root/archboot
1
0
Fork 0
mirror of https://gitlab.archlinux.org/tpowa/archboot.git synced 2024-09-20 03:50:37 +02:00
Code Issues Projects Releases Packages Wiki Activity

split bootloader.sh into pieces

Browse source
This commit is contained in:
Tobias Powalowski 2023-08-19 14:45:23 +02:00
parent 251050b7a0
commit 3b8d2fef15
12 changed files with 1024 additions and 1041 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
usr/bin/archboot-setup.sh
View file

@ -10,6 +10,15 @@ LANG=C
. /usr/lib/archboot/installer/quicksetup.sh
. /usr/lib/archboot/installer/blockdevices.sh
. /usr/lib/archboot/installer/bootloader.sh
. /usr/lib/archboot/installer/bootloader_grub.sh
. /usr/lib/archboot/installer/bootloader_limine.sh
. /usr/lib/archboot/installer/bootloader_sb.sh
. /usr/lib/archboot/installer/bootloader_systemd_boot.sh
. /usr/lib/archboot/installer/bootloader_refind.sh
. /usr/lib/archboot/installer/bootloader_uboot.sh
. /usr/lib/archboot/installer/bootloader_uki.sh
. /usr/lib/archboot/installer/bootloader_pacman_hooks.sh
. /usr/lib/archboot/installer/bootloader_systemd_services.sh
. /usr/lib/archboot/installer/btrfs.sh
. /usr/lib/archboot/installer/configuration.sh
. /usr/lib/archboot/installer/mountpoints.sh

