Merge pull request 'New customer software repository and small fixes' (#30) from unbrot/fedora-OEMDRV:main into main

Reviewed-on: #30

.gitignore

@@ -1,12 +1,14 @@
 .Trash*
 *.kdev4
 .kdev4/*
-client_software/.sync_*.db
+ks_pc_prof/*
-client_software/setup_system.conf
+ks.cfg
 config/*
 !config/README.md
 config.d/*.conf
 config.d/*.sys
 config.d/*.bak
-ks_pc_prof/*
+client_software/.sync_*.db
-ks.cfg
+client_software/setup_system.conf
+client_software_cust/*
+!client_software_cust/README.md

client_software/0010_kwallet/install.sh

@@ -18,13 +18,13 @@ echo "Setup KWallet Password- Service."
 
 #Check for root
 if [ "$EUID" -ne 0 ]; then
-    echo "Error: Script requires root. Please check if ${SCRIPTPATH}/${SCRIPTNAME} is in sudoers rules and if you are a member. And if executed via sudo."
+    echo "Error: Script requires root."
     exit 1
 fi
 
 #Check Token
 if [ "${DAVTOKEN_USER}." == "." ]; then
-    echo "Error: Script cannot be executed standalone and needs a prereserved Environment. Quit."
+    echo "Error: Script cannot be executed standalone and needs a prereserved environment from sync_client_software.sh. Quit."
     exit 1
 fi
 

client_software/0010_kwallet/user_run.sh

@@ -1,6 +1,13 @@
 #!/bin/bash
 # Restart and test Kwallet- Service
 
+#Check Token
+if [ "${DAVTOKEN_USER}." == "." ]; then
+    echo "Error: Script cannot be executed standalone and needs a prereserved environment from sync_client_software.sh. Quit."
+    exit 1
+fi
+
+
 # Vars
 WALLETAPPID="sys_config_wallet_script"
 WALLETNAME="kdewallet"

client_software/0110_nextcloud_talk_app/install.sh

@@ -7,7 +7,13 @@
 
 #Check for root
 if [ "$EUID" -ne 0 ]; then
-    echo "Error: Script requires root. Please check if ${SCRIPTPATH}/${SCRIPTNAME} is in sudoers rules and if you are a member. And if executed via sudo."
+    echo "Error: Script requires root."
+    exit 1
+fi
+
+#Check Token
+if [ "${DAVTOKEN_USER}." == "." ]; then
+    echo "Error: Script cannot be executed standalone and needs a prereserved environment from sync_client_software.sh. Quit."
     exit 1
 fi
 

client_software/README.md

@@ -1,7 +1,9 @@
-Central Software installation script Repository
+# Pre installed software installation script repository
-Must be executed from script ../sync_client_software.sh
 
-The install script here will check for the right environment, and execute the install.sh script in each directory.
+Contains Packages to install and setup at user logon first.
+Each package is in one directory and may include two scripts which will be called from user logon script:
 
-Be sure to name the directories to get sorted the right way.
+- install.sh - will be called with root- privileges to install software or other administrative tasks
-E.g. you may use all base installations with directories beginning with numbers < 0100 and all additional apps with numbers > 0100
+- user_run.sh - will get executed after all admins scripts had been executed in user context to setup user configs ad data
+
+The execution will be sorted by directory name.

client_software/install.sh

@@ -2,51 +2,12 @@
 # SPDX-FileCopyrightText: Daniel Pätzold
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
-# Central sofwareinstallation script. Should be called from ""/sys_config/system_setup/sync_client_software.sh install"
+# Obsolete Script
-# If P1 is given, only installs will be executed, that are containing the P1 string in their dirname
+# Will get removed completely, its only here to advise the user to update and rerun the logon_script
 #
-if [ "$EUID" -ne 0 ] || [ "$SUDO_USER." == "." ]; then
-    echo "Error: Script requires root privileges and a sudo environment."
-    exit 1
-fi
 
