Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Make bootloader updates on UEFI-based systems work #299

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Make bootloader updates on UEFI-based systems work #299

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
103 changes: 83 additions & 20 deletions chroot-script
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -623,11 +623,11 @@ efi_setup() {
# then we need to mount efivarfs for efibootmgr usage
if ! ls /sys/firmware/efi/efivars/* &>/dev/null ; then
echo "Mounting efivarfs on /sys/firmware/efi/efivars"
mount -t efivarfs efivarfs /sys/firmware/efi/efivars
mount -t efivarfs efivarfs /sys/firmware/efi/efivars || true
fi

echo "Invoking efibootmgr"
efibootmgr
efibootmgr || true
}

# grub configuration/installation {{{
Expand Down Expand Up @@ -667,21 +667,73 @@ device_to_id() {
return 1
}

is_grub_bios_compatible() {
# Check if the disk uses an MSDOS partition table, these are always compatible
if [[ "$(blkid "$GRUB")" =~ 'PTTYPE="dos"' ]]; then
return 0
# Look for a BIOS boot partition otherwise
else
while read -r line; do
if [[ "$line" =~ ^${GRUB}.*21686148-6449-6e6f-744e-656564454649$ ]]; then
return 0
fi
done < <(lsblk -pnlo NAME,PARTTYPE)
fi
return 1
}

run_grub_install() {
grub_install_cmd=( 'grub-install' "$@" )
if ! "${grub_install_cmd[@]}" ; then
echo "Error: failed to execute '${grub_install_cmd[*]}'." >&2
exit 1
fi
}

grub_install() {

if [ -z "$GRUB" ] ; then
echo "Notice: \$GRUB not defined, will not install grub inside chroot at this stage."
return 0
fi
MAIN_GRUB_PACKAGE=""
GRUB_SECBOOT_PACKAGES=()

efi_setup
case "$ARCH" in
i386)
if [ -n "$EFI" ]; then
MAIN_GRUB_PACKAGE="grub-efi-ia32"
GRUB_SECBOOT_PACKAGES=( "grub-efi-ia32-signed" "shim-signed" )
elif is_grub_bios_compatible; then
MAIN_GRUB_PACKAGE="grub-pc"
fi
;;
amd64)
if is_grub_bios_compatible && [ -n "$EFI" ]; then
MAIN_GRUB_PACKAGE="grub-cloud-amd64"
GRUB_SECBOOT_PACKAGES=( "grub-efi-amd64-signed" "shim-signed" )
elif [ -n "$EFI" ]; then
MAIN_GRUB_PACKAGE="grub-efi-amd64"
GRUB_SECBOOT_PACKAGES=( "grub-efi-amd64-signed" "shim-signed" )
else
MAIN_GRUB_PACKAGE="grub-pc"
fi
;;
arm64)
if [ -n "$EFI" ]; then
MAIN_GRUB_PACKAGE="grub-efi-arm64"
GRUB_SECBOOT_PACKAGES=( "grub-efi-arm64-signed" "shim-signed" )
fi
;;
esac

if [ -n "$EFI" ] ; then
GRUB_PACKAGE=grub-efi-amd64
else
GRUB_PACKAGE=grub-pc
if [ -z "$MAIN_GRUB_PACKAGE" ]; then
echo "Notice: No applicable bootloaders found, will not install grub inside chroot at this stage."
return 0
fi

efi_setup

# make sure this is pre-defined so we have sane settings for automated
# upgrades, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=711019
local grub_device
Expand All @@ -691,14 +743,13 @@ grub_install() {
grub_device="${GRUB}"
fi

echo "Setting ${GRUB_PACKAGE} debconf configuration for install device to $GRUB"
echo "${GRUB_PACKAGE} ${GRUB_PACKAGE}/install_devices multiselect ${grub_device}" | debconf-set-selections

if ! dpkg --list "${GRUB_PACKAGE}" 2>/dev/null | grep -q '^ii' ; then
echo "Notice: grub option set but no ${GRUB_PACKAGE} package, installing it therefore."
DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL "${GRUB_PACKAGE}"
echo "Setting grub debconf configuration for install device to $GRUB"
if [ -n "$MAIN_GRUB_PACKAGE" ]; then
echo "${MAIN_GRUB_PACKAGE} ${MAIN_GRUB_PACKAGE}/install_devices multiselect ${grub_device}" | debconf-set-selections
fi

DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL "${MAIN_GRUB_PACKAGE}" "${GRUB_SECBOOT_PACKAGES[@]}"

if ! [ -x "$(command -v grub-install)" ] ; then
echo "Error: grub-install not available. (Error while installing grub package?)" >&2
return 1
Expand All @@ -712,19 +763,31 @@ grub_install() {
for device in $SELECTED_PARTITIONS ; do
GRUB="${device%%[0-9]}"
echo "Installing grub on ${GRUB}:"
if ! grub-install --no-floppy "$GRUB" ; then
echo "Error: failed to execute 'grub-install --no-floppy $GRUB'." >&2
exit 1
if [ -n "$EFI" ]; then
case "${ARCH}" in
i386) run_grub_install --no-floppy --target=i386-efi "${GRUB}";;
amd64) run_grub_install --no-floppy --target=x86_64-efi "${GRUB}";;
arm64) run_grub_install --no-floppy --target=arm64-efi "${GRUB}";;
esac
fi
if [ "$MAIN_GRUB_PACKAGE" = 'grub-cloud-amd64' ] || [ -z "$EFI" ]; then
run_grub_install --no-floppy --target=i386-pc "${GRUB}"
fi

done
rm -f /boot/grub/device.map
else
echo "Installing grub on ${GRUB}:"
mkdir -p /boot/grub
echo "(hd0) ${GRUB}" > /boot/grub/device.map
if ! grub-install "(hd0)" ; then
echo "Error: failed to execute 'grub-install (hd0)'." >&2
exit 1
if [ -n "$EFI" ]; then
case "${ARCH}" in
i386) run_grub_install --target=i386-efi "${GRUB}";;
amd64) run_grub_install --target=x86_64-efi "${GRUB}";;
arm64) run_grub_install --target=arm64-efi "${GRUB}";;
esac
fi
if [ "$MAIN_GRUB_PACKAGE" = 'grub-cloud-amd64' ] || [ -z "$EFI" ]; then
run_grub_install --target=i386-pc "${GRUB}"
fi
rm /boot/grub/device.map
fi
Expand Down
Loading