set -e all the things

Using set -e in all of our scripts will prevent some subtle bugs
from slipping in, and will allow us to enforce use of set -e with
tooling.

This change also adds -u and set -o pipefail in the less complex
scripts where it is unlikely to cause problems.  A follow-up change
will enable those options in the complex scripts so that if it
breaks something it can be reverted easily.

Change-Id: I0ad358ccb98da7277a0ee2e9ce8fda98438675eb
This commit is contained in:
Ben Nemec 2014-03-28 22:28:22 -05:00
parent 0b367e919b
commit f6ba2aeaf4
42 changed files with 127 additions and 5 deletions

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages ccache install-packages ccache

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages dkms install-packages dkms

View File

@ -2,6 +2,7 @@
# Fully upgrade everything on the system (if the package manager knows how to # Fully upgrade everything on the system (if the package manager knows how to
# do it). # do it).
set -e set -eu
set -o pipefail
install-packages -u install-packages -u

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# without these files, cloud-init will not perform stock operations such as # without these files, cloud-init will not perform stock operations such as
# generating sshd hostkeys. # generating sshd hostkeys.

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
cat > /etc/cloud/cloud.cfg.d/91-local-metadata-only.cfg <<EOF cat > /etc/cloud/cloud.cfg.d/91-local-metadata-only.cfg <<EOF
# No cloud metadata available, use only what is in the image. # No cloud metadata available, use only what is in the image.
datasource_list: [ NoCloud, None ] datasource_list: [ NoCloud, None ]

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages tgt install-packages tgt

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages busybox install-packages busybox

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages tgt install-packages tgt

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages busybox install-packages busybox

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages curl install-packages curl

View File

@ -1,2 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages kexec-tools install-packages kexec-tools

View File

@ -1,5 +1,6 @@
#!/bin/bash #!/bin/bash
set -x set -eux
set -o pipefail
SCRIPTDIR=$(dirname $0) SCRIPTDIR=$(dirname $0)

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# Cloud images may hard code the eth0 interfaces so they # Cloud images may hard code the eth0 interfaces so they
# boot with DHCP. # boot with DHCP.

View File

@ -1,5 +1,7 @@
#!/bin/bash #!/bin/bash
set -e
INTERFACE=${1:-} #optional, if not specified configure all available interfaces INTERFACE=${1:-} #optional, if not specified configure all available interfaces
ENI_FILE="/etc/network/interfaces" ENI_FILE="/etc/network/interfaces"

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -e
set -o pipefail
home=$(dirname $0) home=$(dirname $0)
exec sudo install -m 0755 -o root -g root -D \ exec sudo install -m 0755 -o root -g root -D \
$home/../bin/dib-run-parts \ $home/../bin/dib-run-parts \

View File

@ -1,4 +1,7 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
config=/etc/selinux/config config=/etc/selinux/config
[ -e $config ] && sed -i "s%^\(SELINUX=\s*\).*$%SELINUX=disabled%" $config [ -e $config ] && sed -i "s%^\(SELINUX=\s*\).*$%SELINUX=disabled%" $config

View File

@ -2,6 +2,9 @@
# Trigger a run of dkms for all the modules installed # Trigger a run of dkms for all the modules installed
# to ensure we have valid modules build for all. # to ensure we have valid modules build for all.
set -eu
set -o pipefail
modules=$(dkms status | tr ',:' ' ' | awk '{ print $1 "/" $2 }') modules=$(dkms status | tr ',:' ' ' | awk '{ print $1 "/" $2 }')
kernels=$(ls /usr/src/linux-headers-*-*-* -d | sed -e 's|/usr/src/linux-headers-||' || echo "") kernels=$(ls /usr/src/linux-headers-*-*-* -d | sed -e 's|/usr/src/linux-headers-||' || echo "")
# NOTE(bnemec): On Fedora, the versions can be found in /usr/src/kernels # NOTE(bnemec): On Fedora, the versions can be found in /usr/src/kernels

View File

@ -1,6 +1,9 @@
#!/bin/bash #!/bin/bash
# Prevent apt from installing recommended packages # Prevent apt from installing recommended packages
set -eu
set -o pipefail
dd of=/etc/apt/apt.conf.d/95disable-recommends << _EOF_ dd of=/etc/apt/apt.conf.d/95disable-recommends << _EOF_
APT::Install-Recommends "0"; APT::Install-Recommends "0";
Apt::Install-Suggests "0"; Apt::Install-Suggests "0";

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# Prioritize PAE if present # Prioritize PAE if present
KERNEL=$(basename `ls -1rv /boot/vmlinuz* | grep PAE | grep -v debug | head -1`) KERNEL=$(basename `ls -1rv /boot/vmlinuz* | grep PAE | grep -v debug | head -1`)
if [ ! $KERNEL ]; then if [ ! $KERNEL ]; then

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# If the patch doesn't apply just do nothing. This patch fixes a small # If the patch doesn't apply just do nothing. This patch fixes a small
# issue in the script that writes the network configuration files from # issue in the script that writes the network configuration files from
# the cmdline to the disk on FC18/FC19. # the cmdline to the disk on FC18/FC19.