1062
usr/lib/archboot/installer/bootloader.sh
View file

File diff suppressed because it is too large Load diff

454
usr/lib/archboot/installer/bootloader_grub.sh Normal file
View file

@ -0,0 +1,454 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
# freeze and unfreeze xfs, as hack for grub(2) installing
_freeze_xfs() {
sync
if [[ -x /usr/bin/xfs_freeze ]]; then
if grep "${_DESTDIR}/boot " /proc/mounts | grep -q " xfs "; then
xfs_freeze -f "${_DESTDIR}"/boot &>"${_NO_LOG}"
xfs_freeze -u "${_DESTDIR}"/boot &>"${_NO_LOG}"
fi
if grep "${_DESTDIR} " /proc/mounts | grep -q " xfs "; then
xfs_freeze -f "${_DESTDIR}" &>"${_NO_LOG}"
xfs_freeze -u "${_DESTDIR}" &>"${_NO_LOG}"
fi
fi
}
_grub_common_before() {
##### Check whether the below limitations still continue with ver 2.00~beta4
### Grub(2) restrictions:
## - Encryption is not recommended for grub(2) /boot!
_BOOTDEV=""
_FAIL_COMPLEX=""
_RAID_ON_LVM=""
_common_bootloader_checks
_abort_f2fs_bootpart || return 1
if [[ ! -d "${_DESTDIR}/usr/lib/grub" ]]; then
_PACKAGES="grub"
_run_pacman | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Installing package(s):\n${_PACKAGES}..." 7 75 0
_pacman_error
fi
if [[ ! -f "${_DESTDIR}/usr/share/grub/ter-u16n.pf2" ]]; then
_PACKAGES=terminus-font
_run_pacman | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Installing package(s):\n${_PACKAGES}..." 7 75 0
_pacman_error
fi
}
_grub_config() {
_chroot_mount
_GRUB_PROBE="chroot ${_DESTDIR} grub-probe"
_BOOTDEV_FS_UUID="$(${_GRUB_PROBE} --target="fs_uuid" "/boot" 2>"${_NO_LOG}")"
_BOOTDEV_FS_LABEL="$(${_GRUB_PROBE} --target="fs_label" "/boot" 2>"${_NO_LOG}")"
_BOOTDEV_HINTS_STRING="$(${_GRUB_PROBE} --target="hints_string" "/boot" 2>"${_NO_LOG}")"
_BOOTDEV_FS="$(${_GRUB_PROBE} --target="fs" "/boot" 2>"${_NO_LOG}")"
_BOOTDEV_DRIVE="$(${_GRUB_PROBE} --target="drive" "/boot" 2>"${_NO_LOG}")"
_ROOTDEV_FS_UUID="$(${_GRUB_PROBE} --target="fs_uuid" "/" 2>"${_NO_LOG}")"
_ROOTDEV_HINTS_STRING="$(${_GRUB_PROBE} --target="hints_string" "/" 2>"${_NO_LOG}")"
_ROOTDEV_FS="$(${_GRUB_PROBE} --target="fs" "/" 2>"${_NO_LOG}")"
_USRDEV_FS_UUID="$(${_GRUB_PROBE} --target="fs_uuid" "/usr" 2>"${_NO_LOG}")"
_USRDEV_HINTS_STRING="$(${_GRUB_PROBE} --target="hints_string" "/usr" 2>"${_NO_LOG}")"
_USRDEV_FS="$(${_GRUB_PROBE} --target="fs" "/usr" 2>"${_NO_LOG}")"
if [[ -n "${_GRUB_UEFI}" ]]; then
_UEFISYSDEV_FS_UUID="$(${_GRUB_PROBE} --target="fs_uuid" "/${_UEFISYS_MP}" 2>"${_NO_LOG}")"
_UEFISYSDEV_HINTS_STRING="$(${_GRUB_PROBE} --target="hints_string" "/${_UEFISYS_MP}" 2>"${_NO_LOG}")"
fi
_chroot_umount
if [[ "${_ROOTDEV_FS_UUID}" == "${_BOOTDEV_FS_UUID}" ]]; then
_SUBDIR="/boot"
# on btrfs we need to check on subvol
if mount | grep "${_DESTDIR} " | grep btrfs | grep -q subvol; then
_SUBDIR="/$(btrfs subvolume show "${_DESTDIR}/" | grep Name | cut -c 11-60)"/boot
fi
if mount | grep "${_DESTDIR}/boot " | grep btrfs | grep -q subvol; then
_SUBDIR="/$(btrfs subvolume show "${_DESTDIR}/boot" | grep Name | cut -c 11-60)"
fi
else
_SUBDIR=""
# on btrfs we need to check on subvol
if mount | grep "${_DESTDIR}/boot " | grep btrfs | grep -q subvol; then
_SUBDIR="/$(btrfs subvolume show "${_DESTDIR}/boot" | grep Name | cut -c 11-60)"
fi
fi
if [[ -n "${_UCODE}" ]]; then
_INITRD_UCODE="${_SUBDIR}/${_UCODE}"
fi
## Move old config file, if any
if [[ -n "${_UEFI_SECURE_BOOT}" ]]; then
_GRUB_CFG="grub${_SPEC_UEFI_ARCH}.cfg"
else
_GRUB_CFG="grub.cfg"
fi
[[ -f "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}" ]] && (mv "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}" "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}.bak" || true)
## Ignore if the insmod entries are repeated - there are possibilities of having /boot in one disk and root-fs in altogether different disk
## with totally different configuration.
cat << EOF > "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
# Include modules - required for boot
insmod part_gpt
insmod part_msdos
insmod fat
insmod ${_BOOTDEV_FS}
insmod ${_ROOTDEV_FS}
insmod ${_USRDEV_FS}
insmod search_fs_file
insmod search_fs_uuid
insmod search_label
insmod linux
insmod chain
set pager=1
# set debug="all"
set locale_dir="\${prefix}/locale"
EOF
[[ -n "${_USE_RAID}" ]] && echo "insmod raid" >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
[[ -n "${_RAID_ON_LVM}" ]] && echo "insmod lvm" >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
#shellcheck disable=SC2129
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
if [ -e "\${prefix}/\${grub_cpu}-\${grub_platform}/all_video.mod" ]; then
insmod all_video
else
if [ "\${grub_platform}" == "efi" ]; then
insmod efi_gop
insmod efi_uga
fi
if [ "\${grub_platform}" == "pc" ]; then
insmod vbe
insmod vga
fi
insmod video_bochs
insmod video_cirrus
fi
insmod font
search --fs-uuid --no-floppy --set=usr_part ${_USRDEV_HINTS_STRING} ${_USRDEV_FS_UUID}
search --fs-uuid --no-floppy --set=root_part ${_ROOTDEV_HINTS_STRING} ${_ROOTDEV_FS_UUID}
if [ -e "\${prefix}/fonts/ter-u16n.pf2" ]; then
set _fontfile="\${prefix}/fonts/ter-u16n.pf2"
else
if [ -e "(\${root_part})/usr/share/grub/ter-u16n.pf2" ]; then
set _fontfile="(\${root_part})/usr/share/grub/ter-u16n.pf2"
else
if [ -e "(\${usr_part})/share/grub/ter-u16n.pf2" ]; then
set _fontfile="(\${usr_part})/share/grub/ter-u16n.pf2"
fi
fi
fi
if loadfont "\${_fontfile}" ; then
insmod gfxterm
set gfxmode="auto"
terminal_input console
terminal_output gfxterm
fi
EOF
[[ -e "/tmp/.device-names" ]] && sort "/tmp/.device-names" >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
if [[ "${_NAME_SCHEME_PARAMETER}" == "PARTUUID" ]] || [[ "${_NAME_SCHEME_PARAMETER}" == "FSUUID" ]] ; then
_GRUB_ROOT_DRIVE="search --fs-uuid --no-floppy --set=root ${_BOOTDEV_HINTS_STRING} ${_BOOTDEV_FS_UUID}"
else
if [[ "${_NAME_SCHEME_PARAMETER}" == "PARTLABEL" ]] || [[ "${_NAME_SCHEME_PARAMETER}" == "FSLABEL" ]] ; then
_GRUB_ROOT_DRIVE="search --label --no-floppy --set=root ${_BOOTDEV_HINTS_STRING} ${_BOOTDEV_FS_LABEL}"
else
_GRUB_ROOT_DRIVE="set root=${_BOOTDEV_DRIVE}"
fi
fi
if [[ -n "${_GRUB_UEFI}" ]]; then
_LINUX_UNMOD_COMMAND="linux ${_SUBDIR}/${_VMLINUZ} ${_KERNEL_PARAMS_MOD}"