-#Check Token
+echo " ==================== "
-if [ "${DAVTOKEN_USER}." == "." ]; then
+echo "Obsolete Script $0 called. Please update via git (should have been done already, check above!) and rerun the logon_script by relogon again."
-    echo "Error: Script cannot be executed standalone and needs a prereserved environement from logon-script."
+echo "This Message should disappear then. Press any key to continue."
-    echo "To get executed without password prompt, use the NOPASSWD rule in sudo. In FreeIPA you can use the sudo-option !authenticate in the sudo rule."
-    echo "Additionally add the sudo command to the rule: ^\/sys_config\/system_setup\/sync_client_software\.sh.*$"
-    echo "Press any key to continue" && read -n 1 -s -r && exit 1
-fi
-
-echo "Installing additional Software."
-for DIR in $(ls -d ${CLIENT_SOFTWARE_DST}/*/ | sort);     # list directories in the form "/tmp/dirname/"
-do
-    DIR=${DIR%*/}      # remove the trailing "/"
-    if [[ "$1." != "." ]] && [[ "${DIR}" != *"$1"* ]]; then
-      #search for string in dir
-      echo "Skipping ${DIR} while not in search parameter ( $1 )."
-      continue
-    fi
-    if [ -f "${DIR}/install.sh" ]; then
-        echo "*** ==================== ***"
-        echo "*** Installing ${DIR##*/} ***" # print everything after the final "/"
-        cd ${DIR}
-        ${DIR}/install.sh
-        if [ $? -ne 0 ]; then
-          echo "*** ==================== ***"
-          echo "Some Error in script, will not continue. Please check."
-          echo "Press any key to continue."
 read -n 1 -s -r
-          cd ${SCRIPTPATH}
 exit 1
-        fi
-        echo "*** ==================== ***"
-    fi
-done
-cd ${SCRIPTPATH}
-
-#Last, remove unused Flatpak- Runtimes and unused Data
-echo "Removing unused Flatpak- Data."
-flatpak uninstall --unused -y
-su -c "flatpak uninstall --delete-data -y" $SUDO_USER
-echo "Sucessfully Installed Software."

client_software/user_run.sh

@@ -2,43 +2,12 @@
 # SPDX-FileCopyrightText: Daniel Pätzold
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
-# Running user scripts after install (as user, not root)
+# Obsolete Script
-# If P1 is given, only scripts will be executed, that are containing the P1 string in their dirname
+# Will get removed completely, its only here to advise the user to update and rerun the logon_script
 #
 
-#Check Token
+echo " ==================== "
-if [ "${DAVTOKEN_USER}." == "." ]; then
+echo "Obsolete Script $0 called. Please update via git (should have been done already, check above!) and rerun the logon_script by relogon again."
-    echo "Error: Script cannot be executed standalone and needs a prereserved environement from logon-script."
+echo "This Message should disappear then. Press any key to continue."
-    echo "Press any key to continue" && read -n 1 -s -r && exit 1
-fi
-
-echo "Running user scripts in software."
-for DIR in $(ls -d ${CLIENT_SOFTWARE_DST}/*/ | sort);     # list directories in the form "/tmp/dirname/"
-do
-    DIR=${DIR%*/}      # remove the trailing "/"
-    if [[ "$1." != "." ]] && [[ "${DIR}" != *"$1"* ]]; then
-      #search for string in dir
-      echo "Skipping ${DIR} while not in search parameter ( $1 )."
-      continue
-    fi
-    if [ -f "${DIR}/user_run.sh" ]; then
-        echo "*** ==================== ***"
-        echo "*** Running ${DIR##*/} ***" # print everything after the final "/"
-        cd ${DIR}
-        ${DIR}/user_run.sh
-        if [ $? -ne 0 ]; then
-          echo "*** ==================== ***"
-          echo "Some Error in script, will not continue. Please check."
-          echo "Press any key to continue."
 read -n 1 -s -r
-          cd ${SCRIPTPATH}
 exit 1
-        fi
-        echo "*** ==================== ***"
-    fi
-done
-echo "Completed user scripts in software."
-
-cd ${SCRIPTPATH}
-exit 0
-

client_software_cust/README.md

@@ -0,0 +1,14 @@
+# Companys Software Repository
+
+This Repository contains the software of you company, which is delivered by your company admins.
+All files here despite this README ar not traked by git and are not part of installation packages.
+Your Company is completely free to add files to it.
+Your Company is encouraged to setup its own git repository
+
+The scripts will be run at logon time after the scripts of the predefined software has been installed.
+Each package is in one directory and may include two scripts which will be called from user logon script:
+
+- install.sh - will be called with root- privileges to install software or other administrative tasks
+- user_run.sh - will get executed after all admins scripts had been executed in user context to setup user configs ad data
+
+The execution will be sorted by directory name.

