From 1c8401be25e4749a2eee5ddc77ce7c6ac880c910 Mon Sep 17 00:00:00 2001 From: Leah Rowe Date: Thu, 24 Aug 2023 20:19:41 +0100 Subject: much, much stricter, more verbose error handling lbmk is much more likely to crash now, in error conditions, which is a boon for further auditing. also: in "fetch", remove the downloaded program if fail() was called. this would also be done for gnulib, when downloading grub, but done in such a way that gnulib goes first. where calls to err write "ERROR" in the string, they no longer say "ERROR" because the "err" function itself now does that automatically. also: listmodes/listoptions (in "lbmk") now reports an error if no scripts and/or directories are found. also: where a warning is given, but not an error, i've gone through in some places and redirected the output to stderr, not stdout as part of error checks: running anything as root, except for the "./build dependencies *" commands, is no longer permitted and lbmk will throw an error mrc downloads: debugfs output no longer redirected to /dev/null, and stderr no longer redirected to stdout. everything is verbose. certain non-error states are also more verbose. for example, patch_rom in blobs/inject will now state when injection succeeds certain actual errors(bugs) were fixed: for example, build/release/roms now correctly prepares the blobs hash files for a given target, containing only the files and checksums in the list. Previously, a printf message was included. Now, with this new code: blobutil/inject rightly verifies hashes. doing all of this in one giant patch is cleaner than 100 patches changing each file. even this is yet part of a much larger audit going on in the Libreboot project. Signed-off-by: Leah Rowe --- lbmk | 35 +++++++++++++++++++++++++++-------- 1 file changed, 27 insertions(+), 8 deletions(-) (limited to 'lbmk') diff --git a/lbmk b/lbmk index e0933aa9..7cd69ed5 100755 --- a/lbmk +++ b/lbmk @@ -33,11 +33,18 @@ option="" main() { + id -u 1>/dev/null 2>/dev/null || \ + err "cannot ascertain user id" + [ "${0##*/}" = "lbmk" ] && err "Don't run this script directly." [ $# -lt 1 ] && err "Too few arguments. Try: ${0} help" - buildpath="./resources/scripts/${0##*/}" mode="${1}" + if [ "$(id -u)" = "0" ] && [ "${mode}" != "dependencies" ]; then + err "running lbmk as root as not permitted" + fi + + buildpath="./resources/scripts/${0##*/}" ./.gitcheck || err "/.gitcheck call from main, in /lbmk" [ "${mode}" = "help" ] && usage ${0} && exit 0 @@ -46,20 +53,22 @@ main() if [ "${mode}" = "dependencies" ]; then install_dependencies $@ || err "Could not install dependencies" exit 0 - else - ./resources/scripts/misc/versioncheck fi option="${2}" shift 2 + ./resources/scripts/misc/versioncheck || \ + err "Cannot check lbmk version" + case "${option}" in list) printf "Options for mode '%s':\n\n" ${mode} listoptions "${mode}" ;; all) for option in $(listoptions "${mode}"); do - "${buildpath}/${mode}/${option}" $@ + "${buildpath}/${mode}/${option}" $@ || \ + err "script fail: ${buildpath}/${mode}/${option} $@" done ;; *) @@ -84,18 +93,23 @@ install_dependencies() aur_notice="" . "resources/dependencies/${2}" - ${pkg_add} ${pkglist} || err "Error installing dependencies" - [ "${aur_notice}" != "" ] && \ - printf "You must install these AUR packages: %s\n" \ - "${aur_notice}" 1>&2 + ${pkg_add} ${pkglist} || \ + err "install_dependencies: Error installing dependencies" + [ "${aur_notice}" = "" ] || \ + printf "You must install AUR packages: %s\n" "${aur_notice}" 1>&2 } # Takes exactly one mode as parameter listoptions() { + options="n" for option in "${buildpath}/${1}/"*; do + [ -f "${option}" ] || continue printf '%s\n' ${option##*/} + options="y" done + [ "${options}" = "y" ] || \ + err "listoptions: No scripts present in directory ${buildpath}/${1}" } usage() @@ -118,9 +132,14 @@ usage() listmodes() { + modes="n" for mode in "${buildpath}"/*; do + [ -d "${mode}" ] || continue printf '%s\n' ${mode##*/} + modes="y" done + [ "${modes}" = "y" ] || \ + err "listmodes: No directories present in directory ${buildpath}" } main $@ -- cgit v1.2.1