Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Initramfs Full Disk Encryption Open-rc
View unanswered posts
View posts from last 24 hours

Goto page 1, 2  Next  
Reply to topic    Gentoo Forums Forum Index Installing Gentoo
View previous topic :: View next topic  
Author Message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Sun Jun 28, 2015 12:13 pm    Post subject: Initramfs Full Disk Encryption Open-rc Reply with quote

Hi,

I desperately try to install Gentoo hardened on a full disk encrypted laptop. At startup the disk is decrypted and the init process started, but / (from the harddrive) mounted as read-only. I guess this somehow confuses the whole init process, since the output of "mount" looks similar as if executed in a chroot environment.

Please help, I try to fix it since a few days.

Cheers
bluehippy


Last edited by bluehippy on Thu Jul 02, 2015 3:47 pm; edited 1 time in total
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Sun Jun 28, 2015 1:30 pm    Post subject: Reply with quote

Please post the output of mount.

FSroot is not mounted ro (readonly) in /etc/fstab, is it?
If you're using zfs, is "readonly=on" set for the FSroot dataset? I haven't used btrfs but there might be a similar property that sets the "logical units" r/o no matter what the fstab says.

I guess you use an initfamfs for decrypting etc. What's set there?


Last edited by as.gentoo on Sun Jun 28, 2015 1:32 pm; edited 1 time in total
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Sun Jun 28, 2015 1:31 pm    Post subject: Reply with quote

bluehippy,

Root is mounted read only so that rootfsck can run without the complications of a read/write filesystem.
Once that completes successfully, root is remounted read/write.

Check your /etc/fstab, make sure that root has the correct fs type.
dmesg may show some useful error messages.

If you login as root, then
Code:
mount -o remount,rm /
will make root read/write, which might help picking up the pieces.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Sun Jun 28, 2015 2:10 pm    Post subject: Reply with quote

In /etc/fstab FSroot is mount as ext4, which is the correct file system.

The initramfs was created according to the guide with sys-kernel/genkernel-next-63 USE="crytsetup gpg".

used genkernel command:
Code:
genkernel --install --no-mountboot --luks --lvm --no-gpg --kernel-config="/usr/src/linux/.config" --busybox --no-compress-initramfs --all-ramdisk-modules --firmware initramfs


Afterwards I copied a static gnupg-1.4.16 into unpacked initramfs (under usr/bin) and renamed it to gpg. The /etc/modprobe.d/ folder from the system was also copied into the initramfs. Then I packed it with
Code:
find . -print0 | cpio --null -ov --format=newc | gzip -9 > /boot/custom-initramfs.cpio.gz


According to the guide the initramfs is included in the kernel with a kernel cmdline set in the kernel as
Code:
root=/dev/ram0 crypt_root=/dev/disk/by-partuuid/xxx dolvm real_root=/dev/mapper/vg1-root rootfstype=ext4 init=/sbin/init root_keydev=/dev/disk/by-partuuid/xxx root_key=luks-key.gpg real_resume=/dev/mapper/vg1-swap keymap=de


mount output
http://pastebin.com/MEsj2b3T

dmesg output
http://pastebin.com/GzNmgj0E

2. EDIT

emerge --info output
http://pastebin.com/fXDFVMTR

fstab
Code:
# /etc/fstab: static file system information.
#
# noatime turns off atimes for increased performance (atimes normally aren't
# needed); notail increases performance of ReiserFS (at the expense of storage
# efficiency).  It's safe to drop the noatime options if you want and to
# switch between notail / tail freely.
#
# The root filesystem should have a pass number of either 0 or 1.
# All other filesystems should have a pass number of 0 or greater than 1.
#
# See the manpage fstab(5) for more information.
#