config.d/README.md

@@ -1,4 +1,4 @@
 # Local config Files
 
-You may have .conf files in here, which will be not be touched by anything and will be sourced by the scripts to overwrite any of the settings in setup_system.conf.dist
+You may have SYSTEM specific .conf files in here, which will be not be touched by anything and will be sourced by the scripts to overwrite any of the settings in setup_system.conf.dist.
-The syntax should be same as setup_system.conf.dist
+Don't use this folder for special settings of your company. It is only for the PC itself if it is configured in another way as all others. The syntax should be same as setup_system.conf.dist

system_setup/config.dist/setup_system.conf.dist

@@ -31,8 +31,13 @@ fi
 export FQDN=${HOSTNM}.${DOMAIN}
 
 #Additional Client-Software- Repository-Folder in Nextcloud (Shared Folder / Systemwide)
-export CLIENT_SOFTWARE_DST="/opt/sys_config/client_software" # Optional. If you don't have a Folder that should always be synced, leave this empty
+export CLIENT_SOFTWARE_CUST_DST="${SYSCONFIGPATH}/client_software_cust" # Required. Must not be changed!
-export CLIENT_SOFTWARE_SRC="/Shared/sw_geteilt/client_software" Set to the Nextcloud directory where the software should come from
+export CLIENT_SOFTWARE_CUST_SRC="/Shared/sw_geteilt/client_software_cust" # Set to the Nextcloud directory where the software should come from
+
+# OBSOLETE / OLD Variables for packaged files under client_software. Those files will not be synced to NC any more!
+# if still set, they will cause sync to complain about it
+unset CLIENT_SOFTWARE_DST
+unset CLIENT_SOFTWARE_SRC
 
 #Secure File Encryption
 #Needs a running KRA- Service on FreeIPA

system_setup/logon_script.sh

@@ -1,4 +1,4 @@
-#!/usr/bin/env sh
+#!/usr/bin/env bash
 # SPDX-FileCopyrightText: Daniel Pätzold
 # SPDX-License-Identifier: AGPL-3.0-or-later
 #
@@ -57,8 +57,9 @@ fi
 # Mount the private Directory
 elog_add_command "${SYSCONFIGPATH}/system_setup/mount_ecrypt_home.sh"
 if [ $? -ne 0 ]; then
-    elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available."
+    elog_add "Some Error when running/mounting private Directory, cannot continue. Your Data will not be available."
-    elog_add "The script was searched by SYSCONFIGPATH in directory ${SYSCONFIGPATH}, please check if your setup is correct."
+    elog_add "If the File was not found: The mount script was searched in directory ${SYSCONFIGPATH} which is defined by SYSCONFIGPATH in your config."
+    elog_add "Please check if your setup is correct."
     elog_add "If you want to redo this script here, execute ${SCRIPTPATH}/${SCRIPTNAME}"
     echo "Press any key to continue" && read -n 1 -s -r && exit 1
 fi
@@ -66,7 +67,7 @@ fi
 #Get WEBDAV TOKEN from Nextcloud
 get_nc_token
 if [ $? -ne 0 ]; then
-    elog_add "Some Error when mounting private Directory, cannot continue. Your Data will not be available."
+    elog_add "Some Error when getting WEBDAV token. Cannot continue. Your Data will not be available."
     echo "Press any key to continue" && read -n 1 -s -r && exit 1
 fi
 elog_add "Successfully obtained Token for User ${DAVTOKEN_USER}"
@@ -78,6 +79,20 @@ elog_add "Update and install client software"
 #Set global to enable git
 git config --global --add safe.directory /opt/sys_config
 
