On Wed, Mar 06, 2013 at 06:25:38PM -0100, Carlos Silva wrote:
> + if ! use module-signing; then
> + return 1
> + fi
use module-signing || return 1
> +
> + # Check that the configuration is correct
> + KERNEL_MODSECKEY="${KERNEL_MODSECKEY:-${KV_DIR}/signing_key.priv}"
No shell field-splits (aka word-split) assignments. If sh did that, then
things like foo=$(cmd ...) would not work; so there's no need to quote
there. It's only needed for foo="$bar baz" and the like, and foo="$*" iff
you're playing with IFS (for completeness.)
That, and case $foo in .. are the *only* two places I know of where sh
doesn't field split; bash also has [[ as below. arr[i]=$bar works, but
arr+=("$bar") requires the quotes.
> + if [ ! -z "${KERNEL_MODSECKEY}x" -a ! -e "${KERNEL_MODSECKEY}" ]; then
What is the x for there? It's forcing the first test to true and is thus
redundant. Also, bash has [[ which doesn't field-split, and is quicker:
if [[ -n $KERNEL_MODSECKEY -a ! -e $KERNEL_MODSECKEY ]]; then
Though from the above, the -n (or ! -z) test is not needed, as it's set to
$KV_DIR/signing_key.priv if empty:
if [[ ! -e $KERNEL_MODSECKEY ]]; then
I think I'd use -s instead of -e here, as an empty file is also incorrect.
(help test)
> + eerror "KERNEL_MODSECKEY points to a missing file:"
> + eerror "${KERNEL_MODSECKEY}"
> + die "Invalid KERNEL_MODSECKEY"
> + fi
> + if [ ! -z "${KERNEL_MODPUBKEY}x" -a ! -e "${KERNEL_MODPUBKEY}" ]; then
Ditto.
--
#friendly-coders -- We're friendly, but we're not /that/ friendly ;-)
