#!/bin/bash set -e # Apply a sed expression using extended regular expressions in place to a # file, if it exists. The file is the first argument in order to work # neatly with apply_conf_tweaks. sed_conf() { if [ -e "$1" ]; then sed -i -re "$2" "$1" fi } # Substitute a debconf answer into a configuration file with the syntax of # /etc/default/grub. merge_debconf_into_conf() { local tmpfile; tmpfile="$1" local setting; setting="$2" local template; template="$3" db_get "$template" local value; value="$(echo "$RET" | sed -e 's,[$`"\],\\&,g')" if grep -q "^${setting}=" "$tmpfile"; then value="$(echo "$value" | sed -e 's,[\@],\\&,g')" sed -i -re "s@^(${setting}=).*@\1\"${value}\"@" "$tmpfile" else echo >> "$tmpfile" echo "${setting}=\"${value}\"" >> "$tmpfile" fi } # Apply the same configuration tweak to multiple files. apply_conf_tweaks() { local files; files="$1" local cmd; cmd="$2" local file shift 2 for file in $files; do if [ -e "$file" ]; then "$cmd" "$file" "$@" fi done } # This only works on a Linux system with udev running. This is probably the # vast majority of systems where we need any of this, though, and we fall # back reasonably gracefully if we don't have it. cached_available_ids= available_ids() { local id path if [ "$cached_available_ids" ]; then echo "$cached_available_ids" return fi [ -d /dev/disk/by-id ] || return cached_available_ids="$( for path in /dev/disk/by-id/*; do [ -e "$path" ] || continue printf '%s %s\n' "$path" "$(readlink -f "$path")" done | sort -k2 -s -u | cut -d' ' -f1 )" echo "$cached_available_ids" } # Returns non-zero and no output if no mapping can be found. device_to_id() { local id for id in $(available_ids); do if [ "$(readlink -f "$id")" = "$(readlink -f "$1")" ]; then echo "$id" return 0 fi done # Fall back to the plain device name if there's no by-id link for it. if [ -e "$1" ]; then echo "$1" return 0 fi return 1 } # for Linux sysfs_size() { local num_sectors sector_size size # Try to find out the size without relying on a partitioning tool being # installed. This isn't too hard on Linux 2.6 with sysfs, but we have to # try a couple of variants on detection of the sector size. if [ -e "$1/size" ]; then num_sectors="$(cat "$1/size")" sector_size=512 if [ -e "$1/queue/logical_block_size" ]; then sector_size="$(cat "$1/queue/logical_block_size")" elif [ -e "$1/queue/hw_sector_size" ]; then sector_size="$(cat "$1/queue/hw_sector_size")" fi size="$(expr "$num_sectors" \* "$sector_size" / 1000 / 1000)" fi [ "$size" ] || size='???' echo "$size" } maybe_udevadm() { if command -v udevadm >/dev/null 2>&1; then udevadm "$@" || true fi } # Returns value in $RET, like a debconf command. describe_disk() { local disk id sysfs_path disk_basename size model disk="$1" id="$2" model= case $(uname -s) in Linux) sysfs_path="$(maybe_udevadm info -n "$disk" -q path)" if [ -z "$sysfs_path" ]; then sysfs_path="/block/$(printf %s "${disk#/dev/}" | sed 's,/,!,g')" fi size="$(sysfs_size "/sys$sysfs_path")" model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^ID_MODEL=//p')" if [ -z "$model" ]; then model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^DM_NAME=//p')" if [ -z "$model" ]; then model="$(maybe_udevadm info -n "$disk" -q property | sed -n 's/^MD_NAME=//p')" if [ -z "$model" ] && command -v dmsetup >/dev/null 2>&1; then model="$(dmsetup info -c --noheadings -o name "$disk" 2>/dev/null || true)" fi fi fi ;; esac [ "$model" ] || model='???' db_subst grub-pc/disk_description DEVICE "$disk" db_subst grub-pc/disk_description SIZE "$size" db_subst grub-pc/disk_description MODEL "$model" db_metaget grub-pc/disk_description description } # Returns value in $RET, like a debconf command. describe_partition() { local disk part id path sysfs_path diskbase partbase size disk="$1" part="$2" id="$3" path="$4" sysfs_path="$(maybe_udevadm info -n "$part" -q path)" if [ -z "$sysfs_path" ]; then diskbase="${disk#/dev/}" diskbase="$(printf %s "$diskbase" | sed 's,/,!,g')" partbase="${part#/dev/}" partbase="$(printf %s "$partbase" | sed 