else
_LINUX_UNMOD_COMMAND="linux ${_SUBDIR}/${_VMLINUZ} ${_KERNEL_PARAMS_MOD}"
fi
_LINUX_MOD_COMMAND=$(echo "${_LINUX_UNMOD_COMMAND}" | sed -e 's# # #g' | sed -e 's# # #g')
## create default kernel entry
_NUMBER=0
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
# (${_NUMBER}) Arch Linux
menuentry "Arch Linux" {
set gfxpayload="keep"
${_GRUB_ROOT_DRIVE}
${_LINUX_MOD_COMMAND}
initrd ${_INITRD_UCODE} ${_SUBDIR}/${_INITRAMFS}
}
EOF
_NUMBER=$((_NUMBER+1))
if [[ "${_RUNNING_ARCH}" == "x86_64" ]]; then
if [[ -n "${_UEFI_BOOT}" ]]; then
_NUMBER=$((_NUMBER+1))
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
if [ "\${grub_platform}" == "efi" ]; then
if [ "\${grub_cpu}" == "x86_64" ]; then
## (${_NUMBER}) Microsoft Windows 10/11 via x86_64 UEFI
#menuentry Microsoft Windows 10/11 x86_64 UEFI-GPT {
# insmod part_gpt
# insmod fat
# insmod search_fs_uuid
# insmod chain
# search --fs-uuid --no-floppy --set=root ${_UEFISYSDEV_HINTS_STRING} ${_UEFISYSDEV_FS_UUID}
# chainloader /EFI/Microsoft/Boot/bootmgfw.efi
#}
fi
fi
EOF
else
_NUMBER=$((_NUMBER+1))
## TODO: Detect actual Windows installation if any
## create example file for windows
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
if [ "\${grub_platform}" == "pc" ]; then
## (${_NUMBER}) Microsoft Windows 10/11 BIOS
#menuentry Microsoft Windows 10/11 BIOS-MBR {
# insmod part_msdos
# insmod ntfs
# insmod search_fs_uuid
# insmod ntldr
# search --fs-uuid --no-floppy --set=root <FS_UUID of Windows SYSTEM Partition>
# ntldr /bootmgr
#}
fi
EOF
fi
fi
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
if [ "\${grub_platform}" == "efi" ]; then
menuentry "UEFI Firmware Setup" {
fwsetup
}
fi
EOF
cat << EOF >> "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
menuentry "Reboot System" {
reboot
}
menuentry "Poweroff System" {
halt
}
EOF
## copy ter-u16n.pf2 font file
[[ -d ${_DESTDIR}/${_GRUB_PREFIX_DIR}/fonts ]] || mkdir -p "${_DESTDIR}/${_GRUB_PREFIX_DIR}/fonts"
cp -f "${_DESTDIR}/usr/share/grub/ter-u16n.pf2" "${_DESTDIR}/${_GRUB_PREFIX_DIR}/fonts/ter-u16n.pf2"
## Edit grub.cfg config file
_dialog --msgbox "You must now review the GRUB(2) configuration file.\n\nYou will now be put into the editor.\nAfter you save your changes, exit the editor." 8 55
_geteditor || return 1
"${_EDITOR}" "${_DESTDIR}/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
}
_grub_install_bios() {
# freeze and unfreeze xfs filesystems to enable grub(2) installation on xfs filesystems
_freeze_xfs
_chroot_mount
chroot "${_DESTDIR}" grub-install \
--directory="/usr/lib/grub/i386-pc" \
--target="i386-pc" \
--boot-directory="/boot" \
--recheck \
--debug \
"${_BOOTDEV}" &>"/tmp/grub_bios_install.log"
cat "/tmp/grub_bios_install.log" >>"${_LOG}"
_chroot_umount
rm /.archboot
}
_grub_bios() {
touch /.archboot
_grub_install_bios &
_progress_wait "11" "99" "Setting up GRUB(2) BIOS..." "0.15"
_progress "100" "Setting up GRUB(2) BIOS completed."
sleep 2
}
_grub_bios() {
_grub_common_before
# try to auto-configure GRUB(2)...
_check_bootpart
# check if raid, raid partition, or device devicemapper is used
if echo "${_BOOTDEV}" | grep -q /dev/md || echo "${_BOOTDEV}" | grep -q /dev/mapper; then
# boot from lvm, raid, partitioned and raid devices is supported
_FAIL_COMPLEX=""
if cryptsetup status "${_BOOTDEV}"; then
# encryption devices are not supported
_FAIL_COMPLEX=1
fi
fi
if [[ -z "${_FAIL_COMPLEX}" ]]; then
# check if mapper is used
if echo "${_BOOTDEV}" | grep -q /dev/mapper; then
_RAID_ON_LVM=""
#check if mapper contains a md device!
for devpath in $(pvs -o pv_name --noheading); do
if echo "${devpath}" | grep -v "/dev/md.p" | grep -q /dev/md; then
_DETECTEDVOLUMEGROUP="$(pvs -o vg_name --noheading "${devpath}")"
if echo /dev/mapper/"${_DETECTEDVOLUMEGROUP}"-* | grep -q "${_BOOTDEV}"; then
# change _BOOTDEV to md device!
_BOOTDEV=$(pvs -o pv_name --noheading "${devpath}")
_RAID_ON_LVM=1
break
fi
fi
done
fi
#check if raid is used
_USE_RAID=""
if echo "${_BOOTDEV}" | grep -q /dev/md; then
_USE_RAID=1
fi
fi
# A switch is needed if complex ${_BOOTDEV} is used!
# - LVM and RAID ${_BOOTDEV} needs the MBR of a device and cannot be used itself as ${_BOOTDEV}
# - grub BIOS install to partition is not supported
_DEVS="$(_findbootloaderdisks _)"
if [[ -z "${_DEVS}" ]]; then
_dialog --msgbox "No storage drives were found" 0 0
return 1
fi
#shellcheck disable=SC2086
_dialog --title " Grub Boot Device " --no-cancel --menu "" 14 55 7 ${_DEVS} 2>"${_ANSWER}" || return 1
_BOOTDEV=$(cat "${_ANSWER}")
if [[ "$(${_BLKID} -p -i -o value -s PTTYPE "${_BOOTDEV}")" == "gpt" ]]; then
_CHECK_BIOS_BOOT_GRUB=1
_RUN_CFDISK=""
_DISK="${_BOOTDEV}"
_check_gpt
else
if [[ -z "${_FAIL_COMPLEX}" ]]; then
_dialog --defaultno --yesno "Warning:\nSetup detected no GUID (gpt) partition table.\n\nGrub(2) has only space for approx. 30k core.img file. Depending on your setup, it might not fit into this gap and fail.\n\nDo you really want to install GRUB(2) to a msdos partition table?" 0 0 || return 1
fi
fi
if [[ -n "${_FAIL_COMPLEX}" ]]; then
_dialog --msgbox "Error:\nGRUB(2) cannot boot from ${_BOOTDEV}, which contains /boot!\n\nPossible error sources:\n- encrypted devices are not supported" 0 0
return 1
fi
_grub_bios | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Setting up GRUB(2) BIOS..." 6 75 0
mkdir -p "${_DESTDIR}/boot/grub/locale"
cp -f "${_DESTDIR}/usr/share/locale/en@quot/LC_MESSAGES/grub.mo" "${_DESTDIR}/boot/grub/locale/en.mo"
if [[ -e "${_DESTDIR}/boot/grub/i386-pc/core.img" ]]; then
_GRUB_PREFIX_DIR="/boot/grub"
_grub_config || return 1
_pacman_hook_grub_bios
_dialog --title " Success " --no-mouse --infobox "GRUB(2) BIOS has been installed successfully." 3 55
sleep 3
_S_BOOTLOADER=1
else
_dialog --msgbox "Error installing GRUB(2) BIOS.\nCheck /tmp/grub_bios_install.log for more info.\n\nYou probably need to install it manually by chrooting into ${_DESTDIR}.\nDon't forget to bind mount /dev and /proc into ${_DESTDIR} before chrooting." 0 0
return 1
fi
}
_grub_install_uefi() {
chroot "${_DESTDIR}" grub-install \
--directory="/usr/lib/grub/${_GRUB_ARCH}-efi" \
--target="${_GRUB_ARCH}-efi" \
