1 files changed, 8 insertions, 19 deletions

diff --git a/archsetup b/archsetup
index 1f62c33..b748229 100755
--- a/archsetup
+++ b/archsetup
@@ -105,7 +105,6 @@ archsetup_packages="/var/log/archsetup-installed-packages.txt"
 min_disk_space_gb=20
 state_dir="/var/lib/archsetup/state"
 error_messages=()
-firewall_verified=false
 
 ### Cleanup Trap
 # Ensures tmpfs is unmounted if script exits unexpectedly
@@ -307,7 +306,7 @@ pacman_install() {
         if ! (pacman --noconfirm --needed -S "$1" >> "$logfile" 2>&1); then
             action="retrying $1 once more" && display "task" "$action"
             (pacman --noconfirm --needed -S "$1" >> "$logfile" 2>&1) ||
-                error "error" "$action" "$?"
+                error "error" "$1 (pacman)" "$?"
         fi
     fi
 }
@@ -339,7 +338,7 @@ aur_install() {
         if ! (sudo -u "$username" yay -S --noconfirm "$1" >> "$logfile" 2>&1); then
             action="retrying $1 once more" && display "task" "$action"
             (sudo -u "$username" yay -S --noconfirm "$1" >> "$logfile" 2>&1) ||
-                error "error" "$action" "$?"
+                error "error" "$1 (AUR)" "$?"
         fi
     fi
 }
@@ -696,6 +695,9 @@ user_customizations() {
     (cd "$dotfiles_dir"  &&  stow --target="/home/$username" --no-folding --adopt system \
                                 >> "$logfile" 2>&1 )  || error "error" "$action" "$?"
 
+    # install desktop-file-utils before updating database (provides update-desktop-database)
+    pacman_install desktop-file-utils
+
     action="updating desktop database" && display "task" "$action"
     (sudo -u "$username" update-desktop-database "/home/$username/.local/share/applications" \
                                 >> "$logfile" 2>&1 )  || error "error" "$action" "$?"
@@ -898,10 +900,9 @@ EOF
 
     # Verify firewall is actually active
     action="verifying firewall is active" && display "task" "$action"
-    if ufw status | grep -q "Status: active"; then
-        firewall_verified=true
-    else
-        error "error" "firewall verification failed - ufw is not active" "1"
+    if ! ufw status | grep -q "Status: active"; then
+        error_messages=("FIREWALL NOT ACTIVE - run: sudo ufw enable" "${error_messages[@]}")
+        error "error" "$action" "1"
     fi
 
     # Service Discovery
@@ -1792,18 +1793,6 @@ outro() {
         done
     fi
 
-    # Critical security warning if firewall setup failed
-    if [ "$firewall_verified" != "true" ]; then
-        printf "\n" | tee -a "$logfile"
-        printf "!!! CRITICAL SECURITY WARNING !!!\n" | tee -a "$logfile"
-        printf "!!! FIREWALL IS NOT ACTIVE !!!\n" | tee -a "$logfile"
-        printf "Your system may be unprotected. Please run these commands manually:\n" | tee -a "$logfile"
-        printf "  sudo ufw default deny incoming\n" | tee -a "$logfile"
-        printf "  sudo ufw enable\n" | tee -a "$logfile"
-        printf "  sudo ufw status\n" | tee -a "$logfile"
-        printf "\n" | tee -a "$logfile"
-    fi
-
     printf "\n"
     printf "Please reboot before working with your new workstation.\n\n"