From e502f42fb8e2fca7c025db69b7b7d5f41548ec0a Mon Sep 17 00:00:00 2001 From: "Aaron D. Lee" Date: Sat, 3 Jan 2026 23:22:09 -0500 Subject: [PATCH] Add netplan WiFi cleanup to sanitize script MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Some RPi OS variants store WiFi credentials in /etc/netplan/*.yaml files, particularly NetworkManager-generated configs (90-NM-*.yaml). - Remove netplan WiFi configs during sanitization - Update validation to check netplan location - Covers wpa_supplicant, NetworkManager, and netplan now 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude Opus 4.5 --- rpi/sanitize-for-image.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/rpi/sanitize-for-image.sh b/rpi/sanitize-for-image.sh index 2a22f79..469d266 100755 --- a/rpi/sanitize-for-image.sh +++ b/rpi/sanitize-for-image.sh @@ -132,6 +132,18 @@ EOF fi done fi + + # Remove netplan WiFi configs (Ubuntu-based systems) + if [ -d /etc/netplan ]; then + for np in /etc/netplan/*.yaml; do + if [ -f "$np" ] && grep -q "wifis:" "$np" 2>/dev/null; then + rm -f "$np" + echo " Removed netplan: $(basename "$np")" + fi + done + # Also remove NM-generated netplan files (contain WiFi SSIDs) + rm -f /etc/netplan/90-NM-*.yaml 2>/dev/null && echo " Removed netplan NM configs" + fi fi # ============================================================================= @@ -346,6 +358,18 @@ if [ "$SOFT_RESET" = false ]; then fi done + # Check netplan + for np in /etc/netplan/*.yaml; do + if [ -f "$np" ] && grep -q "wifis:" "$np" 2>/dev/null; then + WIFI_FOUND=true + break + fi + done + # Check NM-generated netplan + if ls /etc/netplan/90-NM-*.yaml 1>/dev/null 2>&1; then + WIFI_FOUND=true + fi + if [ "$WIFI_FOUND" = true ]; then echo -e " ${RED}[FAIL]${NC} WiFi credentials still present" VALIDATION_ERRORS=$((VALIDATION_ERRORS + 1))