--efi-directory="/${_UEFISYS_MP}" \
--bootloader-id="grub" \
--boot-directory="/boot" \
--no-nvram \
--recheck \
--debug &> "/tmp/grub_uefi_${_UEFI_ARCH}_install.log"
cat "/tmp/grub_uefi_${_UEFI_ARCH}_install.log" >>"${_LOG}"
rm /.archboot
}
_grub_install_uefi_sb() {
### Hint: https://src.fedoraproject.org/rpms/grub2/blob/rawhide/f/grub.macros#_407
# add -v for verbose
if [[ "${_RUNNING_ARCH}" == "aarch64" ]]; then
${_NSPAWN} grub-mkstandalone -d /usr/lib/grub/"${_GRUB_ARCH}"-efi -O "${_GRUB_ARCH}"-efi --sbat=/usr/share/grub/sbat.csv --modules="all_video boot btrfs cat configfile cryptodisk echo efi_gop efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd chain tpm" --fonts="ter-u16n" --locales="en@quot" --themes="" -o "/${_GRUB_PREFIX_DIR}/grub${_SPEC_UEFI_ARCH}.efi" "boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
elif [[ "${_RUNNING_ARCH}" == "x86_64" ]]; then
### In case grub will be broken!
#_dialog --no-mouse --infobox "Pacman is running...\n\nInstalling grub-2:2.06.r533.g78bc9a9b2-1 to ${_DESTDIR}...\n\nCheck ${_VC} console (ALT-F${_VC_NUM}) for progress..." 8 70
# fix broken grub with last working version:
# https://lists.gnu.org/archive/html/grub-devel/2023-06/msg00121.html
#if [[ -e "${_LOCAL_DB}" ]]; then
# cp "/var/cache/pacman/pkg/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst" "${_DESTDIR}"
# cp "/var/cache/pacman/pkg/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst.sig" "${_DESTDIR}"
#else
# ${_DLPROG} "https://archboot.com/src/grub/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst" -P "${_DESTDIR}"
# ${_DLPROG} "https://archboot.com/src/grub/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst.sig" -P "${_DESTDIR}"
#fi
#${_NSPAWN} pacman -U --noconfirm /grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst >>"${_LOG}"
#rm "${_DESTDIR}/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst"
#rm "${_DESTDIR}/grub-2:2.06.r533.g78bc9a9b2-1-x86_64.pkg.tar.zst.sig"
#_dialog --no-mouse --infobox "grub-2:2.06.r533.g78bc9a9b2-1 has been installed successfully.\nContinuing in 5 seconds..." 4 70
#sleep 5
${_NSPAWN} grub-mkstandalone -d /usr/lib/grub/"${_GRUB_ARCH}"-efi -O "${_GRUB_ARCH}"-efi --sbat=/usr/share/grub/sbat.csv --modules="all_video boot btrfs cat configfile cryptodisk echo efi_gop efi_uga efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd backtrace chain tpm usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard" --fonts="ter-u16n" --locales="en@quot" --themes="" -o "/${_GRUB_PREFIX_DIR}/grub${_SPEC_UEFI_ARCH}.efi" "boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}"
fi
rm /.archboot
}
_setup_grub_uefi() {
if [[ -n "${_UEFI_SECURE_BOOT}" ]]; then
_progress "50" "Installing fedora's shim and mokmanager..."
sleep 2
# install fedora shim
[[ -d ${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT ]] || mkdir -p "${_DESTDIR}"/"${_UEFISYS_MP}"/EFI/BOOT
cp -f /usr/share/archboot/bootloader/shim"${_SPEC_UEFI_ARCH}".efi "${_DESTDIR}"/"${_UEFISYS_MP}"/EFI/BOOT/BOOT"${_UEFI_ARCH}".EFI
cp -f /usr/share/archboot/bootloader/mm"${_SPEC_UEFI_ARCH}".efi "${_DESTDIR}"/"${_UEFISYS_MP}"/EFI/BOOT/
_progress "100" "Installing fedora's shim and mokmanager completed."
sleep 2
else
## Install GRUB
_progress "10" "Setting up GRUB(2) UEFI..."
_chroot_mount
touch /.archboot
_grub_install_uefi &
_progress_wait "11" "99" "Setting up GRUB(2) UEFI..." "0.1"
_chroot_umount
_progress "100" "Setting up GRUB(2) UEFI completed."
sleep 2
fi
_GRUB_UEFI=1
}
_setup_grub_uefi_sb() {
if [[ -n "${_UEFI_SECURE_BOOT}" ]]; then
_progress "10" "Setting up GRUB(2) UEFI Secure Boot..."
# generate GRUB with config embeded
#remove existing, else weird things are happening
[[ -f "${_DESTDIR}/${_GRUB_PREFIX_DIR}/grub${_SPEC_UEFI_ARCH}.efi" ]] && rm "${_DESTDIR}"/"${_GRUB_PREFIX_DIR}"/grub"${_SPEC_UEFI_ARCH}".efi
touch /.archboot
_grub_install_uefi_sb &
_progress_wait "11" "99" "Setting up GRUB(2) UEFI Secure Boot..." "0.1"
_progress "100" "Setting up GRUB(2) UEFI Secure Boot completed."
sleep 2
fi
}
_grub_uefi() {
_GRUB_UEFI=""
_uefi_common || return 1
[[ "${_UEFI_ARCH}" == "X64" ]] && _GRUB_ARCH="x86_64"
[[ "${_UEFI_ARCH}" == "IA32" ]] && _GRUB_ARCH="i386"
[[ "${_UEFI_ARCH}" == "AA64" ]] && _GRUB_ARCH="arm64"
if [[ -n "${_UEFI_SECURE_BOOT}" ]]; then
_GRUB_PREFIX_DIR="${_UEFISYS_MP}/EFI/BOOT"
else
_GRUB_PREFIX_DIR="boot/grub"
fi
_grub_common_before
_setup_grub_uefi | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Setting up GRUB(2) UEFI..." 6 75 0
_grub_config || return 1
_setup_grub_uefi_sb | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Setting up GRUB(2) UEFI Secure Boot..." 6 75 0
if [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/grub/grub${_SPEC_UEFI_ARCH}.efi" && -z "${_UEFI_SECURE_BOOT}" && -e "${_DESTDIR}/boot/grub/${_GRUB_ARCH}-efi/core.efi" ]]; then
_BOOTMGR_LABEL="GRUB"
_BOOTMGR_LOADER_PATH="/EFI/grub/grub${_SPEC_UEFI_ARCH}.efi"
_uefi_bootmgr_setup
_pacman_hook_grub_uefi
mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
cp -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/grub/grub${_SPEC_UEFI_ARCH}.efi" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
_dialog --title " Success " --no-mouse --infobox "GRUB(2) for ${_UEFI_ARCH} UEFI has been installed successfully." 3 60
sleep 3
_S_BOOTLOADER=1
elif [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/grub${_SPEC_UEFI_ARCH}.efi" && -n "${_UEFI_SECURE_BOOT}" ]]; then
_secureboot_keys || return 1
_mok_sign
_pacman_sign
_pacman_hook_grub_sb
_BOOTMGR_LABEL="SHIM with GRUB Secure Boot"
_BOOTMGR_LOADER_PATH="/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
_uefi_bootmgr_setup
_dialog --title " Success " --no-mouse --infobox "SHIM and GRUB(2) Secure Boot for ${_UEFI_ARCH} has been installed successfully." 3 75
sleep 3
_S_BOOTLOADER=1
else
_dialog --msgbox "Error installing GRUB(2) for ${_UEFI_ARCH} UEFI.\nCheck /tmp/grub_uefi_${_UEFI_ARCH}_install.log for more info.\n\nYou probably need to install it manually by chrooting into ${_DESTDIR}.\nDon't forget to bind mount /dev, /sys and /proc into ${_DESTDIR} before chrooting." 0 0
return 1
fi
}

