From b22f191076a4c45b2097510375d129c0ce0fc0b4 Mon Sep 17 00:00:00 2001 From: Epic Curious <109078515+epiccurious@users.noreply.github.com> Date: Thu, 9 May 2024 07:57:50 -0400 Subject: [PATCH] Resolve shellcheck lint issues (#100) * fix: exclude double-quoted variables rule * refactor: fix lint issues in persistent-setup * refactor: increase indentation of onlynet_onion * refactor: satisfy shellcheck SC2181 This refactor doesn't make a ton of sense so another option is to revert this commit and exclude SC2181. * refactor: fix indentation of link_dotfiles subshell * refactor: avoid for loops over find output [SC2044] * refactor: comment out unused variable * refactor: ensure variable never expands to /bin or /lib * refactor: use -n instead of ! -z * Ignore SC2046 in CI checks * fix syntax in yaml * refactor: read without -r will mangle backslashes * refactor: Declare and assign separately to avoid masking return values * refactor: read without -r will mangle backslashes * refactor: Don't use variables in the printf format string * refactor: $ is unnecessary on arithmetic variables * Remove the repeated ', providing ... privacy.' * Clarify that Bitcoin Core connects, not Bails * Make consistent with Lines 113 and 156 * Exclude SC2012 (Use 'cd ... || exit') and SC2164 (find instead of ls) * wording change in comment * lint fixes --------- Co-authored-by: Ben Westgate <73506583+BenWestgate@users.noreply.github.com> --- .github/workflows/lint.yaml | 2 ++ b | 5 +++-- bin/bails-menu | 28 +++++++++++++++------------- bin/install-core | 16 ++++++++-------- bin/persistent-setup | 10 +++++----- bin/spaced-repetition | 8 ++++---- 6 files changed, 37 insertions(+), 32 deletions(-) diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 0746f11..71e126f 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -15,6 +15,8 @@ jobs: - uses: actions/checkout@v4 - name: Lint with shellcheck uses: ludeeus/action-shellcheck@2.0.0 + env: + SHELLCHECK_OPTS: -e 2012 -e SC2046 -e SC2086 -e SC2164 with: ignore_paths: | ./bin/bails-wallet diff --git a/b b/b index 5803368..b410496 100755 --- a/b +++ b/b @@ -36,9 +36,10 @@ if [[ $(id -u) = "0" ]]; then echo " YOU SHOULD NOT RUN THIS SCRIPT AS ROOT! " - read -p "PRESS ENTER TO EXIT SCRIPT, AND RUN AGAIN AS $USER. " + read -rp "PRESS ENTER TO EXIT SCRIPT, AND RUN AGAIN AS $USER. " exit 0 fi -export BAILS_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +BAILS_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +export BAILS_DIR $BAILS_DIR/bin/install-core diff --git a/bin/bails-menu b/bin/bails-menu index 8d97680..6992d8c 100755 --- a/bin/bails-menu +++ b/bin/bails-menu @@ -33,24 +33,26 @@ export DATA_DIR="/live/persistence/TailsData_unlocked/Persistent/.bitcoin" export BAILS_DIR="$LOCAL_DIR" onlynet_onion() { -zenity --question --title='Network Privacy' --width=420 --text='Bails offers different settings for connecting to the Bitcoin network. By default, Bails connects to both clearnet and Tor (onion) peers, providing a balance between usability and privacy. + zenity --question --title='Network Privacy' --width=420 --text='Bails offers different settings for connecting to the Bitcoin network. By default, Bitcoin Core connects to both clearnet and Tor (onion) peers, providing a balance between usability and privacy. -Would you like to enhance privacy by connecting exclusively to Tor (onion) peers with reduced clearnet exposure? This may limit your network diversity and can be less stable if you have limited Tor peers.' --icon-name=tor-connection --default-cancel + Would you like to enhance privacy by connecting exclusively to Tor (onion) peers with reduced clearnet exposure? This may limit your network diversity and can be less stable if you have limited Tor peers.' --icon-name=tor-connection --default-cancel -if [ $? = 0 ]; then - # User