From 2ef27b6a5d190c4d38eb4d13a039e10c006d7c7b Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Mon, 23 Feb 2026 06:06:55 -0600 Subject: chore: add set -euo pipefail to scripts for safety Enable undefined variable checking (set -u) and pipefail across standalone scripts. Guard SUDO_USER references with ${SUDO_USER:-} for set -u compatibility. --- build.sh | 4 ++-- scripts/build-release | 6 +++--- scripts/full-test.sh | 2 +- scripts/test-install.sh | 2 +- scripts/test-vm.sh | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/build.sh b/build.sh index 5991828..ea682cf 100755 --- a/build.sh +++ b/build.sh @@ -5,7 +5,7 @@ # Uses linux-lts kernel with zfs-dkms from archzfs.com repository. # DKMS builds ZFS from source, ensuring it always matches the kernel version. -set -e +set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROFILE_DIR="$SCRIPT_DIR/profile" @@ -459,7 +459,7 @@ mkarchiso -v -w "$WORK_DIR" -o "$OUT_DIR" "$PROFILE_DIR" # Restore ownership to the user who invoked sudo # mkarchiso runs as root and creates root-owned files -if [[ -n "$SUDO_USER" ]]; then +if [[ -n "${SUDO_USER:-}" ]]; then info "Restoring ownership to $SUDO_USER..." chown -R "$SUDO_USER:$SUDO_USER" "$OUT_DIR" "$WORK_DIR" "$PROFILE_DIR" 2>/dev/null || true fi diff --git a/scripts/build-release b/scripts/build-release index 2fbf004..9c6614e 100755 --- a/scripts/build-release +++ b/scripts/build-release @@ -12,13 +12,13 @@ # - $ARCHSETUP_INBOX (notification for test VM rebuild, if set) # - $DIST_REMOTE_HOST:$DIST_REMOTE_PATH (if set and reachable) -set -e +set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_DIR="$(dirname "$SCRIPT_DIR")" # Get actual user (not root when running with sudo) -if [[ -n "$SUDO_USER" ]]; then +if [[ -n "${SUDO_USER:-}" ]]; then REAL_USER="$SUDO_USER" REAL_HOME=$(getent passwd "$SUDO_USER" | cut -d: -f6) else @@ -140,7 +140,7 @@ distribute_remote() { # Run SCP as the real user (not root) to use their SSH keys local scp_cmd="scp" - if [[ -n "$SUDO_USER" ]]; then + if [[ -n "${SUDO_USER:-}" ]]; then scp_cmd="sudo -u $SUDO_USER scp" fi diff --git a/scripts/full-test.sh b/scripts/full-test.sh index 7728859..e500116 100755 --- a/scripts/full-test.sh +++ b/scripts/full-test.sh @@ -22,7 +22,7 @@ # 1 - One or more tests failed # 2 - Setup/infrastructure error -set -e +set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_DIR="$(dirname "$SCRIPT_DIR")" diff --git a/scripts/test-install.sh b/scripts/test-install.sh index 4f9f0d8..0314bf2 100755 --- a/scripts/test-install.sh +++ b/scripts/test-install.sh @@ -9,7 +9,7 @@ # ./test-install.sh single-disk # Run specific config # ./test-install.sh --list # List available configs -set -e +set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" export PROJECT_DIR="$(dirname "$SCRIPT_DIR")" diff --git a/scripts/test-vm.sh b/scripts/test-vm.sh index 2f93bd2..66dba37 100755 --- a/scripts/test-vm.sh +++ b/scripts/test-vm.sh @@ -7,7 +7,7 @@ # ./test-vm.sh --boot-disk # Boot from existing virtual disk (after install) # ./test-vm.sh --clean # Remove VM disks and start fresh -set -e +set -euo pipefail SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" PROJECT_DIR="$(dirname "$SCRIPT_DIR")" -- cgit v1.2.3