segfault/guest/setup.sh

#! /bin/bash

# Docker sf-guest setup script (docker build)

CR="\e[1;31m" # red
CN="\e[0m"    # none

WARN()
{
	WARNS+=("$*")
}

# Fatal Error when any of the following commands fail
set -e

# ZSH setup
sed 's/#\(.*\)prompt_symbol=/\1prompt_symbol=/g' -i /etc/skel/.zshrc
sed 's/\(\s*PROMPT=.*\)n└─\(.*\)/\1n%{%G└%}%{%G─%}\2/g' -i /etc/skel/.zshrc
sed '/\^P toggle_oneline_prompt/d' -i /etc/skel/.zshrc
echo '[[ -e /etc/shellrc ]] && source /etc/shellrc' >>/etc/skel/.zshrc

echo '[[ -e /etc/shellrc ]] && source /etc/shellrc' >>/etc/skel/.bashrc
sed 's/\(\s*\)set mouse=/"\1set mouse=/g' -i /usr/share/vim/vim91/defaults.vim
[[ -e /etc/postgresql/15/main/postgresql.conf ]] && {
	sed 's/shared_buffers = [0-9]*\(.*\)/shared_buffers = 4\1/g' -i /etc/postgresql/15/main/postgresql.conf
	sed 's/#maintenance_work_mem = [0-9]*\(.*\)/maintenance_work_mem = 4\1/g' -i /etc/postgresql/15/main/postgresql.conf
	sed 's/#max_parallel_workers = [0-9]*\(.*\)/max_parallel_workers = 2\1/g' -i /etc/postgresql/15/main/postgresql.conf
	sed 's/#max_worker_processes = [0-9]*\(.*\)/max_worker_processes = 2\1/g' -i /etc/postgresql/15/main/postgresql.conf
}
rm -f /etc/skel/.bashrc.original
rm -f /usr/bin/kali-motd /etc/motd
chsh -s /bin/zsh
useradd  -s /bin/zsh user
ln -s openssh /usr/lib/ssh
sed 's/\/root/\/sec\/root/g' -i /etc/passwd
sed 's/\/home\//\/sec\/home\//g' -i /etc/passwd

# Docker depends on /root to exist or otherwise throws a:
# [process_linux.go:545: container init caused: mkdir /root: file exists: unknown]
# shellcheck disable=SC2114
rm -rf /root /home
mkdir -p /sec
cp -a /etc/skel /sec/root
ln -s /sec/root /root
cd . # Prevent 'getcwd() failed' after deleting my own directory
ln -s /sec/home /home
mkdir /run/mysqld

echo "NOT ENCRYPTED" >/sec/THIS-DIRECTORY-IS-NOT-ENCRYPTED--DO-NOT-USE.txt

# Need to set correct permission which may have gotten skewed when building
# docker inside vmbox from shared host drive. On VMBOX share all
# source files and directories are set to "rwxrwx--- root:vobxsf" :/
fixr()
{
	local dir
	dir=$1
	[[ ! -d "$dir" ]] && return

	find "$dir" -type f -exec chmod 644 {} \;
	find "$dir" -type d -exec chmod 755 {} \;
}
ln -sf /sec/usr/etc/rc.local /etc/rc.local
chown root:root /etc /etc/profile.d /etc/profile.d/segfault.sh
chmod 755 /usr /usr/bin /usr/sbin /usr/share /etc /etc/profile.d
chmod 755 /usr/bin/mosh-server-hook /usr/bin/xpra-hook /usr/bin/brave-browser-stable-hook /usr/share/code/code-hook /usr/share/code/bin/code-hook /usr/bin/xterm-dark /usr/sbin/halt /usr/bin/username-anarchy
chmod 644 /etc/profile.d/segfault.sh
chmod 644 /etc/shellrc /etc/zsh_command_not_found /etc/zsh_profile
fixr /usr/share/www
fixr /usr/share/source-highlight
ln -s batcat /usr/bin/bat
[[ ! -e /usr/bin/cme ]] && ln -s crackmapexec /usr/bin/cme
ln -s /sf/bin/sf-motd.sh /usr/bin/motd
ln -s /sf/bin/sf-motd.sh /usr/bin/info
rm -f /usr/sbin/shutdown /usr/sbin/reboot
ln -s /usr/sbin/halt /usr/sbin/shutdown
ln -s /usr/sbin/halt /usr/sbin/reboot
[[ ! -e /usr/bin/vscode ]] && ln -sf /usr/bin/code /usr/bin/vscode
# No idea why /etc/firefox-esr does not work...
if [[ -e /usr/lib/firefox/defaults/pref/channel-prefs.js ]]; then
	echo 'pref("network.dns.blockDotOnion", false);
pref("browser.tabs.inTitlebar", 1);
pref("browser.shell.checkDefaultBrowser", false);' >>/usr/lib/firefox/defaults/pref/channel-prefs.js
else
	[[ -e /usr/bin/firefox ]] && WARN "Firefox config could not be updated."
fi
ln -s /usr/games/lolcat /usr/bin/lolcat

