Added post transaction dom0 symlink creation; draft grub.cfg
This commit is contained in:
parent
3f38f87aad
commit
e38c103010
2
README.md
Normal file
2
README.md
Normal file
@ -0,0 +1,2 @@
|
||||
|
||||
sudo qubes-dom0-update python3-dnf-plugin-post-transaction-actions
|
||||
31
build.sh
31
build.sh
@ -1,4 +1,6 @@
|
||||
#!/bin/bash
|
||||
#!/usr/bin/env bash
|
||||
|
||||
|
||||
# use TERM to exit on error
|
||||
trap "exit 1" TERM
|
||||
export TOP_PID=$$
|
||||
@ -516,18 +518,10 @@ build_coreboot() {
|
||||
|
||||
# calculate hash of BIOS region before injecting bootorder/serial
|
||||
${IFDTOOL_CB} -x ${COREBOOT_IMAGE}
|
||||
bios_sha=$(sha256sum flashregion_1_bios.bin | awk '{print $1}')
|
||||
rm -f flashregion*.bin
|
||||
|
||||
# set serial
|
||||
set_serial_number ${COREBOOT_IMAGE}
|
||||
|
||||
#set boot delay
|
||||
# add an 8s boot delay for the Librem Mini so splash screen
|
||||
# actually shown on displays with sluggish init
|
||||
if [[ ${LIBREM_MODEL^^} == "MINI"* ]]; then
|
||||
${CBFSTOOL_CB} ${COREBOOT_IMAGE} add-int -i 8000 -n etc/boot-menu-wait >/dev/null
|
||||
fi
|
||||
# print CBFS contents
|
||||
${CBFSTOOL_CB} ${COREBOOT_IMAGE} print
|
||||
|
||||
@ -535,19 +529,10 @@ build_coreboot() {
|
||||
echo ""
|
||||
echo "Finished building coreboot for Librem ${LIBREM_MODEL^}"
|
||||
echo ""
|
||||
COREBOOT_BIOS_SHA="COREBOOT_BIOS_SHA_${LIBREM_MODEL^^}"
|
||||
COREBOOT_BIOS_SHA=${!COREBOOT_BIOS_SHA}
|
||||
if [ "${bios_sha}" != "${COREBOOT_BIOS_SHA}" ]; then
|
||||
echo "WARNING: Built coreboot image hash does not match expected reproducible build hash"
|
||||
echo "Built: ${bios_sha}"
|
||||
echo "Expected: ${COREBOOT_BIOS_SHA}"
|
||||
else
|
||||
echo "Built coreboot image hash matches expected reproducible build hash"
|
||||
fi
|
||||
|
||||
|
||||
# prompt to flash
|
||||
echo ""
|
||||
if [ ${CURRENT_FW_TYPE} != "HEADS" ]; then
|
||||
flash=0
|
||||
while [ "$flash" != "y" ] && [ "$flash" != "n" ]; do
|
||||
read -r -p "Do you want to flash the coreboot update now (y/N) ? " flash
|
||||
@ -578,13 +563,7 @@ build_coreboot() {
|
||||
else
|
||||
echo ""
|
||||
fi
|
||||
else
|
||||
echo "You may now copy the coreboot update file ($COREBOOT_IMAGE) to USB for updating via Heads."
|
||||
echo ""
|
||||
read -ep "Press [Enter] to exit."
|
||||
cleanup
|
||||
exit 0
|
||||
fi
|
||||
|
||||
}
|
||||
|
||||
check_dependencies() {
|
||||
|
||||
3
resources/00-kernel-xen-symlink.conf
Normal file
3
resources/00-kernel-xen-symlink.conf
Normal file
@ -0,0 +1,3 @@
|
||||
kernel:upgraded:/usr/bin/ln -sfn /boot/initramfs-${ver}-${rel}.fc32.qubes.${arch}
|
||||
kernel:upgraded:/usr/bin/ln -sfn /boot/vmlinuz-${ver}-${rel}.fc32.qubes.${arch}
|
||||
xen-hypervisor:upgraded:/usr/bin/ln -sfn /boot/xen-${ver}.gz /boot/xen-latest.gz
|
||||
BIN
resources/dejavusansmono.pf2
Normal file
BIN
resources/dejavusansmono.pf2
Normal file
Binary file not shown.
