root/archboot
1
0
Fork 0
mirror of https://gitlab.archlinux.org/tpowa/archboot.git synced 2024-09-20 03:50:37 +02:00
Code Issues Projects Releases Packages Wiki Activity

add automatic grub upgrade in SB mode

Browse source
This commit is contained in:
Tobias Powalowski 2023-08-13 13:11:03 +02:00
parent 0b7d114de6
commit 5fbf590e61
2 changed files with 33 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

29
usr/lib/archboot/installer/bootloader.sh
View file

@ -1076,6 +1076,34 @@ _grub_install_uefi() {
rm /.archboot
}
_do_grub_pacman_uefi_sb() {
[[ -d "${_DESTDIR}/etc/pacman.d/hooks" ]] || mkdir -p "${_DESTDIR}"/etc/pacman.d/hooks
_HOOKNAME="${_DESTDIR}/etc/pacman.d/hooks/999-grub-uefi-sb.hook"
cat << EOF > "${_HOOKNAME}"
[Trigger]
Operation = Install
Operation = Upgrade
Type = Package
Target = grub
[Action]
Description = Update GRUB UEFI SB after upgrade...
When = PostTransaction
EOF
if [[ "${_RUNNING_ARCH}" == "aarch64" ]]; then
cat << EOF >> "${_HOOKNAME}"
Exec = /usr/bin/sh -c 'grub-mkstandalone -d /usr/lib/grub/"${_GRUB_ARCH}"-efi -O "${_GRUB_ARCH}"-efi --sbat=/usr/share/grub/sbat.csv --modules="all_video boot btrfs cat configfile cryptodisk echo efi_gop efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd chain tpm" --fonts="ter-u16n" --locales="en@quot" --themes="" -o "${_GRUB_PREFIX_DIR}/grub${_SPEC_UEFI_ARCH}.efi" "boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}'
EOF
elif [[ "${_RUNNING_ARCH}" == "x86_64" ]]; then
cat << EOF >> "${_HOOKNAME}"
Exec = /usr/bin/sh -c 'grub-mkstandalone -d /usr/lib/grub/"${_GRUB_ARCH}"-efi -O "${_GRUB_ARCH}"-efi --sbat=/usr/share/grub/sbat.csv --modules="all_video boot btrfs cat configfile cryptodisk echo efi_gop efi_uga efifwsetup efinet ext2 f2fs fat font gcry_rijndael gcry_rsa gcry_serpent gcry_sha256 gcry_twofish gcry_whirlpool gfxmenu gfxterm gzio halt hfsplus http iso9660 loadenv loopback linux lvm lsefi lsefimmap luks luks2 mdraid09 mdraid1x minicmd net normal part_apple part_msdos part_gpt password_pbkdf2 pgp png reboot regexp search search_fs_uuid search_fs_file search_label serial sleep syslinuxcfg test tftp video xfs zstd backtrace chain tpm usb usbserial_common usbserial_pl2303 usbserial_ftdi usbserial_usbdebug keylayouts at_keyboard" --fonts="ter-u16n" --locales="en@quot" --themes="" -o "${_GRUB_PREFIX_DIR}/grub${_SPEC_UEFI_ARCH}.efi" "boot/grub/grub.cfg=/${_GRUB_PREFIX_DIR}/${_GRUB_CFG}'
EOF
fi
_dialog --title " Automatic GRUB UEFI SB Update " --no-mouse --infobox "Automatic GRUB UEFI SB update has been enabled successfully:\n\n${_HOOKNAME}" 5 70
sleep 3
}
_grub_install_uefi_sb() {
### Hint: https://src.fedoraproject.org/rpms/grub2/blob/rawhide/f/grub.macros#_407
# add -v for verbose
@ -1198,6 +1226,7 @@ _do_grub_uefi() {
_do_mok_sign
_do_pacman_sign
_do_uefi_secure_boot_efitools
_do_grub_pacman_uefi_sb
_BOOTMGR_LABEL="SHIM with GRUB Secure Boot"
_BOOTMGR_LOADER_PATH="/EFI/BOOT/BOOT${_UEFI_ARCH}.EFI"
_do_uefi_bootmgr_setup