chose to enable -onlynet=onion - sed --in-place 's/#onlynet=/onlynet=onion/' $DATA_DIR/bitcoin.conf - zenity --info --title='Network settings updated' --text='You have chosen to connect exclusively to Tor (onion) peers. + zenity_exit_status=$? + + if [ $zenity_exit_status = 0 ]; then + # User chose to enable -onlynet=onion + sed --in-place 's/#onlynet=/onlynet=onion/' $DATA_DIR/bitcoin.conf + zenity --info --title='Network settings updated' --text='You have chosen to connect exclusively to Tor (onion) peers. -Your network settings have been updated.' --width=420 --icon-name=tor-connected-symbolic + Your network settings have been updated.' --width=420 --icon-name=tor-connected-symbolic -else - # User chose default network settings - sed --in-place 's/onlynet=onion/#onlynet=/' $DATA_DIR/bitcoin.conf - zenity --info --title='Default network settings' --text='You have chosen to keep the default network settings. -Bitcoin Core will continue to connect to both clearnet and Tor (onion) peers, providing a balance between usability and privacy.' --width=420 --icon-name=tor-disconnected-symbolic + else + # User chose default network settings + sed --in-place 's/onlynet=onion/#onlynet=/' $DATA_DIR/bitcoin.conf + zenity --info --title='Default network settings' --text='You have chosen to keep the default network settings. + Bitcoin Core will continue to connect to both clearnet and Tor (onion) peers.' --width=420 --icon-name=tor-disconnected-symbolic -fi + fi } # Display menu and get user response diff --git a/bin/install-core b/bin/install-core index 740c7dc..a74b0bb 100755 --- a/bin/install-core +++ b/bin/install-core @@ -38,9 +38,9 @@ export LOCAL_DIR=$DOTFILES/.local link_dotfiles() { ( # runs in subshell to preserve current directory - cd $DOTFILES - for dir in $(find . -type d); do mkdir --parents $HOME${dir:1}; done - for file in $(find . -type f); do ln --symbolic --force $PWD${file:1} $HOME${file:1}; done + cd $DOTFILES + find . -type d | while read -r dir; do mkdir --parents "$HOME${dir:1}"; done + find . -type f | while read -r file; do ln --symbolic --force "$PWD${file:1}" "$HOME${file:1}"; done ) &>/dev/null } @@ -60,7 +60,7 @@ check_sigs() { (( good_sig >= $1 )) && { type=info; break; } done fi - zenity --$type --title="$good_sig of $1 good signatures found" --text="$(gpg --verify SHA256SUMS.asc SHA256SUMS 2>&1 | grep 'Good signature' | cut -c6-)" --no-markup --width=200 --no-wrap $ICON --timeout=10 & next_dialog=$! #TODO use this to prevent multiple dialogs showing if unintended install + zenity --$type --title="$good_sig of $1 good signatures found" --text="$(gpg --verify SHA256SUMS.asc SHA256SUMS 2>&1 | grep 'Good signature' | cut -c6-)" --no-markup --width=200 --no-wrap $ICON --timeout=10 # & next_dialog=$! # TODO: use next_dialog to prevent multiple dialogs showing during an unattended install (( good_sig < $1 )) && { sleep 2; check_sigs $1; } } @@ -85,7 +85,7 @@ search_key() { else gpg --batch --yes --delete-keys $key &>/dev/null fi - elif [ ! -z "$1" ]; then + elif [ -n "$1" ]; then echo "$key not found." return 1 else @@ -145,7 +145,7 @@ printf '\033]2;Getting Bitcoin Core signatures...\a' ps -p $sig_dl &>/dev/null && fg %$(jobs -l | grep $sig_dl | cut -f1 -d' ' | tr -c -d '[:digit:]') # Switch into latest bitcoin-core directory -cd "$(ls -dt "$destination_dir"/bitcoin-core-* | head -1)" || { +cd "$(ls -dt $destination_dir/bitcoin-core-* | head -1)" || { zenity --warning --title="Download failure" --text="Click OK to try downloading Bitcoin Core again." --ellipsize $ICON && sleep 5 install-core # launch this script again @@ -245,7 +245,7 @@ rsync --remove-source-files -recursive "$BAILS_DIR"/config/ $DOTFILES/.config }' > $DATA_DIR/settings.json # Cleanup -rm -Rf $BAILS_DIR/{bin,lib,share,state,config} "$destination_dir"/{download,*.tmp,wget-log*} +rm -Rf ${BAILS_DIR:?