# <fs>         <mountpoint>   <type>      <opts>      <dump/pass>

# NOTE: If your BOOT partition is ReiserFS, add the notail option to opts.
PARTUUID="781c52d3-b436-4427-8efa-bfadb1c01a15"   /boot   ext2   defaults,noatime,ro   0 1
/dev/mapper/vg1-root   /         ext4   defaults,noatime,rw      0 1
/dev/mapper/vg1-swap   none         swap   defaults,noatime            0 0
/dev/mapper/vg1-home   /home         ext4   defaults,noatime            0 2
tmpfs         /var/tmp/portage   tmpfs   size=1536G,uid=portage,gid=portage,mode=775,noatime   0 0
tmpfs         /var/tmp/ccache      tmpfs   size=1024M,nr_inodes=1M,noatime            0 0
/dev/cdrom      /mnt/cdrom      auto   noauto,user,ro,nosuid      0 0


Last edited by bluehippy on Sun Jun 28, 2015 4:13 pm; edited 2 times in total
Back to top
View user's profile Send private message
Buffoon
Veteran
Veteran


Joined: 17 Jun 2015
Posts: 1074
Location: EU or US

PostPosted: Sun Jun 28, 2015 2:38 pm    Post subject: Reply with quote

NeddySeagoon is often typing too fast and the typos creep in. It should be as below.
Code:
mount -o remount,rw /
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Sun Jun 28, 2015 4:09 pm    Post subject: Reply with quote

Buffoon,

I'm learning dvorak-uk and I still have a lot to learn :)
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Sun Jun 28, 2015 4:19 pm    Post subject: Reply with quote

bluehippy

The bits of your kernel don't match.
Code:
[    3.670686] : version magic '4.0.6-hardened SMP mod_unload modversions KERNEXEC_BTS UDEREF REFCOUNT CONSTIFY_PLUGIN STACKLEAK_PLUGIN GRSEC RANDSTRUCT_PLUGIN_abe83b76743d23916884915f41ee321f773e04d0dc493bce0d5051d23805a144' should be '4.0.6-hardened SMP mod_unload modversions KERNEXEC_BTS UDEREF REFCOUNT CONSTIFY_PLUGIN STACKLEAK_PLUGIN GRSEC RANDSTRUCT_PLUGIN_183d0e5a21b04892718614e0b0a3ead792e1400f69e483502675f63b0218cb37'
Rebuild it from the start starting with make clean, so thot no old intermediate files are used.

All bets are off until you get rid of the version magic error.

We need mount from after you have booted into your system and it has a read only root, if it still does with the version magic fixed.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Sun Jun 28, 2015 5:02 pm    Post subject: Reply with quote

@all

I'm no expert regarding lvm+LUKS at all, but shouldn't /dev/mapper/vg1-root appear in the output of mount if FSroot is mounted?
Then it looks weird that /boot is mounted more than once.

(part of) my mount looks like this
Code:
$> mount | grep -Ei 'sd|rootfs'
rootfs on / type rootfs (rw)
/dev/sda4 on / type ext4 (rw,noatime,data=ordered)
/dev/sda5 on /usr type ext4 (rw,noatime)
/dev/sdd7 on /home type ext4 (rw,noatime)
Back to top
View user's profile Send private message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Sun Jun 28, 2015 5:53 pm    Post subject: Reply with quote

@as.gentoo
Yes, the /dev/mapper/vg1-root should appear in the output of mount

@NeddySeagon
The result after a reboot with a freshly build kernel (actually 2x) is the same. The output of "mount" is still the same and the rootFS is still write only.

Your command to make the rootFS writeable again came in pretty handy! Thanks!

Somehow I have the feeling that the /sbin/init is not properly executed or called by the initramfs. Just now i configured syslog-ng to get more logs and restarted it with "/etc/init.d/syslog-ng restart". This command followed most of the "normal" init process and now the "mount" output looks normal.

Code:
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
udev on /dev type devtmpfs (rw,nosuid,relatime,mode=0755)
devpts on /dev/pts type devpts (rw,relatime,gid=5,mode=620)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
/dev/mapper/vg1-root on / type ext4 (rw,noatime,data=ordered)
/dev/sdb2 on /boot type ext2 (ro,noatime)
/dev/mapper/vg1-home on /home type ext4 (rw,noatime)


Could genkernel-next produce such a problem when used with OpenRC?

EDIT

Another weird thing is that the hostname isn't set after the boot. As the prompt looks like
Code:
(none) / #
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Sun Jun 28, 2015 6:06 pm    Post subject: Reply with quote

bluehippy,

Update the kernel modules in the initrd then. There are mismatched pieces still being told to work together.
/sbin/init needs root to be read/write to execute propery.

Your mount is missing
Code:
tmpfs on /run type tmpfs (rw,nodev,relatime,size=1641156k,mode=755)
shm on /dev/shm type tmpfs (rw,nosuid,nodev,noexec,relatime)
and a few other things.
/run provides early writable space in RAM while root is still read only.
shm provides tmpfs for /run, /dev and so on.

Do you have SHMEM on in your kernel?
The prompt is
Code:
Use full shmem filesystem

_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Sun Jun 28, 2015 6:07 pm    Post subject: Reply with quote

bluehippy wrote:
Could genkernel-next produce such a problem when used with OpenRC?
Did you try dracut instead of genkernel?
Anyhow I always had to create the initramfs by hand for having md(adm) and separate /usr work. There are good HOWTOS in the net. I can't tell you which right now, if you'd like to try I'll look for the link.
Back to top
View user's profile Send private message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Sun Jun 28, 2015 6:44 pm    Post subject: Reply with quote

Actually, I tried dracut and it resulted in a kernel panic during the booting process.

If it can't be resolved without I will give a customised initramfs definitly a shoot. Any link would be super helpful, as this is completely new for me.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Sun Jun 28, 2015 7:29 pm    Post subject: Reply with quote

An extensive howto: http://www.ibm.com/developerworks/library/l-initrd/ - I'd start with this one.
Next suggestion would be: /usr/src/linux/Documentation/filesystems/ramfs-rootfs-initramfs.txt or on the web: https://www.kernel.org/doc/Documentation/filesystems/ramfs-rootfs-initramfs.txt.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Sun Jun 28, 2015 7:32 pm    Post subject: Reply with quote

There is a gentoo wiki for custom initramfs as well: https://wiki.gentoo.org/wiki/Custom_Initramfs
I'd actually read this first now. :wink:
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Sun Jun 28, 2015 7:53 pm    Post subject: Reply with quote

bluehippy,

The Gentoo Wiki gives one approach. There are others.

You are making a minimal root filesystem in a file and optionally compressing it.
If you build in all the kernel modules you need to boot, the initrd becomes your user space tools, their dependancies and an init script to tell the kernel what it needs to do.

In my case, it assembles my raid arrays
Starts LVM as I have root on lvm on raid5
optionally checks /usr and /var (they are separate LVs)
Mounts root, /usr and /var
then passes control to the real init.
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Sun Jun 28, 2015 7:54 pm    Post subject: Reply with quote

Wow, thanks! All three howtos look pretty good. Especially the gentoo wiki doesn't look difficult. I'll give it a try and share the results later.
Back to top
View user's profile Send private message
bluehippy
n00b
n00b


Joined: 07 Sep 2014
Posts: 25

PostPosted: Mon Jun 29, 2015 6:58 pm    Post subject: Reply with quote

I managed to put an initramfs together, but it has some problems with gpg. The prompt for the password works, but afterwards a error appears that "no key could be found with this password". I double checked the UUID and the key-file name and both are correct. Can someone please say if the code is correct? I have no experience with writing shell scripts and put this together based on howtos and what could be found on google.

