Commit bad5ca1f authored by Nikos Skalkotos's avatar Nikos Skalkotos
Browse files

Mass cleanup and some bug fixing

 * Make all "local" variables lowercase.
 * Move HELPER_EXTRA_PKGS from snf-image-update-helper to common.sh
 * Protect all variables from spaces and other special chars
 * Remove extra X's from mktemp template names (only 6 are supported).
 * Make sure pipelines fail if any command (not only the rightmost)
   fails
parent c36351f5
...@@ -38,6 +38,12 @@ RESIZE2FS=resize2fs ...@@ -38,6 +38,12 @@ RESIZE2FS=resize2fs
CLEANUP=( ) CLEANUP=( )
add_cleanup() {
local cmd=""
for arg; do cmd+=$(printf "%q " "$arg"); done
CLEANUP+=("$cmd")
}
log_error() { log_error() {
echo "ERROR: $@" | tee $RESULT >&2 echo "ERROR: $@" | tee $RESULT >&2
exit 1 exit 1
......
...@@ -32,31 +32,32 @@ ...@@ -32,31 +32,32 @@
. @commondir@/common.sh . @commondir@/common.sh
set -e set -e
set -o pipefail
# terminate helper vm when the script exits # terminate helper vm when the script exits
CLEANUP+=("telinit 0") add_cleanup telinit 0
if [ ! -b $FLOPPY_DEV ]; then if [ ! -b "$FLOPPY_DEV" ]; then
log_error "Floppy device is not present!" log_error "Floppy device is not present!"
fi fi
floppy=$(mktemp -d --tmpdir floppy.XXXXXXXX) floppy=$(mktemp -d --tmpdir floppy.XXXXXX)
CLEANUP+=("rmdir $floppy") add_cleanup rmdir "$floppy"
mount $FLOPPY_DEV $floppy mount $FLOPPY_DEV $floppy
CLEANUP+=("umount $floppy") add_cleanup umount "$floppy"
if [ -f $floppy/rules ]; then if [ -f "$floppy/rules" ]; then
source $floppy/rules source "$floppy/rules"
else else
log_error "Floppy does not contain \`rules\' file" log_error "Floppy does not contain \`rules\' file"
fi fi
# Image mount point... # Image mount point...
target=$(mktemp -d --tmpdir target.XXXXXXXX) target=$(mktemp -d --tmpdir target.XXXXXX)
CLEANUP+=("rmdir $target") add_cleanup rmdir "$target"
export SNF_IMAGE_TARGET=$target export SNF_IMAGE_TARGET="$target"
if [ ! -d "@tasksdir@" ]; then if [ ! -d "@tasksdir@" ]; then
log_error "snf-image/tasks directory is missing" log_error "snf-image/tasks directory is missing"
...@@ -69,15 +70,15 @@ fi ...@@ -69,15 +70,15 @@ fi
# If something goes wrong with the tasks, try to umount the target filesystem # If something goes wrong with the tasks, try to umount the target filesystem
# in case it is left mounted... # in case it is left mounted...
trap '{ umount $target; }' ERR trap '{ umount "$target"; }' ERR
echo "Execute all snf-image tasks...." echo "Execute all snf-image tasks...."
$RUN_PARTS -v --exit-on-error "@tasksdir@" $RUN_PARTS -v --exit-on-error "@tasksdir@"
# Disable the trap. If code reaches here, the filesystem is unmounted. # Disable the trap. If code reaches here, the filesystem is unmounted.
