From 5e39e330b31eaf25d36157dd74e3f2a7cc9aa99a Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Fri, 23 Jan 2026 23:51:56 -0500 Subject: [PATCH 1/7] chore(wrapper): various adjustments including potential fix for singleton deletion --- build/trivalent.sh | 38 ++++++++++++++++++++------------------ 1 file changed, 20 insertions(+), 18 deletions(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index 3db90bea..80ac3c63 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -14,12 +14,6 @@ set -oue pipefail -# Exit immediately if run as root -if [ "$(id -u)" -eq 0 ]; then - echo "Trivalent must not be run as root." - exit 1 -fi - # Make filename expansion patterns (like *.conf) expand to nothing if no files match the pattern. shopt -s nullglob @@ -37,6 +31,12 @@ declare -rx WAYLAND_DISPLAY="${WAYLAND_DISPLAY:-}" ARCH="$(uname -m)" declare -r ARCH +# Exit immediately if run as root +if [ "$(id -u)" -eq 0 ]; then + echo "Trivalent must not be run as root." + exit 1 +fi + # enable hardware CFI feature # https://www.gnu.org/software/libc/manual/html_node/Hardware-Capability-Tunables.html if [[ "$ARCH" == "x86_64" ]]; then @@ -57,9 +57,6 @@ declare -rx CHROME_WRAPPER HERE="${CHROME_WRAPPER%/*}" declare -r HERE -# BROWSER_LOG_LEVEL=[0,1,2] -declare -ix BROWSER_LOG_LEVEL="${BROWSER_LOG_LEVEL:-0}" - # USE_VULKAN=[true,false] declare USE_VULKAN="${USE_VULKAN:-false}" @@ -77,6 +74,16 @@ if [[ -d "/etc/$CHROMIUM_NAME/$CHROMIUM_NAME.conf.d" ]]; then done fi +# BROWSER_LOG_LEVEL=[0,1,2] +declare -rix BROWSER_LOG_LEVEL="${BROWSER_LOG_LEVEL:-0}" + +function logecho () { + local -ri level=$1 + if [[ $BROWSER_LOG_LEVEL -ge $level ]]; then + echo "$2" + fi +} + # obtain chromium flags from system file # shellcheck source=build/trivalent.conf declare CHROMIUM_SYSTEM_FLAGS="" @@ -98,17 +105,12 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then /bin/bash /usr/lib64/trivalent/install_filter.sh fi -declare -i IS_BROWSER_RUNNING=0 -pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -Fq " --type=zygote" || IS_BROWSER_RUNNING=1 - # Fix Singleton process locking if the browser isn't running and the singleton files are present -if [[ $IS_BROWSER_RUNNING -eq 1 ]] && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then - if [[ "$BROWSER_LOG_LEVEL" -gt 0 ]]; then - echo "Ruh roh! This shouldn't be here..." - fi +if [[ -z "$(pgrep -ax -U $(id -ru) $CHROMIUM_NAME | grep -F ' --type=zygote')" ]] && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then + logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* -elif [[ "$BROWSER_LOG_LEVEL" -gt 0 ]]; then - echo "A process is already open in this directory or Singleton process files are not present." +else + logecho 1 "A process is already open in this directory or Singleton process files are not present." fi declare -r TMPFS_CACHE_DIR="/tmp/${CHROMIUM_NAME}_cache/" From d5328eb0119c9977ca02697e5144af654331fcb1 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Fri, 23 Jan 2026 23:53:54 -0500 Subject: [PATCH 2/7] Update trivalent.sh --- build/trivalent.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index 80ac3c63..63d0480a 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -28,15 +28,15 @@ declare -rx XAUTHORITY="${XAUTHORITY:-}" declare -rx DISPLAY="${DISPLAY:-}" declare -rx WAYLAND_DISPLAY="${WAYLAND_DISPLAY:-}" -ARCH="$(uname -m)" -declare -r ARCH - # Exit immediately if run as root if [ "$(id -u)" -eq 0 ]; then echo "Trivalent must not be run as root." exit 1 fi +ARCH="$(uname -m)" +declare -r ARCH + # enable hardware CFI feature # https://www.gnu.org/software/libc/manual/html_node/Hardware-Capability-Tunables.html if [[ "$ARCH" == "x86_64" ]]; then From 467b15f32cbdc29e24f0871fd20542c5c25c9bf6 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Sat, 24 Jan 2026 00:09:56 -0500 Subject: [PATCH 3/7] Update trivalent.sh --- build/trivalent.