@ -0,0 +1,144 @@
|
||||
set prefix=(memdisk)/boot/grub
|
||||
|
||||
insmod nativedisk
|
||||
insmod usb
|
||||
insmod usbms
|
||||
insmod part_msdos
|
||||
insmod ext2
|
||||
insmod lvm
|
||||
insmod gcry_rijndael
|
||||
insmod gcry_sha256
|
||||
insmod luks
|
||||
insmod cryptodisk
|
||||
insmod gfxmenu
|
||||
insmod gfxterm_menu
|
||||
insmod gfxterm_background
|
||||
insmod chain
|
||||
insmod jpeg
|
||||
|
||||
terminal_input --append at_keyboard
|
||||
terminal_output --append cbmemc
|
||||
|
||||
gfxpayload=keep
|
||||
terminal_output --append gfxterm
|
||||
|
||||
set menu_color_normal=white/black
|
||||
set menu_color_highlight=white/cyan
|
||||
|
||||
# Default to first option, automatically boot after 1 second
|
||||
set default="0>0"
|
||||
set timeout=1
|
||||
|
||||
# This is useful when using 'cat' on long files on GRUB terminal
|
||||
set pager=1
|
||||
|
||||
# Set a background image from CBFS
|
||||
background_image (cbfsdisk)/background.jpg
|
||||
|
||||
# Set DejaVu Sans Mono as the default font
|
||||
loadfont (cbfsdisk)/dejavusansmono.pf2
|
||||
|
||||
# Default keymap
|
||||
keymap usqwerty
|
||||
|
||||
# Users
|
||||
set superusers="admin"
|
||||
password_pbkdf2 admin #password_placeholder#
|
||||
export superusers
|
||||
|
||||
function try_user_config {
|
||||
set root="${1}"
|
||||
for dir in boot grub grub2 boot/grub boot/grub2; do
|
||||
for name in '' autoboot_ libreboot_ coreboot_; do
|
||||
if [ -f /"${dir}"/"${name}"grub.cfg ]; then
|
||||
unset superusers
|
||||
configfile /"${dir}"/"${name}"grub.cfg
|
||||
fi
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
function search_grub {
|
||||
for i in 0 1; do
|
||||
# raw devices
|
||||
try_user_config "(${1}${i})"
|
||||
for part in 1 2 3 4 5; do
|
||||
# MBR/GPT partitions
|
||||
try_user_config "(${1}${i},${part})"
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
function try_isolinux_config {
|
||||
set root="${1}"
|
||||
for dir in '' /boot; do
|
||||
if [ -f "${dir}"/isolinux/isolinux.cfg ]; then
|
||||
syslinux_configfile -i "${dir}"/isolinux/isolinux.cfg
|
||||
elif [ -f "${dir}"/syslinux/syslinux.cfg ]; then
|
||||
syslinux_configfile -s "${dir}"/syslinux/syslinux.cfg
|
||||
fi
|
||||
done
|
||||
}
|
||||
|
||||
function search_isolinux {
|
||||
for i in 0 1; do
|
||||
# raw devices
|
||||
try_isolinux_config "(${1}${i})"
|
||||
for part in 1 2 3 4 5; do
|
||||
# MBR/GPT partitions
|
||||
try_isolinux_config "(${1}${i},${part})"
|
||||
done
|
||||
done
|
||||
}
|
||||
|
||||
menuentry 'Qubes, with Xen hypervisor' --class qubes --class gnu-linux --class gnu --class os --class xen $menuentry_id_option 'xen-gnulinux-simple-/dev/mapper/qubes_dom0-root' {
|
||||
insmod part_msdos
|
||||
insmod ext2
|
||||
cryptomount -a
|
||||
set root='lvm/qubes_dom0-boot'
|
||||
set root='hd0,msdos1'
|
||||
if [ x$feature_platform_search_hint = xy ]; then
|
||||
search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 --hint='hd0,msdos1' 2c68125e-e8df-4d9f-b67f-74c44a6e9873
|
||||
else
|
||||
search --no-floppy --fs-uuid --set=root 2c68125e-e8df-4d9f-b67f-74c44a6e9873
|
||||
fi
|
||||
echo 'Loading Xen..'
|
||||
if [ "$grub_platform" = "pc" -o "$grub_platform" = "" ]; then
|
||||
xen_rm_opts=
|
||||
else
|
||||
xen_rm_opts="no-real-mode edd=off"
|
||||
fi
|
||||
multiboot2 /xen-latest placeholder console=none dom0_mem=min:1024M dom0_mem=max:4096M ucode=scan smt=off gnttab_max_frames=2048 gnttab_max_maptrack_frames=4096 ${xen_rm_opts}
|
||||
echo 'Loading Linux...'
|
||||
module2 /vmlinuz-latest placeholder root=/dev/mapper/qubes_dom0-root ro rd.luks.uuid=luks-f8d0a06a-fb7a-411a-a662-4f7a6bf4931c rd.lvm.lv=qubes_dom0/root rd.lvm.lv=qubes_dom0/swap plymouth.ignore-serial-consoles i915.alpha_support=1 rd.driver.pre=btrfs rhgb quiet rd.qubes.hide_all_usb
|
||||
echo 'Loading initial ramdisk...'
|
||||
module2 --nounzip /initramfs-latest
|
||||
}
|
||||
|
||||
submenu 'Search for systems on external media' {
|
||||
menuentry 'Search ISOLINUX menu (USB)' {
|
||||
search_isolinux usb
|
||||
}
|
||||
menuentry 'Search ISOLINUX menu (AHCI)' {
|
||||
search_isolinux ahci
|
||||
}
|
||||
menuentry 'Search for GRUB2 configuration on external media' {
|
||||
search_grub usb
|
||||
}
|
||||
menuentry 'Load test configuration (grubtest.cfg) inside of CBFS' {
|
||||
set root='(cbfsdisk)'
|
||||
configfile /grubtest.cfg
|
||||
}
|
||||
menuentry 'Chainload bootloader on external media' {
|
||||
set root='(usb0)'
|
||||
chainloader +1
|
||||
}
|
||||
}
|
||||
|
||||
menuentry 'Reboot [r]' --hotkey='r' {
|
||||
reboot
|
||||
}
|
||||
|
||||
menuentry 'Poweroff [p]' --hotkey='p' {
|
||||
halt
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user