From f2faccd93fa0eb81ba56ba680042e35c7eedec6e Mon Sep 17 00:00:00 2001 From: David Tomaschik Date: Tue, 9 Sep 2025 10:25:59 -0700 Subject: [PATCH] More updates --- AGENTS.md | 28 +++++++++++++++++++++++++++- bin/checksec.sh | 14 +++++++------- bin/i3lock.sh | 1 + bin/install_package.sh | 8 ++++---- bin/screenshot.sh | 38 +++++++++++++++++++++++++++++--------- 5 files changed, 68 insertions(+), 21 deletions(-) diff --git a/AGENTS.md b/AGENTS.md index 68d0b25..e975061 100644 --- a/AGENTS.md +++ b/AGENTS.md @@ -1,4 +1,4 @@ -## Installation +## Installation and Environment This is a set of dotfiles and utilities for setting up my personal environment on POSIX-style environments. It is cloned from github and installed from the @@ -6,3 +6,29 @@ on POSIX-style environments. It is cloned from github and installed from the It mostly relies on symlinking dotfiles and other resources into the appropriate locations, bnut also installs dependencies in various ways. + +I primarily target Debian Linux-based (Debian, Ubuntu, and Kali Linux) systems +as well as MacOS. Other platforms are lower priorities. Shell scripts ending +in `.sh` should use only POSIX features unless there is a shebang line at the +beginning suggesting a different shell will be used. + +`zsh` and `fish` are the key interactive shells to be configured, but `bash` +may also be used at times. + +## Notes on Security Issues + +It is safe to have scripts and tools re-invoke themselves with sudo when they +require elevated privileges, as these are my own. Do not attempt to remove +these use cases. + +## Making Changes + +**IMPORTANT**: Only make those changes which are explicitly requested. If you +identify other issues, notify me about them, but do not suggest changes until I +ask for them. + +When making large changes, explain your chain of thought transparently and +explain solution design. + +If making changes that affects how the user installs the tools, update +`README.md` accordingly. diff --git a/bin/checksec.sh b/bin/checksec.sh index dd1f72e..473aeae 100755 --- a/bin/checksec.sh +++ b/bin/checksec.sh @@ -835,14 +835,14 @@ case "$1" in fi cd /proc N=$2 - if [ -d $N ] ; then + if [ -d "$N" ] ; then # read permissions? - if [ ! -r $N/exe ] ; then + if [ ! -r "$N/exe" ] ; then if !(root_privs) ; then - printf "\033[31mNo read permissions for '/proc/$N/exe' (run as root).\033[m\n\n" + printf "\033[31mNo read permissions for '/proc/%s/exe' (run as root).\033[m\n\n" "$N" exit 1 fi - if [ ! `readlink $N/exe` ] ; then + if [ ! "$(readlink "$N/exe")" ] ; then printf "\033[31mPermission denied. Requested process ID belongs to a kernel thread.\033[m\n\n" exit 1 fi @@ -860,9 +860,9 @@ case "$1" in printf "\033[31mError: libc not found.\033[m\n\n" exit 1 fi - printf "* Process name (PID) : %s (%d)\n" `head -1 $N/status | cut -b 7-` $N - FS_chk_func_libc=( $(readelf -s $FS_libc | grep _chk@@ | awk '{ print $8 }' | cut -c 3- | sed -e 's/_chk@.*//') ) - FS_functions=( $(readelf -s $2/exe | awk '{ print $8 }' | sed 's/_*//' | sed -e 's/@.*//') ) + printf "* Process name (PID) : %s (%d)\n" "$(head -1 "$N/status" | cut -b 7-)" "$N" + FS_chk_func_libc=( $(readelf -s "$FS_libc" | grep _chk@@ | awk '{ print $8 }' | cut -c 3- | sed -e 's/_chk@.*//') ) + FS_functions=( $(readelf -s "$2/exe" | awk '{ print $8 }' | sed 's/_*//' | sed -e 's/@.*//') ) FS_libc_check FS_binary_check diff --git a/bin/i3lock.sh b/bin/i3lock.sh index 42260c5..06de9aa 100755 --- a/bin/i3lock.sh +++ b/bin/i3lock.sh @@ -2,6 +2,7 @@ LOCKTIME="${SCREENSAVER_MIN:-5}" LOCKER="i3lock -c 000000" # intentionally want word splitting below +# do not quote this /usr/bin/xss-lock -- ${LOCKER} & exec /usr/bin/xautolock \ -time "${LOCKTIME}" \ diff --git a/bin/install_package.sh b/bin/install_package.sh index 9b4a542..8b1abcc 100644 --- a/bin/install_package.sh +++ b/bin/install_package.sh @@ -42,7 +42,7 @@ install_package() { return 1 fi echo "Installing '$package' using apt-get..." - sudo apt-get install -y "$package" + sudo apt-get install -y -- "$package" return 0 elif command -v yum &> /dev/null; then package=$(package_alias yum "${package}") @@ -51,7 +51,7 @@ install_package() { return 1 fi echo "Installing '$package' using yum..." - sudo yum install -y "$package" + sudo yum install -y -- "$package" return 0 elif command -v pacman &> /dev/null; then package=$(package_alias pacman "${package}") @@ -60,7 +60,7 @@ install_package() { return 1 fi echo "Installing '$package' using pacman..." - sudo pacman -S "$package" + sudo pacman -S -- "$package" return 0 # For macOS, assume Homebrew is installed elif command -v brew &> /dev/null; then @@ -70,7 +70,7 @@ install_package() { return 1 fi echo "Installing '$package' using Homebrew..." - brew install "$package" + brew install -- "$package" return 0 else echo "Error: No suitable package manager found." diff --git a/bin/screenshot.sh b/bin/screenshot.sh index b580cb7..1c4df8c 100755 --- a/bin/screenshot.sh +++ b/bin/screenshot.sh @@ -25,14 +25,6 @@ function flameshot_gui_capture { flameshot gui -p "${SCREENDIR}" } -function flameshot_region_capture { - flameshot_gui_capture -} - -function flameshot_window_capture { - flameshot_gui_capture -} - function flameshot_full_capture { flameshot full -p "${SCREENDIR}" } @@ -52,7 +44,35 @@ function scrot_full_capture { case "${CMD}" in region|window|full) mkdir -p "${SCREENDIR}" - ${TOOL}_${CMD}_capture + case "${TOOL}" in + flameshot) + case "${CMD}" in + region|window) + flameshot_gui_capture + ;; + full) + flameshot_full_capture + ;; + esac + ;; + scrot) + case "${CMD}" in + region) + scrot_region_capture + ;; + window) + scrot_window_capture + ;; + full) + scrot_full_capture + ;; + esac + ;; + *) + echo "Error: Unknown or unsupported tool '${TOOL}'" >&2 + exit 1 + ;; + esac exit $? ;; *)