forked from evolix/evocheck
shellcheck fixes
This commit is contained in:
parent
dad08d7c3d
commit
490d351aca
|
@ -2,7 +2,7 @@ kind: pipeline
|
||||||
name: default
|
name: default
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: run shellcheck on evocheck.sh
|
- name: run shellcheck on evocheck.sh
|
||||||
image: evolix/shellcheck
|
image: evolix/shellcheck
|
||||||
commands:
|
commands:
|
||||||
- LC_ALL=C.UTF-8 shellcheck evocheck.sh
|
- LC_ALL=C.UTF-8 shellcheck evocheck.sh
|
||||||
|
|
12
evocheck.sh
12
evocheck.sh
|
@ -255,7 +255,7 @@ check_usrro() {
|
||||||
}
|
}
|
||||||
check_tmpnoexec() {
|
check_tmpnoexec() {
|
||||||
FINDMNT_BIN=$(command -v findmnt)
|
FINDMNT_BIN=$(command -v findmnt)
|
||||||
if [ -x ${FINDMNT_BIN} ]; then
|
if [ -x "${FINDMNT_BIN}" ]; then
|
||||||
options=$(${FINDMNT_BIN} --noheadings --first-only --output OPTIONS /tmp)
|
options=$(${FINDMNT_BIN} --noheadings --first-only --output OPTIONS /tmp)
|
||||||
echo "${options}" | grep -qE "\bnoexec\b" || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec'"
|
echo "${options}" | grep -qE "\bnoexec\b" || failed "IS_TMPNOEXEC" "/tmp is not mounted with 'noexec'"
|
||||||
else
|
else
|
||||||
|
@ -758,8 +758,8 @@ check_tune2fs_m5() {
|
||||||
percentage=$(awk "BEGIN { pc=100*${reservedBlockCount}/${blockCount}; i=int(pc); print (pc-i<0.5)?i:i+1 }")
|
percentage=$(awk "BEGIN { pc=100*${reservedBlockCount}/${blockCount}; i=int(pc); print (pc-i<0.5)?i:i+1 }")
|
||||||
|
|
||||||
if [ "$percentage" -lt "${min}" ]; then
|
if [ "$percentage" -lt "${min}" ]; then
|
||||||
if [ -x ${FINDMNT_BIN} ]; then
|
if [ -x "${FINDMNT_BIN}" ]; then
|
||||||
mount=$(${FINDMNT_BIN} --noheadings --first-only --output TARGET ${part})
|
mount=$(${FINDMNT_BIN} --noheadings --first-only --output TARGET "${part}")
|
||||||
else
|
else
|
||||||
mount="unknown mount point"
|
mount="unknown mount point"
|
||||||
fi
|
fi
|
||||||
|
@ -1248,9 +1248,9 @@ check_chrooted_binary_uptodate() {
|
||||||
# what is the binary path?
|
# what is the binary path?
|
||||||
original_bin=$(command -v "${process_name}")
|
original_bin=$(command -v "${process_name}")
|
||||||
for pid in $(pgrep ${process_name}); do
|
for pid in $(pgrep ${process_name}); do
|
||||||
process_bin=$(realpath /proc/${pid}/exe)
|
process_bin=$(realpath "/proc/${pid}/exe")
|
||||||
# Is the process chrooted?
|
# Is the process chrooted?
|
||||||
real_root=$(realpath /proc/${pid}/root)
|
real_root=$(realpath "/proc/${pid}/root")
|
||||||
if [ "${real_root}" != "/" ]; then
|
if [ "${real_root}" != "/" ]; then
|
||||||
chrooted_md5=$(md5sum "${process_bin}" | cut -f 1 -d ' ')
|
chrooted_md5=$(md5sum "${process_bin}" | cut -f 1 -d ' ')
|
||||||
original_md5=$(md5sum "${original_bin}" | cut -f 1 -d ' ')
|
original_md5=$(md5sum "${original_bin}" | cut -f 1 -d ' ')
|
||||||
|
@ -1511,7 +1511,9 @@ main() {
|
||||||
exit ${RC}
|
exit ${RC}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# shellcheck disable=SC2034
|
||||||
readonly PROGNAME=$(basename "$0")
|
readonly PROGNAME=$(basename "$0")
|
||||||
|
# shellcheck disable=SC2034
|
||||||
readonly PROGDIR=$(realpath -m "$(dirname "$0")")
|
readonly PROGDIR=$(realpath -m "$(dirname "$0")")
|
||||||
# shellcheck disable=2124
|
# shellcheck disable=2124
|
||||||
readonly ARGS=$@
|
readonly ARGS=$@
|
||||||
|
|
Loading…
Reference in a new issue