+# Pre check for old configuration parameters, will be removed in the future
+if [ ! -z "${CLIENT_SOFTWARE_DST}" ] || [ ! -z "${CLIENT_SOFTWARE_SRC}" ]; then
+    elog_add " ===================="
+    elog_add ""
+    elog_add "WARNING: Your company/setup has still CLIENT_SOFTWARE_DST or CLIENT_SOFTWARE_SRC set."
+    elog_add "These parameters are obsolete and must be removed! The new parameters are CLIENT_SOFTWARE_CUST_DST and CLIENT_SOFTWARE_CUST_SRC"
+    elog_add "as the software repository has been split into customer software and distributed software."
+    elog_add "Please try to relog first. If this problem reoccures, contact your system admins to correct it."
+    elog_add "Will continue with the new path. Press any key to continue."
+    elog_add ""
+    elog_add " ===================="
+    read -n 1 -s -r
+fi
+
 # First, check the sudo rule
 elog_add "Check the matching client rule:"
 #Somewhat strange "sudo -l" will *sometimes* ask for password instead of just checking if the rule can be found, so it needs -n to be silent
@@ -114,10 +129,8 @@ else
         # Rule seems to be ok, executing script
         elog_add "Matching Sudo rule found."
         elog_add ""
-        elog_add "Running client software sync..."
+        elog_add "Running ${SYSCONFIGPATH}/system_setup/sync_client_software.sh"
         elog_add_command "/usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install $1"
-        #ERRTXT=$( { /usr/bin/sudo -n --preserve-env ${SYSCONFIGPATH}/system_setup/sync_client_software.sh install > >(tee -a ${LOGFILE}); } 2>&1 )
-        #ERR=$?
         if [[ $RETNO -ne 0 ]]; then
             elog_add "Errorcode was $RETNO"
             elog_add "Error executing software sync and install, please check your output!"
@@ -125,18 +138,84 @@ else
         fi
     fi
 fi
-echo ""
 
 #Anyway run user scripts if existent
-elog_add_command "${CLIENT_SOFTWARE_DST}/user_run.sh $1"
+elog_add "Running user setup scripts in user- context."
+#1. Run the scripts, that are delivered by the package maintainers
+elog_add "Pre installed user setup scripts"
+for DIR in $(ls -d ${SYSCONFIGPATH}/client_software/*/ | sort);     # list directories in the form "/tmp/dirname/"
+do
+    DIR=${DIR%*/}      # remove the trailing "/"
+    if [[ "$1." != "." ]] && [[ "${DIR}" != *"$1"* ]]; then
+      #search for string in dir
+      elog_add "Skipping ${DIR} while not in search parameter ( $1 )."
+      continue
+    fi
+    if [ -f "${DIR}/user_run.sh" ]; then
+        elog_add " >>> Running ${DIR}/user_run.sh"
+        cd ${DIR}
+        elog_add_command "${DIR}/user_run.sh"
         if [ $? -ne 0 ]; then
+          elog_add " ===================="
+          elog_add "Some Error in script, will not continue. Please check."
+          elog_add "Press any key to continue."
+          read -n 1 -s -r
           exit 1
         fi
+        elog_add " ===================="
+    fi
+done
+elog_add "Done running pre installed user setup scripts"
+
+#2. Run the scripts, that are delivered by the package maintainers
+# To run scripts, the tepository path must always be set right (but maybe empty, which is fine)
+if [ "${CLIENT_SOFTWARE_CUST_DST}" != "${SYSCONFIGPATH}/client_software_cust" ]; then
+    echo "Error in config: Required parameter CLIENT_SOFTWARE_CUST_DST is missing or set wrong."
+    echo "Please relog and if the problem reoccures, contact your system admins to correct the Values."
+    read -n 1 -s -r -p "Press any key to continue"
+else
+  elog_add "Running company delivered user setup scripts in ${CLIENT_SOFTWARE_CUST_DST}"
+  for DIR in $(ls -d ${CLIENT_SOFTWARE_CUST_DST}/*/ | sort);     # list directories in the form "/tmp/dirname/"
+  do
+    DIR=${DIR%*/}      # remove the trailing "/"
+    if [[ "$1." != "." ]] && [[ "${DIR}" != *"$1"* ]]; then
+      #search for string in dir
+      elog_add "Skipping ${DIR} while not in search parameter ( $1 )."
+      continue
+    fi
+    if [ -f "${DIR}/user_run.sh" ]; then
+        elog_add " >>> Running ${DIR}/user_run.sh"
+        cd ${DIR}
+        elog_add_command "${DIR}/user_run.sh"
+        if [ $? -ne 0 ]; then
+          elog_add " ===================="
+          elog_add "Some Error in script, will not continue. Please check."
+          elog_add "Press any key to continue."
+          read -n 1 -s -r
+          exit 1
+        fi
+        elog_add " ===================="
+    fi
+  done
+  elog_add "Done running company user setup scripts"
+fi
+elog_add "Completed user setup scripts."
 elog_add  ""
 
