fix(dracut): be more robust when using 'set -u'

From bash manpage, FUNCNAME exists only inside functions. When in debug mode, make sure to use an empty default value as FUNCNAME[0] when outside of functions. With bash4 this wasn't an issue, but is with bash5 with hardening option 'set -u' used, as shown in the example below: Incorrect: $ bash -u -c 'echo -n ${FUNCNAME[0]}' bash: line 1: FUNCNAME[0]: unbound variable $ Correct: $ bash -u -c 'echo -n ${FUNCNAME[0]-}' $ This hardening enables sourcing dracut-lib.sh from external utilities executing in the initramfs such as clevis-luks-askpass, which uses hardening option 'set -u' internally. (see Clevis PR https://github.com/latchset/clevis/pull/340) Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
2022-01-06 19:50:28 +01:00 · 2022-01-06 19:50:28 +01:00 · 22a80629b4
parent c5907f82d8
commit 22a80629b4
2 changed files with 2 additions and 2 deletions
--- a/dracut.sh
+++ b/dracut.sh
@ -882,7 +882,7 @@ unset GREP_OPTIONS
 export DRACUT_LOG_LEVEL=warning
 [[ $debug ]] && {
    export DRACUT_LOG_LEVEL=debug
-    export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '
+    export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): '
    set -x
 }

--- a/modules.d/99base/dracut-lib.sh
+++ b/modules.d/99base/dracut-lib.sh
@ -392,7 +392,7 @@ setdebug() {
            if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
                RD_DEBUG=yes
                [ -n "$BASH" ] \
-                    && export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '
+                    && export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): '
            fi
        fi
        export RD_DEBUG