From 0067c7ebfdb3fe4c41b022ae197d1fdacfd99332 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Daniel=20P=C3=A4tzold?= <obel1x@web.de>
Date: Sat, 28 Mar 2026 20:32:15 +0100
Subject: [PATCH] Make Logon accept search Parameter for install

---
 .../0005_kwallet/create-kwallet-file.sh       | 109 ------------------
 client_software/0005_kwallet/install.sh       |  31 -----
 .../install.sh                                |   0
 client_software/install.sh                    |   8 +-
 system_setup/logon_script.sh                  |   2 +-
 system_setup/sync_client_software.sh          |   2 +-
 6 files changed, 9 insertions(+), 143 deletions(-)
 delete mode 100755 client_software/0005_kwallet/create-kwallet-file.sh
 delete mode 100755 client_software/0005_kwallet/install.sh
 rename client_software/{0010_nextcloud_desktopclient => 0020_nextcloud_desktopclient}/install.sh (100%)

diff --git a/client_software/0005_kwallet/create-kwallet-file.sh b/client_software/0005_kwallet/create-kwallet-file.sh
deleted file mode 100755
index 84cd162..0000000
--- a/client_software/0005_kwallet/create-kwallet-file.sh
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/usr/bin/env bash
-# SPDX-FileCopyrightText: Daniel Pätzold
-# SPDX-License-Identifier: AGPL-3.0-or-later
-#
-# This Script
-#    Takes three args: WALLET_NAME, WALLET_PASSWORD, OPTIONAL_FILE_PATH
-#    Creates the wallet via qdbus (works without kwalletcli)
-#    If OPTIONAL_FILE_PATH is provided, creates the .kwl there and bind-mounts it to ~/.local/share/kwalletd5/.kwl so kwalletd5 reads/writes that file
-#    Avoids leaving the password exposed by using a file descriptor for qdbus where possible (note: qdbus API here still passes password argument)
-#eg run: ./create-kwallet-file.sh MyWallet "MyPass" /home/user/.my_kwallet/kwallet5.kwl
-#
-set -euo pipefail
-
-WALLET_NAME="${1:-}"
-WALLET_PASSWORD="${2:-}"
-TARGET_PATH="${3:-}"
-
-if [ -z "$WALLET_NAME" ] || [ -z "$WALLET_PASSWORD" ]; then
-  echo "Usage: $0 <wallet-name> <wallet-password> [target-file-path]"
-  exit 2
-fi
-
-# Ensure kwalletd6 is running
-if ! pgrep -x kwalletd6 >/dev/null 2>&1; then
-  nohup kwalletd6 >/dev/null 2>&1 &
-  sleep 1
-fi
-
-# Use qdbus to create the wallet
-if ! command -v qdbus-qt6 >/dev/null 2>&1; then
-  echo "qdbus required"
-  exit 3
-fi
-
-SERVICE="org.kde.kwalletd"
-PATH_DBUS="/modules/kwalletd6"
-APPID="create-kwallet-script-$$"
-
-HANDLE=$(qdbus-qt6 "$SERVICE" "$PATH_DBUS" org.kde.KWallet.open "$APPID" 0) || true
-# createWallet(walletName, password, winId)
-qdbus-qt6 "$SERVICE" "$PATH_DBUS" org.kde.KWallet.createWallet "$WALLET_NAME" "$WALLET_PASSWORD" 0
-
-echo "Not working until now, need to go further into things..."