[[ -f /usr/share/wordlists/rockyou.txt.gz ]] && gunzip /usr/share/wordlists/rockyou.txt.gz
cd /var/log
rm -f dpkg.log alternatives.log fontconfig.log apt/*
set +e

# Non-Fatal. WARN but continue if any of the following commands fail
sed 's/^TorAddress.*/TorAddress 172.20.0.111/' -i /etc/tor/torsocks.conf || WARN "Failed /etc/tor/torsocks.conf"
sed 's/^worker_processes.*/worker_processes 2;/' -i /etc/nginx/nginx.conf || WARN "Failed /etc/nginx/nginx.conf"
sed 's/^Exec.*/Exec=xterm-dark/' -i /usr/share/applications/debian-xterm.desktop

# Move "$1" to "$1".orig and link "$1" -> "$1"-hook
mk_hook()
{
	local fn
	fn="${1}/${2}"
	[[ ! -e "$fn" ]] && return
	( cd "${1}"
	mv "$fn" "${fn}.orig"
	ln -s "${fn}-hook" "$fn" )
}
mk_hook /usr/bin        mosh-server
mk_hook /usr/bin        xpra
mk_hook /usr/bin        brave-browser-stable
mk_hook /usr/bin        chromium
mk_hook /usr/share/code/bin code
mk_hook /usr/share/code code
[[ -f /usr/share/code/bin/code.orig ]] && sed 's/PATH\/code\"/PATH\/code.orig\"/' -i /usr/share/code/bin/code.orig

# Apache needs to enable modules
command  -v a2enmod >/dev/null && a2enmod php8.2

# git diff delta and other options
[[ -f /usr/bin/delta ]] && cat /gitconfig-stub >>/etc/gitconfig 

# Output warnings and wait (if there are any)
[[ ${#WARNS[@]} -gt 0 ]] && {
	while [[ $i -lt ${#WARNS[@]} ]]; do
		((i++))
		echo -e "[${CR}WARN #$i${CN}] ${WARNS[$((i-1))]}"
	done
	echo "Continuing in 5 seconds..."
	sleep 5
}

exit 0
initial 2022-03-05 13:17:15 +00:00			`#! /bin/bash`

cleanup 2022-05-10 21:24:48 +00:00			`# Docker sf-guest setup script (docker build)`

bugs-be-gone 2022-11-25 11:35:31 +00:00			`CR="\e[1;31m" # red`
			`CN="\e[0m" # none`

			`WARN()`
			`{`
			`WARNS+=("$*")`
			`}`

			`# Fatal Error when any of the following commands fail`
			`set -e`

			`# ZSH setup`
			`sed 's/#\(.*\)prompt_symbol=/\1prompt_symbol=/g' -i /etc/skel/.zshrc`
			`sed 's/\(\sPROMPT=.\)n└─\(.*\)/\1n%{%G└%}%{%G─%}\2/g' -i /etc/skel/.zshrc`
			`sed '/\^P toggle_oneline_prompt/d' -i /etc/skel/.zshrc`
			`echo '[[ -e /etc/shellrc ]] && source /etc/shellrc' >>/etc/skel/.zshrc`

