For Reference and cherry-picking: Shellcheck fixes

packages/falter-berlin-bbbdigger/Makefile

@@ -8,8 +8,8 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=falter-berlin-bbbdigger
-PKG_VERSION:=0.0.3
-PKG_RELEASE:=3
+PKG_VERSION:=0.0.4
+PKG_RELEASE:=4
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
 

packages/falter-berlin-bbbdigger/files/postinst.sh

@@ -8,6 +8,9 @@
 #
 # All other config sections are overwritten with current settings
 
+# shellcheck disable=SC2034
+
+# shellcheck source=/dev/null
 . /lib/functions.sh
 
 TUNNEL_SRV='_bbb-vpn._udp.berlin.freifunk.net'
@@ -21,15 +24,15 @@ if [ $? -eq 1 ]; then
   # start with b6 for Berliner 6ackbone
   MAC="b6"
   for byte in 2 3 4 5 6; do
-    MAC=$MAC`dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"'`
+    MAC=$MAC$(dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"')
   done
 fi
 
 UUID=$(uci -q get tunneldigger.${IFACE}.uuid)
 if [ $? -eq 1 ]; then
   UUID=$MAC
   for byte in 7 8 9 10; do
-    UUID=$UUID`dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"'`
+    UUID=$UUID$(dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"')
   done
 fi
 
@@ -38,15 +41,15 @@ uci set tunneldigger.$IFACE=broker
 # remove old address list in favor of srv
 uci -q delete tunneldigger.$IFACE.address
 uci set tunneldigger.$IFACE.srv=$TUNNEL_SRV
-uci set tunneldigger.$IFACE.uuid=$UUID
+uci set tunneldigger.$IFACE.uuid="$UUID"
 uci set tunneldigger.$IFACE.interface=$IFACE
 uci set tunneldigger.$IFACE.broker_selection=usage
 uci set tunneldigger.$IFACE.bind_interface=$BIND
 uci set tunneldigger.$IFACE.enabled=1
 
 # network setup
 uci set network.${IFACE}_dev=device
-uci set network.${IFACE}_dev.macaddr=$MAC
+uci set network.${IFACE}_dev.macaddr="$MAC"
 uci set network.${IFACE}_dev.name=$IFACE
 
 uci set network.$IFACE=interface
@@ -59,7 +62,7 @@ uci -q add_list firewall.zone_freifunk.network=$IFACE
 
 # olsr setup (first remove it and add it again)
 SECTION=$(uci show olsrd | grep ${IFACE} | cut -d . -f 1-2)
-[ ! -z $SECTION ] && uci delete $SECTION
+[ -n "$SECTION" ] && uci delete "$SECTION"
 uci add olsrd Interface
 uci set olsrd.@Interface[-1].ignore=0
 uci set olsrd.@Interface[-1].interface=$IFACE

packages/falter-berlin-migration/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=falter-berlin-migration
-PKG_VERSION:=9
+PKG_VERSION:=2022.08.29
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)
 

packages/falter-berlin-migration/files/lib/functions/semver.sh

@@ -1,5 +1,9 @@
 #!/usr/bin/env sh
 
+# don't care for shellcheck here, as this is a third party-lib. The
+# author probably knows better, what he was doing.
+# shellcheck disable=all
+
 # Copyright (c) 2013, Ray Bejjani
 # All rights reserved.
 #

packages/falter-berlin-network-defaults/Makefile

@@ -1,7 +1,7 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=falter-berlin-network-defaults
-PKG_VERSION:=4
+PKG_VERSION:=5
 
 include $(INCLUDE_DIR)/package.mk
 

packages/falter-berlin-network-defaults/hotplug.d/iface/60-ffuplink_policyrouting

@@ -1,5 +1,9 @@
 #!/bin/sh
 
+# vars get assigned by config_get, which shellcheck can't recognize...
+# shellcheck disable=SC2154
+
+# shellcheck source=/dev/null
 . /lib/functions.sh
 . /lib/functions/network.sh
 
