From d29d21017de635db1d05769144db56f44addd055 Mon Sep 17 00:00:00 2001 From: Ian Kelling Date: Fri, 8 Sep 2017 20:03:42 -0700 Subject: [PATCH] add more stack traces, other minor changes --- arch-init | 6 +- bash-trace | 48 +++++++++++ debian-pxe-preseed | 6 +- dsfull | 8 +- fai-revm | 11 +-- fai/config/files/boot/chboot/DEFAULT | 3 +- faiserver-revm | 6 +- faiserver-setup | 3 +- fresize | 48 +---------- install-chboot | 7 +- myfai-chboot-local | 3 +- pxe-server | 4 +- wrt-disabled-firewall-rules | 87 ++++++++++++++++++- wrt-setup | 120 +++++++-------------------- 14 files changed, 189 insertions(+), 171 deletions(-) create mode 100644 bash-trace diff --git a/arch-init b/arch-init index a2517ee..2f14ad6 100755 --- a/arch-init +++ b/arch-init @@ -15,10 +15,8 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR - -x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*} +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" +cd ${x%/*} export HOSTNAME="$1" mirror=$2 diff --git a/bash-trace b/bash-trace new file mode 100644 index 0000000..61f8ae5 --- /dev/null +++ b/bash-trace @@ -0,0 +1,48 @@ +# meant to be sourced. copy/pasted from https://iankelling.org/git/?p=errhandle;a=summary + +bash-trace() { + local -i argc_index=0 arg frame i start=${1:-1} max_indent=8 indent + local source + local extdebug=false + if [[ $(shopt -p extdebug) == *-s* ]]; then + extdebug=true + fi + + for ((frame=0; frame < ${#FUNCNAME[@]}-1; frame++)); do + argc=${BASH_ARGC[frame]} + argc_index+=$argc + ((frame < start)) && continue + if (( ${#BASH_SOURCE[@]} > 1 )); then + source="${BASH_SOURCE[frame+1]}:${BASH_LINENO[frame]}:" + fi + indent=$((frame-start+1)) + indent=$((indent < max_indent ? indent : max_indent)) + printf "%${indent}s↳%sin \`%s" '' "$source" "${FUNCNAME[frame]}" + if $extdebug; then + for ((i=argc_index-1; i >= argc_index-argc; i--)); do + printf " %s" "${BASH_ARGV[i]}" + done + fi + echo \' + done +} + + +errcatch() { + set -E; shopt -s extdebug + _err-trap() { + err=$? + exec >&2 + set +x + echo "${BASH_SOURCE[1]}:${BASH_LINENO[0]}:in \`$BASH_COMMAND' returned $err" + bash-trace 2 + set -e + "${_errcatch_cleanup[@]}" + echo "$0: exiting with code $err" + exit $err + } + trap _err-trap ERR + set -o pipefail +} + +errcatch diff --git a/debian-pxe-preseed b/debian-pxe-preseed index c2a2087..31a038a 100755 --- a/debian-pxe-preseed +++ b/debian-pxe-preseed @@ -16,10 +16,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -cleanup() { :; } -set -eE -o pipefail -trap 'cleanup; echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR - +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" [[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@" @@ -30,6 +27,7 @@ e() { echo "$*"; "$@"; } mount_dir=$(mktemp -d) cleanup() { cd; umount -f $mount_dir; } +_errcatch_cleanup=cleanup e mount -o users wrt:/mnt/usb $mount_dir diff --git a/dsfull b/dsfull index 4176350..29946f3 100755 --- a/dsfull +++ b/dsfull @@ -13,9 +13,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -set -eE -o pipefail -cleanup() { :; } -trap 'cleanup; echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" reboot=true if [[ $1 == -r ]]; then @@ -73,7 +71,7 @@ if $kexec; then e myfai-chboot $host e fai-kexec $host ||: else - cleanup() { pxe-server; } + cleanup() { pxe-server; }; _errcatch_cleanup=cleanup e pxe-server $host fai if $reboot; then @@ -82,7 +80,7 @@ else fi e pxe-server -a - cleanup() { :; } + unset _errcatch_cleanup fi error=true diff --git a/fai-revm b/fai-revm index 4009ede..3b05795 100755 --- a/fai-revm +++ b/fai-revm @@ -17,10 +17,9 @@ -cleanup() { :; } -set -eE -o pipefail -trap 'cleanup; echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR -script_dir=$(dirname $(readlink -f "$BASH_SOURCE")) +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" + +script_dir="$(readlink -f "$BASH_SOURCE")" e() { echo "$*"; "$@"; } @@ -82,6 +81,8 @@ cleanup() { ./pxe-server ./faiserver-disable } +_errcatch_cleanup=cleanup + if is_arch_revm; then ./pxe-server demohost arch sleep 2 @@ -133,7 +134,7 @@ sleep 30 while ! timeout -s 9 10 ssh -oBatchMode=yes root@$name /bin/true; do e sleep 5 done -cleanup() { :; } +unset _errcatch_cleanup e pxe-server if is_arch_revm; then ./arch-init-remote $name diff --git a/fai/config/files/boot/chboot/DEFAULT b/fai/config/files/boot/chboot/DEFAULT index a7b450a..8a093d9 100755 --- a/fai/config/files/boot/chboot/DEFAULT +++ b/fai/config/files/boot/chboot/DEFAULT @@ -16,8 +16,7 @@ # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" [[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@" diff --git a/faiserver-revm b/faiserver-revm index 6d598a6..65a23d6 100755 --- a/faiserver-revm +++ b/faiserver-revm @@ -2,10 +2,10 @@ set -x set -eE -o pipefail -cleanup() { :; } -trap 'cleanup; echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR +cleanup() { :; }; _errcatch_cleanup=cleanup -x="$(readlink -f "$BASH_SOURCE")"; cd ${x%/*} +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" +cd ${x%/*} usage() { cat <&2' ERR +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" [[ $EUID == 0 ]] || exec sudo "${BASH_SOURCE}" "$@" diff --git a/fresize b/fresize index 4509823..4f2ef49 100755 --- a/fresize +++ b/fresize @@ -1,53 +1,9 @@ #!/bin/bash -shopt -s extdebug -bash-trace() { - # shows function args when: shopt -s extdebug - local -i argc_index=0 arg frame i start=${1:-1} max_indent=8 indent - local source - local extdebug=false - if [[ $(shopt -p extdebug) == *-s* ]]; then - extdebug=true - fi - - for ((frame=0; frame < ${#FUNCNAME[@]}-1; frame++)); do - argc=${BASH_ARGC[frame]} - argc_index+=$argc - ((frame < start)) && continue - if (( ${#BASH_SOURCE[@]} > 1 )); then - source="${BASH_SOURCE[frame+1]}:${BASH_LINENO[frame]}:" - fi - indent=$((frame-start+1)) - indent=$((indent < max_indent ? indent : max_indent)) - printf "%${indent}s↳%sin \`%s" '' "$source" "${FUNCNAME[frame]}" - if $extdebug; then - for ((i=argc_index-1; i >= argc_index-argc; i--)); do - printf " %s" "${BASH_ARGV[i]}" - done - fi - echo \' - done -} - - -errcatch() { - set -E; shopt -s extdebug - _err-trap() { - err=$? - exec >&2 - echo "${BASH_SOURCE[1]}:${BASH_LINENO[0]}:in \`$BASH_COMMAND' returned $err" - bash-trace 2 - echo "$0: exiting with code $err" - exit $err - } - trap _err-trap ERR - set -o pipefail -} - -errcatch - [[ $EUID == 0 ]] || exec sudo "$BASH_SOURCE" "$@" +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" + usage() { cat <&2' ERR - - -x=$(readlink -f "$BASH_SOURCE"); cd ${x%/*} +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" +cd ${x%/*} usage() { cat <&2' ERR +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" fai_action_arg=I fai_reboot_arg=,reboot diff --git a/pxe-server b/pxe-server index ec46060..8b3399e 100755 --- a/pxe-server +++ b/pxe-server @@ -22,8 +22,8 @@ # default distro is the base debian/fedora type. others are fai & arch. # for no pxe server, use a no-op like : or true. -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR + +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" usage() { diff --git a/wrt-disabled-firewall-rules b/wrt-disabled-firewall-rules index c126d43..3d1e902 100644 --- a/wrt-disabled-firewall-rules +++ b/wrt-disabled-firewall-rules @@ -1,8 +1,7 @@ firewall rules, temporarily disabled until I get them working -#### begin port forwarding rules #### - # each port forward needs corresponding forward in the vpn server +# each port forward needs corresponding forward in the vpn server #http/https @@ -59,6 +58,88 @@ config rule +#### begin rules for nfs #### +# https://serverfault.com/questions/377170/which-ports-do-i-need-to-open-in-the-firewall-to-use-nfs +# https://wiki.debian.org/SecuringNFS +# I had no /etc/default/quota, or any process named quota anything, +# so, assumed that was unneeded. seems to work. +config redirect + option src wan + option src_dport 111 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 