			`echo '[[ -e /etc/shellrc ]] && source /etc/shellrc' >>/etc/skel/.bashrc`
not-human check & 0.5.6rc1 cleanup 2024-04-13 19:29:03 +00:00			`sed 's/\(\s*\)set mouse=/"\1set mouse=/g' -i /usr/share/vim/vim91/defaults.vim`
final-rc1 2023-06-09 09:22:58 +00:00			`[[ -e /etc/postgresql/15/main/postgresql.conf ]] && {`
			`sed 's/shared_buffers = [0-9]\(.\)/shared_buffers = 4\1/g' -i /etc/postgresql/15/main/postgresql.conf`
			`sed 's/#maintenance_work_mem = [0-9]\(.\)/maintenance_work_mem = 4\1/g' -i /etc/postgresql/15/main/postgresql.conf`
			`sed 's/#max_parallel_workers = [0-9]\(.\)/max_parallel_workers = 2\1/g' -i /etc/postgresql/15/main/postgresql.conf`
			`sed 's/#max_worker_processes = [0-9]\(.\)/max_worker_processes = 2\1/g' -i /etc/postgresql/15/main/postgresql.conf`
			`}`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`rm -f /etc/skel/.bashrc.original`
			`rm -f /usr/bin/kali-motd /etc/motd`
initial 2022-03-05 13:17:15 +00:00			`chsh -s /bin/zsh`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`useradd -s /bin/zsh user`
			`ln -s openssh /usr/lib/ssh`
			`sed 's/\/root/\/sec\/root/g' -i /etc/passwd`
			`sed 's/\/home\//\/sec\/home\//g' -i /etc/passwd`

cleanup 2022-05-10 21:24:48 +00:00			`# Docker depends on /root to exist or otherwise throws a:`
			`# [process_linux.go:545: container init caused: mkdir /root: file exists: unknown]`
rc1 2023-02-21 06:49:57 +00:00			`# shellcheck disable=SC2114`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`rm -rf /root /home`
SIGPIPE caused missing Sema-Lock 2023-03-15 08:06:26 +00:00			`mkdir -p /sec`
			`cp -a /etc/skel /sec/root`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`ln -s /sec/root /root`
rc1 2023-05-08 16:47:24 +00:00			`cd . # Prevent 'getcwd() failed' after deleting my own directory`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`ln -s /sec/home /home`
minor 2023-11-01 11:03:49 +00:00			`mkdir /run/mysqld`
bugs-be-gone 2022-11-25 11:35:31 +00:00
			`echo "NOT ENCRYPTED" >/sec/THIS-DIRECTORY-IS-NOT-ENCRYPTED--DO-NOT-USE.txt`

initial 2022-03-05 13:17:15 +00:00			`# Need to set correct permission which may have gotten skewed when building`
encfs-working 2022-07-31 13:51:59 +00:00			`# docker inside vmbox from shared host drive. On VMBOX share all`
setns() and -L working 2023-01-25 22:17:02 +00:00			`# source files and directories are set to "rwxrwx--- root:vobxsf" :/`
			`fixr()`
			`{`
			`local dir`
			`dir=$1`
			`[[ ! -d "$dir" ]] && return`

			`find "$dir" -type f -exec chmod 644 {} \;`
			`find "$dir" -type d -exec chmod 755 {} \;`
			`}`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`ln -sf /sec/usr/etc/rc.local /etc/rc.local`
			`chown root:root /etc /etc/profile.d /etc/profile.d/segfault.sh`
routing/tc fixes 2023-04-26 17:57:44 +00:00			`chmod 755 /usr /usr/bin /usr/sbin /usr/share /etc /etc/profile.d`
final-rc1 2023-06-09 09:22:58 +00:00			`chmod 755 /usr/bin/mosh-server-hook /usr/bin/xpra-hook /usr/bin/brave-browser-stable-hook /usr/share/code/code-hook /usr/share/code/bin/code-hook /usr/bin/xterm-dark /usr/sbin/halt /usr/bin/username-anarchy`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`chmod 644 /etc/profile.d/segfault.sh`
secret@ login 2023-04-27 10:32:02 +00:00			`chmod 644 /etc/shellrc /etc/zsh_command_not_found /etc/zsh_profile`
setns() and -L working 2023-01-25 22:17:02 +00:00			`fixr /usr/share/www`
			`fixr /usr/share/source-highlight`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`ln -s batcat /usr/bin/bat`
0.4.4rc1 2023-03-09 16:34:16 +00:00			`[[ ! -e /usr/bin/cme ]] && ln -s crackmapexec /usr/bin/cme`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`ln -s /sf/bin/sf-motd.sh /usr/bin/motd`
more 2023-02-19 17:15:42 +00:00			`ln -s /sf/bin/sf-motd.sh /usr/bin/info`
			`rm -f /usr/sbin/shutdown /usr/sbin/reboot`
			`ln -s /usr/sbin/halt /usr/sbin/shutdown`
			`ln -s /usr/sbin/halt /usr/sbin/reboot`
rc1 2023-02-21 06:49:57 +00:00			`[[ ! -e /usr/bin/vscode ]] && ln -sf /usr/bin/code /usr/bin/vscode`
more 2023-02-19 17:15:42 +00:00			`# No idea why /etc/firefox-esr does not work...`
			`if [[ -e /usr/lib/firefox/defaults/pref/channel-prefs.js ]]; then`
			`echo 'pref("network.dns.blockDotOnion", false);`
			`pref("browser.tabs.inTitlebar", 1);`
			`pref("browser.shell.checkDefaultBrowser", false);' >>/usr/lib/firefox/defaults/pref/channel-prefs.js`
			`else`
			`[[ -e /usr/bin/firefox ]] && WARN "Firefox config could not be updated."`
			`fi`
			`ln -s /usr/games/lolcat /usr/bin/lolcat`
v4.4 cleanup / SIG fix 2023-03-22 08:40:03 +00:00
			`[[ -f /usr/share/wordlists/rockyou.txt.gz ]] && gunzip /usr/share/wordlists/rockyou.txt.gz`
cleanup 2023-03-22 16:18:37 +00:00			`cd /var/log`
			`rm -f dpkg.log alternatives.log fontconfig.log apt/*`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`set +e`

