With `sudo -E`, the whole environment is passed to the root shell, which is a potential security and/or privacy issue when command overrides/functions, PATH or private user info are passed. To pass `PIHOLE_SKIP_OS_CHECK=true`, it can be passed alone to the bash/script call within the sudo session, so the `-E` flag can be omitted.
Signed-off-by: MichaIng <micha@dietpi.com>
Since Debian Stretch and Ubuntu Bionic, the "netcat" package is a transitional dummy package which pulls in "netcat-traditional" on Debian Stretch+Buster and Ubuntu Bionic, and "netcat-openbsd" on Debian Bullseye, Ubuntu Focal and up.
On Debian Bookworm (testing), however, the "netcat" package has been removed during the last 3 days at time or writing, so that it fails do be installed. While "netcat-traditional" and "netcat-openbsd" both "Provides: netcat", since it's two alternatives, APT does not automatically pick one but aborts, and the only solution is to install one explicitly.
While this is likely a temporary state of the Debian testing suite, having a closer look at the two alternatives shows that "netcat-openbsd" is a much more actively maintained newer version with additional support for IPv6, proxies, and UNIX sockets, which is likely the reason for the gradual transition via meta package from "netcat-traditional" to "netcat-openbsd". This commit hence consequently follows this aim by skipping the transitional dummy package and installing "netcat-openbsd" explicitly as dependency, to avoid any possible errors like the one which occurs currently on Bookworm.
Both packages can be installed concurrently and do no conflict, but are managed via dpkg's "update-alternatives".
For reference:
- https://packages.debian.org/netcat
- https://packages.ubuntu.com/netcat
Signed-off-by: MichaIng <micha@dietpi.com>
* Use ss instead of lsof for pihole status checks
Signed-off-by: DL6ER <dl6er@dl6er.de>
* Use ss FILTER instead of piping into bash
Signed-off-by: DL6ER <dl6er@dl6er.de>
* Use ss in debug log generation
Signed-off-by: DL6ER <dl6er@dl6er.de>
* Remove lsof from dependencies
Signed-off-by: DL6ER <dl6er@dl6er.de>
* Some shellchecks in basic-install.sh
Signed-off-by: ChillerDragon <ChillerDragon@gmail.com>
* Use more explicit grep (thanks to @MichaIng)
Signed-off-by: ChillerDragon <ChillerDragon@gmail.com>
This solves the issue reported here: https://github.com/pi-hole/pi-hole/issues/4196
It replaces the other suggested solution here: https://github.com/pi-hole/pi-hole/pull/4197
The benefit of using a fixed/limited list height, compared to allowing larger whiptail/dialogue dimension, is that it works on small screens as well, where the screen or console size itself is too small to hold the interface list + text above + whiptail frame.
It the amount of list elements exceeds the defined list height, automatically a visual scroll bar is added and the list can be scrolled with up/down pageup/pagedown buttons, hence it is generally not required to adjust a list height based on the amount of elements. The fixed height of "6" is chosen since all other "--radiolist" calls use this fixed height as well, it fits and looks good within a 20 rows high whiptail dialogue, and in the common Pi-hole use cases there are no more than 6 network interfaces.
Signed-off-by: MichaIng <micha@dietpi.com>
The phpInsNewer variable is not set anymore, so that the JSON module is now always tried to be installed. Instead of checking for phpInsNewer to derive whether PHP was installed already, phpInsMajor is now checked. If it is set, PHP is installed already, and only if the major version is lower than 8, the JSON module can be installed.
Signed-off-by: MichaIng <micha@dietpi.com>
Add some smoke tests for the repository.
- Add x bit to piholeCheckout.sh. Possibly not needed, but consistency is no bad thing
- Ensure all files in script directorys have executable bit set
Signed-off-by: Adam Warner <me@adamwarner.co.uk>