make shellcheck happy and randomise mac address

bootstrap

@@ -26,12 +26,16 @@ get_value() {
         secure="s"
     fi
 
+    # shellcheck source=/dev/null
     . "$CONFIG"
+
     if [ -z "${!var_name}" ]; then
         local def_val="${default_values[$var_name]}"
         read -${secure}rp "$white$prompt [$def_val]:$nocolour " value
         
         echo "export $var_name=\"${value:-$def_val}\"" >> "$CONFIG"
+        
+        # shellcheck source=/dev/null
         . "$CONFIG"
     fi
 
@@ -147,7 +151,9 @@ set_fstab() {
     local install_dev
     install_dev="$(get_value "install_dev" "installation device")"
 
-    local boot_uuid="$(blkid | grep ${install_dev}p1 | awk '{print $2}')"
+    local boot_uuid
+    boot_uuid="$(blkid | grep "${install_dev}p1" | awk '{print $2}')"
+
     cat >/mnt/etc/fstab <<EOF
 tmpfs          /tmp  tmpfs defaults,nosuid,nodev 0    0
 $boot_uuid     /boot vfat  defaults              0    0    
@@ -164,7 +170,13 @@ set_boot_scr() {
     local boot_scr="/mnt/boot/boot.scr"
     local boot_txt_mine="/mnt/boot/boot.txt.mine"
 
-    local root_uuid="$(blkid | grep ${install_dev}p2 | awk '{print $2}' | sed 's/"//g')"
+    local mac
+    mac="$(echo -n "06"; dd bs=1 count=5 if=/dev/random 2>/dev/null | hexdump -v -e '/1 " %02X"' |  tr '[:upper:]' '[:lower:]')"
+
+    local root_uuid
+    root_uuid="$(blkid | grep "${install_dev}p2" | awk '{print $2}' | sed 's/"//g')"
+
+    sed -i "s/setenv macaddr.*/setenv macadr $mac/g" "$boot_txt"
 
     sed -i "s|root=PARTUUID=|root=/dev/void/root rd.auto=1 cryptdevice=${root_uuid}:lvm|g" "$boot_txt"
     cp "$boot_txt" "$boot_txt_mine"
@@ -350,7 +362,7 @@ cmd_loop() {
     while [[ "$cmd" != "exit" ]]; do
         read -rp "${white}>$nocolour " cmd
 
-        if [[ " ${commands[@]} " =~ " ${cmd} " ]]; then
+        if [[ "${commands[*]}" == *"${cmd}"* ]]; then
            $cmd 
         else
             if [ "$cmd" != "exit" ]; then  

mk_pbp_img

@@ -28,7 +28,7 @@ cleanup_mounts() {
 }
 
 check_tools() {
-    for tool in ${TOOLS[@]}; do 
+    for tool in "${TOOLS[@]}"; do 
         if ! command -v "$tool" &> /dev/null
         then
             echo "$tool could not be found"
@@ -65,8 +65,12 @@ build_img() {
     sudo ./mkplatformfs.sh -p "dracut lvm2 cryptsetup" -o "$platformfs_file" pinebookpro "$rootfs_file"
     sudo ./mkimage.sh -B 256MiB  -o "$img" "$platformfs_file"
 
+    # shellcheck disable=SC2024
+    # it is correct that the decompressed image is written as the unprivileged user
     sudo xz --decompress --stdout "$img.xz" > "$img"
-    local loop_dev="$(sudo losetup --show -f -P "$img")"
+
+    local loop_dev
+    loop_dev="$(sudo losetup --show -f -P "$img")"
 
     sudo mount "$loop_dev"p2 "$TMP_DIR_MOUNT"
     sudo mount "$loop_dev"p1 "$TMP_DIR_MOUNT"/boot
@@ -84,9 +88,9 @@ EOT
     cleanup_mounts
 
     mkdir -p "$OUT_DIR"
-    xz --threads=0 --compress --stdout "$img" > "$OUT_DIR/$(basename $img.xz)"
+    xz --threads=0 --compress --stdout "$img" > "$OUT_DIR/$(basename "$img.xz")"
     
-    echo "built pinebookpro image: $OUT_DIR/$(basename $img.xz)"
+    echo "built pinebookpro image: $OUT_DIR/$(basename "$img.xz")"
 }
 
 trap cleanup 0 SIGHUP SIGINT SIGQUIT SIGABRT SIGTERM