194 lines
4.0 KiB
Bash
194 lines
4.0 KiB
Bash
#!/bin/sh
|
|
# strap.sh - install and setup BlackArch Linux keyring
|
|
|
|
# mirror file to fetch and write
|
|
MIRROR_F="blackarch-mirrorlist"
|
|
|
|
# simple error message wrapper
|
|
err()
|
|
{
|
|
echo >&2 "$(tput bold; tput setaf 1)[-] ERROR: ${*}$(tput sgr0)"
|
|
|
|
exit 1337
|
|
}
|
|
|
|
# simple warning message wrapper
|
|
warn()
|
|
{
|
|
echo >&2 "$(tput bold; tput setaf 1)[!] WARNING: ${*}$(tput sgr0)"
|
|
}
|
|
|
|
# simple echo wrapper
|
|
msg()
|
|
{
|
|
echo "$(tput bold; tput setaf 2)[+] ${*}$(tput sgr0)"
|
|
}
|
|
|
|
# check for root privilege
|
|
check_priv()
|
|
{
|
|
if [ "$(id -u)" -ne 0 ]; then
|
|
err "you must be root"
|
|
fi
|
|
}
|
|
|
|
# make a temporary directory and cd into
|
|
make_tmp_dir()
|
|
{
|
|
tmp="$(mktemp -d /tmp/blackarch_strap.XXXXXXXX)"
|
|
|
|
trap 'rm -rf $tmp' EXIT
|
|
|
|
cd "$tmp" || err "Could not enter directory $tmp"
|
|
}
|
|
|
|
check_internet()
|
|
{
|
|
tool='curl'
|
|
tool_opts='-s --connect-timeout 8'
|
|
|
|
if ! $tool $tool_opts https://example.com/ > /dev/null 2>&1; then
|
|
err "You don't have an Internet connection!"
|
|
fi
|
|
|
|
return $SUCCESS
|
|
}
|
|
|
|
# retrieve the BlackArch Linux keyring
|
|
fetch_keyring()
|
|
{
|
|
curl -s -O \
|
|
'https://www.blackarch.org/keyring/blackarch-keyring.pkg.tar.xz'
|
|
|
|
curl -s -O \
|
|
'https://www.blackarch.org/keyring/blackarch-keyring.pkg.tar.xz.sig'
|
|
}
|
|
|
|
# verify the keyring signature
|
|
# note: this is pointless if you do not verify the key fingerprint
|
|
verify_keyring()
|
|
{
|
|
if ! gpg --keyserver keyserver.ubuntu.com \
|
|
--recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1
|
|
then
|
|
if ! gpg --keyserver hkps://keyserver.ubuntu.com:443 \
|
|
--recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1
|
|
then
|
|
if ! gpg --keyserver hkp://pgp.mit.edu:80 \
|
|
--recv-keys 4345771566D76038C7FEB43863EC0ADBEA87E4E3 > /dev/null 2>&1
|
|
then
|
|
err "could not verify the key. Please check: https://blackarch.org/faq.html"
|
|
fi
|
|
fi
|
|
fi
|
|
|
|
if ! gpg --keyserver-options no-auto-key-retrieve \
|
|
--with-fingerprint blackarch-keyring.pkg.tar.xz.sig > /dev/null 2>&1
|
|
then
|
|
err "invalid keyring signature. please stop by irc.blackarch.org:1337/blackarch"
|
|
fi
|
|
}
|
|
|
|
# delete the signature files
|
|
delete_signature()
|
|
{
|
|
if [ -f "blackarch-keyring.pkg.tar.xz.sig" ]; then
|
|
rm blackarch-keyring.pkg.tar.xz.sig
|
|
fi
|
|
}
|
|
|
|
# make sure /etc/pacman.d/gnupg is usable
|
|
check_pacman_gnupg()
|
|
{
|
|
pacman-key --init
|
|
}
|
|
|
|
# install the keyring
|
|
install_keyring()
|
|
{
|
|
if ! pacman --config /dev/null --noconfirm \
|
|
-U blackarch-keyring.pkg.tar.xz ; then
|
|
err 'keyring installation failed'
|
|
fi
|
|
|
|
# just in case
|
|
pacman-key --populate
|
|
}
|
|
|
|
# ask user for mirror
|
|
get_mirror()
|
|
{
|
|
mirror_p="/etc/pacman.d"
|
|
mirror_r="https://blackarch.org"
|
|
|
|
msg "fetching new mirror list..."
|
|
if ! curl -s "$mirror_r/$MIRROR_F" -o "$mirror_p/$MIRROR_F" ; then
|
|
err "we couldn't fetch the mirror list from: $mirror_r/$MIRROR_F"
|
|
fi
|
|
|
|
msg "you can change the default mirror under $mirror_p/$MIRROR_F"
|
|
}
|
|
|
|
# update pacman.conf
|
|
update_pacman_conf()
|
|
{
|
|
# delete blackarch related entries if existing
|
|
sed -i '/blackarch/{N;d}' /etc/pacman.conf
|
|
|
|
cat >> "/etc/pacman.conf" << EOF
|
|
[blackarch]
|
|
Include = /etc/pacman.d/$MIRROR_F
|
|
EOF
|
|
}
|
|
|
|
# synchronize and update
|
|
pacman_update()
|
|
{
|
|
if pacman -Syy; then
|
|
return $SUCCESS
|
|
fi
|
|
|
|
warn "Synchronizing pacman has failed. Please try manually: pacman -Syy"
|
|
|
|
return $FAILURE
|
|
}
|
|
|
|
|
|
pacman_upgrade()
|
|
{
|
|
echo 'perform full system upgrade? (pacman -Su) [Yn]:'
|
|
read conf < /dev/tty
|
|
case "$conf" in
|
|
''|y|Y) pacman -Su ;;
|
|
n|N) warn 'some blackarch packages may not work without an up-to-date system.' ;;
|
|
esac
|
|
}
|
|
|
|
# setup blackarch linux
|
|
blackarch_setup()
|
|
{
|
|
check_priv
|
|
msg 'installing blackarch keyring...'
|
|
make_tmp_dir
|
|
check_internet
|
|
fetch_keyring
|
|
verify_keyring
|
|
delete_signature
|
|
check_pacman_gnupg
|
|
install_keyring
|
|
echo
|
|
msg 'keyring installed successfully'
|
|
# check if pacman.conf has already a mirror
|
|
if ! grep -q "\[blackarch\]" /etc/pacman.conf; then
|
|
msg 'configuring pacman'
|
|
get_mirror
|
|
msg 'updating pacman.conf'
|
|
update_pacman_conf
|
|
fi
|
|
msg 'updating package databases'
|
|
pacman_update
|
|
msg 'BlackArch Linux is ready!'
|
|
}
|
|
|
|
blackarch_setup
|