@@ -19,20 +23,20 @@ config_get zones pr zones
 if [ "$ACTION" = ifup ]; then
   logger -t ff-userlog "ffuplink interface is up"
   logger -t ff-userlog "creating ffuplink ip-rules"
-  ifaces=$(uci -q get firewall.zone_freifunk.network) 
+  ifaces=$(uci -q get firewall.zone_freifunk.network)
   network_get_subnet uplink_net ffuplink
-  if [ -z $uplink_net ]; then
+  if [ -z "$uplink_net" ]; then
     logger -t ff-userlog "UCI did not return a valid IP-net for ffuplink; querying directly with ip-tool"
     uplink_net=$(ip -4 -o addr show dev ffuplink|awk '{print $4}')
   fi
-  if [ -z $uplink_net ]; then
+  if [ -z "$uplink_net" ]; then
     logger -t ff-userlog "no valid IP-net found for ffuplink; TRAFFIC FOR UPLINK-NETWORK WILL NOT BE BLOCKED"
   fi
-  eval $(/bin/ipcalc.sh $uplink_net)
+  eval "$(/bin/ipcalc.sh "$uplink_net")"
   for iface in $ifaces; do
-    network_get_physdev netdev $iface
-    [ ! '0.0.0.0' = $NETWORK ] && ip rule add prio 19989 to $NETWORK/$PREFIX iif $netdev prohibit
-    ip rule add prio 19990 iif $netdev lookup ffuplink
+    network_get_physdev netdev "$iface"
+    [ ! '0.0.0.0' = "$NETWORK" ] && ip rule add prio 19989 to "$NETWORK/$PREFIX" iif "$netdev" prohibit
+    ip rule add prio 19990 iif "$netdev" lookup ffuplink
   done
   logger -t ff-userlog "ffuplink-interface is setup"
 fi

packages/falter-berlin-network-defaults/lib/functions/freifunk-berlin-network.sh

@@ -1,5 +1,11 @@
 #!/bin/sh
 
+#shellcheck shell=dash
+
+# minor stuff. Not important in this place
+# shellcheck disable=SC2034
+
+# shellcheck source=/dev/null
 . /lib/functions/guard.sh
 
 create_ffuplink() {
@@ -29,8 +35,8 @@ generate_random_mac_hex() {
   # Create a static macaddr starting with "prefix" for ffuplink devices
   # See the website https://www.itwissen.info/MAC-Adresse-MAC-address.html
   for byte in 2 3 4 5 6; do
-    macaddr=$macaddr`dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"'`
+    macaddr=$macaddr$(dd if=/dev/urandom bs=1 count=1 2> /dev/null | hexdump -e '1/1 ":%02x"')
   done
 
-  echo $prefix$macaddr
+  echo "$prefix$macaddr"
 }

packages/falter-berlin-network-defaults/uci-defaults/freifunk-berlin-correct-nsm2-txpower

@@ -4,29 +4,33 @@
 # see https://github.com/freifunk-berlin/firmware/issues/381
 #
 
-[ ! $(command -v iwinfo) ] && exit 0
+# shellcheck shell=dash
+# shellcheck disable=SC2181
+
+[ ! "$(command -v iwinfo)" ] && exit 0
 iwinfo|grep -q 'NanoStation M2\|NanoStation Loco M2' || exit 0
 
+# shellcheck source=/dev/null
 . /lib/functions/guard.sh
 guard "NSm2_txpower"
 
 set_default_txpower() {
  echo "setting txpower value to $1 dBm"
- uci set wireless.radio0.txpower=$1
+ uci set wireless.radio0.txpower="$1"
  uci commit wireless
 }
 
 MAX_TX_2G=20
 # get "TX offset" of 1st interface, if this is unknown set it to 0dB
 # then only return the numerical value
 ANT_GAIN=$(iwinfo |grep -m 1 "TX power offset:" |sed -e "s/unknown/0 dB/" |tr -dc '0-9')
-NEW_TX=$(echo $(($MAX_TX_2G - $ANT_GAIN)))
+NEW_TX=$((MAX_TX_2G - ANT_GAIN))
 
 CURR_TX=$(uci -q get wireless.radio0.txpower)
 # check if txpower is defined in config
 if [ $? -ne 0 ]; then
   echo -n "txpower not defined - "
   set_default_txpower $NEW_TX
-elif [ $CURR_TX -gt $NEW_TX ]; then
+elif [ "$CURR_TX" -gt $NEW_TX ]; then
   set_default_txpower $NEW_TX
 fi

packages/falter-berlin-network-defaults/uci-defaults/freifunk-berlin-ffuplink-defaults

@@ -1,5 +1,6 @@
 #!/bin/sh
 
+# shellcheck source=/dev/null
 . /lib/functions/freifunk-berlin-network.sh
 . /lib/functions/guard.sh
 guard "ffberlin_uplink"

packages/falter-berlin-network-defaults/uci-defaults/freifunk-berlin-network-defaults

@@ -1,13 +1,16 @@
 #!/bin/sh
 
+# shellcheck disable=SC2086
+
+# shellcheck source=/dev/null
 . /lib/functions/guard.sh
 guard "network"
 
 # change default ip to avoid collision with user's local network
 uci set network.lan.ipaddr=192.168.42.1
 
 WANDEV=$(uci -q get network.wan.device)
-echo ${WANDEV} | grep ^br- > /dev/null
+echo "${WANDEV}" | grep ^br- > /dev/null
 BRIDGECHECK=$?
 