trap - ERR trap - ERR
echo "SUCCESS" > $RESULT echo "SUCCESS" > "$RESULT"
cleanup cleanup
trap - EXIT trap - EXIT
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -b "$SNF_IMAGE_DEV" ]; then if [ ! -b "$SNF_IMAGE_DEV" ]; then
log_error "Device file:\`${SNF_IMAGE_DEV}' is not a block device" log_error "Device file:\`${SNF_IMAGE_DEV}' is not a block device"
...@@ -18,7 +18,7 @@ if [ -z "$SNF_IMAGE_TYPE" ]; then ...@@ -18,7 +18,7 @@ if [ -z "$SNF_IMAGE_TYPE" ]; then
fi fi
if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then
$RESIZE2FS $SNF_IMAGE_DEV "$RESIZE2FS" "$SNF_IMAGE_DEV"
fi fi
exit 0 exit 0
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir:\`$SNF_IMAGE_TARGET' is missing" log_error "Target dir:\`$SNF_IMAGE_TARGET' is missing"
...@@ -17,7 +17,7 @@ if [ ! -b "$SNF_IMAGE_DEV" ]; then ...@@ -17,7 +17,7 @@ if [ ! -b "$SNF_IMAGE_DEV" ]; then
log_error "Device file:\`$SNF_IMAGE_DEV' is not a block device" log_error "Device file:\`$SNF_IMAGE_DEV' is not a block device"
fi fi
mount $SNF_IMAGE_DEV $SNF_IMAGE_TARGET mount "$SNF_IMAGE_DEV" "$SNF_IMAGE_TARGET"
exit 0 exit 0
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing" log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing"
......
...@@ -7,7 +7,7 @@ ...@@ -7,7 +7,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing." log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing."
...@@ -19,8 +19,8 @@ if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then ...@@ -19,8 +19,8 @@ if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then
DSA_KEY="/etc/ssh/ssh_host_dsa_key" DSA_KEY="/etc/ssh/ssh_host_dsa_key"
for key in $HOST_KEY $RSA_KEY $DSA_KEY ; do for key in $HOST_KEY $RSA_KEY $DSA_KEY ; do
if [ -f "${SNF_IMAGE_TARGET}/${key}" ] ; then if [ -f "$SNF_IMAGE_TARGET/$key" ] ; then
rm -f ${SNF_IMAGE_TARGET}/${key}* rm -f "$SNF_IMAGE_TARGET"/$key*
fi fi
done done
fi fi
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ -z "$SNF_IMAGE_TARGET" ]; then if [ -z "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing" log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing"
...@@ -18,8 +18,8 @@ if [ "$SNF_IMAGE_TYPE" != "ntfsdump" ]; then ...@@ -18,8 +18,8 @@ if [ "$SNF_IMAGE_TYPE" != "ntfsdump" ]; then
exit 0 exit 0
fi fi
if [ -f @commondir@/unattend.xml ]; then if [ -f "@commondir@/unattend.xml" ]; then
cat @commondir@/unattend.xml > $SNF_IMAGE_TARGET/Unattend.xml cat "@commondir@/unattend.xml" > "$SNF_IMAGE_TARGET/Unattend.xml"
else else
log_error "File \`@commondir@/unattend.xml' is missing." log_error "File \`@commondir@/unattend.xml' is missing."
fi fi
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target directory \`$SNF_IMAGE_TARGET' is missing" log_error "Target directory \`$SNF_IMAGE_TARGET' is missing"
......
...@@ -8,7 +8,7 @@ ...@@ -8,7 +8,7 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing" log_error "Target dir: \`$SNF_IMAGE_TARGET' is missing"
...@@ -21,7 +21,7 @@ if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then ...@@ -21,7 +21,7 @@ if [ "$SNF_IMAGE_TYPE" = "extdump" ]; then
# we have to force a filesystem relabeling for SELinux after messing # we have to force a filesystem relabeling for SELinux after messing
# around with the filesystem in redhat derived OSs # around with the filesystem in redhat derived OSs
echo "Enforce an automatic relabeling in the initial boot process..." echo "Enforce an automatic relabeling in the initial boot process..."
touch $SNF_IMAGE_TARGET/.autorelabel touch "$SNF_IMAGE_TARGET/.autorelabel"
fi fi
fi fi
......