's,/,!,g')" sysfs_path="/block/$diskbase/$partbase" fi size="$(sysfs_size "/sys$sysfs_path")" db_subst grub-pc/partition_description DEVICE "$part" db_subst grub-pc/partition_description SIZE "$size" db_subst grub-pc/partition_description PATH "$path" db_metaget grub-pc/partition_description description } usable_partitions() { local last_partition path partition partition_id last_partition= for path in / /boot /boot/grub; do partition="$(grub-probe -t device "$path" || true)" if [ -z "$partition" ] || [ "$partition" = "$last_partition" ]; then continue fi partition_id="$(device_to_id "$partition" || true)" echo "$path:$partition_id" last_partition="$partition" done | sort -t: -k2 } get_mountpoint() { local relpath boot_mountpoint relpath="$(grub-mkrelpath "$1")" boot_mountpoint="${1#$relpath}" echo "${boot_mountpoint:-/}" } config_item() { for x in /etc/default/grub /etc/default/grub.d/*.cfg; do if [ -e "$x" ]; then # Lose any output here so we don't confuse our # caller. The xen packages echo stuff here, Aargh! . "$x" > /dev/null fi done if [ "$(eval echo "\${$1+set}")" = set ]; then eval echo "\$$1" else return fi } running_in_container() { type systemd-detect-virt >/dev/null 2>&1 && systemd-detect-virt --quiet --container } no_nvram_arg() { db_get grub2/update_nvram if [ "$RET" = false ]; then echo "--no-nvram" fi } run_grub_install() { if ! grub-install $@ ; then echo "Failed: grub-install $@" >&2 echo "WARNING: Bootloader is not properly installed, system may not be bootable" >&2 fi } case "$1" in configure) . /usr/share/debconf/confmodule devicemap_regenerated= if egrep -q '^[[:space:]]*post(inst|rm)_hook[[:space:]]*=[[:space:]]*(/sbin/|/usr/sbin/)?update-grub' /etc/kernel-img.conf 2>/dev/null; then echo 'Removing update-grub hooks from /etc/kernel-img.conf in favour of' >&2 echo '/etc/kernel/ hooks.' >&2 sed -ri /etc/kernel-img.conf -e '\%^[[:space:]]*post(inst|rm)_hook[[:space:]]*=[[:space:]]*(/sbin/|/usr/sbin/)?update-grub%d' fi mkdir -p /boot/grub tmp_default_grub="$(mktemp -t grub.XXXXXXXXXX)" trap "rm -f ${tmp_default_grub}" EXIT cp -p /usr/share/grub/default/grub ${tmp_default_grub} # Apply configuration from debconf to both the template configuration # file (so that any ucf conflict resolution is shown with the configured # values in place) and to /etc/default/grub (in order that debconf # changes are effective even if we have to use UCF_FORCE_CONFFOLD=1). # # The config script takes care to read current values from # /etc/default/grub before possibly prompting the user to change them, # so this should comply with policy's strictures on configuration file # handling: the debconf prompts constitute an explicit administrator # request to change the configuration file. # # If the administrator changes their answers to any of these debconf # questions in the same run as a change to the template, then they'll # get a spurious ucf conflict. To fix this, we'd need to keep track of # the old answers, substitute the old answers into $tmp_default_grub, # and substitute the new answers into /etc/default/grub. Fortunately, # debconf won't normally ask these questions again during an upgrade, so # this should be rare in practice. conf_files="$tmp_default_grub /etc/default/grub" apply_conf_tweaks "$conf_files" merge_debconf_into_conf GRUB_CMDLINE_LINUX grub2/linux_cmdline apply_conf_tweaks "$conf_files" merge_debconf_into_conf GRUB_CMDLINE_LINUX_DEFAULT grub2/linux_cmdline_default # Horrible stuff here, as the os-prober option is a negative # setting (GRUB_DISABLE_OS_PROBER). To not confuse people with # double negative questions in templates, invert it here. db_get grub2/enable_os_prober if [ "$RET" = false ]; then # enable == false -> put in place the commented-out default # #GRUB_DISABLE_OS_PROBER=false that we ship with apply_conf_tweaks "$conf_files" sed_conf 's/^.*GRUB_DISABLE_OS_PROBER.*$/#GRUB_DISABLE_OS_PROBER=false/' else # enable == true -> put in place a valid GRUB_DISABLE_OS_PROBER=false apply_conf_tweaks "$conf_files" sed_conf 's/^.*GRUB_DISABLE_OS_PROBER.