Merge branch 'master' of https://afterdark.org.uk/git/Slackware/bootstrap

bootstrap

@@ -12,7 +12,7 @@ mkdir -p -m 755 {/opt,/opt/{bin,include,info,lib64,man,man/man{0..8},sbin,share}
 # Install the CA bundles, to stop wget moaning.
 echo "-> Adding CA certificates..."
 cp -R ca-certificates /usr/local/share
-update-ca-certificates
+LC_ALL=C update-ca-certificates -f
 
 # Install memtest86 into /boot.
 # Only install if /boot exists, and this isn't an EFI system.
@@ -69,8 +69,8 @@ read -r -p "----> Enter GPG decryption passphrase (appears in clear text): " PAS
 # Decrypt the pushover-config.
 echo "-> Decrypting /etc/pushover/*.gpg..."
 for FILE in /etc/pushover/*.gpg; do
-  gpg -d --passphrase "$PASS" -o "/etc/pushover/${FILE%.gpg}" "$FILE"
-  chmod 640 "/etc/pushover/${FILE%.gpg}"
+  gpg -d --passphrase "$PASS" -o "${FILE%.gpg}" "$FILE"
+  chmod 640 "${FILE%.gpg}"
 done
 unset FILE
 
@@ -149,7 +149,7 @@ unset PASS
 echo "-> Archiving old logs..."
 [[ ! -d /var/log/Archived ]] && mkdir -m 750 /var/log/Archived
 [[ ! -d /var/log/Archived/pre-bootstrapping ]] && mkdir -m 750 /var/log/Archived/pre-bootstrapping
-mv /var/log/{btmp.*,{cron,debug,maillog,messages,secure,spooler,syslog}{,.*}} /var/log/Archived/pre-bootstrapping/
+mv -f /var/log/{btmp.*,{cron,debug,maillog,messages,secure,spooler,syslog}{,.*}} /var/log/Archived/pre-bootstrapping/ 2>/dev/null
 
 # Restart syslogd.
 echo "-> Restarting syslogd for new config..."

rc.d/rc.firewall

@@ -69,7 +69,7 @@ start_firewall() {
 
   # Allow unrestricted access from our IPs.
   for ENTRY in "${UNFILTERED_RANGES_V4[@]}"; do
-    iptables -A INPUT -i "$EX_IF" --s "$ENTRY" -j ACCEPT
+    iptables -A INPUT -i "$EX_IF" -s "$ENTRY" -j ACCEPT
   done
   for ENTRY in "${UNFILTERED_RANGES_V6[@]}"; do
     ip6tables -A INPUT -i "$EX_IF" -s "$ENTRY" -j ACCEPT
@@ -159,7 +159,9 @@ case "$1" in
     ;;
 esac
 
-# Restart fail2ban to re-create the ban chains.
-[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+# Unless the system is booting, restart fail2ban to re-create the ban chains.
+[[ "$PREVLEVEL" != "N" ]] && {
+  [[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+}
 
 exit 0

rc.d/rc.firewall-complete

@@ -205,7 +205,9 @@ case "$1" in
     ;;
 esac
 
-# Restart fail2ban to re-create the ban chains.
-[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+# Unless the system is booting, restart fail2ban to re-create the ban chains.
+[[ "$PREVLEVEL" != "N" ]] && {
+  [[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+}
 
 exit 0

rc.d/rc.firewall-float

@@ -187,7 +187,9 @@ case "$1" in
     ;;
 esac
 
-# Restart fail2ban to re-create the ban chains.
-[[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+# Unless the system is booting, restart fail2ban to re-create the ban chains.
+[[ "$PREVLEVEL" != "N" ]] && {
+  [[ -x /etc/rc.d/rc.fail2ban ]] && /etc/rc.d/rc.fail2ban restart >/dev/null
+}
 
 exit 0