Initramfs
Code:
#!/bin/busybox sh

# Drop me to a rescue shell, if something goes wrong
rescue_shell() {
   echo "Something went wrong. Dropping to a shell."
   exec sh
}

echo "Starting init script"

# Populate /dev from kernel to have access to /dev/mapper/ later
# and be able to use UUID for mounting
mount -t devtmpfs none /dev

# Mount the /proc and /sys filesystems
mount -t proc none /proc
mount -t sysfs none /sys

# If populating /dev takes long, uncomment sleep statement
# sleep 10s

echo "Creating symlinks to busybox"
/bin/busybox --install -s
echo "Loading keymap"
loadkmap < /etc/keymap/de.bmap

sleep 3s

# Mount the device with the key file for the luks partition
echo "Mount usb stick and decrypt harddrive"
mkdir /mnt/usb-keydev
mount -v -t ext2 /dev/sdb2 /mnt/usb-keydev
#mount -v -t ext2 $(findfs UUID="xxx") /mnt/usb-keydev

# Read password for gpg
# Without this, gpg gives a "No tty available error"
# The whole encryption is tried up to 3 times
# CRYPTSETUP_PASS=0
I=1
NUMS="1 2 3"

for I in $NUMS
do

   stty_orig='stty -g </dev/console'
   echo "Enter password for ...."
   stty -echo </dev/console
   read PASS </dev/console
   stty $stty_orig </dev/console

# Decrypt gpg key-file and parse it into cryptsetup

   CRYPTSETUP_PASS=$(echo "$PASS" | gpg --decrypt --no-tty --passphrase-fd 0 /mnt/usb-keydev/luks-key.gpg)
   if [ "$?" -eq "0" ]; then
      echo "$CRYPTSETUP_PASS" | cryptsetup --key-file - luksOpen $(findfs UUID="xxx") gentoo || rescue_shell
      break
   fi
done

stty echo </dev/console

# Open up the LVM
echo "Open LVM"
lvm vgscan --mknodes
lvm vgchange -a y
#lvm lvchange -a y $(findfs UUID="xx")
lvm vgscan --mknodes

# Mount the root filesystem
mount -o ro /dev/mapper/vg1-root /mnt/root || rescue_shell

# Clean up
echo "Clean up"
umount /mnt/usb-keydev
umount /dev
umount /sys
umount /proc

# Boot the real thing
echo "Init script complete, boot computer now"
exec switch_root /mnt/root /sbin/init


What actually does the "#?" in the if-statement mean? I tried to replace it with "$CRYPTSETUP_PASS", but this didn't work either. There are always problems in finding the gpg-key or gpg creates the error "gpg:cannot open /dev/tty: No such device or address". (This was in an earlier initramfs version)
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Mon Jun 29, 2015 7:18 pm    Post subject: Reply with quote

bluehippy

In
Code:
if [ "$?" -eq "0" ]; then
$? is the return value of the last command.
Most commands return 0 on success.

I use the userspace mount command, not busybox mount.
With a USB device in nte mix, drive ordering may not be as you expect.

As you have the gpg key on USB you don't need a initrd in a file.
It could be a real root filesystem, cut down if you want, with the init script from your initrd.

The boot process would then run as follows
Unaided kernel mounts the USB as its root= filesystem.
Kernel and filesystem on USB unlock the real root by following your init script, then
Code:
# switch to the real root and execute init
exec /sbin/switch_root /mnt/root /sbin/init
and start the real system.

An initrd is useful as it can be loaded by the boot loader - its just a file.
You have a whole USB stick to play with.