7
usr/share/archboot/doc/archboot.html
View file

@ -14,7 +14,7 @@
<body>
<p><span><img src="/web/logo.png" alt="Logo"></span></p>
<h1>Archboot Project | <a href="https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&amp;hosted_button_id=Z7GXKW4MKHK7C"><img src="/web/donate.png" alt="Donate"></a></h1>
<p><strong>&copy; 2006 - 2023 | <a href=mailto:tpowa@archlinux.org>Tobias Powalowski</a></strong><br>Arch Linux Developer <strong><a href="https://archlinux.org/people/developers/#tpowa">tpowa</a><br>Last update: 06.08.2023 21:00</strong></p>
<p><strong>&copy; 2006 - 2023 | <a href=mailto:tpowa@archlinux.org>Tobias Powalowski</a></strong><br>Arch Linux Developer <strong><a href="https://archlinux.org/people/developers/#tpowa">tpowa</a><br>Last update: 13.08.2023 09:39</strong></p>
<nav id="TOC" role="doc-toc">
<ul>
<li><a href="#introduction" id="toc-introduction"><strong><span class="toc-section-number">1.</span> Introduction</strong></a></li>
@ -553,8 +553,9 @@
<ul>
<li>You configure your preferred <a href="https://wiki.archlinux.org/title/Bootloader" title="Bootloader"><strong>bootloader</strong></a>.</li>
<li><a href="https://wiki.archlinux.org/title/Microcode" title="Microcode"><strong>Microcode</strong></a> and other needed programs will be installed automatically.</li>
<li><a href="https://wiki.archlinux.org/title/GPT" title="GPT"><strong>GPT</strong></a> <a href="https://wiki.archlinux.org/title/UEFI" title="UEFI"><strong>UEFI</strong></a> supported bootloaders: <a href="https://wiki.archlinux.org/title/Unified_kernel_image" title="UKI"><strong>Unified Kernel Image</strong></a>, <a href="https://wiki.archlinux.org/title/Systemd-boot" title="Systemd-boot"><strong>systemd-boot</strong></a>, <a href="https://wiki.archlinux.org/title/Refind-efi" title="Refind-efi"><strong>refind-efi</strong></a>, <a href="https://wiki.archlinux.org/title/GRUB" title="GRUB"><strong>GRUB</strong></a></li>
<li><a href="https://wiki.archlinux.org/title/MBR" title="MBR"><strong>MBR</strong></a> BIOS supported bootloaders: <a href="https://wiki.archlinux.org/title/GRUB" title="GRUB"><strong>GRUB</strong></a></li>
<li><a href="https://wiki.archlinux.org/title/GPT" title="GPT"><strong>GPT</strong></a> <a href="https://wiki.archlinux.org/title/UEFI" title="UEFI"><strong>UEFI</strong></a> supported bootloaders: <a href="https://wiki.archlinux.org/title/Unified_kernel_image" title="UKI"><strong>Unified Kernel Image</strong></a>, <a href="https://wiki.archlinux.org/title/Limine" title="Limine"><strong>Limine</strong></a>, <a href="https://wiki.archlinux.org/title/Systemd-boot" title="Systemd-boot"><strong>Systemd-boot</strong></a>, <a href="https://wiki.archlinux.org/title/Refind-efi" title="Refind-efi"><strong>rEFInd</strong></a>, <a href="https://wiki.archlinux.org/title/GRUB" title="GRUB"><strong>GRUB</strong></a></li>
<li><a href="https://wiki.archlinux.org/title/MBR" title="MBR"><strong>MBR</strong></a> BIOS supported bootloaders: <a href="https://wiki.archlinux.org/title/GRUB" title="GRUB"><strong>GRUB</strong></a>, <a href="https://wiki.archlinux.org/title/Limine" title="Limine"><strong>Limine</strong></a></li>
<li><a href="https://wiki.archlinux.org/title/Pacman#Hooks" title="Hooks"><strong> Pacman hooks</strong></a> for automatic bootloader upgrade will be enabled by default.</li>
<li><a href="https://wiki.archlinux.org/title/Secure_Boot" title="Secure Boot"><strong>Secure Boot</strong></a> supports only shim signed by fedora with <a href="https://wiki.archlinux.org/title/GRUB" title="GRUB"><strong>GRUB</strong></a></li>
<li>The selected <a href="https://wiki.archlinux.org/title/Bootloader" title="Bootloader"><strong>bootloader</strong></a> will be installed to your system and you can modify the configuration file(s) afterwards.</li>
</ul>