#!/bin/sh # strap.sh - install and setup BlackArch Linux keyring # mirror file to fetch and write MIRROR_F="blackarch-mirrorlist" # simple error message wrapper err() { echo >&2 "$(tput bold; tput setaf 1)[-] ERROR: ${*}$(tput sgr0)" exit 1337 } # simple warning message wrapper warn() { echo >&2 "$(tput bold; tput setaf 1)[!] WARNING: ${*}$(tput sgr0)" } # simple echo wrapper msg() { echo "$(tput bold; tput setaf 2)[+] ${*}$(tput sgr0)" } # check for root privilege check_priv() { if [ "$(id -u)" -ne 0 ]; then err "you must be root" fi } # make a temporary directory and cd into make_tmp_dir() { tmp="$(mktemp -d /tmp/blackarch_strap.XXXXXXXX)" trap 'rm -rf $tmp' EXIT cd "$tmp" || err "Could not enter directory $tmp" } check_internet() { tool='curl' tool_opts='-s --connect-timeout 8' if ! $tool $tool_opts https://example.com/ > /dev/null 2>&1; then err "You don't have an Internet connection!" fi return $SUCCESS } # retrieve the BlackArch Linux keyring fetch_keyring() { curl -s -O \ 'https://www.blackarch.org/keyring/blackarch-keyring.pkg.tar.xz' curl -s -O \ 'https://www.blackarch.org/keyring/blackarch-keyring.pkg.tar.xz.sig' } # verify the keyring signature # note: this is pointless if you do not verify the key fingerprint verify_keyring() { if ! gpg --keyserver keyserver.ubuntu.com \ --recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1 then if ! gpg --keyserver hkps://keyserver.ubuntu.com:443 \ --recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1 then if ! gpg --keyserver hkp://pgp.mit.edu:80 \ --recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1 then err "could not verify the key. Please check: https://blackarch.org/faq.html" fi fi fi if ! gpg --keyserver-options no-auto-key-retrieve \ --with-fingerprint blackarch-keyring.pkg.tar.xz.sig > /dev/null 2>&1 then err "invalid keyring signature. please stop by irc.blackarch.org:1337/blackarch" fi } # delete the signature files delete_signature() { if [ -f "blackarch-keyring.pkg.tar.xz.sig" ]; then rm blackarch-keyring.pkg.tar.xz.sig fi } # make sure /etc/pacman.d/gnupg is usable check_pacman_gnupg() { pacman-key --init } # install the keyring install_keyring() { if ! pacman --config /dev/null --noconfirm \ -U blackarch-keyring.pkg.tar.xz ; then err 'keyring installation failed' fi # just in case pacman-key --populate } # ask user for mirror get_mirror() { mirror_p="/etc/pacman.d" mirror_r="https://blackarch.org" msg "fetching new mirror list..." if ! curl -s "$mirror_r/$MIRROR_F" -o "$mirror_p/$MIRROR_F" ; then err "we couldn't fetch the mirror list from: $mirror_r/$MIRROR_F" fi msg "you can change the default mirror under $mirror_p/$MIRROR_F" } # update pacman.conf update_pacman_conf() { # delete blackarch related entries if existing sed -i '/blackarch/{N;d}' /etc/pacman.conf cat >> "/etc/pacman.conf" << EOF [blackarch] Include = /etc/pacman.d/$MIRROR_F EOF } # synchronize and update pacman_update() { if pacman -Syy; then return $SUCCESS fi warn "Synchronizing pacman has failed. Please try manually: pacman -Syy" return $FAILURE } pacman_upgrade() { echo 'perform full system upgrade? (pacman -Su) [Yn]:' read conf < /dev/tty case "$conf" in ''|y|Y) pacman -Su ;; n|N) warn 'some blackarch packages may not work without an up-to-date system.' ;; esac } # setup blackarch linux blackarch_setup() { check_priv msg 'installing blackarch keyring...' make_tmp_dir check_internet fetch_keyring verify_keyring delete_signature check_pacman_gnupg install_keyring echo msg 'keyring installed successfully' # check if pacman.conf has already a mirror if ! grep -q "\[blackarch\]" /etc/pacman.conf; then msg 'configuring pacman' get_mirror msg 'updating pacman.conf' update_pacman_conf fi msg 'updating package databases' pacman_update msg 'BlackArch Linux is ready!' } blackarch_setup