nc-datadir.sh, nc-encrypt.sh: Avoid set -u in scripts

nextcloud · Jul 25, 2022 · fcd2f47 · fcd2f47
1 parent 7058939
commit fcd2f47
Show file tree

Hide file tree

Showing 3 changed files with 22 additions and 14 deletions.
diff --git a/bin/ncp/CONFIG/nc-datadir.sh b/bin/ncp/CONFIG/nc-datadir.sh
@@ -22,7 +22,7 @@ install()
 
 configure()
 {
-  set -eu -o pipefail
+  set -e -o pipefail
   shopt -s dotglob # includes dot files
 
   ## CHECKS

diff --git a/bin/ncp/SECURITY/nc-encrypt.sh b/bin/ncp/SECURITY/nc-encrypt.sh
@@ -21,30 +21,30 @@ install()
 configure()
 {
 (
-  set -eu -o pipefail
+  set -e -o pipefail
   local datadir parentdir encdir tmpdir
   datadir="$(get_ncpcfg datadir)"
-  [[ "${datadir}" == "null" ]] && datadir=/var/www/nextcloud/data
+  [[ "${datadir?}" == "null" ]] && datadir=/var/www/nextcloud/data
   parentdir="$(dirname "${datadir}")"
-  encdir="${parentdir}/ncdata_enc"
+  encdir="${parentdir?}/ncdata_enc"
   tmpdir="$(mktemp -u -p "${parentdir}" -t nc-data-crypt.XXXXXX))"
 
-  [[ "${ACTIVE}" != "yes" ]] && {
+  [[ "${ACTIVE?}" != "yes" ]] && {
     if ! is_active; then
       echo "Data not currently encrypted"
       return 0
     fi
     save_maintenance_mode
     trap restore_maintenance_mode EXIT
     echo "Decrypting data..."
-    mkdir "${tmpdir}"
+    mkdir "${tmpdir?}"
     chown www-data: "${tmpdir}"
     pkill tail # prevents from umounting in docker
-    mv "${datadir}"/* "${datadir}"/.[!.]* "${tmpdir}"
+    mv "${datadir?}"/* "${datadir}"/.[!.]* "${tmpdir}"
     fusermount -u "${datadir}"
     rmdir "${datadir}"
     mv "${tmpdir}" "${datadir}"
-    rm "${encdir}"/gocryptfs.*
+    rm "${encdir?}"/gocryptfs.*
     rmdir "${encdir}"
     echo "Data no longer encrypted"
     return
@@ -56,8 +56,8 @@ configure()
   fi
 
   # Just mount already encrypted data
-  if [[ -f "${encdir}"/gocryptfs.conf ]]; then
-    echo "${PASSWORD}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d
+  if [[ -f "${encdir?}"/gocryptfs.conf ]]; then
+    echo "${PASSWORD?}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d
 
     # switch to the regular virtual hosts after we decrypt, so we can access NC and ncp-web
     a2ensite ncp nextcloud
@@ -67,12 +67,12 @@ configure()
     echo "Encrypted data now accessible"
     return
   fi
-  mkdir -p "${encdir}"
-  echo "${PASSWORD}" | gocryptfs -init -q "${encdir}"
+  mkdir -p "${encdir?}"
+  echo "${PASSWORD?}" | gocryptfs -init -q "${encdir}"
   save_maintenance_mode
   trap restore_maintenance_mode EXIT
 
-  mv "${datadir}" "${tmpdir}"
+  mv "${datadir?}" "${tmpdir?}"
 
   mkdir "${datadir}"
   echo "${PASSWORD}" | gocryptfs -allow_other -q "${encdir}" "${datadir}" 2>&1 | sed /^Switch/d

diff --git a/tests/system_tests.py b/tests/system_tests.py
@@ -18,7 +18,6 @@
 import getopt
 import os
 import signal
-from urllib.request import urlopen
 from subprocess import run, getstatusoutput, PIPE
 
 processes_must_be_running = [
@@ -221,6 +220,12 @@ def signal_handler(sig, frame):
     except:
         lxc_running = False
 
+    try:
+        systemd_container_running = run(['machinectl', 'show', 'ncp'], stdout=PIPE, check = True)
+    except:
+        systemd_container_running = False
+
+
     # local method
     if os.path.exists('/usr/local/etc/ncp-baseimage'):
         print(tc.brown + "* local NCP instance detected" + tc.normal)
@@ -241,6 +246,9 @@ def signal_handler(sig, frame):
         print( tc.brown + "* local LXC instance detected" + tc.normal)
         pre_cmd = ['lxc', 'exec', 'ncp', '--']
 
+    elif systemd_container_running:
+        pre_cmd = ['machinectl', 'shell', 'root@ncp', '/usr/bin/bash', '-c']
+
     # SSH method
     else:
         if len(args) == 0: