File: //proc/self/root/usr/sbin/update-shells
#!/bin/sh
# SPDX-License-Identifier: GPL-2.0-or-later
# Copyright 2021 Helmut Grohne <helmut@subdivi.de>
# A "hashset" is a shell variable containing a sequence of elements separated
# and surrounded by hash (#) characters. None of the elements may contain a
# hash character. The character is thus chosen, because it initiates a comment
# in /etc/shells. All variables ending in _SHELLS in this file are hashsets.
set -e
# Check whether hashset $1 contains element $2.
hashset_contains() {
	case "$1" in
		*"#$2#"*) return 0 ;;
		*) return 1 ;;
	esac
}
log() {
	if [ "$VERBOSE" = 1 ]; then
		echo "$*"
	fi
}
ROOT=${DPKG_ROOT:-}
VERBOSE=0
NOACT=0
while [ $# -gt 0 ]; do
	case "$1" in
		--help)
			cat <<EOF
usage: $0 [options]
 --no-act    Do not move the actual update into place
 --verbose   Be more verbose
 --root DIR  Operate on the given chroot, defaults to /
EOF
			exit 0
		;;
		--no-act)
			NOACT=1
		;;
		--root)
			shift
			if [ "$#" -lt 1 ]; then
				echo "missing argument to --root" 1>&2
				exit 1
			fi
			ROOT=$1
		;;
		--verbose)
			VERBOSE=1
		;;
		*)
			echo "unrecognized option $1" 1>&2
			exit 1
		;;
	esac
	shift
done
PKG_DIR="$ROOT/usr/share/debianutils/shells.d"
STATE_FILE="$ROOT/var/lib/shells.state"
TEMPLATE_ETC_FILE="$ROOT/usr/share/debianutils/shells"
TARGET_ETC_FILE="$ROOT/etc/shells"
SOURCE_ETC_FILE="$TARGET_ETC_FILE"
NEW_ETC_FILE="$TARGET_ETC_FILE.tmp"
NEW_STATE_FILE="$STATE_FILE.tmp"
if ! test -e "$SOURCE_ETC_FILE"; then
	SOURCE_ETC_FILE="$TEMPLATE_ETC_FILE"
fi
PKG_SHELLS='#'
LC_COLLATE=C.UTF-8  # glob in reproducible order
for f in "$TEMPLATE_ETC_FILE" "$PKG_DIR/"*; do
	test -f "$f" || continue
	while IFS='#' read -r line _; do
		[ -n "$line" ] || continue
		PKG_SHELLS="$PKG_SHELLS$line#"
		realshell=$(dpkg-realpath --root "$ROOT" "$(dirname "$line")")/$(basename "$line")
		if [ "$line" != "$realshell" ]; then
			PKG_SHELLS="$PKG_SHELLS$realshell#"
		fi
	done < "$f"
done
STATE_SHELLS='#'
if [ -e "$STATE_FILE" ] ; then
	while IFS='#' read -r line _; do
		[ -n "$line" ] && STATE_SHELLS="$STATE_SHELLS$line#"
	done < "$STATE_FILE"
fi
cleanup() {
	rm -f "$NEW_ETC_FILE" "$NEW_STATE_FILE"
}
trap cleanup EXIT
: > "$NEW_ETC_FILE"
ETC_SHELLS='#'
while IFS= read -r line; do
	shell=${line%%#*}
	# copy all comment lines, packaged shells and local additions
	if [ -z "$shell" ] ||
			hashset_contains "$PKG_SHELLS" "$shell" ||
			! hashset_contains "$STATE_SHELLS" "$shell"; then
		if [ -z "$shell" ] || ! hashset_contains "$ETC_SHELLS" "$shell"; then
			echo "$line" >> "$NEW_ETC_FILE"
			ETC_SHELLS="$ETC_SHELLS$shell#"
		fi
	else
		log "removing shell $shell"
	fi
done < "$SOURCE_ETC_FILE"
: > "$NEW_STATE_FILE"
saved_IFS=$IFS
IFS='#'
set -f
# shellcheck disable=SC2086 # word splitting intended, globbing disabled
set -- ${PKG_SHELLS###}
set +f
IFS=$saved_IFS
for shell; do
	echo "$shell" >> "$NEW_STATE_FILE"
	# add shells that are neither already present nor locally removed
	if ! hashset_contains "$ETC_SHELLS" "$shell" &&
			! hashset_contains "$STATE_SHELLS" "$shell"; then
		echo "$shell" >> "$NEW_ETC_FILE"
		log "adding shell $shell"
	fi
done
if [ "$NOACT" = 0 ]; then
	if [ -e "$STATE_FILE" ]; then
		chmod --reference="${STATE_FILE}" "${NEW_STATE_FILE}" || chmod $(stat -c %a "${STATE_FILE}") "${NEW_STATE_FILE}"
		chown --reference="${STATE_FILE}" "${NEW_STATE_FILE}" || chown $(stat -c %U "${STATE_FILE}") "${NEW_STATE_FILE}"
	else
		chmod 0644 "$NEW_STATE_FILE"
	fi
	chmod --reference="${SOURCE_ETC_FILE}" "${NEW_ETC_FILE}" || chmod $(stat -c %a "${SOURCE_ETC_FILE}") "${NEW_ETC_FILE}"
	chown --reference="${SOURCE_ETC_FILE}" "${NEW_ETC_FILE}" || chown $(stat -c %U "${SOURCE_ETC_FILE}") "${NEW_ETC_FILE}"
	sync -d "$NEW_ETC_FILE" "$NEW_STATE_FILE"
	mv -Z "${NEW_ETC_FILE}" "${TARGET_ETC_FILE}" || mv "${NEW_ETC_FILE}" "${TARGET_ETC_FILE}"
	sync "$TARGET_ETC_FILE"
	sync "$(dirname "$TARGET_ETC_FILE")"
	mv "$NEW_STATE_FILE" "$STATE_FILE"
	sync "$STATE_FILE"
	sync "$(dirname "$STATE_FILE")"
	trap "" EXIT
fi