rwx.work/lsgm
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

env,init,tasks

Browse source
This commit is contained in:
Marc Beninca 2023-11-11 16:36:57 +01:00
parent c92a114205
commit d216a45b73
5 changed files with 80 additions and 93 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

46
build.sh
View file

@ -28,12 +28,18 @@ function sign {
local file local file
local files local files
readarray -t files <<< "$(find "${1}" -type f | sort)" readarray -t files <<< "$(find "${1}" -type f | sort)"
echo
echo "${1}"
for file in "${files[@]}" ; do for file in "${files[@]}" ; do
sign "${file}" sign "${file}" "${1}"
done done
fi fi
if [ -f "${1}" ] ; then if [ -f "${1}" ] ; then
if [ "${2}" ] ; then
echo "$(realpath --relative-to "${2}" "${1}")"
else
echo "${1}" echo "${1}"
fi
gpg \ gpg \
--quiet \ --quiet \
--default-key "${PGP_PUB}!" \ --default-key "${PGP_PUB}!" \
@ -67,9 +73,12 @@ BIOS_DIRECTORY="${ROOT}/bios"
BIOS_FILE="${BIOS_DIRECTORY}/core.img" BIOS_FILE="${BIOS_DIRECTORY}/core.img"
BIOS_SETUP="${BIOS_DIRECTORY}/setup.sh" BIOS_SETUP="${BIOS_DIRECTORY}/setup.sh"
COMPRESSION='xz' COMPRESSION='xz'
GRUB_ROOT="${ROOT}/boot/grub" BOOT_ROOT="${ROOT}/boot"
GRUB_ROOT="${BOOT_ROOT}/grub"
GRUB_CFG="${GRUB_ROOT}/grub.cfg" GRUB_CFG="${GRUB_ROOT}/grub.cfg"
GRUBENV="${GRUB_ROOT}/grubenv"
GRUB_ENV="${ROOT}/grub.env" GRUB_ENV="${ROOT}/grub.env"
GRUB_HEAD='# GRUB Environment Block'
GRUB_PUB="${GRUB_ROOT}/grub.pgp" GRUB_PUB="${GRUB_ROOT}/grub.pgp"
# wipe ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # wipe ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
@ -147,7 +156,6 @@ fi
mkdir "${BIOS_DIRECTORY}" mkdir "${BIOS_DIRECTORY}"
cp '/usr/lib/grub/i386-pc/boot.img' "${BIOS_DIRECTORY}" cp '/usr/lib/grub/i386-pc/boot.img' "${BIOS_DIRECTORY}"
sign "${BIOS_DIRECTORY}/boot.img"
grub-mkimage \ grub-mkimage \
--compress "${COMPRESSION}" \ --compress "${COMPRESSION}" \
@ -156,7 +164,6 @@ grub-mkimage \
--output "${BIOS_FILE}" \ --output "${BIOS_FILE}" \
--pubkey "${MEMDISK_PUB}" \ --pubkey "${MEMDISK_PUB}" \
"${MODULES[@]}" "${MODULES_BIOS[@]}" "${MODULES[@]}" "${MODULES_BIOS[@]}"
sign "${BIOS_FILE}"
echo -n '#! /usr/bin/env bash echo -n '#! /usr/bin/env bash
FILE="$(realpath "${BASH_SOURCE[0]}")" FILE="$(realpath "${BASH_SOURCE[0]}")"
@ -166,7 +173,6 @@ DIRECTORY="$(dirname "${FILE}")"
--directory "${DIRECTORY}" \ --directory "${DIRECTORY}" \
"${1}" "${1}"
' >> "${BIOS_SETUP}" ' >> "${BIOS_SETUP}"
sign "${BIOS_SETUP}"
# grub ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # grub ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
@ -179,16 +185,25 @@ cp "${DIRECTORY}/grub.cfg.sh" "${GRUB_CFG}"
# grub / env ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # grub / env ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
grubenv="# GRUB Environment Block function write_env {
local file="${1}"
local kv="${2}"
local text="${GRUB_HEAD}
${kv}"
while [ ${#text} -lt 1024 ] ; do
text="${text}#"
done
echo -n "${text}" > "${file}"
}
write_env "${GRUBENV}" "\
live_name=${PROJECT} live_name=${PROJECT}
data_uuid=${DATA} data_uuid=${DATA}
" "
grublen=${#grubenv}
while [ $grublen -lt 1024 ] ; do write_env "${GRUB_ENV}" "\
grubenv="${grubenv}#" grub_sleep=999
grublen=${#grubenv} "
done
echo -n "${grubenv}" > "${GRUB_ENV}"
# grub / fonts ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # grub / fonts ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
@ -238,15 +253,18 @@ cd "${DIRECTORY}"
# sign ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # sign ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
sign "${BIOS_DIRECTORY}"
sign "${UEFI_DIRECTORY}"
sign "${ROOT}/${PROJECT}/live" sign "${ROOT}/${PROJECT}/live"
sign "${GRUB_ROOT}" sign "${GRUB_ROOT}"
sign "${UEFI_DIRECTORY}"
# display ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅ # display ⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅⋅
echo
du --human-readable --summarize \ du --human-readable --summarize \
"${UEFI_ROOT}" \
"${BIOS_DIRECTORY}" \ "${BIOS_DIRECTORY}" \
"${UEFI_ROOT}" \
"${BOOT_ROOT}" \
"${ROOT}" "${ROOT}"
echo echo
echo "ESP: ${ESP}" echo "ESP: ${ESP}"