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# On a fresh Fedora 18 install you might have to update audit in order to # On a fresh Fedora 18 install you might have to update audit in order to
# fix a conflict with a file from the glibc package. # fix a conflict with a file from the glibc package.
# https://bugzilla.redhat.com/show_bug.cgi?id=894307 # https://bugzilla.redhat.com/show_bug.cgi?id=894307

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# The version of openssl shipped in the fedora cloud image is no longer # The version of openssl shipped in the fedora cloud image is no longer
# compatible with new python environments installed by virtualenv, so we need # compatible with new python environments installed by virtualenv, so we need
# to update it first. # to update it first.

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# FIXME: To avoid conflict between the pyOpenSSL installed via python-pip # FIXME: To avoid conflict between the pyOpenSSL installed via python-pip
# and pyOpenSSL installed via yum, we are going to sort it out installing # and pyOpenSSL installed via yum, we are going to sort it out installing
# it earlier at the beginning of the image building process. Pyhton-pip # it earlier at the beginning of the image building process. Pyhton-pip

View File

@ -1,6 +1,7 @@
#!/bin/bash #!/bin/bash
set -eux set -eux
set -o pipefail
# Workaround for: # Workaround for:
# https://bugzilla.redhat.com/show_bug.cgi?id=1066983 # https://bugzilla.redhat.com/show_bug.cgi?id=1066983

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install-packages yum-utils install-packages yum-utils
package-cleanup --oldkernels -y --count=1 package-cleanup --oldkernels -y --count=1

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# Install any packages in this file that may not be in the base cloud # Install any packages in this file that may not be in the base cloud
# image but could reasonably be expected # image but could reasonably be expected

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
echo "ccache dkms" > /tmp/yum-blacklist echo "ccache dkms" > /tmp/yum-blacklist

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
cat << EOF > /etc/yum.repos.d/rhel7.repo cat << EOF > /etc/yum.repos.d/rhel7.repo
[rhel7] [rhel7]
name=RHEL7 name=RHEL7

View File

@ -1,6 +1,7 @@
#!/bin/bash #!/bin/bash
set -x set -eux
set -o pipefail
CONFIGURED_SELINUX=$(grep ^SELINUX= /etc/selinux/config | awk -F = '{print $2}') CONFIGURED_SELINUX=$(grep ^SELINUX= /etc/selinux/config | awk -F = '{print $2}')

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# Fedora 18 sets up for root to have a label of "_/" # Fedora 18 sets up for root to have a label of "_/"
# Fedora 19 sets up for root to have a UUID # Fedora 19 sets up for root to have a UUID
# This regex will catch both # This regex will catch both

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# zeroconf should not be activated or it will add a 169.254.0.0 # zeroconf should not be activated or it will add a 169.254.0.0
# route. The route will interfere with access to the nova metadata # route. The route will interfere with access to the nova metadata
# server at 169.254.169.254. # server at 169.254.169.254.

View File

@ -1,5 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -eu
set -o pipefail
# heat-admin can not sudo without a tty by default # heat-admin can not sudo without a tty by default
echo 'Defaults:heat-admin !requiretty' >> /etc/sudoers.d/heat-admin-notty echo 'Defaults:heat-admin !requiretty' >> /etc/sudoers.d/heat-admin-notty

View File

@ -1,5 +1,6 @@
#!/bin/bash #!/bin/bash
set -e set -eu
set -o pipefail
# root can not sudo without a tty by default. # root can not sudo without a tty by default.
echo "Defaults:root !requiretty" >> /etc/sudoers.d/root-notty echo "Defaults:root !requiretty" >> /etc/sudoers.d/root-notty

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers sed -i '/secure_path/ s/$/:\/usr\/local\/bin/' /etc/sudoers

View File

@ -1,3 +1,6 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin install -m 0755 -o root -g root $(dirname $0)/../bin/* /usr/local/bin

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -e
set -o pipefail
if [ "i386" = "$ARCH" ]; then if [ "i386" = "$ARCH" ]; then
basearch=i386 basearch=i386
arch=i686 arch=i686

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
echo "SELINUX=permissive" > /etc/selinux/config echo "SELINUX=permissive" > /etc/selinux/config
echo "SELINUXTYPE=targeted" >> /etc/selinux/config echo "SELINUXTYPE=targeted" >> /etc/selinux/config

View File

@ -1,5 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# remove softlink to /dev/null which disables these rules # remove softlink to /dev/null which disables these rules
NET_NAME_SLOT_FILE="/etc/udev/rules.d/80-net-name-slot.rules" NET_NAME_SLOT_FILE="/etc/udev/rules.d/80-net-name-slot.rules"
if [ -h $NET_NAME_SLOT_FILE ]; then if [ -h $NET_NAME_SLOT_FILE ]; then

View File

@ -1,4 +1,8 @@
#!/bin/bash #!/bin/bash
set -eu
set -o pipefail
# This package is broken and causes real issues on update: # This package is broken and causes real issues on update:
# https://bugs.launchpad.net/ubuntu/+source/apt-xapian-index/+bug/1227420 # https://bugs.launchpad.net/ubuntu/+source/apt-xapian-index/+bug/1227420
apt-get --yes remove apt-xapian-index || : apt-get --yes remove apt-xapian-index || :