}/{bin,lib,share,state,config} "$destination_dir"/{download,*.tmp,wget-log*} rsync -r --remove-source-files $BAILS_DIR $LOCAL_DIR/share/ rm -rf $BAILS_DIR link_dotfiles @@ -277,7 +277,7 @@ Closing this window in 10 seconds, press any key to abort. for ((i = 10; i >= 1; i--)); do echo -n "$i " - read -t 1 -n 1 && { echo "\nAborted."; exit 0; } + read -r -t 1 -n 1 && { printf '\n%s\n' "Aborted."; exit 0; } done echo " diff --git a/bin/persistent-setup b/bin/persistent-setup index 6ed23b8..5046a0e 100755 --- a/bin/persistent-setup +++ b/bin/persistent-setup @@ -66,7 +66,7 @@ else: done unset entropy # Change user account password to Persistent Storage passphrase for spaced repetition practice. - printf "$existing_passphrase\n$existing_passphrase" | passwd || echo "FAILURE to change passphrase" + printf '%s\n%s' "$existing_passphrase" "$existing_passphrase" | passwd || echo "FAILURE to change passphrase" else # Choose passphrase zenity --warning --title='Choose a strong passphrase' \ @@ -83,13 +83,13 @@ else done & notifying+=($!) until [ -b '/dev/mapper/TailsData_unlocked' ]; do - grep --count 'python3 /usr/local/lib/tps-frontend' <<< $(ps -ef) - >/dev/null || + grep --count 'python3 /usr/local/lib/tps-frontend' <<< "$(ps -ef)" - >/dev/null || { tails-persistent-storage & notify-send --icon=tails-persistent-storage 'Click Continue to create a Persistent Storage'; } sleep 1 done # Clear notifications - kill ${notifying[*]} &>/dev/null + kill "${notifying[@]}" &>/dev/null dbus-send --session --type=method_call --dest=org.gnome.Shell /org/gnome/Shell org.gnome.Shell.Eval string:'Main.panel.statusArea.dateMenu._messageList._sectionList.get_children().forEach(s => s.clear());' # Memorization help @@ -124,7 +124,7 @@ if /usr/local/lib/tpscli is-active PersistentDirectory && \ /usr/local/lib/tpscli is-active Dotfiles; then : else - grep --count 'python3 /usr/local/lib/tps-frontend' <<< $(ps -ef) - >/dev/null || + grep --count 'python3 /usr/local/lib/tps-frontend' <<< "$(ps -ef)" - >/dev/null || { tails-persistent-storage & notify-send --icon=tails-persistent-storage 'You must turn on needed features of the Persistent Storage.'; } zenity --info --title='Features of the Persistent Storage' \ @@ -135,7 +135,7 @@ fi until /usr/local/lib/tpscli is-active PersistentDirectory && \ /usr/local/lib/tpscli is-active GnuPG && \ /usr/local/lib/tpscli is-active Dotfiles; do - grep --count 'python3 /usr/local/lib/tps-frontend' <<< $(ps -ef) - >/dev/null || + grep --count 'python3 /usr/local/lib/tps-frontend' <<< "$(ps -ef)" - >/dev/null || { tails-persistent-storage & notify-send --icon=tails-persistent-storage 'You must turn on needed features of the Persistent Storage.'; } { /usr/local/lib/tpscli is-active PersistentDirectory || diff --git a/bin/spaced-repetition b/bin/spaced-repetition index 4feca7d..7f885df 100755 --- a/bin/spaced-repetition +++ b/bin/spaced-repetition @@ -30,10 +30,10 @@ get_passphrase() { } check_passphrase() { - read -s passphrase + read -rs passphrase temp_passw="$(head -c16 /dev/urandom | xxd -p)" - printf "$passphrase\n$temp_passw\n$temp_passw" | passwd && \ - printf "$temp_passw\n$passphrase\n$passphrase" | passwd + printf '%s\n%s\n%s' "$passphrase" "$temp_passw" "$temp_passw" | passwd && \ + printf '%s\n%s\n%s' "$temp_passw" "$passphrase" "$passphrase" | passwd } # Initialize variables @@ -55,7 +55,7 @@ while true; do # Check if the entered passphrase matches the correct one if check_passphrase &>/dev/null <<< "$passphrase"; then unset passphrase temp_passw - interval=$((interval * ($RANDOM % 2500 + 2000) / 2 ** exp / 1500)) + interval=$((interval * (RANDOM % 2500 + 2000) / 2 ** exp / 1500)) (( interval < min_interval )) && interval=$min_interval # Wait for the specified interval before showing the pinentry dialog again sleep $interval