39
grub.cfg.sh
View file

@ -15,6 +15,24 @@ function grub_fix {
trust --skip-sig "${prefix}/grub.pgp" trust --skip-sig "${prefix}/grub.pgp"
} }
function grub_init {
load_env \
'live_name' 'data_uuid'
#
regexp --set esp '^\((.*)\)' "${prefix}"
#
env="(${esp})/grub.env"
load_env \
--skip-sig \
--file "${env}" \
'grub_sleep'
#
live="(${esp})/${live_name}/live"
#
search --no-floppy --set data \
--fs-uuid "${data_uuid}"
}
function grub_list_const { function grub_list_const {
echo -n "\ echo -n "\
cpu-platform | ${grub_cpu}-${grub_platform} cpu-platform | ${grub_cpu}-${grub_platform}
@ -65,7 +83,7 @@ function grub_main {
grub_split grub_split
# #
grub_fix grub_fix
set_init grub_init
for file in ${live}/source/*.sh ; do for file in ${live}/source/*.sh ; do
source "${file}" source "${file}"
done done
@ -81,7 +99,10 @@ function grub_main {
function grub_pause { function grub_pause {
echo -n "\ echo -n "\
escape | " escape | "
sleep --interruptible --verbose 1000 sleep \
--interruptible \
--verbose \
"${grub_sleep}"
} }
function grub_split { function grub_split {
@ -90,18 +111,4 @@ function grub_split {
" "
} }
function set_init {
regexp --set esp '^\((.*)\)' "${prefix}"
#
env="(${esp})/grub.env"
#
load_env --skip-sig --file "${env}" \
'live_name' 'data_uuid'
#
live="(${esp})/${live_name}/live"
#
search --no-floppy --set data \
--fs-uuid "${data_uuid}"
}
grub_main grub_main

2
live/source/env.sh
View file

@ -22,7 +22,7 @@ function env_apply {
} }
function env_init { function env_init {
set_init grub_init
env_set env_set
env_mod env_mod
env_apply env_apply

39
readme.md
View file

@ -58,22 +58,29 @@ Build an ESP File System including:
## Tasks ## Tasks
* live-media
* -mount-opts
* build * build
* layouts * echo section lists & modules
* grub.env * keyboard layouts
* variablize * mimic grubx64.efi.signed
* pgp * efi
* secure boot * bios
* /efi/boot * args/esp & lsgm/cp
* bootx64.efi ← /usr/lib/shim/shimx64.efi.signed * grub.cfg
* grubx64.efi ← /usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed * check squashfs
* root * option
* /.disk/info * progress
* /.disk/mini-info * end grubenv with \n
* grub.cfg * pgp
* prefix → /boot/grub * variablize
* cmdpath → /efi/boot * directory
* build with keys
* trust keys
* add tails
![Graph](todo.svg) ![Graph](todo.svg)
### Later
* arm
* live-media
* -mount-opts

45
rescue.sh
View file

@ -1,45 +0,0 @@
function set_init {
#
unset esp
search --no-floppy \
--set esp --fs-uuid '{}'
#
unset data
search --no-floppy \
--set data --fs-uuid '{}'
if [ ! "${data}" ] ; then
data="${esp}"
fi
#
if [ "${esp}" ] ; then
# TODO {}
env="(${esp})/grub.env"
# TODO {}
live="(${esp})/lsgm/live"
#
# TODO {}
for file in ${live}/source/*.sh ; do
source "${file}"
done
unset file
fi
}
function normal_init {
# TODO {}
check_signatures='no'
# TODO {}
pager=0
#
set_init
if [ "${esp}" ] ; then
# TODO {}
prefix="(${esp})/grub"
root="${esp}"
#
# TODO {}
normal "${live}/normal.sh"
fi
}
normal_init