 # setup wan as a bridge
@@ -39,13 +42,13 @@ else
   NEWDEV=$(uci add network device)
   uci set network.$NEWDEV.type="bridge"
   uci set network.$NEWDEV.name="br-wan"
-  uci add_list network.$NEWDEV.ports=${WANDEV}
+  uci add_list network.$NEWDEV.ports="${WANDEV}"
 
   uci set network.wan.device="br-wan"
   uci set network.wan6.device="br-wan"
 fi
 
-# do not use dns servers provided by dhcp - we maintain a static list of 
+# do not use dns servers provided by dhcp - we maintain a static list of
 # dns servers instead
 uci set network.wan.peerdns=0
 uci set network.wan6.peerdns=0

packages/falter-berlin-network-defaults/uci-defaults/freifunk-berlin-network-ip-route

@@ -1,5 +1,6 @@
 #!/bin/sh
 
+# shellcheck source=/dev/null
 . /lib/functions/guard.sh
 guard "iproute"
 

packages/falter-berlin-network-defaults/uci-defaults/freifunk-berlin-pingcheck-defaults

@@ -1,5 +1,6 @@
 #!/bin/sh
 
+# shellcheck source=/dev/null
 . /lib/functions.sh
 
 # remove the sta interface, leaving only wan

packages/falter-berlin-tunnelmanager/Makefile

@@ -1,18 +1,16 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=falter-berlin-tunnelmanager
-PKG_VERSION:=0.3.1
+PKG_VERSION:=0.4
 
 include $(INCLUDE_DIR)/package.mk
 
-# todo: add dependency on jshn
-
 define Package/falter-berlin-tunnelmanager
   SECTION:=falter-berlin
   CATEGORY:=falter-berlin
   TITLE:=Freifunk Berlin tunnelmanager
   URL:=https://github.com/freifunk-berlin/falter-packages
-  EXTRA_DEPENDS:=coreutils-timeout, ip-full, kmod-macvlan, wg-installer-client
+  EXTRA_DEPENDS:=coreutils-timeout, ip-full, kmod-macvlan, wg-installer-client, jshn
   PKGARCH:=all
 endef
 

packages/falter-berlin-tunnelmanager/files/down.sh

@@ -3,16 +3,16 @@
 interface="$1"
 
 uci revert olsrd
-section="$(uci show olsrd | grep $interface | awk -F '.interface' '{print $1}')"
+section="$(uci show olsrd | grep "$interface" | awk -F '.interface' '{print $1}')"
 uci delete "$section"
 uci commit olsrd
 
 # delete interface via ipc instead of reloading to make it seamless
 ubus call olsrd del_interface '{"ifname":'\""$interface"\"'}'
 
 uci revert babeld
-section="$(uci show babeld | grep interface | grep $interface | awk -F '.ifname' '{print $1}')"
-filter="$(uci show babeld | grep filter | grep $interface | awk -F '.if' '{print $1}')"
+section="$(uci show babeld | grep interface | grep "$interface" | awk -F '.ifname' '{print $1}')"
+filter="$(uci show babeld | grep filter | grep "$interface" | awk -F '.if' '{print $1}')"
 uci delete "$section"
 uci delete "$filter"
 uci commit babeld

packages/falter-berlin-tunnelmanager/files/tunnelman.sh

@@ -1,5 +1,12 @@
 #! /bin/sh
 
+# shellcheck shell=dash
+
+# in most cases this directive alarms, we don't care for the return values, as we do other checks.
+# shellcheck disable=SC2155
+# in that case it doesn't work to do it another way. We need that value twice.
+# shellcheck disable=SC2181
+
 # except than noted, this script is not posix-compliant in one way: we use "local"
 # variables definition. As nearly all shells out there implement local, this should
 # work anyway. This is a little reminder to you, if you use some rare shell without
@@ -98,7 +105,7 @@ get_age() {
 