93
usr/lib/archboot/installer/bootloader_limine.sh Normal file
View file

@ -0,0 +1,93 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_limine_common() {
if [[ ! -f "${_DESTDIR}/usr/bin/limine" ]]; then
_PACKAGES="limine"
_run_pacman | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Installing package(s):\n${_PACKAGES}..." 7 75 0
_pacman_error
fi
}
_limine_config() {
cat << CONFEOF > "${_LIMINE_CONFIG}"
TIMEOUT=5
:Arch Linux
PROTOCOL=linux
KERNEL_PATH=boot://${_KERNEL}
CMDLINE=${_KERNEL_PARAMS_MOD}
CONFEOF
if [[ -n "${_INITRD_UCODE}" ]]; then
echo "MODULE_PATH=boot://${_INITRD_UCODE}" >> "${_LIMINE_CONFIG}"
fi
echo "MODULE_PATH=boot://${_INITRD}" >> "${_LIMINE_CONFIG}"
## Edit limine.cfg config file
_dialog --msgbox "You will now be put into the editor to edit:\nlimine.cfg\n\nAfter you save your changes, exit the editor." 8 50
_geteditor || return 1
"${_EDITOR}" "${_LIMINE_CONFIG}"
}
_limine_bios() {
_BOOTDEV=""
_limine_common
_common_bootloader_checks
_check_bootpart
if ! ${_LSBLK} FSTYPE "${_BOOTDEV}" 2>"${_NO_LOG}" | grep -q "ext"; then
_dialog --title " ERROR " --no-mouse --infobox "LIMINE BIOS can only boot from ext2/3/4 partition with /boot on it." 3 70
return 1
fi
_dialog --no-mouse --infobox "Setting up LIMINE BIOS now..." 3 60
_LIMINE_CONFIG="${_DESTDIR}/boot/limine.cfg"
_KERNEL="${_SUBDIR}/${_VMLINUZ}"
_INITRD="${_SUBDIR}/${_INITRAMFS}"
if [[ -n "${_UCODE}" ]]; then
_INITRD_UCODE="${_SUBDIR}/${_UCODE}"
fi
_limine_config
_geteditor
_PARENT_BOOTDEV="$(${_LSBLK} PKNAME "${_BOOTDEV}")"
_chroot_mount
cp "${_DESTDIR}/usr/share/limine/limine-bios.sys" "${_DESTDIR}/boot/"
if chroot "${_DESTDIR}" limine bios-install "${_PARENT_BOOTDEV}" &>"${_LOG}"; then
_pacman_hook_limine_bios
_dialog --title " Success " --no-mouse --infobox "LIMINE BIOS has been setup successfully." 3 50
sleep 3
_S_BOOTLOADER=1
else
_dialog --title " ERROR " --msgbox "Setting up LIMINE BIOS failed." 5 40
fi
_chroot_umount
}
_limine_uefi() {
_limine_common
_dialog --no-mouse --infobox "Setting up LIMINE now..." 3 60
[[ -d "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT" ]] || mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/"
cp -f "${_DESTDIR}/usr/share/limine/BOOT${_UEFI_ARCH}.EFI" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/LIMINE${_UEFI_ARCH}.EFI"
_LIMINE_CONFIG="${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/limine.cfg"
_KERNEL="/${_KERNEL}"
_INITRD="/${_INITRD}"
if [[ -n "${_INITRD_UCODE}" ]]; then
_INITRD_UCODE="/${_INITRD_UCODE}"
fi
_limine_config
if [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/LIMINE${_UEFI_ARCH}.EFI" ]]; then
_BOOTMGR_LABEL="LIMINE"
_BOOTMGR_LOADER_PATH="/EFI/BOOT/LIMINE${_UEFI_ARCH}.EFI"
_uefi_bootmgr_setup
mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
cp -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/LIMINE${_UEFI_ARCH}.EFI" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
sleep 2
_efistub_copy_to_efisys | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Copying kernel, ucode and initramfs to EFI SYSTEM PARTITION now..." 6 75 0
_pacman_hook_limine_uefi
_dialog --title " Success " --no-mouse --infobox "LIMINE has been setup successfully." 3 50
sleep 3
_S_BOOTLOADER=1
else
_dialog --title " ERROR " --msgbox "Setting up LIMINE failed." 5 40
fi
}

130
usr/lib/archboot/installer/bootloader_pacman_hooks.sh Normal file
View file

@ -0,0 +1,130 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_pacman_hook_common() {
cat << EOF > "${_HOOKNAME}"
[Trigger]
Type = Package
Operation = Upgrade
Target = ${1}
[Action]
EOF
}
_pacman_hook_systemd_bootd() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-systemd-bootd.hook"
_pacman_hook_common systemd
cat << EOF >> "${_HOOKNAME}"
Description = Gracefully upgrading systemd-boot...
When = PostTransaction
Exec = /usr/bin/systemctl restart systemd-boot-update.service
EOF
_dialog --title " Automatic SYSTEMD-BOOT Update " --no-mouse --infobox "Automatic SYSTEMD-BOOT update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_limine_bios() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-limine-bios.hook"
_pacman_hook_common limine
cat << EOF >> "${_HOOKNAME}"
Description = Update Limine after upgrade...
When = PostTransaction
Exec = /usr/bin/sh -c "/usr/bin/cp /usr/share/limine/limine-bios.sys /boot/; /usr/bin/limine bios-install '${_PARENT_BOOTDEV}'"
EOF
_dialog --title " Automatic LIMINE BIOS Update " --no-mouse --infobox "Automatic LIMINE BIOS update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_limine_uefi() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-limine-uefi.hook"
_pacman_hook_common limine
cat << EOF >> "${_HOOKNAME}"
Description = Update Limine after upgrade...
When = PostTransaction
Exec = /usr/bin/sh -c "/usr/bin/cp /usr/share/limine/BOOT${_UEFI_ARCH}.EFI /${_UEFISYS_MP}/EFI/BOOT/;\
/usr/bin/cp /usr/share/limine/BOOT${_UEFI_ARCH}.EFI /${_UEFISYS_MP}/EFI/BOOT/LIMINE${_UEFI_ARCH}.EFI"
EOF
_dialog --title " Automatic LIMINE Update " --no-mouse --infobox "Automatic LIMINE update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_refind() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-refind.hook"
_pacman_hook_common refind
cat << EOF >> "${_HOOKNAME}"
Description = Update rEFInd after upgrade...
When = PostTransaction
Exec = /usr/bin/sh -c "/usr/bin/cp /usr/share/refind/refind_${_SPEC_UEFI_ARCH}.efi /${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI;cp /usr/share/refind/refind_${_SPEC_UEFI_ARCH}.efi /${_UEFISYS_MP}/EFI/refind/"
EOF
_dialog --title " Automatic rEFInd Update " --no-mouse --infobox "Automatic rEFInd update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_grub_bios() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-grub-bios.hook"
_pacman_hook_common grub
cat << EOF >> "${_HOOKNAME}"
Description = Update GRUB after upgrade...
When = PostTransaction
Exec = /usr/bin/sh -c "grub-install --directory='/usr/lib/grub/i386-pc' --target='i386-pc' --boot-directory='/boot' --recheck '${_BOOTDEV}'"
EOF
_dialog --title " Automatic GRUB Update " --no-mouse --infobox "Automatic GRUB BIOS update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_grub_uefi() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-grub-uefi.hook"
_pacman_hook_common grub
cat << EOF >> "${_HOOKNAME}"
Description = Update GRUB after upgrade...
When = PostTransaction
Exec = /usr/bin/sh -c "grub-install --directory='/usr/lib/grub/${_GRUB_ARCH}-efi' --target='${_GRUB_ARCH}-efi' --efi-directory='/${_UEFISYS_MP}' --bootloader-id='grub' --boot-directory='/boot' --no-nvram --recheck"
EOF
_dialog --title " Automatic GRUB Update " --no-mouse --infobox "Automatic GRUB update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_hook_grub_sb() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-grub-uefi-sb.hook"
_pacman_hook_common grub
cat << EOF >> "${_HOOKNAME}"
Description = Update GRUB UEFI SB after upgrade...
When = PostTransaction
EOF
if [[ "${_RUNNING_ARCH}" == "aarch64" ]]; then
cat << EOF >> "${_HOOKNAME}"
Exec = /usr/bin/sh -c "/usr/bin/grub-mkstandalone -d '/usr/lib/grub/${_GRUB_ARCH}-efi' -O '${_GRUB_ARCH}-efi' --sbat=/usr/share/grub/sbat.csv --modules='all_video boot btrfs cat configfile cryptodisk echo efi_gop efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd chain tpm' --fonts='ter-u16n' --locales='en@quot' --themes='' -o '/${_GRUB_PREFIX_DIR}grub${_SPEC_UEFI_ARCH}.efi' 'boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}';/usr/bin/sbsign --key '/${_KEYDIR}/MOK/MOK.key' --cert '/${_KEYDIR}/MOK/MOK.crt' --output '/${_UEFI_BOOTLOADER_DIR}/grub${_SPEC_UEFI_ARCH}.efi' '/${_UEFI_BOOTLOADER_DIR}/grub${_SPEC_UEFI_ARCH}.efi'"
EOF
elif [[ "${_RUNNING_ARCH}" == "x86_64" ]]; then
cat << EOF >> "${_HOOKNAME}"
Exec = /usr/bin/sh -c "/usr/bin/grub-mkstandalone -d '/usr/lib/grub/${_GRUB_ARCH}-efi' -O '${_GRUB_ARCH}-efi' --sbat=/usr/share/grub/sbat.csv --modules='all_video boot btrfs cat configfile cryptodisk echo efi_gop efi_uga efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd backtrace chain tpm usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard' --fonts='ter-u16n' --locales='en@quot' --themes='' -o '/${_GRUB_PREFIX_DIR}grub${_SPEC_UEFI_ARCH}.efi' 'boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}';/usr/bin/sbsign --key '/${_KEYDIR}/MOK/MOK.key' --cert '/${_KEYDIR}/MOK/MOK.crt' --output '/${_UEFI_BOOTLOADER_DIR}/grub${_SPEC_UEFI_ARCH}.efi' '/${_UEFI_BOOTLOADER_DIR}/grub${_SPEC_UEFI_ARCH}.efi'"
EOF
fi
_dialog --title " Automatic GRUB UEFI SB Update " --no-mouse --infobox "Automatic GRUB UEFI SB update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_pacman_sign() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-sign_kernel_for_secureboot.hook"
_pacman_hook_common linux
cat << EOF >> "${_HOOKNAME}"
Description = Signing kernel with Machine Owner Key for Secure Boot
When = PostTransaction
Exec = /usr/bin/find /boot/ -maxdepth 1 -name 'vmlinuz-*' -exec /usr/bin/sh -c 'if ! /usr/bin/sbverify --list {} 2>"${_NO_LOG}" | /usr/bin/grep -q "signature certificates"; then /usr/bin/sbsign --key /${_KEYDIR}/MOK/MOK.key --cert /${_KEYDIR}/MOK/MOK.crt --output {} {}; fi' ;
Depends = sbsigntools
Depends = findutils
Depends = grep
EOF
_dialog --title " Automatic Signing " --no-mouse --infobox "Automatic signing has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}