*$/GRUB_DISABLE_OS_PROBER=false/' fi case grub-ieee1275 in grub-pc) apply_conf_tweaks "$conf_files" merge_debconf_into_conf GRUB_TIMEOUT grub-pc/timeout apply_conf_tweaks "$conf_files" sed_conf 's/^(GRUB_TIMEOUT=)"([0-9][0-9]*)"/\1\2/' db_get grub-pc/hidden_timeout if [ "$RET" = false ]; then apply_conf_tweaks "$conf_files" sed_conf 's/^GRUB_HIDDEN_TIMEOUT=/#&/' fi ;; grub-ieee1275) if grep ^platform /proc/cpuinfo | grep -q PowerNV; then cat <<-EOF >>"$tmp_default_grub" # Disable os-prober for ppc64el on the PowerNV platform (for Petitboot) GRUB_DISABLE_OS_PROBER=true EOF fi ;; esac # If the template configuration file hasn't changed, then no conflict is # possible. ucf can't figure this out for itself since we apply # debconf-based customisations on top of the template configuration # file. if [ -e /var/lib/grub/ucf/grub.previous ] && \ cmp -s /usr/share/grub/default/grub /var/lib/grub/ucf/grub.previous && \ [ -e /etc/default/grub ]; then ucf_env=UCF_FORCE_CONFFOLD=1 else ucf_env= fi env $ucf_env ucf --three-way --debconf-ok --sum-file=/usr/share/grub/default/grub.md5sum "$tmp_default_grub" /etc/default/grub cp -aZ /usr/share/grub/default/grub /var/lib/grub/ucf/grub.previous package="$(ucfq --with-colons /etc/default/grub | cut -d : -f 2)" if echo $package | grep -q "^grub-" ; then ucfr --force grub-ieee1275 /etc/default/grub else ucfr grub-ieee1275 /etc/default/grub fi case grub-ieee1275 in grub-pc) if running_in_container; then # Skip grub-install in containers. : elif test -e /boot/grub/core.img || \ test -e /boot/grub/i386-ieee1275/core.img; then question=grub-pc/install_devices priority=high device_map="$(grub-mkdevicemap -m - | grep -v '^(fd[0-9]\+)' || true)" devices="$(echo "$device_map" | cut -f2)" db_get grub-pc/install_devices valid=1 for device in $RET; do if [ ! -e "${device%,}" ]; then valid=0 break fi done if [ "$valid" = 0 ]; then question=grub-pc/install_devices_disks_changed priority=critical db_set "$question" "$RET" db_fset "$question" seen false db_fset grub-pc/install_devices_empty seen false fi while :; do ids= descriptions= partitions="$(usable_partitions)" for device in $devices; do disk_id="$(device_to_id "$device" || true)" if [ "$disk_id" ]; then ids="${ids:+$ids, }$disk_id" describe_disk "$(readlink -f "$device")" "$disk_id" RET="$(printf %s "$RET" | sed 's/,/\\,/g')" descriptions="${descriptions:+$descriptions, }$RET" for partition_pair in $partitions; do partition_id="${partition_pair#*:}" if [ "${partition_id#$disk_id-part}" != "$partition_id" ]; then ids="${ids:+$ids, }$partition_id" describe_partition "$(readlink -f "$device")" "$(readlink -f "$partition_id")" "$partition_id" "$(get_mountpoint "${partition_pair%%:*}")" RET="$(printf %s "$RET" | sed 's/,/\\,/g')" descriptions="${descriptions:+$descriptions, }$RET" fi done fi done # Some "partitions" may in fact be at the disk level, e.g. RAID. # List these as well if they haven't already been listed. for partition_pair in $partitions; do partition_id="${partition_pair#*:}" if [ "${partition_id#*-part}" = "$partition_id" ]; then case ", $ids, " in ", $partition_id, ") ;; *) ids="${ids:+$ids, }$partition_id" describe_disk "$(readlink -f "$partition_id")" "$partition_id" RET="$(printf %s "$RET" | sed 's/,/\\,/g')" descriptions="${descriptions:+$descriptions, }$RET" ;; esac fi done db_subst "$question" RAW_CHOICES "$ids" db_subst "$question" CHOICES "$descriptions" db_input "$priority" "$question" || true db_go db_get "$question" failed_devices= echo "grub-ieee1275: Running grub-install ..." for i in $RET; do real_device="$(readlink -f "${i%,}")" if [ ! -e "$real_device" ]; then echo "$real_device does not exist, so cannot grub-install to it!" >&2 failed_devices="$failed_devices $real_device" else if grub-install --target=i386-pc --force --no-floppy $real_device ; then echo " grub-install success for $real_device" # We just installed GRUB 2; then also generate grub.cfg. touch /boot/grub/grub.cfg else echo " grub-install failure for $real_device" failed_devices="$failed_devices $real_device" fi fi done if [ "$question" != grub-pc/install_devices ] && [ "$RET" ]; then # XXX cjwatson 2019-02-26: The description of # grub-pc/install_devices_disks_changed ought to explain that # selecting no devices will leave the configuration unchanged # so that you'll be prompted again next time, but it's a bit # close to the Debian 10 release to be introducing new # translatable text. For now, it should be sufficient to # avoid losing configuration data. db_set grub-pc/install_devices "$RET" db_fset grub-pc/install_devices seen true fi if [ "$failed_devices" ]; then db_subst grub-pc/install_devices_failed FAILED_DEVICES "$failed_devices" db_fset grub-pc/install_devices_failed seen false if db_input critical grub-pc/install_devices_failed; then db_go db_get grub-pc/install_devices_failed if [ "$RET" = true ]; then break else db_fset "$question" seen false db_fset grub-pc/install_devices_failed seen false continue fi else echo "You must correct your GRUB install devices before proceeding:" >&2 echo >&2 echo " DEBIAN_FRONTEND=dialog dpkg --configure grub-pc" >&2 echo " dpkg --configure -a" >&2 exit 1 # noninteractive fi fi db_get "$question" if [ -z "$RET" ]; then # Reset the seen flag if the current answer is false, since # otherwise we'll loop with no indication of why. db_get grub-pc/install_devices_empty if [ "$RET" = false ]; then db_fset grub-pc/install_devices_empty seen false fi if db_input critical grub-pc/install_devices_empty; then db_go db_get grub-pc/install_devices_empty if [ "$RET" = true ]; then break else db_fset "$question" seen false db_fset grub-pc/install_devices_empty seen false fi else db_get grub-pc/install_devices_empty if [ "$RET" = true ]; then break else echo "You must correct your GRUB install devices before proceeding:" >&2 echo >&2 echo " DEBIAN_FRONTEND=dialog dpkg --configure grub-pc" >&2 echo " dpkg --configure -a" >&2 exit 1 # noninteractive fi fi else break fi done fi # /boot/grub/ has more chances of being accessible by GRUB for i in /usr/share/grub/unicode.pf2 ; do if test -e $i ; then cp $i /boot/grub/ fi done ;; grub-efi-ia32|grub-efi-amd64|grub-efi-arm|grub-efi-arm64|grub-efi-riscv64|grub-efi-loong64) bootloader_id="$(config_item GRUB_DISTRIBUTOR | tr A-Z a-z | \ cut -d' ' -f1)" case $bootloader_id in kubuntu) bootloader_id=ubuntu ;; devuan) bootloader_id=debian ;; esac case grub-ieee1275 in grub-efi-ia32) target=i386-efi ;; grub-efi-amd64) target=x86_64-efi ;; grub-efi-arm) target=arm-efi ;; grub-efi-arm64) target=arm64-efi ;; grub-efi-riscv64) target=riscv64-efi ;; grub-efi-loong64) target=loongarch64-efi ;; esac if [ "$bootloader_id" ] && [ -e "/boot/grub/$target/core.efi" ]; then db_get grub2/force_efi_extra_removable if [ "$RET" = true ]; then FORCE_EXTRA_REMOVABLE="--force-extra-removable" fi NO_NVRAM="$(no_nvram_arg)" run_grub_install --target="$target" "$FORCE_EXTRA_REMOVABLE" "$NO_NVRAM" fi # /boot/grub/ has more chances of being accessible by GRUB for i in /usr/share/grub/unicode.pf2 ; do if test -e $i ; then cp $i /boot/grub/ fi done if type update-secureboot-policy >/dev/null 2>&1; then update-secureboot-policy || true fi ;; grub-ieee1275) case $(dpkg --print-architecture) in powerpc|ppc64|ppc64el) # Output may be empty; if so, just update the core image but # don't install it to any PReP partition. prep_bootdev="$(/usr/lib/grub/powerpc-ieee1275/prep-bootdev)" NO_NVRAM="$(no_nvram_arg)" run_grub_install --target=powerpc-ieee1275 $prep_bootdev "$NO_NVRAM" ;; esac ;; grub-xen) # Install for x86_64 regardless of arch, since a 32-bit userspace can still boot with a 64-bit kernel. mkdir -p /boot/xen run_grub_install --target=x86_64-xen case $(dpkg --print-architecture) in i386) run_grub_install --target=i386-xen ;; esac # Similarly, the PVH boot loader is usable regardless of arch. run_grub_install --target=i386-xen_pvh ;; esac # If grub.cfg has been generated, update it. if test -e /boot/grub/grub.cfg && ! running_in_container; then update-grub 3>&- fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. exit 0