 teardown() {
     local interface="$1"
-    local endpoint="$(wg show $interface endpoints | awk -F '\t|:' '{print $2}')"
+    local endpoint="$(wg show "$interface" endpoints | awk -F '\t|:' '{print $2}')"
 
     sh "$OPT_DOWN_SCRIPT" "$interface"
     ip link delete "$interface"
@@ -110,17 +117,17 @@ teardown() {
 wg_get_usage() {
     local server="$1"
     # ToDo: PASSWORDS!!!!11!!111!!
-    clients=$(timeout 60 ip netns exec $OPT_NAMESPACE_NAME wg-client-installer get_usage --endpoint "$server" --user wginstaller --password wginstaller)
+    clients=$(timeout 60 ip netns exec "$OPT_NAMESPACE_NAME" wg-client-installer get_usage --endpoint "$server" --user wginstaller --password wginstaller)
     if [ $? -ne 0 ]; then
         return 1
     fi
-    echo "$(echo "$clients" | cut -d' ' -f2)"
+    echo "$clients" | cut -d' ' -f2
 }
 
 get_least_used_tunnelserver() {
     local tunnel_endpoints="$1"
 
-    # Dont check tunnelserver we already have a connection with
+    # Don't check tunnelserver we already have a connection with
     for i in $(wg show all endpoints | awk -F '\t|:' '{print $3}'); do
         # remove ip from connections:
         tunnel_endpoints=$(echo "$tunnel_endpoints" | sed "s/$i//")
@@ -135,7 +142,7 @@ get_least_used_tunnelserver() {
         if [ $? -ne 0 ]; then
             log "Error while querying tunnelserver $i for utilization"
 
-        elif [ $current -le $usercount ]; then
+        elif [ "$current" -le $usercount ]; then
             best=$i
             usercount=$current
         fi
@@ -161,7 +168,7 @@ new_tunnel() {
     local nsname="$2"
     local mtu="$3"
 
-    local interface="$(timeout 5 ip netns exec $OPT_NAMESPACE_NAME wg-client-installer register --lookup-default-namespace --endpoint "$ip" --user wginstaller --password wginstaller --wg-key-file $gw_pub --mtu $mtu)"
+    local interface="$(timeout 5 ip netns exec "$OPT_NAMESPACE_NAME" wg-client-installer register --lookup-default-namespace --endpoint "$ip" --user wginstaller --password wginstaller --wg-key-file $gw_pub --mtu "$mtu")"
 
     if [ -z "$interface" ]; then
         log "Failed to register a new tunnel."
@@ -192,17 +199,17 @@ manage() {
     # Check for stale tunnels and tear em down
     while true; do
         for interface in $interfaces; do
-            if [ $(get_age "$interface") -ge $OPT_TUNNEL_TIMEOUT ]; then
+            if [ "$(get_age "$interface")" -ge "$OPT_TUNNEL_TIMEOUT" ]; then
                 log "Tunnel to $interface timed out."
                 teardown "$interface"
             fi
         done
 
         tmp_tunnel_endpoints="$tunnel_endpoints"
 
-        while [ $(echo $connections | wc -w) -lt $connection_count ]; do
+        while [ "$(echo "$connections" | wc -w)" -lt "$connection_count" ]; do
             ep=$(get_least_used_tunnelserver "$tmp_tunnel_endpoints")
-            if [ ! -z "$ep" ]; then
+            if [ -n "$ep" ]; then
                 log "Server handling least clients is: $ep. Trying to create tunnel..."
                 if ! new_tunnel "$ep" "$nsname" "$mtu"; then
                     # remove ep from tunnel
@@ -276,9 +283,9 @@ log "starting tunnelmanager with
     Uplink-IP............: $OPT_UPLINK_IP
     Uplink-GW............: $OPT_UPLINK_GW
     MTU..................: $OPT_MTU
-    Namespace............: $OPT_NAMESPACE_NAME 
-    Tunnel-Endpoints.....: $OPT_TUNNEL_ENDPOINTS 
-    Tunnel-Count.........: $OPT_TUNNEL_COUNT 
+    Namespace............: $OPT_NAMESPACE_NAME
+    Tunnel-Endpoints.....: $OPT_TUNNEL_ENDPOINTS
+    Tunnel-Count.........: $OPT_TUNNEL_COUNT
     Tunnel-Timeout.......: $OPT_TUNNEL_TIMEOUT
     Work-Interval........: $OPT_INTERVAL
     Up_Script............: $OPT_UP_SCRIPT