54
usr/lib/archboot/installer/bootloader_refind.sh Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_refind_uefi() {
if [[ ! -f "${_DESTDIR}/usr/bin/refind-install" ]]; then
_PACKAGES="refind"
_run_pacman | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Installing package(s):\n${_PACKAGES}..." 7 75 0
_pacman_error
fi
_dialog --no-mouse --infobox "Setting up rEFInd now..." 3 60
[[ -d "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind" ]] || mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/"
cp -f "${_DESTDIR}/usr/share/refind/refind_${_SPEC_UEFI_ARCH}.efi" "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/"
cp -r "${_DESTDIR}/usr/share/refind/icons" "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/"
cp -r "${_DESTDIR}/usr/share/refind/fonts" "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/"
cp -r "${_DESTDIR}/usr/share/refind/drivers_${_SPEC_UEFI_ARCH}" "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/"
_REFIND_CONFIG="${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/refind.conf"
cat << CONFEOF > "${_REFIND_CONFIG}"
timeout 20
use_nvram false
resolution 1024 768
scanfor manual,internal,external,optical,firmware
menuentry "Arch Linux" {
icon /EFI/refind/icons/os_arch.png
loader /${_KERNEL}
CONFEOF
if [[ -n "${_INITRD_UCODE}" ]]; then
echo " initrd /${_INITRD_UCODE}" >> "${_REFIND_CONFIG}"
fi
cat << CONFEOF >> "${_REFIND_CONFIG}"
initrd /${_INITRD}
options "${_KERNEL_PARAMS_MOD}"
}
CONFEOF
if [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/refind_${_SPEC_UEFI_ARCH}.efi" ]]; then
_BOOTMGR_LABEL="rEFInd"
_BOOTMGR_LOADER_PATH="/EFI/refind/refind_${_SPEC_UEFI_ARCH}.efi"
_uefi_bootmgr_setup
mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
cp -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/refind/refind_${_SPEC_UEFI_ARCH}.efi" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
sleep 2
_dialog --msgbox "You will now be put into the editor to edit:\nrefind.conf\n\nAfter you save your changes, exit the editor." 8 50
_geteditor || return 1
"${_EDITOR}" "${_REFIND_CONFIG}"
cp -f "${_REFIND_CONFIG}" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/"
_efistub_copy_to_efisys | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Copying kernel, ucode and initramfs to EFI SYSTEM PARTITION now..." 6 75 0
_pacman_hook_refind
_dialog --title " Success " --no-mouse --infobox "rEFInd has been setup successfully." 3 50
sleep 3
_S_BOOTLOADER=1
else
_dialog --title " ERROR " --msgbox "Setting up rEFInd failed." 5 40
fi
}

55
usr/lib/archboot/installer/bootloader_sb.sh Normal file
View file

@ -0,0 +1,55 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_secureboot_keys() {
_CN=""
_MOK_PW=""
_KEYDIR=""
while [[ -z "${_KEYDIR}" ]]; do
_dialog --title " Setup Keys " --no-cancel --inputbox "Enter the directory to store the keys on ${_DESTDIR}." 8 65 "/etc/secureboot/keys" 2>"${_ANSWER}" || return 1
_KEYDIR=$(cat "${_ANSWER}")
#shellcheck disable=SC2086,SC2001
_KEYDIR="$(echo ${_KEYDIR} | sed -e 's#^/##g')"
done
if [[ ! -d "${_DESTDIR}/${_KEYDIR}" ]]; then
while [[ -z "${_CN}" ]]; do
_dialog --title " Setup Keys " --no-cancel --inputbox "Enter a common name(CN) for your keys, eg. Your Name" 8 65 "" 2>"${_ANSWER}" || return 1
_CN=$(cat "${_ANSWER}")
done
secureboot-keys.sh -name="${_CN}" "${_DESTDIR}/${_KEYDIR}" &>"${_LOG}" || return 1
_dialog --title " Setup Keys " --no-mouse --infobox "Common name(CN) ${_CN}\nused for your keys in ${_DESTDIR}/${_KEYDIR}" 4 60
sleep 3
else
_dialog --title " Setup Keys " --no-mouse --infobox "-Directory ${_DESTDIR}/${_KEYDIR} exists\n-assuming keys are already created\n-trying to use existing keys now" 5 50
sleep 3
fi
}
_mok_sign () {
_UEFI_BOOTLOADER_DIR="${_UEFISYS_MP}/EFI/BOOT"
_INSTALL_MOK=""
_MOK_PW=""
while [[ -z "${_MOK_PW}" ]]; do
_dialog --title " Machine Owner Key Password " --insecure --passwordbox "On reboot you will be asked for this password by mokmanager:" 8 65 2>"${_ANSWER}" || return 1
_PASS=$(cat "${_ANSWER}")
_dialog --title " Retype Machine Owner Key Password " --insecure --passwordbox "On reboot you will be asked for this password by mokmanager:" 8 65 2>"${_ANSWER}" || return 1
_PASS2=$(cat "${_ANSWER}")
if [[ "${_PASS}" == "${_PASS2}" && -n "${_PASS}" ]]; then
_MOK_PW=${_PASS}
echo "${_MOK_PW}" > /tmp/.password
echo "${_MOK_PW}" >> /tmp/.password
_MOK_PW=/tmp/.password
else
_dialog --title " ERROR " --no-mouse --infobox "Password didn't match or was empty, please enter again." 6 65
sleep 3
fi
done
mokutil -i "${_DESTDIR}"/"${_KEYDIR}"/MOK/MOK.cer < ${_MOK_PW} >"${_LOG}"
rm /tmp/.password
_dialog --title " Machine Owner Key " --no-mouse --infobox "Machine Owner Key has been installed successfully." 3 70
sleep 3
${_NSPAWN} sbsign --key /"${_KEYDIR}"/MOK/MOK.key --cert /"${_KEYDIR}"/MOK/MOK.crt --output /boot/"${_VMLINUZ}" /boot/"${_VMLINUZ}" &>"${_LOG}"
${_NSPAWN} sbsign --key /"${_KEYDIR}"/MOK/MOK.key --cert /"${_KEYDIR}"/MOK/MOK.crt --output "${_UEFI_BOOTLOADER_DIR}"/grub"${_SPEC_UEFI_ARCH}".efi "${_UEFI_BOOTLOADER_DIR}"/grub"${_SPEC_UEFI_ARCH}".efi &>"${_LOG}"
_dialog --title " Kernel And Bootloader Signing " --no-mouse --infobox "/boot/${_VMLINUZ} and ${_UEFI_BOOTLOADER_DIR}/grub${_SPEC_UEFI_ARCH}.efi\n\nhave been signed successfully." 5 60
sleep 3
}

