Hardening the init script further.

2013-02-08 18:07:26 +01:00 · 2013-02-08 18:07:26 +01:00 · 81b29d7851
parent 880e1f3a28
commit 81b29d7851
1 changed files with 50 additions and 41 deletions
--- a/filesystem/opt/groomer/groomer.sh
+++ b/filesystem/opt/groomer/groomer.sh
@ -7,36 +7,56 @@ set -x
 DEV_SRC='/dev/sdf'
 DEV_DST='/dev/sdg1'
 HOME=testing
+############
+
+
+SRC=${HOME}/src
+DST=${HOME}/dst
+
+TEMP=${DST}/temp
+ZIPTEMP=${DST}/ziptemp
+LOGS=${DST}/logs


 clean(){
    echo Cleaning.
+    sync
+
+    # Cleanup source
+    umount $SRC
+    rm -rf $SRC
+
+    # Cleanup destination
+    rm -rf ${TEMP}
+    rm -rf ${ZIPTEMP}
+    umount $DST
+    rm -rf $DST
+
+    # Only if running on a rPi
+    #/sbin/shutdown -h now
 }

 trap clean EXIT TERM INT

-# groom da kitteh!
-
+# De we have a source device
 if [ ! -b ${DEV_SRC} ]; then
    echo 'Source device ('${DEV_SRC}') does not exists.'
    exit
 fi
-
+# Find the partition names on the source device
 DEV_PARTITIONS=`ls ${DEV_SRC}* | grep ${DEV_SRC}'[1-9][0-6]*' || true`
 if [ -z ${DEV_PARTITIONS} ]; then
    echo ${DEV_SRC} 'does not have any partitions.'
    exit
 fi

+# Do we have a destination device
 if [ ! -b ${DEV_DST} ]; then
    echo 'Destination device ('${DEV_DST}') does not exists.'
    exit
 fi

-
-SRC=${HOME}/src
-DST=${HOME}/dst
-
+# Prepare mount points
 if [ ! -d $SRC ]; then
    mkdir $SRC
 fi
@ -44,57 +64,53 @@ if [ ! -d $DST ]; then
    mkdir $DST
 fi

+# Mount and prepare destination device
 if mount|grep $DST; then
    umount $DST || true
 fi
-
-TEMP=${DST}/temp
-ZIPTEMP=${DST}/ziptemp
-FL=${DST}/filelist.txt
-
-mount ${DEV_DST} $DST
-
+mount -o noexec ${DEV_DST} ${DST}
 if [ $? -ne 0 ]; then
-    echo Unable to mount ${DEV_DST} on $DST
-    exit 1
+    echo Unable to mount ${DEV_DST} on ${DST}
+    exit
 else
-    echo 'Target USB device ('${DEV_DST}') mounted at $DST'
-    rm -rf $DST/FROM_PARTITION_*
+    echo 'Target USB device ('${DEV_DST}') mounted at '${DST}
+    rm -rf ${DST}/FROM_PARTITION_*

    # mount temp and make sure it's empty
-    mkdir -p $TEMP
-    mkdir -p $ZIPTEMP
+    mkdir -p ${TEMP}
+    mkdir -p ${ZIPTEMP}
+    mkdir -p ${LOGS}

    rm -rf ${TEMP}/*
    rm -rf ${ZIPTEMP}/*
-
-    echo Full file list from source USB > $FL
+    rm -rf ${LOGS}/*
 fi

+# Groom da kitteh!
+
 COPYDIRTYPDF=0
 PARTCOUNT=1
-for partition in $DEV_PARTITIONS
+for partition in ${DEV_PARTITIONS}
 do
+    # Processing a partition
    echo Processing partition: ${partition}
    if mount|grep $SRC; then
-        umount $SRC 2> /dev/null
+        umount $SRC
    fi

-    mount -r $partition $SRC
+    mount -o noexec -r $partition $SRC
    if [ $? -ne 0 ]; then
        echo Unable to mount ${partition} on $SRC
    else
        echo $partition mounted at $SRC

-        echo PARTITION $PARTCOUNT >> $FL
-        # FIXME: eval probably insecure
-        find ${SRC}/* -printf 'echo "%p" | sed s:'${SRC}':: >> '${FL}' \n' | \
-            while read l; do eval $l; done
+        # Print the filenames on the current partition in a logfile
+        find ${SRC}/* -fls ${LOGS}/${PARTCOUNT}

-        # create a director on sdb named PARTION_n
+        # create a directory on $DST named PARTION_$PARTCOUNT
        targetDir=${DST}/FROM_PARTITION_${PARTCOUNT}
-        echo copying to: $targetDir
-        mkdir -p $targetDir
+        echo copying to: $target_dir
+        mkdir -p $target_dir

        #if [ $COPYDIRTYPDF -eq 1 ]; then
        #    pdfCopyDirty $SRC $targetDir
@ -113,12 +129,5 @@ do
    let PARTCOUNT=$PARTCOUNT+1
 done

-#cleanup
-rm -rf ${TEMP}*
-rm -rf ${ZIPTEMP}*
-sync
-umount $SRC
-umount $DST
-
-#/sbin/shutdown -h now
-
+# The cleanup is automatically done in the finction clean called when
+# the program quits