fix(dracut): be more robust when using 'set -u'

rmetrich · johannbg · commit 22a80629b4bb · 2022-02-04T12:24:22.000Z
From bash manpage, FUNCNAME exists only inside functions. When in debug mode, make sure to use an empty default value as FUNCNAME[0] when outside of functions. With bash4 this wasn't an issue, but is with bash5 with hardening option 'set -u' used, as shown in the example below: Incorrect: $ bash -u -c 'echo -n ${FUNCNAME[0]}' bash: line 1: FUNCNAME[0]: unbound variable $ Correct: $ bash -u -c 'echo -n ${FUNCNAME[0]-}' $ This hardening enables sourcing dracut-lib.sh from external utilities executing in the initramfs such as clevis-luks-askpass, which uses hardening option 'set -u' internally. (see Clevis PR latchset/clevis#340) Signed-off-by: Renaud Métrich <rmetrich@redhat.com>
diff --git a/dracut.sh b/dracut.sh
@@ -882,7 +882,7 @@ unset GREP_OPTIONS
 export DRACUT_LOG_LEVEL=warning
 [[ $debug ]] && {
     export DRACUT_LOG_LEVEL=debug
-    export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '
+    export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): '
     set -x
 }
 
diff --git a/modules.d/99base/dracut-lib.sh b/modules.d/99base/dracut-lib.sh
@@ -392,7 +392,7 @@ setdebug() {
             if getargbool 0 rd.debug -d -y rdinitdebug -d -y rdnetdebug; then
                 RD_DEBUG=yes
                 [ -n "$BASH" ] \
-                    && export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '
+                    && export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): '
             fi
         fi
         export RD_DEBUG

Original file line number	Diff line number	Diff line change
`@@ -882,7 +882,7 @@ unset GREP_OPTIONS`
`882`	`882`	`export DRACUT_LOG_LEVEL=warning`
`883`	`883`	`[[ $debug ]] && {`
`884`	`884`	`export DRACUT_LOG_LEVEL=debug`
`885`		`- export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]}): '`
	`885`	`+ export PS4='${BASH_SOURCE}@${LINENO}(${FUNCNAME[0]-}): '`
`886`	`886`	`set -x`
`887`	`887`	`}`
`888`	`888`