...@@ -8,50 +8,50 @@ ...@@ -8,50 +8,50 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
windows_hostname() { windows_hostname() {
local target=$1 local target="$1"
local password=$2 local password="$2"
local tmp_unattend=`mktemp` || exit 1 local tmp_unattend=`mktemp` || exit 1
CLEANUP+=("rm $tmp_unattend") add_cleanup rm "$tmp_unattend"
echo -n "Assigning new computer name..." echo -n "Assigning new computer name..."
local namespace="urn:schemas-microsoft-com:unattend" local namespace="urn:schemas-microsoft-com:unattend"
$XMLSTARLET ed -N x=$namespace -u "/x:unattend/x:settings/x:component/x:ComputerName" -v $password "$target/Unattend.xml" > $tmp_unattend "$XMLSTARLET" ed -N x=$namespace -u "/x:unattend/x:settings/x:component/x:ComputerName" -v "$password" "$target/Unattend.xml" > "$tmp_unattend"
cat $tmp_unattend > "$target/Unattend.xml" cat "$tmp_unattend" > "$target/Unattend.xml"
echo done echo done
} }
linux_hostname() { linux_hostname() {
local target=$1 local target="$1"
local hostname=$2 local hostname="$2"
local distro=$(get_base_distro $target) local distro=$(get_base_distro "$target")
case "$distro" in case "$distro" in
debian) debian)
echo "$hostname" > $target/etc/hostname;; echo "$hostname" > "$target/etc/hostname";;
redhat) redhat)
sed -ie "s/HOSTNAME=.*$/HOSTNAME=$hostname/g" $target/etc/sysconfig/network;; sed -ie "s/HOSTNAME=.*$/HOSTNAME=$hostname/g" "$target/etc/sysconfig/network";;
slackware|suse) slackware|suse)
#local domain=$(sed -e 's/^[^\.]*//g' < /etc/HOSTNAME) #local domain=$(sed -e 's/^[^\.]*//g' < /etc/HOSTNAME)
# In slackware hostname and domain name are joined together. For now I # In slackware hostname and domain name are joined together. For now I
# will not retain the domain name. # will not retain the domain name.
echo $hostname > ${target}/etc/HOSTNAME;; echo "$hostname" > "${target}/etc/HOSTNAME";;
gentoo) gentoo)
sed -ie "s/\(\(HOSTNAME\)\|\(hostname\)\)=.*$/\1=\"$hostname\"/" $target/etc/conf.d/hostname;; sed -ie "s/\(\(HOSTNAME\)\|\(hostname\)\)=.*$/\1=\"$hostname\"/" "$target/etc/conf.d/hostname";;
esac esac
# Some Linux distributions assign the hostname to 127.0.1.1 in order to be # Some Linux distributions assign the hostname to 127.0.1.1 in order to be
# resolvable to an IP address. Lets replace this if found in /etc/hosts # resolvable to an IP address. Lets replace this if found in /etc/hosts
sed -ie "s/^[[:blank:]]*127\.0\.1\.1[[:blank:]].\+$/127.0.1.1\t$hostname/" $target/etc/hosts sed -ie "s/^[[:blank:]]*127\.0\.1\.1[[:blank:]].\+$/127.0.1.1\t$hostname/" "$target/etc/hosts"
} }
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
...@@ -63,9 +63,9 @@ if [ -z "$SNF_IMAGE_HOSTNAME" ]; then ...@@ -63,9 +63,9 @@ if [ -z "$SNF_IMAGE_HOSTNAME" ]; then
fi fi
if [ "$SNF_IMAGE_TYPE" = "ntfsdump" ]; then if [ "$SNF_IMAGE_TYPE" = "ntfsdump" ]; then
windows_hostname $SNF_IMAGE_TARGET $SNF_IMAGE_HOSTNAME windows_hostname "$SNF_IMAGE_TARGET" "$SNF_IMAGE_HOSTNAME"
elif [ "$SNF_IMAGE_TYPE" = "extdump" ]; then elif [ "$SNF_IMAGE_TYPE" = "extdump" ]; then
linux_hostname $SNF_IMAGE_TARGET $SNF_IMAGE_HOSTNAME linux_hostname "$SNF_IMAGE_TARGET" "$SNF_IMAGE_HOSTNAME"
fi fi
cleanup cleanup
......
