git/SparkOS
1
0
Fork 0
mirror of https://github.com/johndoe6345789/SparkOS.git synced 2026-04-24 13:34:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix security and robustness issues in install script

Browse Source 
Co-authored-by: johndoe6345789 <224850594+johndoe6345789@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2025-12-28 17:07:49 +00:00
parent 1e08cc43fe
commit 5fd59ce63a
1 changed files with 23 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

36
scripts/install.sh
View File

@@ -132,10 +132,10 @@ fi
echo "" echo ""
# Show mounted partitions on target drive # Show mounted partitions on target drive
MOUNTED=$(lsblk -n -o MOUNTPOINT "$TARGET_DRIVE" 2>/dev/null | grep -v '^$' || true) MOUNTED=$(lsblk -n -o MOUNTPOINT "$TARGET_DRIVE" 2>/dev/null | grep -v '^[[:space:]]*$' || true)
if [ -n "$MOUNTED" ]; then if [ -n "$MOUNTED" ]; then
echo "WARNING: The following partitions on $TARGET_DRIVE are currently mounted:" echo "WARNING: The following partitions on $TARGET_DRIVE are currently mounted:"
lsblk -o NAME,MOUNTPOINT "$TARGET_DRIVE" | grep -v '^$' lsblk -o NAME,MOUNTPOINT "$TARGET_DRIVE"
echo "" echo ""
echo "Please unmount all partitions before proceeding" echo "Please unmount all partitions before proceeding"
exit 1 exit 1
@@ -157,12 +157,16 @@ echo "Starting installation..."
echo "" echo ""
# Unmount any partitions (just to be safe) # Unmount any partitions (just to be safe)
for part in "$TARGET_DRIVE"*[0-9]; do # Use lsblk to get actual partition names (works for all device types including NVMe)
if mountpoint -q "$part" 2>/dev/null; then PARTITIONS=$(lsblk -ln -o NAME "$TARGET_DRIVE" 2>/dev/null | tail -n +2 | sed 's|^|/dev/|' || true)
echo "Unmounting $part..." if [ -n "$PARTITIONS" ]; then
umount "$part" 2>/dev/null || true for part in $PARTITIONS; do
fi if mountpoint -q "$part" 2>/dev/null; then
done echo "Unmounting $part..."
umount "$part" 2>/dev/null || true
fi
done
fi
# Write image to drive with progress # Write image to drive with progress
echo "Writing SparkOS image to $TARGET_DRIVE..." echo "Writing SparkOS image to $TARGET_DRIVE..."
@@ -186,19 +190,25 @@ sync
# Verify installation by reading back the first few blocks # Verify installation by reading back the first few blocks
echo "Verifying installation..." echo "Verifying installation..."
VERIFY_BLOCKS=1024 VERIFY_BLOCKS=1024
dd if="$TARGET_DRIVE" of=/tmp/sparkos_verify.img bs=512 count=$VERIFY_BLOCKS status=none 2>/dev/null VERIFY_TMP=$(mktemp -t sparkos_verify.XXXXXXXX)
dd if="$IMAGE_FILE" of=/tmp/sparkos_source.img bs=512 count=$VERIFY_BLOCKS status=none 2>/dev/null SOURCE_TMP=$(mktemp -t sparkos_source.XXXXXXXX)
if cmp -s /tmp/sparkos_verify.img /tmp/sparkos_source.img; then # Ensure temp files are cleaned up on exit
trap "rm -f $VERIFY_TMP $SOURCE_TMP; cleanup" EXIT INT TERM
dd if="$TARGET_DRIVE" of="$VERIFY_TMP" bs=512 count=$VERIFY_BLOCKS status=none 2>/dev/null
dd if="$IMAGE_FILE" of="$SOURCE_TMP" bs=512 count=$VERIFY_BLOCKS status=none 2>/dev/null
if cmp -s "$VERIFY_TMP" "$SOURCE_TMP"; then
echo "✓ Verification successful - installation completed!" echo "✓ Verification successful - installation completed!"
else else
echo "✗ Verification failed - installation may be corrupted" echo "✗ Verification failed - installation may be corrupted"
rm -f /tmp/sparkos_verify.img /tmp/sparkos_source.img rm -f "$VERIFY_TMP" "$SOURCE_TMP"
exit 1 exit 1
fi fi
# Clean up verification files # Clean up verification files
rm -f /tmp/sparkos_verify.img /tmp/sparkos_source.img rm -f "$VERIFY_TMP" "$SOURCE_TMP"
echo "" echo ""
echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━" echo "━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━"