From d216a45b73f9fc6bc8aa52aceba2d8e276eb6c76 Mon Sep 17 00:00:00 2001
From: Marc Beninca <git@marc.beninca.link>
Date: Sat, 11 Nov 2023 16:36:57 +0100
Subject: [PATCH] env,init,tasks

---
 build.sh           | 48 +++++++++++++++++++++++++++++++---------------
 grub.cfg.sh        | 39 +++++++++++++++++++++----------------
 live/source/env.sh |  2 +-
 readme.md          | 39 +++++++++++++++++++++----------------
 rescue.sh          | 45 -------------------------------------------
 5 files changed, 80 insertions(+), 93 deletions(-)
 delete mode 100644 rescue.sh

diff --git a/build.sh b/build.sh
index ce8dc19..f7d3a9b 100644
--- a/build.sh
+++ b/build.sh
@@ -28,12 +28,18 @@ function sign {
         local file
         local files
         readarray -t files <<< "$(find "${1}" -type f | sort)"
+        echo
+        echo "${1}"
         for file in "${files[@]}" ; do
-            sign "${file}"
+            sign "${file}" "${1}"
         done
     fi
     if [ -f "${1}" ] ; then
-        echo "${1}"
+        if [ "${2}" ] ; then
+            echo "$(realpath --relative-to "${2}" "${1}")"
+        else
+            echo "${1}"
+        fi
         gpg \
         --quiet \
         --default-key "${PGP_PUB}!" \
@@ -67,9 +73,12 @@ BIOS_DIRECTORY="${ROOT}/bios"
 BIOS_FILE="${BIOS_DIRECTORY}/core.img"
 BIOS_SETUP="${BIOS_DIRECTORY}/setup.sh"
 COMPRESSION='xz'
-GRUB_ROOT="${ROOT}/boot/grub"
+BOOT_ROOT="${ROOT}/boot"
+GRUB_ROOT="${BOOT_ROOT}/grub"
 GRUB_CFG="${GRUB_ROOT}/grub.cfg"
+GRUBENV="${GRUB_ROOT}/grubenv"
 GRUB_ENV="${ROOT}/grub.env"
+GRUB_HEAD='# GRUB Environment Block'
 GRUB_PUB="${GRUB_ROOT}/grub.pgp"
 
 # wipe ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
@@ -147,7 +156,6 @@ fi
 mkdir "${BIOS_DIRECTORY}"
 
 cp '/usr/lib/grub/i386-pc/boot.img' "${BIOS_DIRECTORY}"
-sign "${BIOS_DIRECTORY}/boot.img"
 
 grub-mkimage \
 --compress "${COMPRESSION}" \
@@ -156,7 +164,6 @@ grub-mkimage \
 --output "${BIOS_FILE}" \
 --pubkey "${MEMDISK_PUB}" \
 "${MODULES[@]}" "${MODULES_BIOS[@]}"
-sign "${BIOS_FILE}"
 
 echo -n '#! /usr/bin/env bash
 FILE="$(realpath "${BASH_SOURCE[0]}")"
@@ -166,7 +173,6 @@ DIRECTORY="$(dirname "${FILE}")"
 --directory "${DIRECTORY}" \
 "${1}"
 ' >> "${BIOS_SETUP}"
-sign "${BIOS_SETUP}"
 
 # grub ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
 
@@ -179,16 +185,25 @@ cp "${DIRECTORY}/grub.cfg.sh" "${GRUB_CFG}"
 
 # grub / env ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
 
-grubenv="# GRUB Environment Block
+function write_env {
+local file="${1}"
+local kv="${2}"
+local text="${GRUB_HEAD}
+${kv}"
+    while [ ${#text} -lt 1024 ] ; do
+        text="${text}#"
+    done
+    echo -n "${text}" > "${file}"
+}
+
+write_env "${GRUBENV}" "\
 live_name=${PROJECT}
 data_uuid=${DATA}
 "
-grublen=${#grubenv}
-while [ $grublen -lt 1024 ] ; do
-    grubenv="${grubenv}#"
-    grublen=${#grubenv}
-done
-echo -n "${grubenv}" > "${GRUB_ENV}"
+
+write_env "${GRUB_ENV}" "\
+grub_sleep=999
+"
 
 # grub / fonts ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
 
@@ -238,15 +253,18 @@ cd "${DIRECTORY}"
 
 # sign ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
 
+sign "${BIOS_DIRECTORY}"
+sign "${UEFI_DIRECTORY}"
 sign "${ROOT}/${PROJECT}/live"
 sign "${GRUB_ROOT}"
-sign "${UEFI_DIRECTORY}"
 