45
usr/lib/archboot/installer/bootloader_systemd_bootd.sh Normal file
View file

@ -0,0 +1,45 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_systemd_boot_uefi() {
_dialog --no-mouse --infobox "Setting up SYSTEMD-BOOT now..." 3 40
# create directory structure, if it doesn't exist
[[ -d "${_DESTDIR}/${_UEFISYS_MP}/loader/entries" ]] || mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/loader/entries"
echo "title Arch Linux" > "${_DESTDIR}/${_UEFISYS_MP}/loader/entries/archlinux-core-main.conf"
echo "linux /${_KERNEL}" >> "${_DESTDIR}/${_UEFISYS_MP}/loader/entries/archlinux-core-main.conf"
if [[ -n "${_INITRD_UCODE}" ]]; then
echo "initrd /${_INITRD_UCODE}" >> "${_DESTDIR}/${_UEFISYS_MP}/loader/entries/archlinux-core-main.conf"
fi
cat << BOOTDEOF >> "${_DESTDIR}/${_UEFISYS_MP}/loader/entries/archlinux-core-main.conf"
initrd /${_INITRD}
options ${_KERNEL_PARAMS_MOD}
BOOTDEOF
cat << BOOTDEOF > "${_DESTDIR}/${_UEFISYS_MP}/loader/loader.conf"
timeout 5
default archlinux-core-main
BOOTDEOF
_chroot_mount
chroot "${_DESTDIR}" bootctl --path="/${_UEFISYS_MP}" install &>"${_LOG}"
chroot "${_DESTDIR}" bootctl --path="/${_UEFISYS_MP}" update &>"${_LOG}"
_chroot_umount
if [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/systemd/systemd-boot${_SPEC_UEFI_ARCH}.efi" ]]; then
rm -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
cp -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/systemd/systemd-boot${_SPEC_UEFI_ARCH}.efi" \
"${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
_BOOTMGR_LABEL="SYSTEMD-BOOT"
_BOOTMGR_LOADER_PATH="/EFI/systemd/systemd-boot${_SPEC_UEFI_ARCH}.efi"
_uefi_bootmgr_setup
sleep 2
_dialog --msgbox "You will now be put into the editor to edit:\nloader.conf and menu entry files\n\nAfter you save your changes, exit the editor." 8 50
_geteditor || return 1
"${_EDITOR}" "${_DESTDIR}/${_UEFISYS_MP}/loader/entries/archlinux-core-main.conf"
"${_EDITOR}" "${_DESTDIR}/${_UEFISYS_MP}/loader/loader.conf"
_efistub_copy_to_efisys | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Copying kernel, ucode and initramfs to EFI SYSTEM PARTITION now..." 6 75 0
_pacman_hook_systemd_bootd
_dialog --title " Success " --no-mouse --infobox "SYSTEMD-BOOT has been setup successfully." 3 50
sleep 3
_S_BOOTLOADER=1
else
_dialog --msgbox "Error installing SYSTEMD-BOOT." 0 0
fi
}

77
usr/lib/archboot/installer/bootloader_systemd_services.sh Normal file
View file

@ -0,0 +1,77 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_efistub_copy_to_efisys() {
if ! [[ "${_UEFISYS_MP}" == "boot" ]]; then
# clean and copy to efisys
[[ -d "${_DESTDIR}/${_UEFISYS_MP}/${_UEFISYS_PATH}" ]] || mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/${_UEFISYS_PATH}"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/${_KERNEL}"
cp -f "${_DESTDIR}/boot/${_VMLINUZ}" "${_DESTDIR}/${_UEFISYS_MP}/${_KERNEL}"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/${_INITRD}"
cp -f "${_DESTDIR}/boot/${_INITRAMFS}" "${_DESTDIR}/${_UEFISYS_MP}/${_INITRD}"
if [[ -n "${_INITRD_UCODE}" ]]; then
rm -f "${_DESTDIR}/${_UEFISYS_MP}/${_INITRD_UCODE}"
cp -f "${_DESTDIR}/boot/${_UCODE}" "${_DESTDIR}/${_UEFISYS_MP}/${_INITRD_UCODE}"
fi
sleep 2
_progress "50" "Enable automatic copying to EFI SYSTEM PARTITION on installed system..."
cat << CONFEOF > "${_DESTDIR}/etc/systemd/system/efistub_copy.path"
[Unit]
Description=Copy EFISTUB Kernel and Initramfs files to EFI SYSTEM PARTITION
[Path]
PathChanged=/boot/${_VMLINUZ}
PathChanged=/boot/${_INITRAMFS}
CONFEOF
if [[ -n "${_UCODE}" ]]; then
echo "PathChanged=/boot/${_UCODE}" >> "${_DESTDIR}/etc/systemd/system/efistub_copy.path"
fi
cat << CONFEOF >> "${_DESTDIR}/etc/systemd/system/efistub_copy.path"
Unit=efistub_copy.service
[Install]
WantedBy=multi-user.target
CONFEOF
cat << CONFEOF > "${_DESTDIR}/etc/systemd/system/efistub_copy.service"
[Unit]
Description=Copy EFISTUB Kernel and Initramfs files to EFI SYSTEM PARTITION
[Service]
Type=oneshot
ExecStart=/usr/bin/cp -f /boot/${_VMLINUZ} /${_UEFISYS_MP}/${_KERNEL}
ExecStart=/usr/bin/cp -f /boot/${_INITRAMFS} /${_UEFISYS_MP}/${_INITRD}
CONFEOF
if [[ -n "${_INITRD_UCODE}" ]]; then
echo "ExecStart=/usr/bin/cp -f /boot/${_UCODE} /${_UEFISYS_MP}/${_INITRD_UCODE}" \
>> "${_DESTDIR}/etc/systemd/system/efistub_copy.service"
fi
${_NSPAWN} systemctl enable efistub_copy.path &>"${_NO_LOG}"
sleep 2
_progress "100" "Automatic Syncing to EFI SYSTEM PARTITIOM completed."
sleep 2
fi
# reset _VMLINUZ on aarch64
if [[ "${_RUNNING_ARCH}" == "aarch64" ]]; then
_VMLINUZ="Image.gz"
fi
}
_uki_autobuild() {
sleep 2
_progress "50" "Enable automatic UKI creation on installed system..."
cat << CONFEOF > "${_DESTDIR}/etc/systemd/system/run_ukify.path"
[Unit]
Description=Run systemd ukify
[Path]
PathChanged=/boot/${_INITRAMFS}
PathChanged=/boot/${_UCODE}
Unit=run_ukify.service
[Install]
WantedBy=multi-user.target
CONFEOF
cat << CONFEOF > "${_DESTDIR}/etc/systemd/system/run_ukify.service"
[Unit]
Description=Run systemd ukify
[Service]
Type=oneshot
ExecStart=/usr/bin/bash -c "source /etc/ukify.conf"
CONFEOF
${_NSPAWN} systemctl enable run_ukify.path &>"${_NO_LOG}"
}

