From ee114ee73252bcdcacab4a6410ab356b0308fea3 Mon Sep 17 00:00:00 2001 From: m8in Date: Fri, 8 May 2026 00:13:12 +0200 Subject: [PATCH] usage of printf improved, format and ensuring root privileges for setup scripts now is more reliable --- core/base.module.sh | 6 ++-- .../setupCompositionRunningHost.sh | 8 ++--- .../zfs/composition-sync/setupSyncHost.sh | 8 ++--- script/host/zfs/snapshot.sh | 1 - script/monitor/setupObservingHost.sh | 36 +++++++++---------- script/monitor/setupServiceProvidingHost.sh | 22 ++++-------- setupCoreOntoThisHost.sh | 11 +++--- 7 files changed, 40 insertions(+), 52 deletions(-) diff --git a/core/base.module.sh b/core/base.module.sh index b2cca24..e2de838 100755 --- a/core/base.module.sh +++ b/core/base.module.sh @@ -161,8 +161,8 @@ function prepare.setPATH() { function base.abort() { # Minimalmode in case of emergency [[ "${COLOR[SET]:+isset}" != "isset" ]] \ - && printf %b "\nScript aborted during preparation (State: '${CIS[SET]:-""}')!\n" >&2 \ - && printf %b " ${@}\n\n" >&2 \ + && printf "\n%b\n" "Script aborted during preparation (State: '${CIS[SET]:-""}')!" >&2 \ + && printf " %b\n\n" "${@}" >&2 \ && exit 1 local _FULLSCRIPTNAME=$(readlink -e "${0}" 2> /dev/null) @@ -269,7 +269,7 @@ function base.printEnvironment() { echo "Content of array CIS: (all folders end with an tailing '/')" echo "-----------------------------------------------------------" for _KEY in "${!CIS[@]}"; do - printf " %s\n" "CIS[${_KEY}]: ${CIS[${_KEY}]}" + printf " %s: %s\n" "CIS[${_KEY}]" "${CIS[${_KEY}]}" done return 0 } diff --git a/script/host/zfs/composition-sync/setupCompositionRunningHost.sh b/script/host/zfs/composition-sync/setupCompositionRunningHost.sh index 1f17a8b..dc0031d 100755 --- a/script/host/zfs/composition-sync/setupCompositionRunningHost.sh +++ b/script/host/zfs/composition-sync/setupCompositionRunningHost.sh @@ -1,8 +1,8 @@ #!/bin/bash - -[ "$(id -u)" != "0" ] \ - && sudo "${0}" \ - && exit 0 +if [ $(id -u) -ne 0 ]; then + sudo "${0}" && exit 0 + exit 1 +fi source /cis/core/base.module.sh diff --git a/script/host/zfs/composition-sync/setupSyncHost.sh b/script/host/zfs/composition-sync/setupSyncHost.sh index 1dd8745..1c04622 100755 --- a/script/host/zfs/composition-sync/setupSyncHost.sh +++ b/script/host/zfs/composition-sync/setupSyncHost.sh @@ -1,8 +1,8 @@ #!/bin/bash - -[ "$(id -u)" != "0" ] \ - && sudo "${0}" \ - && exit 0 +if [ $(id -u) -ne 0 ]; then + sudo "${0}" && exit 0 + exit 1 +fi source /cis/core/base.module.sh diff --git a/script/host/zfs/snapshot.sh b/script/host/zfs/snapshot.sh index d889904..c806994 100755 --- a/script/host/zfs/snapshot.sh +++ b/script/host/zfs/snapshot.sh @@ -1,5 +1,4 @@ #!/bin/bash - source /cis/core/base.module.sh diff --git a/script/monitor/setupObservingHost.sh b/script/monitor/setupObservingHost.sh index 5b4d82c..2852128 100755 --- a/script/monitor/setupObservingHost.sh +++ b/script/monitor/setupObservingHost.sh @@ -1,25 +1,22 @@ #!/bin/bash +if [ $(id -u) -ne 0 ]; then + sudo "${0}" && exit 0 + exit 1 +fi -[ "$(id -u)" != "0" ] \ - && sudo "${0}" \ - && exit 0 - - - -_SETUP="$(readlink -f "${0}" 2> /dev/null)" - -# Folders always ends with an tailing '/' -_CIS_ROOT="${_SETUP%%/script/monitor/*}/" #Removes longest matching pattern '/script/monitor/*' from the end -_DOMAIN="$("${_CIS_ROOT:?"Missing CIS_ROOT"}core/printOwnDomain.sh")" -_DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}/" +source /cis/core/base.module.sh function checkPreconditions() { - [ -d "${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/checks" ] \ + local _MONITOR_DIR + _MONITOR_DIR="${CIS[DOMAINDEFINITIONS]?"Missing CIS_DOMAINDEFINITIONS"}monitor/" + readonly _MONITOR_DIR + + [ -d "${_MONITOR_DIR:?"Missing MONITOR_DIR"}checks" ] \ && return 0 - echo "No folder for your defined checks found: ${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/checks" + echo "No folder for your defined checks found: ${_MONITOR_DIR:?"Missing MONITOR_DIR"}checks" echo "Please create it and add all your custom monitoring checks there, following this convention: 'NAME_OF_THE_CHECK.on'" echo "A check has to be switched 'on' to be executed, so you can rename a check to 'NAME_OF_THE_CHECK.off' and it will be ignored." echo @@ -30,11 +27,12 @@ function checkPreconditions() { function printSelectedDefinition() { - local _FILE_DEFINED_DOMAIN _FILE_DEFINED_DEFAULT _SCRIPT_DEFINED_DEFAULT - _FILE_DEFINED_DOMAIN="${_DEFINITIONS:?"Missing DEFINITIONS"}monitor/${1:?"Missing CURRENT_FULLFILE"}" - _FILE_DEFINED_DEFAULT="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/default/monitor/${1:?"Missing CURRENT_FULLFILE"}" - _SCRIPT_DEFINED_DEFAULT="${_CIS_ROOT:?"Missing CIS_ROOT"}script/monitor/${1:?"Missing CURRENT_FULLFILE"}" - readonly _FILE_DEFINED_DOMAIN _FILE_DEFINED_DEFAULT _SCRIPT_DEFINED_DEFAULT + local _MONITOR_DIR _FILE_DEFINED_DOMAIN _FILE_DEFINED_DEFAULT _SCRIPT_DEFINED_DEFAULT + _MONITOR_DIR="${CIS[DOMAINDEFINITIONS]?"Missing CIS_DOMAINDEFINITIONS"}monitor/" + _FILE_DEFINED_DOMAIN="${_MONITOR_DIR:?"Missing MONITOR_DIR"}${1:?"Missing CURRENT_FULLFILE"}" + _FILE_DEFINED_DEFAULT="${CIS[DEFAULTDEFINITIONS]}monitor/${1:?"Missing CURRENT_FULLFILE"}" + _SCRIPT_DEFINED_DEFAULT="${CIS[SCRIPTSROOT]}monitor/${1:?"Missing CURRENT_FULLFILE"}" + readonly _MONITOR_DIR _FILE_DEFINED_DOMAIN _FILE_DEFINED_DEFAULT _SCRIPT_DEFINED_DEFAULT [ -s "${_FILE_DEFINED_DOMAIN}" ] \ && echo "${_FILE_DEFINED_DOMAIN}" \ diff --git a/script/monitor/setupServiceProvidingHost.sh b/script/monitor/setupServiceProvidingHost.sh index ea34daf..42813b5 100755 --- a/script/monitor/setupServiceProvidingHost.sh +++ b/script/monitor/setupServiceProvidingHost.sh @@ -1,25 +1,17 @@ #!/bin/bash +if [ $(id -u) -ne 0 ]; then + sudo "${0}" && exit 0 + exit 1 +fi -[ "$(id -u)" != "0" ] \ - && sudo "${0}" \ - && exit 0 - - - -_SETUP="$(readlink -f "${0}" 2> /dev/null)" - -# Folders always ends with an tailing '/' -_CIS_ROOT="${_SETUP%%/script/monitor/*}/" #Removes longest matching pattern '/script/monitor/*' from the end -_CORE_SCRIPTS="${_CIS_ROOT:?"Missing CIS_ROOT"}core/" -_DOMAIN="$("${_CIS_ROOT:?"Missing CIS_ROOT"}core/printOwnDomain.sh")" -_DEFINITIONS="${_CIS_ROOT:?"Missing CIS_ROOT"}definitions/${_DOMAIN:?"Missing DOMAIN"}/" +source /cis/core/base.module.sh echo "Setup the user and permission to enable the monitoring this host ... " \ - && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}addNormalUser.sh" monitoring \ + && "${CIS[COREROOT]:?"Missing CIS_COREROOT"}addNormalUser.sh" monitoring \ && echo \ - && "${_CORE_SCRIPTS:?"Missing CORE_SCRIPTS"}defineAuthorizedKeysOfUser.sh" "${_DEFINITIONS}" monitoring \ + && "${CIS[COREROOT]:?"Missing CIS_COREROOT"}defineAuthorizedKeysOfUser.sh" "${CIS[DOMAINDEFINITIONS]}" monitoring \ && exit 0 exit 1 diff --git a/setupCoreOntoThisHost.sh b/setupCoreOntoThisHost.sh index dc9b545..738f691 100755 --- a/setupCoreOntoThisHost.sh +++ b/setupCoreOntoThisHost.sh @@ -1,11 +1,10 @@ #!/bin/bash -source ${CUSTOM_CIS_ROOT:-/}./cis/core/base.module.sh +if [ $(id -u) -ne 0 ]; then + sudo "${0}" "${1}" && exit 0 + exit 1 +fi - - -[ "$(id -u)" != "0" ] \ - && sudo "${0}" "${1}" \ - && exit 0 +source /cis/core/base.module.sh