-exit 0
-
-# Set default wallet in kwalletrc
-kwallet_cfg="$HOME/.config/kwalletrc"
-mkdir -p "$(dirname "$kwallet_cfg")"
-# Simple write/replace of DefaultWallet in [KDE Wallet]
-if ! grep -q "^\[KDE Wallet\]" "$kwallet_cfg" 2>/dev/null; then
-  printf "[KDE Wallet]\nDefaultWallet = %s\n" "$WALLET_NAME" >> "$kwallet_cfg"
-else
-  if grep -q "^\[KDE Wallet\]" "$kwallet_cfg" && grep -q "^DefaultWallet" "$kwallet_cfg"; then
-    sed -i "s/^DefaultWallet.*/DefaultWallet = $WALLET_NAME/" "$kwallet_cfg"
-  else
-    awk -v w="$WALLET_NAME" 'BEGIN{p=1} /^\[KDE Wallet\]/{print; print "DefaultWallet = " w; p=0; next} {print}' "$kwallet_cfg" > "$kwallet_cfg.tmp" && mv "$kwallet_cfg.tmp" "$kwallet_cfg"
-  fi
-fi
-
-# If a target file was given, arrange for kwalletd5 to use it
-if [ -n "$TARGET_PATH" ]; then
-  TARGET_DIR="$(dirname "$TARGET_PATH")"
-  mkdir -p "$TARGET_DIR"
-  touch "$TARGET_PATH"
-  chmod 600 "$TARGET_PATH"
-  chown "$(id -u):$(id -g)" "$TARGET_PATH"
-
-  KW_DIR="$HOME/.local/share/kwalletd6"
-  KW_FILE_NAME="$(basename "$TARGET_PATH")"
-  mkdir -p "$KW_DIR"
-
-  # Stop kwalletd5 before moving / mounting
-  pkill kwalletd6 || true
-  sleep 0.5
-
-  # Backup existing kwallet dir
-  if [ -e "$KW_DIR" ] && [ ! -L "$KW_DIR" ]; then
-    mv "$KW_DIR" "${KW_DIR}.bak" || true
-  fi
-  mkdir -p "$KW_DIR"
-
-  # If target is a directory path that contains a .kwl name, use that name; else use wallet name
-  if [[ "$KW_FILE_NAME" != *.kwl ]]; then
-    KW_FILE_NAME="${WALLET_NAME}.kwl"
-    TARGET_PATH="${TARGET_DIR}/${KW_FILE_NAME}"
-    touch "$TARGET_PATH"
-    chmod 600 "$TARGET_PATH"
-  fi
-
-  # Ensure target file exists
-  touch "$TARGET_PATH"
-  chmod 600 "$TARGET_PATH"
-
-  # Mount --bind the target file into kwalletd5 dir with the expected name
-  MOUNT_POINT="${KW_DIR}/${KW_FILE_NAME}"
-  mkdir -p "$(dirname "$MOUNT_POINT")"
-  # create placeholder if missing
-  touch "$MOUNT_POINT"
-  sudo mount --bind "$TARGET_PATH" "$MOUNT_POINT"
-
-  # Restart kwalletd5
-  nohup kwalletd6 &
-  sleep 1
-fi
-
-echo "Created wallet '$WALLET_NAME'."
-if [ -n "$TARGET_PATH" ]; then
-  echo "Wallet file bound to: $TARGET_PATH"
-fi
diff --git a/client_software/0005_kwallet/install.sh b/client_software/0005_kwallet/install.sh
deleted file mode 100755
index 39d9d26..0000000
--- a/client_software/0005_kwallet/install.sh
+++ /dev/null
@@ -1,31 +0,0 @@
-#!/usr/bin/env sh
-# SPDX-FileCopyrightText: Daniel Pätzold
-# SPDX-License-Identifier: AGPL-3.0-or-later
-#
-# Kwallet Setup to Secure Directory
-#
-# Kwallet5 will be used for storing passwords for most KDE- Applications, like for Nextcloud- Client, Talk app and many more.
-# Usually Kwallet will ask for a password to have good security in your file, but this will make Logon non Interactive.
-# We will setup a new walletfile into the encrypted Data-Directory and encrypt it with the IPA-Vault Password.
-#
-echo "Setup KWallet Password- Service."
