'local result=$(cmd)' resets $? to 0 (the local builtin's own exit), so the
following checkSuccess always saw success regardless of cmd's real exit — the
mechanism that masked the de-sudo write failures. Split declaration from
assignment ('local result; result=$(cmd)') across all 235 active-code sites
(84 files) so the command's exit reaches checkSuccess. No behaviour change
beyond $? now being accurate (no set -e in runtime code; multi-line
assignments transform safely).
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
Signed-off-by: librelad <librelad@digitalangels.vip>
24 lines
1.2 KiB
Bash
Executable File
24 lines
1.2 KiB
Bash
Executable File
#!/bin/bash
|
|
|
|
installDockerRootlessUser()
|
|
{
|
|
if [[ $CFG_DOCKER_INSTALL_TYPE == "rootless" ]]; then
|
|
if id "$CFG_DOCKER_INSTALL_USER" &>/dev/null; then
|
|
isSuccessful "User $CFG_DOCKER_INSTALL_USER already exists."
|
|
else
|
|
# Create the rootless docker user. The login name (last arg) was
|
|
# missing, so useradd failed silently — masked by local result; result=$(...)
|
|
# — and the user never existed, breaking the whole rootless setup.
|
|
# -m makes its home; with SUB_UID/GID configured in login.defs,
|
|
# useradd also assigns its subordinate uid/gid ranges (needed for
|
|
# rootless). Run unmasked so checkSuccess sees real failures.
|
|
runSystem useradd -m -s /bin/bash -d "/home/$CFG_DOCKER_INSTALL_USER" "$CFG_DOCKER_INSTALL_USER"
|
|
checkSuccess "Creating $CFG_DOCKER_INSTALL_USER User."
|
|
fi
|
|
# (Re)assert the password regardless — the user may have been pre-created
|
|
# in init.sh's root phase (so /docker/containers ownership is ready before
|
|
# the manager-run boot scans), where the password isn't set.
|
|
updateDockerInstallPassword;
|
|
fi
|
|
}
|