From f628073334df5d9c111c3fb86425db1d68dc5a8c 2017-08-21 16:13:42
From: drtyhlpr <its_sead4@gmx.de>
Date: 2017-08-21 16:13:42
Subject: [PATCH] Merge pull request #97 from petterreinholdtsen/func-as-nobody

Introduce as_nobody() function to make it easier to control how it is done.
---

diff --git a/bootstrap.d/13-kernel.sh b/bootstrap.d/13-kernel.sh
index 86f8ee8..0617bc8 100644
--- a/bootstrap.d/13-kernel.sh
+++ b/bootstrap.d/13-kernel.sh
@@ -21,15 +21,15 @@ if [ "$BUILD_KERNEL" = true ] ; then
     fi
   else # KERNELSRC_DIR=""
     # Create temporary directory for kernel sources
-    temp_dir=$(sudo -u nobody mktemp -d)
+    temp_dir=$(as_nobody mktemp -d)
 
     # Fetch current RPi2/3 kernel sources
     if [ -z "${KERNEL_BRANCH}" ] ; then
-      sudo -E -u nobody git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}"
+      as_nobody -u nobody git -C "${temp_dir}" clone --depth=1 "${KERNEL_URL}"
     else
-      sudo -E -u nobody git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}"
+      as_nobody -u nobody git -C "${temp_dir}" clone --depth=1 --branch "${KERNEL_BRANCH}" "${KERNEL_URL}"
     fi
-
+    
     # Copy downloaded kernel sources
     mv "${temp_dir}/linux" "${R}/usr/src/"
 
diff --git a/bootstrap.d/15-rpi-config.sh b/bootstrap.d/15-rpi-config.sh
index 998f4bf..0c2368a 100644
--- a/bootstrap.d/15-rpi-config.sh
+++ b/bootstrap.d/15-rpi-config.sh
@@ -17,16 +17,16 @@ if [ "$BUILD_KERNEL" = true ] ; then
     cp ${RPI_FIRMWARE_DIR}/boot/start_x.elf ${BOOT_DIR}/start_x.elf
   else
     # Create temporary directory for boot binaries
-    temp_dir=$(sudo -u nobody mktemp -d)
+    temp_dir=$(as_nobody mktemp -d)
 
     # Install latest boot binaries from raspberry/firmware github
-    sudo -E -u nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
-    sudo -E -u nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
-    sudo -E -u nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
-    sudo -E -u nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
-    sudo -E -u nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
-    sudo -E -u nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
-    sudo -E -u nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
+    as_nobody wget -q -O "${temp_dir}/bootcode.bin" "${FIRMWARE_URL}/bootcode.bin"
+    as_nobody wget -q -O "${temp_dir}/fixup.dat" "${FIRMWARE_URL}/fixup.dat"
+    as_nobody wget -q -O "${temp_dir}/fixup_cd.dat" "${FIRMWARE_URL}/fixup_cd.dat"
+    as_nobody wget -q -O "${temp_dir}/fixup_x.dat" "${FIRMWARE_URL}/fixup_x.dat"
+    as_nobody wget -q -O "${temp_dir}/start.elf" "${FIRMWARE_URL}/start.elf"
+    as_nobody wget -q -O "${temp_dir}/start_cd.elf" "${FIRMWARE_URL}/start_cd.elf"
+    as_nobody wget -q -O "${temp_dir}/start_x.elf" "${FIRMWARE_URL}/start_x.elf"
 
     # Move downloaded boot binaries
     mv "${temp_dir}/"* "${BOOT_DIR}/"
diff --git a/bootstrap.d/20-networking.sh b/bootstrap.d/20-networking.sh
index a1ddd97..673b2d5 100644
--- a/bootstrap.d/20-networking.sh
+++ b/bootstrap.d/20-networking.sh
@@ -89,11 +89,11 @@ if [ "$ENABLE_WIRELESS" = true ] ; then
   fi
 
   # Create temporary directory for firmware binary blob
-  temp_dir=$(sudo -u nobody mktemp -d)
+  temp_dir=$(as_nobody mktemp -d)
 
   # Fetch firmware binary blob
-  sudo -E -u nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
-  sudo -E -u nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
+  as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.bin" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.bin"
+  as_nobody wget -q -O "${temp_dir}/brcmfmac43430-sdio.txt" "${WLAN_FIRMWARE_URL}/brcmfmac43430-sdio.txt"
 
   # Move downloaded firmware binary blob
   mv "${temp_dir}/brcmfmac43430-sdio."* "${WLAN_FIRMWARE_DIR}/"
diff --git a/bootstrap.d/41-uboot.sh b/bootstrap.d/41-uboot.sh
index 7c61d42..cd9e67b 100644
--- a/bootstrap.d/41-uboot.sh
+++ b/bootstrap.d/41-uboot.sh
@@ -16,10 +16,10 @@ if [ "$ENABLE_UBOOT" = true ] ; then
     cp -r "${UBOOTSRC_DIR}" "${R}/tmp"
   else
     # Create temporary directory for U-Boot sources
-    temp_dir=$(sudo -u nobody mktemp -d)
+    temp_dir=$(as_nobody mktemp -d)
 
     # Fetch U-Boot sources
-    sudo -E -u nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
+    as_nobody git -C "${temp_dir}" clone "${UBOOT_URL}"
 
     # Copy downloaded U-Boot sources
     mv "${temp_dir}/u-boot" "${R}/tmp/"
diff --git a/bootstrap.d/42-fbturbo.sh b/bootstrap.d/42-fbturbo.sh
index 8cb2988..ae65126 100644
--- a/bootstrap.d/42-fbturbo.sh
+++ b/bootstrap.d/42-fbturbo.sh
@@ -15,10 +15,10 @@ if [ "$ENABLE_FBTURBO" = true ] ; then
     cp -r "${FBTURBOSRC_DIR}" "${R}/tmp"
   else
     # Create temporary directory for fbturbo sources
-    temp_dir=$(sudo -u nobody mktemp -d)
+    temp_dir=$(as_nobody mktemp -d)
 
     # Fetch fbturbo sources
-    sudo -E -u nobody git -C "${temp_dir}" clone "${FBTURBO_URL}"
+    as_nobody git -C "${temp_dir}" clone "${FBTURBO_URL}"
 
     # Move downloaded fbturbo sources
     mv "${temp_dir}/xf86-video-fbturbo" "${R}/tmp/"
diff --git a/functions.sh b/functions.sh
index 52f9c35..64b5108 100644
--- a/functions.sh
+++ b/functions.sh
@@ -33,6 +33,11 @@ chroot_exec() {
   LANG=C LC_ALL=C DEBIAN_FRONTEND=noninteractive chroot ${R} $*
 }
 
+as_nobody() {
+  # Exec command as user nobody
+  sudo -u nobody LANG=C LC_ALL=C $*
+}
+
 install_readonly() {
   # Install file with user read-only permissions
   install -o root -g root -m 644 $*