diff --git a/gitserver/start.sh b/gitserver/start.sh index 31ed253..4e0512d 100755 --- a/gitserver/start.sh +++ b/gitserver/start.sh @@ -1,4 +1,4 @@ -#!/bin/sh +#!/bin/bash set -e set -o pipefail @@ -8,45 +8,46 @@ DAEMON=sshd HOSTKEY=/etc/ssh/ssh_host_ed25519_key # create the host key if not already created -if [ ! -f "${HOSTKEY}" ]; then +if [[ ! -f "${HOSTKEY}" ]]; then ssh-keygen -A fi -mkdir -p ${HOME}/.ssh +mkdir -p "${HOME}/.ssh" +# shellcheck disable=SC1091 source /etc/profile -[ "$PUBKEY" ] && echo "$PUBKEY" > ${HOME}/.ssh/authorized_keys +[ "$PUBKEY" ] && echo "$PUBKEY" > "${HOME}/.ssh/authorized_keys" -chown -R git:git ${HOME} -chmod -R 755 ${HOME} +chown -R git:git "${HOME}" +chmod -R 755 "${HOME}" # Fix permissions, if writable -if [ -w ${HOME}/.ssh ]; then - chown git:git ${HOME}/.ssh && chmod 700 ${HOME}/.ssh/ +if [[ -w "${HOME}/.ssh" ]]; then + chown git:git "${HOME}/.ssh" && chmod 700 "${HOME}/.ssh/" fi -if [ -w ${HOME}/.ssh/authorized_keys ]; then - chown git:git ${HOME}/.ssh/authorized_keys - chmod 600 ${HOME}/.ssh/authorized_keys +if [[ -w "${HOME}/.ssh/authorized_keys" ]]; then + chown git:git "${HOME}/.ssh/authorized_keys" + chmod 600 "${HOME}/.ssh/authorized_keys" fi # Warn if no config -if [ ! -e ${HOME}/.ssh/authorized_keys ]; then +if [[ ! -e "${HOME}/.ssh/authorized_keys" ]]; then echo "WARNING: No SSH authorized_keys found for git" fi # set the default shell -mkdir -p $HOME/git-shell-commands -cat >$HOME/git-shell-commands/no-interactive-login <<\EOF +mkdir -p "${HOME}/git-shell-commands" +cat > "${HOME}/git-shell-commands/no-interactive-login" <<\EOF #!/bin/sh printf '%s\n' "Hi $USER! You've successfully authenticated, but I do not" printf '%s\n' "provide interactive shell access." exit 128 EOF -chmod +x $HOME/git-shell-commands/no-interactive-login +chmod +x "${HOME}/git-shell-commands/no-interactive-login" stop() { echo "Received SIGINT or SIGTERM. Shutting down $DAEMON" # Get PID - pid=$(cat /var/run/$DAEMON/$DAEMON.pid) + pid=$(cat "/var/run/${DAEMON}/${DAEMON}.pid") # Set TERM kill -SIGTERM "${pid}" # Wait for exit @@ -55,12 +56,13 @@ stop() { echo "Done." } -echo "Running $@" -if [ "$(basename $1)" == "$DAEMON" ]; then +echo "Running $*" +if [[ "$(basename "$1")" == "$DAEMON" ]]; then trap stop SIGINT SIGTERM + # shellcheck disable=SC2068 $@ & pid="$!" - mkdir -p /var/run/$DAEMON && echo "${pid}" > /var/run/$DAEMON/$DAEMON.pid + mkdir -p "/var/run/${DAEMON}" && echo "${pid}" > "/var/run/${DAEMON}/${DAEMON}.pid" wait "${pid}" && exit $? else exec "$@" diff --git a/kernel-builder/build_kernel b/kernel-builder/build_kernel index 6807c90..4f9e499 100755 --- a/kernel-builder/build_kernel +++ b/kernel-builder/build_kernel @@ -34,7 +34,8 @@ linux_next(){ git fetch --tags linux-next ) - local branch="next-$(date +%Y%m%d)" + local branch + branch="next-$(date +%Y%m%d)" echo "Checking out the correct branch ${branch}..." ( cd "$dir" @@ -58,7 +59,7 @@ install_kernel(){ if [[ "$VERSION" != "next" ]]; then local MAJOR_VERSION=${VERSION:0:1} - local V=( ${VERSION//./ } ) + local V=( "${VERSION//./ }" ) local MAJOR_MINOR_VERSION="${V[0]}.${V[1]}" # Get the kernel source. @@ -69,7 +70,7 @@ install_kernel(){ MAJOR_MINOR_VERSION="${MAJOR_VERSION}.x-rcN" else - [ -d /usr/src/linux-${VERSION} ] || curl -sSL "https://cdn.kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/linux-${VERSION}.tar.xz" | tar -C /usr/src -xJ + [ -d "/usr/src/linux-${VERSION}" ] || curl -sSL "https://cdn.kernel.org/pub/linux/kernel/v${MAJOR_VERSION}.x/linux-${VERSION}.tar.xz" | tar -C /usr/src -xJ fi # Git clone and apply the patches for the aufs filesystem. @@ -77,7 +78,7 @@ install_kernel(){ aufsdir=/aufs4-standalone echo "Cloning the git patches for the aufs filesystem..." - git clone --depth 1 --branch aufs${MAJOR_MINOR_VERSION} --single-branch https://github.com/sfjro/aufs4-standalone.git $aufsdir + git clone --depth 1 --branch "aufs${MAJOR_MINOR_VERSION}" --single-branch https://github.com/sfjro/aufs4-standalone.git "$aufsdir" ( cd "$DIR" @@ -126,7 +127,7 @@ install_kernel(){ cd "$DIR" echo "Building the kernel..." - make -j$JOBS + make -j"$JOBS" echo "Installing the modules..." make modules_install echo "Installing the kernel..." @@ -134,7 +135,7 @@ install_kernel(){ ) ( echo "Stripping the modules..." - find /lib/modules/ -name *.ko -exec strip --strip-unneeded {} + + find /lib/modules/ -name "*.ko" -exec strip --strip-unneeded {} + ) }