Skip to content

clear logs, shell history, ssh keys and networks #19

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 4 commits into from
Closed

clear logs, shell history, ssh keys and networks #19

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
1b66a28
clear logs, shell history, ssh keys and networks
kristapsk May 28, 2025
8608f7f
Describe how to calculate correct mount offset for 2nd partition of S…
kristapsk Apr 30, 2025
6cc09ed
CI: Install whois (for mkpasswd)
kristapsk May 6, 2025
ae94981
Proper escaping for generated encrypted password hashes
kristapsk Jun 2, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 12 additions & 0 deletions rootfiles/etc/wpa_supplicant/wpa_supplicant.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
# Default configuration file for wpa_supplicant.conf(5).

ctrl_interface=/run/wpa_supplicant
ctrl_interface_group=wheel
eapol_version=1
ap_scan=1
fast_reauth=1
update_config=1
passive_scan=1

# Add here your networks.

9 changes: 9 additions & 0 deletions tools/finalize-nakamochi.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -292,6 +292,15 @@ run_main()
echo "done."
fi

# clear logs, shell history, ssh keys and networks
echo -n "Clearing logs, shell history, ssh keys and networks ... "
rm -f "$USD_MOUNT_POINT"/var/log/* 2> /dev/null
for d in "$USD_MOUNT_POINT"/var/log/socklog/*; do echo > "$d/current"; done
Comment on lines +297 to +298
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Use recursive and safe log cleanup.

The command

rm -f "$USD_MOUNT_POINT"/var/log/*

only removes top-level files and leaves directories intact. For a complete wipe of log contents, consider:

- rm -f "$USD_MOUNT_POINT"/var/log/*
+ # Enable nullglob to avoid literal “*” when no files exist
+ shopt -s nullglob
+ # Delete all files under var/log recursively
+ find "$USD_MOUNT_POINT/var/log" -type f -delete
+ # (Optional) remove empty directories
+ find "$USD_MOUNT_POINT/var/log" -type d -empty -delete

This ensures all files in subdirectories are also removed and guards against globbing errors.

🤖 Prompt for AI Agents 
In tools/finalize-nakamochi.sh around lines 297 to 298, the rm command only
deletes top-level files in the log directory and does not remove files inside
subdirectories. Replace the rm command with a recursive and safe deletion
method, such as using rm -rf on the log directory contents or find with -delete,
to ensure all files including those in subdirectories are removed without
causing globbing errors.

rm "$USD_MOUNT_POINT"/root/.bash_history
echo > "$USD_MOUNT_POINT"/root/.ssh/authorized_keys
cp "$(dirname "$0")"/../rootfiles/etc/wpa_supplicant/wpa_supplicant.conf "$USD_MOUNT_POINT"/etc/wpa_supplicant/wpa_supplicant.conf
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Avoid brittle relative paths for config copy.

Relying on $(dirname "$0")/../rootfiles/... couples the script’s runtime location to the source tree layout. Consider:

  • Adding a CLI flag or environment variable for the rootfiles base path.
  • Verifying the source file exists before cp, and exiting on failure.
  • Using install -m 600 (or cp --preserve=mode) to set correct permissions on the deployed wpa_supplicant.conf.
🤖 Prompt for AI Agents 
In tools/finalize-nakamochi.sh at line 301, the script uses a brittle relative
path to copy wpa_supplicant.conf, which depends on the script's runtime
location. Refactor by introducing a CLI flag or environment variable to specify
the rootfiles base path, check if the source file exists before copying and exit
with an error if not, and replace the cp command with install -m 600 or cp
--preserve=mode to ensure the copied file has correct permissions.

echo "done."

sync
echo "All DONE, Nakamochi uSD and SSD should be ready!"
}
Expand Down