 # display ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
 
+echo
 du --human-readable --summarize \
-"${UEFI_ROOT}" \
 "${BIOS_DIRECTORY}" \
+"${UEFI_ROOT}" \
+"${BOOT_ROOT}" \
 "${ROOT}"
 echo
 echo "ESP: ${ESP}"
diff --git a/grub.cfg.sh b/grub.cfg.sh
index 37ceaa5..5dba739 100644
--- a/grub.cfg.sh
+++ b/grub.cfg.sh
@@ -15,6 +15,24 @@ function grub_fix {
     trust --skip-sig "${prefix}/grub.pgp"
 }
 
+function grub_init {
+    load_env \
+    'live_name' 'data_uuid'
+    #
+    regexp --set esp '^\((.*)\)' "${prefix}"
+    #
+    env="(${esp})/grub.env"
+    load_env \
+    --skip-sig \
+    --file "${env}" \
+    'grub_sleep'
+    #
+    live="(${esp})/${live_name}/live"
+    #
+    search --no-floppy --set data \
+    --fs-uuid "${data_uuid}"
+}
+
 function grub_list_const {
     echo -n "\
     cpu-platform | ${grub_cpu}-${grub_platform}
@@ -65,7 +83,7 @@ function grub_main {
         grub_split
         #
         grub_fix
-        set_init
+        grub_init
         for file in ${live}/source/*.sh ; do
             source "${file}"
         done
@@ -81,7 +99,10 @@ function grub_main {
 function grub_pause {
     echo -n "\
           escape | "
-    sleep --interruptible --verbose 1000
+    sleep \
+    --interruptible \
+    --verbose \
+    "${grub_sleep}"
 }
 
 function grub_split {
@@ -90,18 +111,4 @@ function grub_split {
 "
 }
 
-function set_init {
-    regexp --set esp '^\((.*)\)' "${prefix}"
-    #
-    env="(${esp})/grub.env"
-    #
-    load_env --skip-sig --file "${env}" \
-    'live_name' 'data_uuid'
-    #
-    live="(${esp})/${live_name}/live"
-    #
-    search --no-floppy --set data \
-    --fs-uuid "${data_uuid}"
-}
-
 grub_main
diff --git a/live/source/env.sh b/live/source/env.sh
index 3c56130..5e776c4 100644
--- a/live/source/env.sh
+++ b/live/source/env.sh
@@ -22,7 +22,7 @@ function env_apply {
 }
 
 function env_init {
-    set_init
+    grub_init
     env_set
     env_mod
     env_apply
diff --git a/readme.md b/readme.md
index e723276..666d80a 100644
--- a/readme.md
+++ b/readme.md
@@ -58,22 +58,29 @@ Build an ESP File System including:
 
 ## Tasks
 
-* live-media
-  * -mount-opts
 * build
-  * layouts
-* grub.env
-* variablize
-  * pgp
-* secure boot
-  * /efi/boot
-    * bootx64.efi ← /usr/lib/shim/shimx64.efi.signed
-    * grubx64.efi ← /usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed
-  * root
-    * /.disk/info
-    * /.disk/mini-info
-  * grub.cfg
-    * prefix → /boot/grub
-    * cmdpath → /efi/boot
+  * echo section lists & modules
+  * keyboard layouts
+  * mimic grubx64.efi.signed
+    * efi
+    * bios
+  * args/esp & lsgm/cp
+* grub.cfg
+  * check squashfs
+    * option
+    * progress
+* end grubenv with \n
+* pgp
+  * variablize
+  * directory
+    * build with keys
+    * trust keys
+    * add tails
 
 ![Graph](todo.svg)
+
+### Later
+
+* arm
+* live-media
+  * -mount-opts
diff --git a/rescue.sh b/rescue.sh
deleted file mode 100644
index 58ab1ce..0000000
--- a/rescue.sh
+++ /dev/null
@@ -1,45 +0,0 @@
-function set_init {
-    #
-    unset esp
-    search --no-floppy \
-    --set esp --fs-uuid '{}'
-    #
-    unset data
-    search --no-floppy \
-    --set data --fs-uuid '{}'
-    if [ ! "${data}" ] ; then
-        data="${esp}"
-    fi
-    #
-    if [ "${esp}" ] ; then
-        # TODO {}
-        env="(${esp})/grub.env"
-        # TODO {}
-        live="(${esp})/lsgm/live"
-        #
-        # TODO {}
-        for file in ${live}/source/*.sh ; do
-            source "${file}"
-        done
-        unset file
-    fi
-}
-
-function normal_init {
-    # TODO {}
-    check_signatures='no'
-    # TODO {}
-    pager=0
-    #
-    set_init
-    if [ "${esp}" ] ; then
-        # TODO {}
-        prefix="(${esp})/grub"
-        root="${esp}"
-        #
-        # TODO {}
-        normal "${live}/normal.sh"
-    fi
-}
-
-normal_init