111 +config redirect + option src wan + option src_dport 2049 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 2049 +config redirect + option src wan + option src_dport 32764 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 32764 +config redirect + option src wan + option src_dport 32765 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 32765 +config redirect + option src wan + option src_dport 32766 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 32766 +config redirect + option src wan + option src_dport 32767 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 32767 +config redirect + option src wan + option src_dport 32768 + option dest_ip 192.168.1.2 + option dest lan +config rule + option src wan + option target ACCEPT + option dest_port 32768 +#### end rules for nfs #### + + +config redirect + option name mariadb + option src wan + option src_dport 3306 + option dest lan + option dest_ip 192.168.1.2 + option proto tcp +config rule + option src wan + option target ACCEPT + option dest_port 3306 + option proto tcp -#### end port forwarding rules #### diff --git a/wrt-setup b/wrt-setup index 6fe2168..d721f6a 100755 --- a/wrt-setup +++ b/wrt-setup @@ -15,10 +15,7 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -set -eE -o pipefail -trap 'echo "$0:$LINENO:error: \"$BASH_COMMAND\" returned $?" >&2' ERR - -# ssh +x="$(readlink -f "$BASH_SOURCE")"; source "${x%/*}/bash-trace" pmirror() { # background: upgrading all packages is not recommended because it @@ -217,110 +214,40 @@ config rule config redirect option src wan - option src_dport 80 + option src_dport 1194 option dest lan option dest_ip 192.168.1.2 - option proto tcp + option proto udp config rule option src wan option target ACCEPT - option dest_port 80 - option proto tcp + option dest_port 1194 + option proto udp -config redirect - option name syncthing - option src wan - option src_dport 22001 - option dest_ip 192.168.1.2 - option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 22001 -#### begin rules for nfs #### -# https://serverfault.com/questions/377170/which-ports-do-i-need-to-open-in-the-firewall-to-use-nfs -# https://wiki.debian.org/SecuringNFS -# I had no /etc/default/quota, or any process named quota anything, -# so, assumed that was unneeded. seems to work. config redirect option src wan - option src_dport 111 - option dest_ip 192.168.1.2 - option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 111 -config redirect - option src wan - option src_dport 2049 - option dest_ip 192.168.1.2 - option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 2049 -config redirect - option src wan - option src_dport 32764 - option dest_ip 192.168.1.2 - option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 32764 -config redirect - option src wan - option src_dport 32765 - option dest_ip 192.168.1.2 - option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 32765 -config redirect - option src wan - option src_dport 32766 - option dest_ip 192.168.1.2 + option src_dport 80 option dest lan -config rule - option src wan - option target ACCEPT - option dest_port 32766 -config redirect - option src wan - option src_dport 32767 option dest_ip 192.168.1.2 - option dest lan + option proto tcp config rule option src wan option target ACCEPT - option dest_port 32767 + option dest_port 80 + option proto tcp + config redirect + option name syncthing option src wan - option src_dport 32768 + option src_dport 22001 option dest_ip 192.168.1.2 option dest lan config rule option src wan option target ACCEPT - option dest_port 32768 -#### end rules for nfs #### - + option dest_port 22001 -config redirect - option name mariadb - option src wan - option src_dport 3306 - option dest lan - option dest_ip 192.168.1.2 - option proto tcp -config rule - option src wan - option target ACCEPT - option dest_port 3306 - option proto tcp EOF @@ -330,8 +257,9 @@ EOF dnsmasq_restart=false v cedit /etc/hosts <