Ah, I didn’t know you could throw arguments after it.
I actually don’t know if I’d ever use it. It looks pretty esoteric and all it really saves you is a few lines and some readonlys.
It doesn’t save you any readonlys, it just happens to make readonly work because it doesn’t set if it’s already set.
The main use of := is setting a default value. Compare:
: ${port:=1234}
# vs
port=${port:+1234}
# vs
[ -n "$port" ] || port=1234
run_server()
{
local HOST PORT
: ${HOST=localhost}
: ${PORT=8080}
echo "listening on $HOST:$PORT"
}
run_server
PORT=9999 run_server
listening on localhost:8080
listening on localhost:9999
I use this a lot in my scripts, for example the top of my script that creates a VM for hacking in:
: ${EXTRA_PACKAGES:="\
emacs-nox \
git \
neovim \
ripgrep \
tmux \
vim-console \
zsh \
"}
readonly EXTRA_PACKAGES
: ${BHYVE_DATASET:="storage/bhyve"}
: ${BRIDGE:="bridge0"}
: ${CPUS:="8"}
: ${NMDM_PROP:="com.freqlabs:libvirt_nmdm"}
: ${MEMORY:="16G"}
readonly BHYVE_DATASET BRIDGE CORES NMDM_PROP MEMORY
I can override things when I call the script if needed:
CPUS=4 MEMORY=4G create-work-vm
Another example from the system:
/usr/libexec/bsdinstall/zfsboot
45:: ${ZFSBOOT_POOL_NAME:=zroot}
50:: ${ZFSBOOT_POOL_CREATE_OPTIONS:=-O compress=lz4 -O atime=off}
55:: ${ZFSBOOT_BEROOT_NAME:=ROOT}
60:: ${ZFSBOOT_BOOTFS_NAME:=default}
65:: ${ZFSBOOT_VDEV_TYPE:=stripe}
70:: ${ZFSBOOT_FORCE_4K_SECTORS:=1}
81:: ${ZFSBOOT_GELI_KEY_FILE:=/boot/encryption.key}
92:: ${ZFSBOOT_BOOT_POOL_CREATE_OPTIONS:=}
97:: ${ZFSBOOT_BOOT_POOL_NAME:=bootpool}
102:: ${ZFSBOOT_BOOT_POOL_SIZE:=2g}
107:: ${ZFSBOOT_DISKS:=}
112:: ${ZFSBOOT_PARTITION_SCHEME:=}
117:: ${ZFSBOOT_BOOT_TYPE:=}
123:: ${ZFSBOOT_SWAP_SIZE:=2g}
176:: ${ZFSBOOT_CONFIRM_LAYOUT:=1}
1559: : ${ZFSBOOT_BOOT_TYPE:=UEFI}
1560: : ${ZFSBOOT_PARTITION_SCHEME:=GPT}
1567: : ${ZFSBOOT_BOOT_TYPE:=BIOS+UEFI}
1568: : ${ZFSBOOT_PARTITION_SCHEME:=GPT}
1570: : ${ZFSBOOT_BOOT_TYPE:=BIOS}
1571: : ${ZFSBOOT_PARTITION_SCHEME:=GPT}
2 Likes
I don’t mind those, but for static things like MB/MiB, setting default value implies it could be something else, which it never would.
Sorry I’m being a little pedantic.This is neat stuff and I’m glad you shared it. I’m always interested to learn weird bashisms.
2 Likes
Right the idea with combining it with readonly is to allow the script to be sourced without things breaking:
lib.sh:
: ${KB:=$(( 1000))} ${KiB:=$((1<<10))}; readonly KB KiB
: ${MB:=$((1000*KB))} ${MiB:=$((1<<20))}; readonly MB MiB
: ${GB:=$((1000*MB))} ${GiB:=$((1<<30))}; readonly GB GiB
: ${TB:=$((1000*GB))} ${TiB:=$((1<<40))}; readonly TB TiB
$ . lib.sh
# now maybe I decide to edit the script to add some more things
# I can source it again to update my env
$ . lib.sh
In contrast this would break:
readonly KB=$(( 1000)) KiB=$((1<<10))
readonly MB=$((1000*KB)) MiB=$((1<<20))
readonly GB=$((1000*MB)) GiB=$((1<<30))
readonly TB=$((1000*GB)) TiB=$((1<<40))
$ . lib.sh
$ . lib.sh
readonly: KB: is read only
It makes it safe to set these in a .profile or to source in other scripts that might be sourced.
1 Like
You’d be surprised at how many all day issues stem from something minor that was overlooked. Even sysadmins come across this in their own setups no matter how well it is documented. The only thing that comes after is how much self-loathing and alcohol is involved with such a simple fix, yet took soo long to figure out.
1 Like
The BSD rc script setup is really very elegant, and anybody interested in shell scripting would be well advised to check them out. 
1 Like
So just a bit of a heads up for people who manages company laptops/desktops from Dell and potentially other vendors.
The recent intel vulnerability fix “SMM Security Mitigation” will cause PCs to instantly lock up if you attempt to update TB3 or TPM firmware.
Remember to disable it in BIOS.
There is currently no scriptable workaround on Dell’s end of things with all their fancy tools.
1 Like
On good hardware pfsense has been very stable for me. I was having crash issues requiring reboot when my pfsense was on a J1900 build. Turns out the J1900 Celeron has a bus issue.
1 Like
Thing of beauty.
Editing a bunch of VM configs to change from 8 cores to 2 and from 16GB memory to 8GB , the easy way:
$ virsh list --all |
awk '$2 ~ /CURRENT.*[^w]$/ { print $2 }' |
xargs -L1 env EDITOR="sed -i '' -e 's|>8<|>2<|' -e 's|>$((16<<20))<|>$((8<<20))<|'" virsh edit
Domain FreeBSD-13_0-CURRENT-r355889 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r356085 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r356261 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r357002 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r357276 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r357847 XML configuration edited.
Domain FreeBSD-13_0-CURRENT-r358133 XML configuration edited.
3 Likes
whats the easiest way to get wireshark to capture traffic so you can capture content you see in your browser?
https://wiki.wireshark.org/TLS#Using_the_.28Pre.29-Master-Secret
So, i have been tasked to set some basic physical threat sensor (basic door sensor) on every rack door on our cold corridor.
Before i start digging, i was wondering if you had any positive experience with a product/brand ? Obviously, focus is on reliability.
1 Like
I didn’t know you could put arbitrary things in EDITOR like that. What’s the function of the empty string after the -i?
FreeBSD requires the arg to -i
Required for what?
required for you to not have a backup file with the suffix “-e” appended to the filename
2 Likes
Oh ha. Verified.
1 Like
benefits of being a “Mac Guy” at work
getting booze for installing an SSD in a user’s home machine (an old upgradable macbook pro) then running through macOS installer from the internet.
no drivers, no creating install media, etc. Just hold option key and boot from network.
4 Likes