What files do you tave in your initrd and how did you put it together?
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Mon Jun 29, 2015 11:34 pm    Post subject: Reply with quote

As neddy already said the if statement means: IF ( last_command_exit_code was_equal 0 ) THEN

I'm not 100% sure if it matters, but you should write your if-statement like
Code:
if [ $? -eq 0 ] ; then
    # COMMANDS HERE
fi
-eq compares integers so no quotation marks needed.
Code:
$> if [ "C" -eq "C" ] ; then echo nasowas ; fi
bash: [: C: integer expression expected
And ... the space between "]" and ";" ... does at least look better. ;-)
This:
Code:
for i_try in 1 2 3 ; do
    # COMMANDS
done
looks a bit more compact. You do not need to define two variables (I and NUMS) since you don't need/use them.
By the way: you could give any "three values" in the sequence for that for-statement. it works like
FOR EACH element IN <SEQUENCE_START>elemen1 element2 ... last_element<SEQUENCE_END> ; DO
Code:
$> for s_element in -7 f1 _ ; do echo COMMAND HERE ; done
COMMAND HERE
COMMAND HERE
COMMAND HERE

It's advisable to enclose variables in {} like ${my_var}, here's why
Quote:
$> xxx=1
$> if [ "X1X" == "X${xxx}X" ] ; then echo 1 ; fi
1
$> if [ "X1X" == "X$xxxX" ] ; then echo 1 ; fi
$>
In the second statement bash looks for the varianle xxxX which is an empty string (every not defined variable has that value, try echo $ldsnhsjdlghrdh ).

I guess it can be called pedantic but I like to prefix variables with a type, although AFAIK bash only knows strings, integers and arrays. So I do s_myName, b_trueORfalse, i_amount, a_names (string,boolean,integer,array). It helps me - when some time has passed - to understand what the heck I did there. When creating the next initramfs in a year you'll know what I mean. ;-)

Take care with return values - sometimes you will not get what you'd expect:
Code:
$> set 1===2 ; echo $?
0
The test command checks a conditional statement and returns 0 or 1, you could write if test 1 -eq 3 ; then instead of if [ 1 -eq 3 ] ; then ... so going on with return values:
Code:
$> test 1=3 ; echo $? ;           test 1 = 3 ; echo $? ;           test 1 -eq 3 ; echo $?
0
1 # we compared strings here
1
I can not tell you what is actually evaluated in the first statement, but do always put space between an operator and the operand(s). if[1-eq3] will result in an error because it becomes iftest1-eq3

Be careful when you set local variables in functions - local makes the variable only be "valid" in the function. By this you can prevent that a variable with the same name outside the function is overwritten when the function is called. Now, the $? will always be 0 when you just declared a variable as local - even if the command (that you used to set the value of that variable) failed. The return value you get is that of declaring a variable as local and not the return value of the command executed in the assignment. An example:
Code:
$> function f_myFunc() { local s_abc="$( grep 6 /dev/GIBBETNICH )" ; echo $? ; }
$> f_myFunc
grep: /dev/GIBBETNICH: No such file or directory
0
Easy solution: do not declare a variable as local and do an assignment at the same time.
Code:
$> function f_myFunc() { local abc; abc="$( grep 6 /dev/GIBBETNICH )" ; echo $? ; }
$> f_myFunc
grep: /dev/GIBBETNICH: No such file or directory
2
As well
Code:
$> x=; echo $?
0
... I guess that is the same as x=''

... I hope that was not confusing but somewhat helpful! :oops:


Did you get further with the actual problem?
I'm going to setup a system w/ (plain) DMcrypt. Maybe I can benefit from your experience. :)
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Tue Jun 30, 2015 12:02 am    Post subject: Reply with quote

@NeddySeagoon
NeddySeagoon wrote:
With a USB device in nte mix, drive ordering may not be as you expect.
Can you please explain?
Back to top
View user's profile Send private message
mv
Watchman
Watchman


Joined: 20 Apr 2005
Posts: 6281

PostPosted: Tue Jun 30, 2015 8:44 am    Post subject: Reply with quote

as.gentoo wrote:
I'm not 100% sure if it matters, but you should write your if-statement like
Code:
if [ $? -eq 0 ] ; then
    # COMMANDS HERE
fi
-eq compares integers so no quotation marks needed.