-
-#Check for root
-if [ "$EUID" -ne 0 ]; then
-    echo "Error: Script requires root. Please check if ${SCRIPTPATH}/${SCRIPTNAME} is in sudoers rules and if you are a member. And if executed via sudo."
-    exit 1
-fi
-
-#Check Token
-if [ "${DAVTOKEN_USER}." == "." ]; then
-    echo "Error: Script cannot be executed standalone and needs a prereserved Environment. Quit."
-    exit 1
-fi
-
-#Local Vars
-#SYNCCMD="$BASECMD --userid ${DAVTOKEN_USER} --apppassword ${DAVTOKEN_PASS} --localdirpath ${CLIENT_DATA_DST} --remotedirpath ${CLIENT_DATA_SRC} --serverurl https://${SERVERFQDN_NC}"
-#SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )
-
-
-echo "Not implemented yet, skipping."
-exit 0
diff --git a/client_software/0010_nextcloud_desktopclient/install.sh b/client_software/0020_nextcloud_desktopclient/install.sh
similarity index 100%
rename from client_software/0010_nextcloud_desktopclient/install.sh
rename to client_software/0020_nextcloud_desktopclient/install.sh
diff --git a/client_software/install.sh b/client_software/install.sh
index 515e66d..843ebe0 100755
--- a/client_software/install.sh
+++ b/client_software/install.sh
@@ -3,6 +3,7 @@
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
 # Central sofwareinstallation script. Should be called from ""/sys_config/system_setup/sync_client_software.sh install"
+# If P1 is given, only installs will be executed, that are containing the P1 string in their dirname
 #
 if [ "$EUID" -ne 0 ] || [ "$SUDO_USER." == "." ]; then
     echo "Error: Script requires root privileges and a sudo environment."
@@ -18,9 +19,14 @@ if [ "${DAVTOKEN_USER}." == "." ]; then
 fi
 
 echo "Installing additional Software."
-for DIR in $(ls -d /${CLIENT_SOFTWARE_DST}/*/ | sort);     # list directories in the form "/tmp/dirname/"
+for DIR in $(ls -d ${CLIENT_SOFTWARE_DST}/*/ | sort);     # list directories in the form "/tmp/dirname/"
 do
     DIR=${DIR%*/}      # remove the trailing "/"
+    if [[ "$1." != "." ]] && [[ "${DIR}" != *"$1"* ]]; then
+      #search for string in dir
+      echo "Skipping ${DIR} while not in search parameter ( $1 )."
+      continue
+    fi
     if [ -f "${DIR}/install.sh" ]; then
         echo "*** ==================== ***"
         echo "*** Installing ${DIR##*/} ***" # print everything after the final "/"
diff --git a/system_setup/logon_script.sh b/system_setup/logon_script.sh
index 2c11ce6..97cf020 100755
--- a/system_setup/logon_script.sh
+++ b/system_setup/logon_script.sh
@@ -89,7 +89,7 @@ else
         elog_add "Matching Sudo rule found."
         elog_add ""
         elog_add "Running client software install..."
-        elog_add_command "/usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install"
+        elog_add_command "/usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install $1"
         #ERRTXT=$( { /usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install > >(tee -a ${LOGFILE}); } 2>&1 )
         #ERR=$?
         if [[ $RETNO -ne 0 ]]; then
diff --git a/system_setup/sync_client_software.sh b/system_setup/sync_client_software.sh
index 1593f92..072448f 100755
--- a/system_setup/sync_client_software.sh
+++ b/system_setup/sync_client_software.sh
@@ -72,7 +72,7 @@ if [ -f "${CLIENT_SOFTWARE_DST}/install.sh" ]; then
 fi
 echo "Sucessfully synced."
 if [ $1 == "install" ]; then
-    ${CLIENT_SOFTWARE_DST}/install.sh
+    ${CLIENT_SOFTWARE_DST}/install.sh $2
     if [ $? -ne 0 ]; then
         exit 1
     fi