]> git.ipfire.org Git - thirdparty/dracut.git/commit - dracut.sh
projects / thirdparty / dracut.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: c5907f8) | patch
fix(dracut): be more robust when using 'set -u'
authorRenaud Métrich <rmetrich@redhat.com>
Thu, 6 Jan 2022 18:50:28 +0000 (19:50 +0100)
committerJóhann B. Guðmundsson <johannbg@gmail.com>
Fri, 4 Feb 2022 12:24:22 +0000 (12:24 +0000)
commit22a80629b4bbcef02eb8fe3611ea44e253ef4c61
tree0128bb3213ff3b6fe5d30dbd668f69e492624705tree | snapshot
parentc5907f82d835d72e4dd7c473a86e872fce37d61ecommit | diff
fix(dracut): be more robust when using 'set -u'

From bash manpage, FUNCNAME exists only inside functions. When in debug
mode, make sure to use an empty default value as FUNCNAME[0] when
outside of functions.

With bash4 this wasn't an issue, but is with bash5 with hardening option
'set -u' used, as shown in the example below:

Incorrect:

$ bash -u -c 'echo -n ${FUNCNAME[0]}'
bash: line 1: FUNCNAME[0]: unbound variable
$

Correct:

$ bash -u -c 'echo -n ${FUNCNAME[0]-}'
$

This hardening enables sourcing dracut-lib.sh from external utilities
executing in the initramfs such as clevis-luks-askpass, which uses
hardening option 'set -u' internally.
(see Clevis PR https://github.com/latchset/clevis/pull/340)

Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
dracut.sh diff | blob | blame | history
modules.d/99base/dracut-lib.sh diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.