Rename all shell scripts to *.sh + shellcheck -x success#2050
Rename all shell scripts to *.sh + shellcheck -x success#2050tlaurion wants to merge 2 commits intolinuxboot:masterfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR renames shell scripts to include .sh extensions and adds shellcheck compliance improvements. It updates script references across config files and adds shellcheck directives to scripts.
Changes:
- Renamed shell scripts by adding
.shextension - Updated CONFIG_BOOTSCRIPT paths in board configuration files
- Added shellcheck source directives and disabled warnings where appropriate
- Improved shell script compliance with shellcheck recommendations
Reviewed changes
Copilot reviewed 105 out of 158 changed files in this pull request and generated 13 comments.
| File | Description |
|---|---|
| Config files (boards/*) | Updated CONFIG_BOOTSCRIPT paths to use .sh extensions |
| Shell scripts (initrd/bin/*) | Renamed scripts, added shellcheck directives, improved compliance |
| Config files (unmaintained_boards/*) | Updated CONFIG_BOOTSCRIPT paths, some with inconsistent leading slash |
| initrd/init | Updated script calls and added shellcheck compliance fixes |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| CONFIG_LINUX_BCM=y | ||
|
|
||
| export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" to match the pattern used in other config files.
|
|
||
| export CONFIG_TPM=n | ||
| export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" to match the pattern used in other config files.
| CONFIG_LINUX_E1000E=y | ||
|
|
||
| export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" to match the pattern used in other config files.
| export CONFIG_QUIET_MODE=y | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| #export CONFIG_BOOTSCRIPT_NETWORK=/bin/network-init-recovery | ||
| #export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT commented line. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" for consistency.
| #export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| #export CONFIG_BOOTSCRIPT_NETWORK=/bin/network-init-recovery | ||
| #export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT commented line. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" for consistency.
| CONFIG_LINUX_NVME=y | ||
|
|
||
| export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" to match the pattern used in other config files.
| #CONFIG_LINUX_NVME=y | ||
|
|
||
| export CONFIG_BOOTSCRIPT=/bin/generic-init | ||
| export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" to match the pattern used in other config files.
| export CONFIG_QUIET_MODE=y | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| #export CONFIG_BOOTSCRIPT_NETWORK=/bin/network-init-recovery | ||
| #export CONFIG_BOOTSCRIPT="bin/generic-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT commented line. This line has "bin/generic-init.sh" but should be "/bin/generic-init.sh" for consistency with the pattern used in other config files.
| #Enable quiet mode: technical information logged under /tmp/debug.log | ||
| export CONFIG_QUIET_MODE=y | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| export CONFIG_BOOTSCRIPT="bin/gui-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/gui-init.sh" but should be "/bin/gui-init.sh" to match the pattern used in other config files.
| export CONFIG_BOOTSCRIPT="bin/gui-init.sh" | |
| export CONFIG_BOOTSCRIPT="/bin/gui-init.sh" |
| #Enable quiet mode: technical information logged under /tmp/debug.log | ||
| export CONFIG_QUIET_MODE=y | ||
| export CONFIG_BOOTSCRIPT=/bin/gui-init | ||
| export CONFIG_BOOTSCRIPT="bin/gui-init.sh" |
There was a problem hiding this comment.
Missing leading slash in CONFIG_BOOTSCRIPT path. This line has "bin/gui-init.sh" but should be "/bin/gui-init.sh" to match the pattern used in other config files.
| export CONFIG_BOOTSCRIPT="bin/gui-init.sh" | |
| export CONFIG_BOOTSCRIPT="/bin/gui-init.sh" |
tlaurion
force-pushed
the
shellcheck_fixes
branch
2 times, most recently
from
cdfe716 to
b1aaf47
Compare
|
Unfortunately something broke with tpm sealing unsealing totp and not ready for full test/review. |
…s; TPM primary/unseal hardening - Implement tpm2_verify_primary() and 'verify-primary' subcommand in `initrd/bin/tpmr.sh`. - Make `tpm2_unseal()` non‑fatal to callers; return distinct error codes on failure. - Invalidate cached TPM Owner Password when primary handle is missing or primhdl hash mismatches. - Add verify‑primary pre‑checks where appropriate: `unseal-totp.sh`, `unseal-hotp.sh`, `kexec-unseal-key.sh`, and GUI (`update_totp()`). - Fix `gui-init.sh` parsing/shellcheck issues and silence relevant shellcheck warnings. Why: ensure 'verify before unseal' to avoid silent unseal on primary/primhdl changes, present clear tamper UI and allow caller remediation. Validation: shellcheck and `bash -n` pass for edited scripts; runtime log re‑inspection shows `tpm2_verify_primary` runs before unseal. TODO: oem-factory-reset fails to unseal while tpm reset + seal totp + seal hotp succeeds. Fix Signed-off-by: Thierry Laurion <insurgo@riseup.net>
Signed-off-by: Thierry Laurion <insurgo@riseup.net>
tlaurion
force-pushed
the
shellcheck_fixes
branch
from
b1aaf47 to
b4e3add
Compare
No description provided.