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index 63d0480a..d68d0709 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -106,7 +106,7 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then fi # Fix Singleton process locking if the browser isn't running and the singleton files are present -if [[ -z "$(pgrep -ax -U $(id -ru) $CHROMIUM_NAME | grep -F ' --type=zygote')" ]] && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then +if ! pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -F " --type=zygote" > /dev/null && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* else From 1f6770e17bb1f916b22b78d5cb052eae81414045 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Sat, 24 Jan 2026 00:13:00 -0500 Subject: [PATCH 4/7] Update trivalent.sh --- build/trivalent.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index d68d0709..98ed95e6 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -106,7 +106,7 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then fi # Fix Singleton process locking if the browser isn't running and the singleton files are present -if ! pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -F " --type=zygote" > /dev/null && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then +if ! pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -Fq " --type=zygote" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* else From b4d16d205afd67e1d77656bdedb8418fd084d121 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Tue, 27 Jan 2026 00:13:00 -0500 Subject: [PATCH 5/7] fix: more consistent process detection --- build/trivalent.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index 98ed95e6..5a6b5372 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -106,7 +106,7 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then fi # Fix Singleton process locking if the browser isn't running and the singleton files are present -if ! pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -Fq " --type=zygote" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then +if ! ps -U $(id -ru) | grep "$CHROMIUM_NAME" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* else From aa6d23e3973ebf79c1bf6ce7a5de6b04e6881453 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Tue, 27 Jan 2026 00:15:01 -0500 Subject: [PATCH 6/7] Update trivalent.sh --- build/trivalent.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index 5a6b5372..cc443623 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -106,7 +106,7 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then fi # Fix Singleton process locking if the browser isn't running and the singleton files are present -if ! ps -U $(id -ru) | grep "$CHROMIUM_NAME" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then +if ! ps -U "$(id -ru)" | grep -Fq "$CHROMIUM_NAME" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* else From d43d9bf6dd0abd30dfe9b4ceea39a0c770ddc4e9 Mon Sep 17 00:00:00 2001 From: Rootkit404 <175176948+RKNF404@users.noreply.github.com> Date: Wed, 4 Feb 2026 23:07:20 -0500 Subject: [PATCH 7/7] Update trivalent.sh --- build/trivalent.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build/trivalent.sh b/build/trivalent.sh index cc443623..a9e34739 100755 --- a/build/trivalent.sh +++ b/build/trivalent.sh @@ -12,7 +12,7 @@ # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and limitations under the License. -set -oue pipefail +set -ue # Make filename expansion patterns (like *.conf) expand to nothing if no files match the pattern. shopt -s nullglob @@ -106,7 +106,7 @@ if [[ -f "/usr/lib64/trivalent/install_filter.sh" ]] ; then fi # Fix Singleton process locking if the browser isn't running and the singleton files are present -if ! ps -U "$(id -ru)" | grep -Fq "$CHROMIUM_NAME" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then +if ! pgrep -ax -U "$(id -ru)" "$CHROMIUM_NAME" | grep -Fq " --type=zygote" && compgen -G "$HOME/.config/$CHROMIUM_NAME/Singleton*" > /dev/null; then logecho 1 "Ruh roh! This shouldn't be here..." rm "$HOME/.config/$CHROMIUM_NAME/Singleton"* else