diff --git a/bin/dib-lint b/bin/dib-lint index a34b8330..0b33790e 100755 --- a/bin/dib-lint +++ b/bin/dib-lint @@ -167,6 +167,15 @@ for i in $(find elements -type f \ fi fi + # check for + # export FOO=$(bar) + # calls. These are dangerous, because the export hides the return + # code of the $(bar) call. Split this into 2 lines and -e will + # fail on the assignment + if grep -q 'export .*\$(' $i; then + error "Split export and assignments in $i" + fi + # check that sudo calls in phases run outside the chroot look # "safe"; meaning that they seem to operate within the chroot # somehow. This is not fool-proof, but catches egregious errors, diff --git a/elements/apt-sources/test-elements/test-sources/environment.d/00-set-apt-sources b/elements/apt-sources/test-elements/test-sources/environment.d/00-set-apt-sources index 8442fc17..8034daf6 100644 --- a/elements/apt-sources/test-elements/test-sources/environment.d/00-set-apt-sources +++ b/elements/apt-sources/test-elements/test-sources/environment.d/00-set-apt-sources @@ -1 +1,2 @@ -export DIB_APT_SOURCES=$(mktemp) +DIB_APT_SOURCES=$(mktemp) +export DIB_APT_SOURCES diff --git a/elements/dib-init-system/environment.d/10-dib-init-system.bash b/elements/dib-init-system/environment.d/10-dib-init-system.bash index db640993..d683ce89 100644 --- a/elements/dib-init-system/environment.d/10-dib-init-system.bash +++ b/elements/dib-init-system/environment.d/10-dib-init-system.bash @@ -1 +1,2 @@ -export DIB_INIT_SYSTEM=$(PATH="$PATH:$(dirname $BASH_SOURCE)/.." dib-init-system) +DIB_INIT_SYSTEM=$(PATH="$PATH:$(dirname $BASH_SOURCE)/.." dib-init-system) +export DIB_INIT_SYSTEM