			`# Non-Fatal. WARN but continue if any of the following commands fail`
torsocks 2022-11-25 19:31:26 +00:00			`sed 's/^TorAddress.*/TorAddress 172.20.0.111/' -i /etc/tor/torsocks.conf \|\| WARN "Failed /etc/tor/torsocks.conf"`
nginx-limit 2023-03-06 18:22:50 +00:00			`sed 's/^worker_processes.*/worker_processes 2;/' -i /etc/nginx/nginx.conf \|\| WARN "Failed /etc/nginx/nginx.conf"`
p2 2023-06-23 09:30:41 +00:00			`sed 's/^Exec.*/Exec=xterm-dark/' -i /usr/share/applications/debian-xterm.desktop`
bugs-be-gone 2022-11-25 11:35:31 +00:00
more 2023-02-19 17:15:42 +00:00			`# Move "$1" to "$1".orig and link "$1" -> "$1"-hook`
			`mk_hook()`
			`{`
			`local fn`
			`fn="${1}/${2}"`
			`[[ ! -e "$fn" ]] && return`
			`( cd "${1}"`
			`mv "$fn" "${fn}.orig"`
			`ln -s "${fn}-hook" "$fn" )`
			`}`
			`mk_hook /usr/bin mosh-server`
			`mk_hook /usr/bin xpra`
			`mk_hook /usr/bin brave-browser-stable`
			`mk_hook /usr/bin chromium`
rc1 2023-02-21 06:49:57 +00:00			`mk_hook /usr/share/code/bin code`
more 2023-02-19 17:15:42 +00:00			`mk_hook /usr/share/code code`
rc1 2023-02-21 06:49:57 +00:00			`[[ -f /usr/share/code/bin/code.orig ]] && sed 's/PATH\/code\"/PATH\/code.orig\"/' -i /usr/share/code/bin/code.orig`
foobar 2023-01-12 10:43:33 +00:00
0.4.9rc1 2023-08-14 10:22:59 +00:00			`# Apache needs to enable modules`
			`command -v a2enmod >/dev/null && a2enmod php8.2`

not-human check & 0.5.6rc1 cleanup 2024-04-13 19:29:03 +00:00			`# git diff delta and other options`
			`[[ -f /usr/bin/delta ]] && cat /gitconfig-stub >>/etc/gitconfig`

bugs-be-gone 2022-11-25 11:35:31 +00:00			`# Output warnings and wait (if there are any)`
			`[[ ${#WARNS[@]} -gt 0 ]] && {`
			`while [[ $i -lt ${#WARNS[@]} ]]; do`
			`((i++))`
torsocks 2022-11-25 19:31:26 +00:00			`echo -e "[${CR}WARN #$i${CN}] ${WARNS[$((i-1))]}"`
bugs-be-gone 2022-11-25 11:35:31 +00:00			`done`
			`echo "Continuing in 5 seconds..."`
			`sleep 5`
			`}`

			`exit 0`