...@@ -8,31 +8,31 @@ ...@@ -8,31 +8,31 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
windows_password() { windows_password() {
local target=$1 local target="$1"
local password=$2 local password="$2"
local tmp_unattend=`mktemp` || exit 1 local tmp_unattend="$(mktemp)"
CLEANUP+=("rm $tmp_unattend") add_cleanup rm "$tmp_unattend"
echo -n "Installing new admin password..." echo -n "Installing new admin password..."
local namespace="urn:schemas-microsoft-com:unattend" local namespace="urn:schemas-microsoft-com:unattend"
$XMLSTARLET ed -N x=$namespace -u "/x:unattend/x:settings/x:component/x:UserAccounts/x:AdministratorPassword/x:Value" -v $password "$target/Unattend.xml" > $tmp_unattend "$XMLSTARLET" ed -N x=$namespace -u "/x:unattend/x:settings/x:component/x:UserAccounts/x:AdministratorPassword/x:Value" -v "$password" "$target/Unattend.xml" > "$tmp_unattend"
cat $tmp_unattend > "$target/Unattend.xml" cat "$tmp_unattend" > "$target/Unattend.xml"
echo done echo done
} }
linux_password() { linux_password() {
local target=$1 local target="$1"
local password=$2 local password="$2"
local hash=$(@scriptsdir@/snf-passtohash.py $password) local hash=$("@scriptsdir@/snf-passtohash.py" "$password")
if [ ! -e ${target}/etc/shadow ]; then if [ ! -e "$target/etc/shadow" ]; then
log_error "No /etc/shadow found!" log_error "No /etc/shadow found!"
fi fi
...@@ -46,14 +46,14 @@ linux_password() { ...@@ -46,14 +46,14 @@ linux_password() {
fi fi
for i in $(seq 0 1 $((${#users[@]}-1))); do for i in $(seq 0 1 $((${#users[@]}-1))); do
local tmp_shadow=$(mktemp) local tmp_shadow="$(mktemp)"
CLEANUP+=("rm $tmp_shadow") add_cleanup rm "$tmp_shadow"
echo -n "Setting ${users[$i]} password..." echo -n "Setting ${users[$i]} password..."
echo "${users[$i]}:$hash:15103:0:99999:7:::" > $tmp_shadow echo "${users[$i]}:$hash:15103:0:99999:7:::" > "$tmp_shadow"
grep -v "${users[$i]}" ${TARGET}/etc/shadow >> $tmp_shadow grep -v "${users[$i]}" "$target/etc/shadow" >> "$tmp_shadow"
cat $tmp_shadow > ${target}/etc/shadow cat "$tmp_shadow" > "$target/etc/shadow"
echo "done" echo "done"
done done
} }
...@@ -67,9 +67,9 @@ if [ -z "$SNF_IMAGE_PASSWORD" ]; then ...@@ -67,9 +67,9 @@ if [ -z "$SNF_IMAGE_PASSWORD" ]; then
fi fi
if [ "$SNF_IMAGE_TYPE" = "ntfsdump" ]; then if [ "$SNF_IMAGE_TYPE" = "ntfsdump" ]; then
windows_password $SNF_IMAGE_TARGET $SNF_IMAGE_PASSWORD windows_password "$SNF_IMAGE_TARGET" "$SNF_IMAGE_PASSWORD"
elif [ "$SNF_IMAGE_TYPE" = "extdump" ]; then elif [ "$SNF_IMAGE_TYPE" = "extdump" ]; then
linux_password $SNF_IMAGE_TARGET $SNF_IMAGE_PASSWORD linux_password "$SNF_IMAGE_TARGET" "$SNF_IMAGE_PASSWORD"
fi fi
echo "done" echo "done"
......
...@@ -8,13 +8,13 @@ ...@@ -8,13 +8,13 @@
### END TAST INFO ### END TAST INFO
set -e set -e
. @commondir@/common.sh . "@commondir@/common.sh"
if [ ! -d "$SNF_IMAGE_TARGET" ]; then if [ ! -d "$SNF_IMAGE_TARGET" ]; then
log_error "Target dir:\`$SNF_IMAGE_TARGET' is missing" log_error "Target dir:\`$SNF_IMAGE_TARGET' is missing"
fi fi
umount $SNF_IMAGE_TARGET umount "$SNF_IMAGE_TARGET"
cleanup cleanup
trap - EXIT trap - EXIT
......