+# Remove unused flatpak user installed software and data
+flatpak uninstall --unused -y --user
+flatpak uninstall --delete-data -y
+
 #SYNC Firefox + Thunderbird Profile
-${SYSCONFIGPATH}/system_setup/mozilla_starter.sh firefox sync && ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh thunderbird sync
+if [ ! -z "${PROFILE_FIREFOX_SRC}" ]; then
+    ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh firefox sync
+fi
+if [ $? -eq 0 ] && [ ! -z "${PROFILE_TB_SRC}" ]; then
+    ${SYSCONFIGPATH}/system_setup/mozilla_starter.sh thunderbird sync
+    if [ $? -eq 0 ]; then
         elog_add "Successfully synced Mozilla profiles (log in another file)."
+    fi
+fi
 
 elog_add "Sucessfully run logon script (Wait 3 seconds)"
 sleep 3

system_setup/sync_client_software.sh

@@ -73,6 +73,16 @@ else
 fi
 echo ""
 
+# Before running sync or software installs, restore the rights to all filles.
+# They must be owned by root, changeable by admingroup and readable by otherusers (we are root, so we can change!)
+# user_run.sh must also be executable by users
+chown root:${CLIENTADMINGROUP} -R ${SYSCONFIGPATH}
+chmod ug+rwX,o=rX -R ${SYSCONFIGPATH}
+
+#Make all install.sh executable
+find ${SYSCONFIGPATH}/client_software -type f -name install.sh -exec chmod ug+x,o-x {} \;
+find ${SYSCONFIGPATH}/client_software -type f -name user_run.sh -exec chmod ugo+x {} \;
+
 # At first, sync central configs if they are configured to be synced
 if [[ ! -z "${DISTCONFIGPATH_SRC}" ]]; then
     echo "Synced config path was found, doing remote sync."
@@ -130,16 +140,52 @@ if [[ ! -z "${DISTCONFIGPATH_SRC}" ]]; then
     fi
 fi
 
-#Check if Repository is defined
+echo "Running install scripts in admin- context."
-if [ "${CLIENT_SOFTWARE_DST}." == "." ]; then
+# Run pre installed scripts in client_software
-    echo "No central softwarerepository defined (CLIENT_SOFTWARE_DST). Skipping sync."
+echo "Running pre installed install scripts in admin- context."
+for DIR in $(ls -d ${SYSCONFIGPATH}/client_software/*/ | sort); do
+  DIR=${DIR%*/}      # remove the trailing "/"
+  if [[ "$2." != "." ]] && [[ "${DIR}" != *"$2"* ]]; then
+    #search for string in dir
+    echo "Skipping ${DIR} while not in search parameter ( $2 )."
+    continue
+  fi
+  if [ -f "${DIR}/install.sh" ]; then
+    echo " ===================="
+    echo " >>> Running ${DIR}/install.sh"
+    cd ${DIR}
+    ${DIR}/install.sh
+    if [ $? -ne 0 ]; then
+      echo " ===================="
+      echo "Some Error in script, will not continue. Please check."
+      echo "Press any key to continue."
+      read -n 1 -s -r
+      exit 1
+    fi
+    echo " ===================="
+  fi
+done
+echo "Done running pre installed install scripts in admin- context."
+echo
+
+# To run scripts, the repository path must always be set right (but maybe empty, which is fine)
+if [ "${CLIENT_SOFTWARE_CUST_DST}" != "${SYSCONFIGPATH}/client_software_cust" ]; then
+    echo "Error in config: Required parameter CLIENT_SOFTWARE_CUST_DST is missing or set wrong."
+    echo "Please relog and if the problem reoccures, contact your system admins to correct the Values."
+    read -n 1 -s -r -p "Press any key to continue"
+    echo
+    exit 1
 else
   # Then, sync all client_software-files
-  if [[ ! -z "${CLIENT_SOFTWARE_SRC}" ]]; then
+  if [[ -z "${CLIENT_SOFTWARE_CUST_SRC}" ]]; then
-    echo "Syncing central softwarerepository ${CLIENT_SOFTWARE_DST}"
+    echo "No customer software sync is defined, skipping sync"
+    echo "${CLIENT_SOFTWARE_CUST_DST} with ${CLIENT_SOFTWARE_CUST_SRC}"
+    echo
+  else
+    echo "Syncing customer software repository ${CLIENT_SOFTWARE_CUST_DST}"
     # Create Directory if not existent
-    mkdir -p ${CLIENT_SOFTWARE_DST}
+    mkdir -p ${CLIENT_SOFTWARE_CUST_DST}
-    SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_SRC} ${CLIENT_SOFTWARE_DST} https://${SERVERFQDN_NC}"
+    SYNCCMD="sudo -i /usr/bin/flatpak run --branch=stable --arch=x86_64 --command=nextcloudcmd com.nextcloud.desktopclient.nextcloud -h -u ${DAVTOKEN_USER} -p ${DAVTOKEN_PASS} --path ${CLIENT_SOFTWARE_CUST_SRC} ${CLIENT_SOFTWARE_CUST_DST} https://${SERVERFQDN_NC}"
     SYNCCMD_HIDDENPW=$( echo "${SYNCCMD/${DAVTOKEN_PASS}/***HIDDEN***}" )
     echo "Exec: ${SYNCCMD_HIDDENPW}"
     echo "Sync Client Software"
@@ -156,22 +202,53 @@ else
     fi
     echo "Sucessfully synced."
   fi
-  echo ""
+  echo
 
