From 65a52e512f7da94b74cc60a9efae76b58914ed11 2018-11-17 22:09:14 From: Unknown Date: 2018-11-17 22:09:14 Subject: [PATCH] https://www.shellcheck.net/ - most of the time word splitting fixes escaped with " - NTP var fix (missing $) - !-z equals -n --- diff --git a/bootstrap.d/10-bootstrap.sh b/bootstrap.d/10-bootstrap.sh index d8cfb69..8776997 100644 --- a/bootstrap.d/10-bootstrap.sh +++ b/bootstrap.d/10-bootstrap.sh @@ -19,7 +19,7 @@ if [ "$ENABLE_MINBASE" = true ] ; then fi # Base debootstrap (unpack only) -http_proxy=${APT_PROXY} debootstrap ${APT_EXCLUDES} --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian" +http_proxy=${APT_PROXY} debootstrap "${APT_EXCLUDES}" --arch="${RELEASE_ARCH}" --foreign ${VARIANT} --components="${COMPONENTS}" --include="${APT_INCLUDES}" "${RELEASE}" "${R}" "http://${APT_SERVER}/debian" # Copy qemu emulator binary to chroot install -m 755 -o root -g root "${QEMU_BINARY}" "${R}${QEMU_BINARY}" diff --git a/bootstrap.d/11-apt.sh b/bootstrap.d/11-apt.sh index 3c9b2a0..f511f43 100644 --- a/bootstrap.d/11-apt.sh +++ b/bootstrap.d/11-apt.sh @@ -41,13 +41,13 @@ chroot_exec apt-get -qq -y update chroot_exec apt-get -qq -y -u dist-upgrade if [ "$APT_INCLUDES_LATE" ] ; then - chroot_exec apt-get -qq -y install $(echo $APT_INCLUDES_LATE |tr , ' ') + chroot_exec apt-get -qq -y install "$(echo "$APT_INCLUDES_LATE" |tr , ' ')" fi if [ -d packages ] ; then for package in packages/*.deb ; do - cp $package ${R}/tmp - chroot_exec dpkg --unpack /tmp/$(basename $package) + cp "$package" "${R}"/tmp + chroot_exec dpkg --unpack /tmp/"$(basename "$package")" done fi chroot_exec apt-get -qq -y -f install diff --git a/bootstrap.d/12-locale.sh b/bootstrap.d/12-locale.sh index ac342ef..c469ec3 100644 --- a/bootstrap.d/12-locale.sh +++ b/bootstrap.d/12-locale.sh @@ -6,11 +6,11 @@ . ./functions.sh # Install and setup timezone -echo ${TIMEZONE} > "${ETC_DIR}/timezone" +echo "${TIMEZONE}" > "${ETC_DIR}/timezone" chroot_exec dpkg-reconfigure -f noninteractive tzdata # Install and setup default locale and keyboard configuration -if [ $(echo "$APT_INCLUDES" | grep ",locales") ] ; then +if [ "$(echo "$APT_INCLUDES" | grep ",locales")" ] ; then # Set locale choice in debconf db, even though dpkg-reconfigure ignores and overwrites them due to some bug # https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=684134 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=685957 # ... so we have to set locales manually diff --git a/bootstrap.d/13-kernel.sh b/bootstrap.d/13-kernel.sh index a3c2e0c..7805160 100644 --- a/bootstrap.d/13-kernel.sh +++ b/bootstrap.d/13-kernel.sh @@ -89,30 +89,32 @@ if [ "$BUILD_KERNEL" = true ] ; then # Set kernel configuration parameters to enable qemu emulation if [ "$ENABLE_QEMU" = true ] ; then - echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config + echo "CONFIG_FHANDLE=y" >> "${KERNEL_DIR}"/.config + echo "CONFIG_LBDAF=y" >> "${KERNEL_DIR}"/.config if [ "$ENABLE_CRYPTFS" = true ] ; then - echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config - echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config + { + echo "CONFIG_EMBEDDED=y" + echo "CONFIG_EXPERT=y" + echo "CONFIG_DAX=y" + echo "CONFIG_MD=y" + echo "CONFIG_BLK_DEV_MD=y" + echo "CONFIG_MD_AUTODETECT=y" + echo "CONFIG_BLK_DEV_DM=y" + echo "CONFIG_BLK_DEV_DM_BUILTIN=y" + echo "CONFIG_DM_CRYPT=y" + echo "CONFIG_CRYPTO_BLKCIPHER=y" + echo "CONFIG_CRYPTO_CBC=y" + echo "CONFIG_CRYPTO_XTS=y" + echo "CONFIG_CRYPTO_SHA512=y" + echo "CONFIG_CRYPTO_MANAGER=y" + } >> ${KERNEL_DIR}/.config fi fi # Copy custom kernel configuration file - if [ ! -z "$KERNELSRC_USRCONFIG" ] ; then - cp $KERNELSRC_USRCONFIG ${KERNEL_DIR}/.config + if [ -n "$KERNELSRC_USRCONFIG" ] ; then + cp "$KERNELSRC_USRCONFIG" "${KERNEL_DIR}"/.config fi # Set kernel configuration parameters to their default values @@ -134,11 +136,11 @@ if [ "$BUILD_KERNEL" = true ] ; then fi # Cross compile kernel and dtbs - make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs + make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" "${KERNEL_BIN_IMAGE}" dtbs # Cross compile kernel modules - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then - make -C "${KERNEL_DIR}" -j${KERNEL_THREADS} ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then + make -C "${KERNEL_DIR}" -j"${KERNEL_THREADS}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" CC="${cc}" modules fi fi @@ -151,16 +153,16 @@ if [ "$BUILD_KERNEL" = true ] ; then # Install kernel modules if [ "$ENABLE_REDUCE" = true ] ; then - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_STRIP=1 INSTALL_MOD_PATH=../../.. modules_install fi else - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_MOD_PATH=../../.. modules_install fi # Install kernel firmware - if [ $(grep "^firmware_install:" "${KERNEL_DIR}/Makefile") ] ; then + if [ "$(grep "^firmware_install:" "${KERNEL_DIR}/Makefile")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" INSTALL_FW_PATH=../../../lib firmware_install fi fi @@ -223,8 +225,8 @@ if [ "$BUILD_KERNEL" = true ] ; then rm -fr "${KERNEL_DIR}" else # Prepare compiled kernel modules - if [ $(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config") ] ; then - if [ $(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile") ] ; then + if [ "$(grep "CONFIG_MODULES=y" "${KERNEL_DIR}/.config")" ] ; then + if [ "$(grep "^modules_prepare:" "${KERNEL_DIR}/Makefile")" ] ; then make -C "${KERNEL_DIR}" ARCH="${KERNEL_ARCH}" CROSS_COMPILE="${CROSS_COMPILE}" modules_prepare fi @@ -242,7 +244,7 @@ else # BUILD_KERNEL=false chroot_exec apt-get -qq -y install flash-kernel # Check if kernel installation was successful - VMLINUZ="$(ls -1 ${R}/boot/vmlinuz-* | sort | tail -n 1)" + VMLINUZ="$(ls -1 "${R}"/boot/vmlinuz-* | sort | tail -n 1)" if [ -z "$VMLINUZ" ] ; then echo "error: kernel installation failed! (/boot/vmlinuz-* not found)" cleanup diff --git a/bootstrap.d/14-fstab.sh b/bootstrap.d/14-fstab.sh index 0a8eb19..2f68cdf 100644 --- a/bootstrap.d/14-fstab.sh +++ b/bootstrap.d/14-fstab.sh @@ -45,7 +45,7 @@ if [ "$BUILD_KERNEL" = true ] && [ "$ENABLE_INITRAMFS" = true ] ; then printf "#\n# CRYPTSETUP: [ y | n ]\n#\n\nCRYPTSETUP=y\n" >> "${ETC_DIR}/initramfs-tools/conf-hook" # Dummy mapping required by mkinitramfs - echo "0 1 crypt $(echo ${CRYPTFS_CIPHER} | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}" + echo "0 1 crypt $(echo "${CRYPTFS_CIPHER}" | cut -d ':' -f 1) ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff 0 7:0 4096" | chroot_exec dmsetup create "${CRYPTFS_MAPPING}" # Generate initramfs with encrypted root partition support chroot_exec mkinitramfs -o "/boot/firmware/initramfs-${KERNEL_VERSION}" "${KERNEL_VERSION}" diff --git a/bootstrap.d/15-rpi-config.sh b/bootstrap.d/15-rpi-config.sh index b84de23..031776b 100644 --- a/bootstrap.d/15-rpi-config.sh +++ b/bootstrap.d/15-rpi-config.sh @@ -8,13 +8,13 @@ if [ "$BUILD_KERNEL" = true ] ; then if [ -n "$RPI_FIRMWARE_DIR" ] && [ -d "$RPI_FIRMWARE_DIR" ] ; then # Install boot binaries from local directory - cp ${RPI_FIRMWARE_DIR}/boot/bootcode.bin ${BOOT_DIR}/bootcode.bin - cp ${RPI_FIRMWARE_DIR}/boot/fixup.dat ${BOOT_DIR}/fixup.dat - cp ${RPI_FIRMWARE_DIR}/boot/fixup_cd.dat ${BOOT_DIR}/fixup_cd.dat - cp ${RPI_FIRMWARE_DIR}/boot/fixup_x.dat ${BOOT_DIR}/fixup_x.dat - cp ${RPI_FIRMWARE_DIR}/boot/start.elf ${BOOT_DIR}/start.elf - cp ${RPI_FIRMWARE_DIR}/boot/start_cd.elf ${BOOT_DIR}/start_cd.elf - cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf + cp "${RPI_FIRMWARE_DIR}"/boot/bootcode.bin "${BOOT_DIR}"/bootcode.bin + cp "${RPI_FIRMWARE_DIR}"/boot/fixup.dat "${BOOT_DIR}"/fixup.dat + cp "${RPI_FIRMWARE_DIR}"/boot/fixup_cd.dat "${BOOT_DIR}"/fixup_cd.dat + cp "${RPI_FIRMWARE_DIR}"/boot/fixup_x.dat "${BOOT_DIR}"/fixup_x.dat + cp "${RPI_FIRMWARE_DIR}"/boot/start.elf "${BOOT_DIR}"/start.elf + cp "${RPI_FIRMWARE_DIR}"/boot/start_cd.elf "${BOOT_DIR}"/start_cd.elf + cp "${RPI_FIRMWARE_DIR}"/boot/start_x.elf "${BOOT_DIR}"/start_x.elf else # Create temporary directory for boot binaries temp_dir=$(as_nobody mktemp -d) @@ -50,9 +50,9 @@ fi # Add encrypted root partition to cmdline.txt if [ "$ENABLE_CRYPTFS" = true ] ; then if [ "$ENABLE_SPLITFS" = true ] ; then - CMDLINE=$(echo ${CMDLINE} | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/") + CMDLINE=$(echo "${CMDLINE}" | sed "s/sda1/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/sda1:${CRYPTFS_MAPPING}/") else - CMDLINE=$(echo ${CMDLINE} | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/") + CMDLINE=$(echo "${CMDLINE}" | sed "s/mmcblk0p2/mapper\/${CRYPTFS_MAPPING} cryptdevice=\/dev\/mmcblk0p2:${CRYPTFS_MAPPING}/") fi fi @@ -139,7 +139,7 @@ if [ "$ENABLE_SPI" = true ] ; then fi # Disable RPi2/3 under-voltage warnings -if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then +if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then echo "avoid_warnings=${DISABLE_UNDERVOLT_WARNINGS}" >> "${BOOT_DIR}/config.txt" fi diff --git a/bootstrap.d/16-videocore.sh b/bootstrap.d/16-videocore.sh index 6a3acc9..139d60f 100644 --- a/bootstrap.d/16-videocore.sh +++ b/bootstrap.d/16-videocore.sh @@ -28,6 +28,6 @@ if [ "$ENABLE_VIDEOCORE" = true ] ; then fi cmake -DCMAKE_SYSTEM_NAME=Linux -DCMAKE_BUILD_TYPE=release -DARM64=ON -DCMAKE_C_COMPILER=aarch64-linux-gnu-gcc -DCMAKE_CXX_COMPILER=aarch64-linux-gnu-g++ -DCMAKE_ASM_COMPILER=aarch64-linux-gnu-gcc -DVIDEOCORE_BUILD_DIR="${R}"/opt/vc - make -j $(nproc) - chroot_exec PATH=${PATH}:/opt/vc/bin + make -j "$(nproc)" + chroot_exec PATH="${PATH}":/opt/vc/bin fi diff --git a/bootstrap.d/20-networking.sh b/bootstrap.d/20-networking.sh index c386754..d53b78b 100644 --- a/bootstrap.d/20-networking.sh +++ b/bootstrap.d/20-networking.sh @@ -89,14 +89,14 @@ if [ "$ENABLE_HARDNET" = true ] ; then fi # Enable time sync -if [ "NET_NTP_1" != "" ] ; then +if [ "$NET_NTP_1" != "" ] ; then chroot_exec systemctl enable systemd-timesyncd.service fi # Download the firmware binary blob required to use the RPi3 wireless interface if [ "$ENABLE_WIRELESS" = true ] ; then - if [ ! -d ${WLAN_FIRMWARE_DIR} ] ; then - mkdir -p ${WLAN_FIRMWARE_DIR} + if [ ! -d "${WLAN_FIRMWARE_DIR}" ] ; then + mkdir -p "${WLAN_FIRMWARE_DIR}" fi # Create temporary directory for firmware binary blob diff --git a/rpi23-gen-image.sh b/rpi23-gen-image.sh index d975b24..65a48a9 100755 --- a/rpi23-gen-image.sh +++ b/rpi23-gen-image.sh @@ -31,7 +31,7 @@ fi . ./functions.sh # Load parameters from configuration template file -if [ ! -z "$CONFIG_TEMPLATE" ] ; then +if [ -n "$CONFIG_TEMPLATE" ] ; then use_template fi @@ -297,7 +297,7 @@ if [ "$ENABLE_WIRELESS" = true ] && ([ "$RPI_MODEL" = 1 ] || [ "$RPI_MODEL" = 1P fi # Check if DISABLE_UNDERVOLT_WARNINGS parameter value is supported -if [ ! -z "$DISABLE_UNDERVOLT_WARNINGS" ] ; then +if [ -n "$DISABLE_UNDERVOLT_WARNINGS" ] ; then if [ "$DISABLE_UNDERVOLT_WARNINGS" != 1 ] && [ "$DISABLE_UNDERVOLT_WARNINGS" != 2 ] ; then echo "error: DISABLE_UNDERVOLT_WARNINGS=${DISABLE_UNDERVOLT_WARNINGS} is not supported" exit 1 @@ -361,7 +361,7 @@ if [ "$ENABLE_UBOOT" = true ] ; then fi # Check if root SSH (v2) public key file exists -if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then +if [ -n "$SSH_ROOT_PUB_KEY" ] ; then if [ ! -f "$SSH_ROOT_PUB_KEY" ] ; then echo "error: '$SSH_ROOT_PUB_KEY' specified SSH public key file not found (SSH_ROOT_PUB_KEY)!" exit 1 @@ -369,7 +369,7 @@ if [ ! -z "$SSH_ROOT_PUB_KEY" ] ; then fi # Check if $USER_NAME SSH (v2) public key file exists -if [ ! -z "$SSH_USER_PUB_KEY" ] ; then +if [ -n "$SSH_USER_PUB_KEY" ] ; then if [ ! -f "$SSH_USER_PUB_KEY" ] ; then echo "error: '$SSH_USER_PUB_KEY' specified SSH public key file not found (SSH_USER_PUB_KEY)!" exit 1 @@ -378,7 +378,7 @@ fi # Check if all required packages are installed on the build system for package in $REQUIRED_PACKAGES ; do - if [ "`dpkg-query -W -f='${Status}' $package`" != "install ok installed" ] ; then + if [ "$(dpkg-query -W -f='${Status}' $package)" != "install ok installed" ] ; then MISSING_PACKAGES="${MISSING_PACKAGES} $package" fi done @@ -388,12 +388,12 @@ if [ -n "$MISSING_PACKAGES" ] ; then echo "the following packages needed by this script are not installed:" echo "$MISSING_PACKAGES" - echo -n "\ndo you want to install the missing packages right now? [y/n] " - read confirm + printf "\n\ndo you want to install the missing packages right now? [y/n] " + read -r confirm [ "$confirm" != "y" ] && exit 1 # Make sure all missing required packages are installed - apt-get -qq -y install ${MISSING_PACKAGES} + apt-get -qq -y install "${MISSING_PACKAGES}" fi # Check if ./bootstrap.d directory exists @@ -454,7 +454,7 @@ fi mkdir -p "${R}" # Check if build directory has enough of free disk space >512MB -if [ "$(df --output=avail ${BUILDDIR} | sed "1d")" -le "524288" ] ; then +if [ "$(df --output=avail "${BUILDDIR}" | sed "1d")" -le "524288" ] ; then echo "error: ${BUILDDIR} not enough space left to generate the output image!" exit 1 fi @@ -532,7 +532,7 @@ if [ "$ENABLE_REDUCE" = true ] ; then # Add dropbear package instead of openssh-server if [ "$REDUCE_SSHD" = true ] ; then - APT_INCLUDES="$(echo ${APT_INCLUDES} | sed "s/openssh-server/dropbear/")" + APT_INCLUDES="$(echo "${APT_INCLUDES}" | sed "s/openssh-server/dropbear/")" fi fi @@ -675,27 +675,27 @@ if [ "$ENABLE_QEMU" = true ] ; then fi # Calculate size of the chroot directory in KB -CHROOT_SIZE=$(expr `du -s "${R}" | awk '{ print $1 }'`) +CHROOT_SIZE=$(expr "$(du -s "${R}" | awk '{ print $1 }')") # Calculate the amount of needed 512 Byte sectors TABLE_SECTORS=$(expr 1 \* 1024 \* 1024 \/ 512) FRMW_SECTORS=$(expr 64 \* 1024 \* 1024 \/ 512) -ROOT_OFFSET=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS}) +ROOT_OFFSET=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}") # The root partition is EXT4 # This means more space than the actual used space of the chroot is used. # As overhead for journaling and reserved blocks 35% are added. -ROOT_SECTORS=$(expr $(expr ${CHROOT_SIZE} + ${CHROOT_SIZE} \/ 100 \* 35) \* 1024 \/ 512) +ROOT_SECTORS=$(expr "$(expr "${CHROOT_SIZE}" + "${CHROOT_SIZE}" \/ 100 \* 35)" \* 1024 \/ 512) # Calculate required image size in 512 Byte sectors -IMAGE_SECTORS=$(expr ${TABLE_SECTORS} + ${FRMW_SECTORS} + ${ROOT_SECTORS}) +IMAGE_SECTORS=$(expr "${TABLE_SECTORS}" + "${FRMW_SECTORS}" + "${ROOT_SECTORS}") # Prepare image file if [ "$ENABLE_SPLITFS" = true ] ; then - dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=${TABLE_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek=${FRMW_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=${TABLE_SECTORS} - dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek=${ROOT_SECTORS} + dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count="${TABLE_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-frmw.img" bs=512 count=0 seek="${FRMW_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count="${TABLE_SECTORS}" + dd if=/dev/zero of="$IMAGE_NAME-root.img" bs=512 count=0 seek="${ROOT_SECTORS}" # Write firmware/boot partition tables sfdisk -q -L -uS -f "$IMAGE_NAME-frmw.img" 2> /dev/null < /dev/null <