...@@ -40,6 +40,12 @@ progress_monitor_support="@progress_monitor_support@" ...@@ -40,6 +40,12 @@ progress_monitor_support="@progress_monitor_support@"
CLEANUP=( ) CLEANUP=( )
add_cleanup() {
local cmd=""
for arg; do cmd+=$(printf "%q " "$arg"); done
CLEANUP+=("$cmd")
}
log_error() { log_error() {
echo "$@" >&2 echo "$@" >&2
} }
...@@ -139,7 +145,7 @@ map_disk0() { ...@@ -139,7 +145,7 @@ map_disk0() {
log_error "Cannot interpret kpartx output and get partition mapping" log_error "Cannot interpret kpartx output and get partition mapping"
exit 1 exit 1
fi fi
$KPARTX -a -p- $blockdev > /dev/null $KPARTX -a -p- "$blockdev" > /dev/null
filesystem_dev="/dev/mapper/${filesystem_dev_base/%-1/}" filesystem_dev="/dev/mapper/${filesystem_dev_base/%-1/}"
if [ ! -b "/dev/mapper/$filesystem_dev_base" ]; then if [ ! -b "/dev/mapper/$filesystem_dev_base" ]; then
log_error "Can't find kpartx mapped partition:" \ log_error "Can't find kpartx mapped partition:" \
...@@ -150,7 +156,7 @@ map_disk0() { ...@@ -150,7 +156,7 @@ map_disk0() {
} }
unmap_disk0() { unmap_disk0() {
$KPARTX -d -p- $1 $KPARTX -d -p- "$1"
} }
format_disk0() { format_disk0() {
...@@ -171,17 +177,17 @@ EOF ...@@ -171,17 +177,17 @@ EOF
create_floppy() { create_floppy() {
local img=$1 local img=$1
local target=$(mktemp -d) || exit 1 local target=$(mktemp -d)
CLEANUP+=("rmdir $target") add_cleanup rmdir "$target"
dd bs=512 count=2880 if=/dev/zero of=$img dd bs=512 count=2880 if=/dev/zero of="$img"
mkfs.ext2 -F $img > /dev/null mkfs.ext2 -F "$img" > /dev/null
mount $img $target -o loop mount "$img" "$target" -o loop
set | egrep ^snf_export_\\w+=|sed -e 's/^snf_export_/SNF_IMAGE_/' | \ set | egrep ^snf_export_\\w+=|sed -e 's/^snf_export_/SNF_IMAGE_/' | \
while read line; do while read line; do
echo "export $line" >> $target/rules echo "export $line" >> "$target/rules"
done done
umount $target umount "$target"
} }
# this one is only to be called by create # this one is only to be called by create
...@@ -275,9 +281,12 @@ fi ...@@ -275,9 +281,12 @@ fi
: ${HELPER_KERNEL:="@HELPER_KERNEL@"} : ${HELPER_KERNEL:="@HELPER_KERNEL@"}
: ${HELPER_INITRD:="@HELPER_INITRD@"} : ${HELPER_INITRD:="@HELPER_INITRD@"}
: ${HELPER_PKG:="@HELPER_DIR@/snf-image-helper.deb"} : ${HELPER_PKG:="@HELPER_DIR@/snf-image-helper.deb"}
: ${HELPER_SOFT_TIMEOUT=15} : ${HELPER_SOFT_TIMEOUT:=15}
: ${HELPER_HARD_TIMEOUT=5} : ${HELPER_HARD_TIMEOUT:=5}
: ${HELPER_USER="nobody"} : ${HELPER_USER:="nobody"}
: ${HELPER_CACHE_FILE:="@HELPER_DIR@/cache.tar"}
: ${HELPER_EXTRA_PKGS:="linux-image-amd64,e2fsprogs,ntfs-3g,ntfsprogs,xmlstarlet,python"}
SCRIPT_NAME=$(basename $0) SCRIPT_NAME=$(basename $0)
......
...@@ -30,6 +30,7 @@ ...@@ -30,6 +30,7 @@
# policies, either expressed or implied, of GRNET S.A. # policies, either expressed or implied, of GRNET S.A.
set -e set -e
set -o pipefail
. common.sh