44 lines
1.6 KiB
Bash
Executable File
44 lines
1.6 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# Copyright 2014 Hewlett-Packard Development Company, L.P.
|
|
# Copyright 2017 Andreas Florath (andreas@florath.net)
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
|
# not use this file except in compliance with the License. You may obtain
|
|
# a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
|
# License for the specific language governing permissions and limitations
|
|
# under the License.
|
|
#
|
|
|
|
if [ ${DIB_DEBUG_TRACE:-1} -gt 0 ]; then
|
|
set -x
|
|
fi
|
|
set -eu
|
|
set -o pipefail
|
|
|
|
MANIFEST_IMAGE_PATH=${TMP_MOUNT_PATH}/${DIB_MANIFEST_IMAGE_DIR}
|
|
|
|
# Double check: directory must be created in extra-data.d/20-manifest-dir
|
|
[ -d ${MANIFEST_IMAGE_PATH} ] || {
|
|
echo "Error: MANIFEST_IMAGE_PATH [${MANIFEST_IMAGE_PATH}] does not exist";
|
|
exit 1; }
|
|
|
|
echo "$DIB_ENV" | sudo dd of=${MANIFEST_IMAGE_PATH}/dib_environment # dib-lint: safe_sudo
|
|
echo "$DIB_ARGS" | sudo dd of=${MANIFEST_IMAGE_PATH}/dib_arguments # dib-lint: safe_sudo
|
|
|
|
# Save the manifests locally to the save dir
|
|
mkdir -p ${DIB_MANIFEST_SAVE_DIR}
|
|
cp --no-preserve=ownership -rv ${MANIFEST_IMAGE_PATH} ${DIB_MANIFEST_SAVE_DIR}
|
|
|
|
# Lock down permissions on the manifest files inside the image to
|
|
# root. We don't want regular users being able to see what might
|
|
# contain a password, etc.
|
|
find ${MANIFEST_IMAGE_PATH} -type f | xargs sudo chown root:root # dib-lint: safe_sudo
|
|
find ${MANIFEST_IMAGE_PATH} -type f | xargs sudo chmod 600 # dib-lint: safe_sudo
|