27
usr/lib/archboot/installer/bootloader_uboot.sh Normal file
View file

@ -0,0 +1,27 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_uboot() {
_common_bootloader_checks
_check_bootpart
_abort_uboot
[[ -d "${_DESTDIR}/boot/extlinux" ]] || mkdir -p "${_DESTDIR}/boot/extlinux"
_KERNEL_PARAMS_COMMON_UNMOD="root=${_ROOTDEV} rootfstype=${_ROOTFS} rw ${_ROOTFLAGS} ${_RAIDARRAYS} ${_LUKSSETUP}"
_KERNEL_PARAMS_COMMON_MOD="$(echo "${_KERNEL_PARAMS_COMMON_UNMOD}" | sed -e 's# # #g' | sed -e 's# # #g')"
[[ "${_RUNNING_ARCH}" == "aarch64" ]] && _TITLE="ARM 64"
[[ "${_RUNNING_ARCH}" == "riscv64" ]] && _TITLE="RISC-V 64"
# write extlinux.conf
_dialog --no-mouse --infobox "Installing UBOOT..." 0 0
cat << EOF >> "${_DESTDIR}/boot/extlinux/extlinux.conf"
menu title Welcome Arch Linux ${_TITLE}
timeout 100
default linux
label linux
menu label Boot System (automatic boot in 10 seconds...)
kernel ${_SUBDIR}/${_VMLINUZ}
initrd ${_SUBDIR}/${_INITRAMFS}
append ${_KERNEL_PARAMS_COMMON_MOD}
EOF
_dialog --no-mouse --infobox "UBOOT has been installed successfully." 3 55
sleep 3
}

54
usr/lib/archboot/installer/bootloader_uki.sh Normal file
View file

@ -0,0 +1,54 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: GPL-3.0-or-later
# created by Tobias Powalowski <tpowa@archlinux.org>
_uki_config() {
_UKIFY_CONFIG="${_DESTDIR}/etc/ukify.conf"
_CMDLINE="${_DESTDIR}/etc/kernel/cmdline"
echo "${_KERNEL_PARAMS_MOD}" > "${_CMDLINE}"
echo "KERNEL=/boot/${_VMLINUZ}" > "${_UKIFY_CONFIG}"
if [[ -n ${_UCODE} ]]; then
echo "UCODE=/boot/${_UCODE}" >> "${_UKIFY_CONFIG}"
fi
cat << CONFEOF >> "${_UKIFY_CONFIG}"
INITRD=/boot/${_INITRAMFS}
CMDLINE=/etc/kernel/cmdline
SPLASH=/usr/share/systemd/bootctl/splash-arch.bmp
EFI=/${_UEFISYS_MP}/EFI/Linux/archlinux-linux.efi
CONFEOF
echo "/usr/lib/systemd/ukify \${KERNEL} \${UCODE} \${INITRD} --cmdline @\${CMDLINE} --splash \${SPLASH} --output \${EFI}" >> "${_UKIFY_CONFIG}"
mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/Linux"
_dialog --msgbox "You will now be put into the editor to edit:\n- kernel commandline config file\n- ukify.conf config file\n\nAfter you save your changes, exit the editor." 9 50
}
_uki_install() {
_uki_autobuild
_BOOTMGR_LABEL="Arch Linux - Unified Kernel Image"
_BOOTMGR_LOADER_PATH="/EFI/Linux/archlinux-linux.efi"
_uefi_bootmgr_setup
mkdir -p "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT"
rm -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
cp -f "${_DESTDIR}/${_UEFISYS_MP}/EFI/Linux/archlinux-linux.efi" "${_DESTDIR}/${_UEFISYS_MP}/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
sleep 2
_progress "100" "Unified Kernel Image has been setup successfully."
sleep 2
_S_BOOTLOADER=1
}
_uki_uefi() {
if [[ ! -f "${_DESTDIR}/usr/lib/systemd/ukify" ]]; then
_PACKAGES="systemd-ukify"
_run_pacman | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Installing package(s):\n${_PACKAGES}..." 7 75 0
_pacman_error
fi
_uki_config
_geteditor || return 1
"${_EDITOR}" "${_CMDLINE}"
"${_EDITOR}" "${_UKIFY_CONFIG}"
${_NSPAWN} /usr/bin/bash -c "source /etc/ukify.conf" >>"${_LOG}"
if [[ -e "${_DESTDIR}/${_UEFISYS_MP}/EFI/Linux/archlinux-linux.efi" ]]; then
_uki_install | _dialog --title " Logging to ${_VC} | ${_LOG} " --gauge "Setting up Unified Kernel Image..." 6 75 0
else
_dialog --title " ERROR " --no-mouse --infobox "Setting up Unified Kernel Image failed!" 3 60
sleep 3
fi
}

5
usr/lib/archboot/update/manage.sh
View file

@ -169,7 +169,10 @@ _download_latest() {
done
# setup libs
_progress "75" "Downloading latest setup libs..."
LIBS="autoconfiguration.sh quicksetup.sh base.sh blockdevices.sh bootloader.sh btrfs.sh common.sh \
LIBS="autoconfiguration.sh quicksetup.sh base.sh blockdevices.sh bootloader.sh \
bootloader_sb.sh bootloader_grub.sh bootloader_uki.sh bootloader_systemd_bootd.sh \
bootloader_limine.sh bootloader_pacman_hooks.sh bootloader_refind.sh \
bootloader_systemd_services.sh bootloader_uboot.sh btrfs.sh common.sh \
configuration.sh mountpoints.sh network.sh pacman.sh partition.sh storage.sh"
for i in ${LIBS}; do
wget -q "${_SOURCE}${_INST}/${i}?inline=false" -O "${_INST}/${i}"