-  # After sync again, restore the rights to all filles. They must be owned by root, changeable by admingroup and readable by otherusers (we are root, so we can change!)
+  # After Snc NC is not able to set permission the right way (like execution flag)
+  # So this need to be done again for new files coming in via sync
+  # we do it either with or without sync for better safety
   chown root:${CLIENTADMINGROUP} -R ${SYSCONFIGPATH}
   chmod ug+rwX,o=rX -R ${SYSCONFIGPATH}
-  #Make all install.sh executable
-  find ${CLIENT_SOFTWARE_DST} -type f -name install.sh -exec chmod ugo+x {} \;
 
-  #Run Software setup
+  #Make all install.sh executable
-  echo "Running Setup of Software"
+  find ${SYSCONFIGPATH}/client_software -type f -name install.sh -exec chmod ug+x,o-x {} \;
-  if [ $1 == "install" ]; then
+  find ${SYSCONFIGPATH}/client_software -type f -name user_run.sh -exec chmod ugo+x {} \;
-    ${CLIENT_SOFTWARE_DST}/install.sh $2
+  find ${SYSCONFIGPATH}/client_software_cust -type f -name install.sh -exec chmod ug+x,o-x {} \;
+  find ${SYSCONFIGPATH}/client_software_cust -type f -name user_run.sh -exec chmod ugo+x {} \;
+
+  #Run customer setup
+  if [ ! -z "${CLIENT_SOFTWARE_CUST_DST}" ]; then
+    echo "Running company install scripts in admin- context."
+    for DIR in $(ls -d ${CLIENT_SOFTWARE_CUST_DST}/*/ | sort); do
+      DIR=${DIR%*/}      # remove the trailing "/"
+      if [[ "$2." != "." ]] && [[ "${DIR}" != *"$2"* ]]; then
+        #search for string in dir
+        echo "Skipping ${DIR} while not in search parameter ( $2 )."
+        continue
+      fi
+      if [ -f "${DIR}/install.sh" ]; then
+        echo " ===================="
+        echo " >>> Running ${DIR}/install.sh"
+        cd ${DIR}
+        ${DIR}/install.sh
         if [ $? -ne 0 ]; then
+          echo " ===================="
+          echo "Some Error in script, will not continue. Please check."
+          echo "Press any key to continue."
+          read -n 1 -s -r
           exit 1
         fi
+        echo " ===================="
+      fi
+    done
+    echo "Done running company install scripts in admin- context."
   fi
 fi
+
+#Last, remove unused Flatpak- Runtimes and unused Data
+echo "Removing unused Flatpak- Data."
+flatpak uninstall --unused -y
+
+echo "Done running install scripts in admin- context."
 echo ""
 exit 0