nc-datadir.sh, nc-encrypt.sh: Avoid set -u in scripts

2026-01-10 15:12:01 -03:30 · 2022-07-25 22:08:45 +02:00 · 2022-07-25 22:08:45 +02:00 · fcd2f47270
commit fcd2f47270
parent 7058939176
3 changed files with 22 additions and 14 deletions
--- a/bin/ncp/CONFIG/nc-datadir.sh
+++ b/bin/ncp/CONFIG/nc-datadir.sh
@ -22,7 +22,7 @@ install()

 configure()
 {
-  set -eu -o pipefail
+  set -e -o pipefail
  shopt -s dotglob # includes dot files

  ## CHECKS
--- a/bin/ncp/SECURITY/nc-encrypt.sh
+++ b/bin/ncp/SECURITY/nc-encrypt.sh
@ -21,15 +21,15 @@ install()
 configure()
 {
 (
-  set -eu -o pipefail
+  set -e -o pipefail
  local datadir parentdir encdir tmpdir
  datadir="$(get_ncpcfg datadir)"
-  [[ "${datadir}" == "null" ]] && datadir=/var/www/nextcloud/data
+  [[ "${datadir?}" == "null" ]] && datadir=/var/www/nextcloud/data
  parentdir="$(dirname "${datadir}")"
-  encdir="${parentdir}/ncdata_enc"
+  encdir="${parentdir?}/ncdata_enc"
  tmpdir="$(mktemp -u -p "${parentdir}" -t nc-data-crypt.XXXXXX))"

-  [[ "${ACTIVE}" != "yes" ]] && {
+  [[ "${ACTIVE?}" != "yes" ]] && {
    if ! is_active; then
      echo "Data not currently encrypted"
      return 0
@ -37,14 +37,14 @@ configure()
    save_maintenance_mode
    trap restore_maintenance_mode EXIT
    echo "Decrypting data..."
-    mkdir "${tmpdir}"
+    mkdir "${tmpdir?}"
    chown www-data: "${tmpdir}"
    pkill tail # prevents from umounting in docker
-    mv "${datadir}"/* "${datadir}"/.[!.]* "${tmpdir}"
+    mv "${datadir?}"/* "${datadir}"/.[!.]* "${tmpdir}"
    fusermount -u "${datadir}"
    rmdir "${datadir}"
    mv "${tmpdir}" "${datadir}"
-    rm "${encdir}"/gocryptfs.*
+    rm "${encdir?}"/gocryptfs.*
    rmdir "${encdir}"
    echo "Data no longer encrypted"
    return
@ -56,8 +56,8 @@ configure()
  fi

  # Just mount already encrypted data
-  if [[ -f "${encdir}"/gocryptfs.conf ]]; then
-    echo "${PASSWORD}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d
+  if [[ -f "${encdir?}"/gocryptfs.conf ]]; then
+    echo "${PASSWORD?}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d

    # switch to the regular virtual hosts after we decrypt, so we can access NC and ncp-web
    a2ensite ncp nextcloud
@ -67,12 +67,12 @@ configure()
    echo "Encrypted data now accessible"
    return
  fi
-  mkdir -p "${encdir}"
-  echo "${PASSWORD}" | gocryptfs -init -q "${encdir}"
+  mkdir -p "${encdir?}"
+  echo "${PASSWORD?}" | gocryptfs -init -q "${encdir}"
  save_maintenance_mode
  trap restore_maintenance_mode EXIT

-  mv "${datadir}" "${tmpdir}"
+  mv "${datadir?}" "${tmpdir?}"

  mkdir "${datadir}"
  echo "${PASSWORD}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d
--- a/tests/system_tests.py
+++ b/tests/system_tests.py
@ -18,7 +18,6 @@ import sys
 import getopt
 import os
 import signal
-from urllib.request import urlopen
 from subprocess import run, getstatusoutput, PIPE

 processes_must_be_running = [
@ -221,6 +220,12 @@ if __name__ == "__main__":
    except:
        lxc_running = False

+    try:
+        systemd_container_running = run(['machinectl', 'show', 'ncp'], stdout=PIPE, check = True)
+    except:
+        systemd_container_running = False
+
+
    # local method
    if os.path.exists('/usr/local/etc/ncp-baseimage'):
        print(tc.brown + "* local NCP instance detected" + tc.normal)
@ -241,6 +246,9 @@ if __name__ == "__main__":
        print( tc.brown + "* local LXC instance detected" + tc.normal)
        pre_cmd = ['lxc', 'exec', 'ncp', '--']

+    elif systemd_container_running:
+        pre_cmd = ['machinectl', 'shell', 'root@ncp', '/usr/bin/bash', '-c']
+
    # SSH method
    else:
        if len(args) == 0: