run/qubes-service-environment
|
||||
|
||||
debug_mode=`qubesdb-read /qubes-debug-mode 2> /dev/null`
|
||||
if [ -n "$debug_mode" -a "$debug_mode" -gt 0 ]; then
|
||||
debug_mode=$(qubesdb-read /qubes-debug-mode 2> /dev/null)
|
||||
if [ -n "$debug_mode" ] && [ "$debug_mode" -gt 0 ]; then
|
||||
echo "GUI_OPTS=-vv" >> /var/run/qubes-service-environment
|
||||
fi
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user