LibrePortal/scripts/function/checks/check_success.sh
librelad 68110d199c fix(rootless): slirp4netns default, manager-vs-container helper split, sysctl path
Reinstall test on Debian 12 surfaced three rootless-only breakages (rooted
was byte-identical/fine):

1. pasta blocked by Debian's passt AppArmor profile (DENIED ptrace read ->
   can't open container netns -> rootless dockerd never starts). Default
   CFG_ROOTLESS_NET back to slirp4netns (reliable); pasta stays selectable
   for hosts that relax the profile.
2. de-sudo mis-assigned helpers by owner. /docker management layer (apps DB
   chowned to libreportal by install_sqlite, /docker/logs) is MANAGER-owned,
   not dockerinstall. Add runInstallWrite; move apps-DB sqlite3 -> runInstallOp
   and /docker/logs appends -> runInstallWrite. Revert ownership-SETUP scripts
   (libreportal_folders, app_folder) to runSystem — they must run as root to
   establish ownership during install. Container files (/docker/containers/<app>)
   stay runFileOp.
3. kernel hardening sysctls written to /etc/sysctl/99-custom.conf, which
   'sysctl --system' does not read -> never applied. Write them to
   /etc/sysctl.d/99-libreportal-hardening.conf instead.

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
2026-05-24 00:12:06 +01:00

54 lines
2.0 KiB
Bash
Executable File

#!/bin/bash
function checkSuccess()
{
if [ $? -eq 0 ]; then
isSuccessful "$1"
if [ -f "$logs_dir/$docker_log_file" ]; then
echo "✓ Success $1" | runInstallWrite -a "$logs_dir/$docker_log_file" >/dev/null
fi
else
isError "$1"
# Non-interactive (task processor / cron / piped): bail instead of
# blocking on read.
if [[ "$LIBREPORTAL_NONINTERACTIVE" == "1" ]] || [ ! -t 0 ]; then
if [ -f "$logs_dir/$docker_log_file" ]; then
isError " $1" | runInstallWrite -a "$logs_dir/$docker_log_file" >/dev/null
echo "===================================" | runInstallWrite -a "$logs_dir/$docker_log_file" >/dev/null
fi
isNotice "Non-interactive mode: aborting on error."
exit 1
fi
while true; do
isQuestion "An error has occurred. Do you want to continue, exit or go to back to the Menu? (c/x/m) "
read -rp "" error_occurred
if [[ -n "$error_occurred" ]]; then
break
fi
isNotice "Please provide a valid input."
done
if [[ "$error_occurred" == [cC] ]]; then
isNotice "Continuing after error has occurred."
fi
if [[ "$error_occurred" == [xX] ]]; then
# Log the error output to the log file
isError " $1" | runInstallWrite -a "$logs_dir/$docker_log_file"
echo "===================================" | runInstallWrite -a "$logs_dir/$docker_log_file"
exit 1 # Exit the script with a non-zero status to stop the current action
fi
if [[ "$error_occurred" == [mM] ]]; then
# Log the error output to the log file
isError " $1" | runInstallWrite -a "$logs_dir/$docker_log_file"
echo "===================================" | runInstallWrite -a "$logs_dir/$docker_log_file"
if [[ "$initial_command2" == "terminal" ]]; then
resetToMenu;
fi
fi
fi
}