1. It does never hurt to quote (except that it does not look nice). Do it whenever in doubt.
2. The reason why in this case non-quoting is possible is not that "-eq" accepts only numbers (as you seem to suggest) but that $# is guaranteed to expand to nothing else than a number (and the same holds of course for the string "0"): Even if -eq accecpts only numbers, but if $# could in some strange cases expand to a strange string (instead of a number), you could get unexpected results, depending on the content of $#. For instance, if $# could be the strong "! 1", the unquoted comparison would surprisingly give a true result (while the quoted comparison would give a desired error message and a false result).
Once more: The particular string $? is guaranteed to expand to a number, so the mentioned problem does not occur - but only for this reason, not because of the meaning of "-eq" the quoting can be omitted.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Tue Jun 30, 2015 10:10 am    Post subject: Reply with quote

Interesting, thanks for pointing that out.

edit: I think I wrote integer because I read "man test" instead of "help test"...
Back to top
View user's profile Send private message
NeddySeagoon
Administrator
Administrator


Joined: 05 Jul 2003
Posts: 43178
Location: 56N 3W

PostPosted: Tue Jun 30, 2015 5:56 pm    Post subject: Reply with quote

as.gentoo,

The BIOS and kernel drive detection orders are not guarenteed to be the same.
When a USB drive is connected at boot, the kernel often sees it as /dev/sda, even if you think the kernel was lodaed from /dev/sda.

Heres the wrinkle. The boot files, including the kernel, are never loaded from /dev/...
Until the kernel is loaded and started and the root (or initrd) mounted at / and DEVTMPFS mounted at /dev, /dev doesn't exist.
Instead the boot loader has to make its own arrangements to read the kernel and initrd. It does this by asking the BIOS about the HDD.

FIrst, you appear to be using busybox mount, its not as fully featured as the /bin/mount userspace command.
Given the above,
Code:
# Mount the device with the key file for the luks partition
echo "Mount usb stick and decrypt harddrive"
mkdir /mnt/usb-keydev
mount -v -t ext2 /dev/sdb2 /mnt/usb-keydev
may not do what you expect.

What do you have in the initrd and how do you assbemble it?
_________________
Regards,

NeddySeagoon

Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail.
Back to top
View user's profile Send private message
steveL
Watchman
Watchman


Joined: 13 Sep 2006
Posts: 5153
Location: The Peanut Gallery

PostPosted: Wed Jul 01, 2015 3:08 am    Post subject: Reply with quote

Please /join #bash on IRC: chat.freenode.net to learn BASH properly.

You don't want to do if [ $? = 0 ]; then for two reasons.

Firstly, if tests the exit status of whatever pipeline or command follows; so don't use:
Code:
grep -qF fubar "$file"
if [ $? -eq 0 ]; then

Simply use:
Code:
if grep -qF fubar "$file"; then
instead.

Secondly, BASH has a much more useful mechanism for string tests, derived from ksh, [[:
Code:
<greybot> [ or test is the POSIX test command. It can do simple tests on files and strings.
In bash, you should use the more powerful [[ instead and ban [ for sake of consistency.
[[ can do pattern matching, is faster and safer to use.

http://mywiki.wooledge.org/BashGuide/TestsAndConditionals
http://mywiki.wooledge.org/BashFAQ/031

As noted however, you don't need a test here, just to use if correctly.
Back to top
View user's profile Send private message
as.gentoo
Guru
Guru


Joined: 07 Aug 2004
Posts: 318

PostPosted: Wed Jul 01, 2015 12:29 pm    Post subject: Reply with quote

steveL wrote:
Simply use:
Code:
if grep -qF fubar "$file"; then
instead.
True, but not good to read -> understand.

steveL wrote:
In bash, you should use the more powerful [[ instead
Please keep in mind that we talk about a script to be executed by busybox. Things like [[ "abcd" =~ "bc" ]] do not work there.
Code:
$> busybox sh -c '[[ "abcd" =~ "bc" ]]'
sh: =~: unknown operand
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Installing Gentoo All times are GMT
Goto page 1, 2  Next
Page 1 of 2

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum