diff options
| author | John Ogness <john.ogness@linutronix.de> | 2018-05-07 11:23:05 +0200 |
|---|---|---|
| committer | John Ogness <john.ogness@linutronix.de> | 2018-05-07 11:23:05 +0200 |
| commit | 27ffe6e29d41d7f8b39a0490709a4d912fc2f7ff (patch) | |
| tree | 7709789f8bd5ce404101f697a31fafff33fd359d /lx-trainer-vm/make_lxtrainer_secureboot.sh | |
| parent | 33ee15be492c327b40d5da4fcf3adf0e19c75ada (diff) | |
secureboot: allow device or image specification
Rather than assuming the image file lx-trainer.img in the current
working directory, require an argument that specifies this. Also,
allow this argument to be a block device to perform the secure
boot preparation on devices already prepared with the image.
Signed-off-by: John Ogness <john.ogness@linutronix.de>
Diffstat (limited to 'lx-trainer-vm/make_lxtrainer_secureboot.sh')
| -rwxr-xr-x | lx-trainer-vm/make_lxtrainer_secureboot.sh | 62 |
1 files changed, 41 insertions, 21 deletions
diff --git a/lx-trainer-vm/make_lxtrainer_secureboot.sh b/lx-trainer-vm/make_lxtrainer_secureboot.sh index 1b77bc9..685f928 100755 --- a/lx-trainer-vm/make_lxtrainer_secureboot.sh +++ b/lx-trainer-vm/make_lxtrainer_secureboot.sh @@ -3,8 +3,8 @@ set -e MAIN="http://de.archive.ubuntu.com/ubuntu/pool/main" -if [ ! -f "lx-trainer.img" ]; then - echo "error: lx-trainer.img missing" +if [ $# -ne 1 ]; then + echo "error: $0 <image|device>" exit 1 fi @@ -13,10 +13,19 @@ if [ `id -u` -ne 0 ]; then exit 1 fi +if [ -f "$1" ]; then + IMG="$1" +elif [ -b "$1" ]; then + IMG="" +else + echo "error: $1 invalid" + exit 1 +fi + # prepare temp space TMPD="/tmp/tmp-lxtrainer-uefi" rm -rf $TMPD -mkdir -p $TMPD +mkdir -p $TMPD/mnt # download signed uefi packages from ubuntu wget --continue $MAIN/g/grub2/grub-common_2.02~beta3-4ubuntu7_amd64.deb -O $TMPD/1.deb @@ -28,33 +37,44 @@ dpkg -x $TMPD/1.deb $TMPD/1 dpkg -x $TMPD/2.deb $TMPD/2 dpkg -x $TMPD/3.deb $TMPD/3 -# setup loop device for image -DEV=`sudo losetup --show -P -f lx-trainer.img` +if [ -n "$IMG" ]; then + # setup loop device for image + DEV=`sudo losetup --show -P -f lx-trainer.img` + DEVP="${DEV}p" +else + # block device + DEV="$1" + DEVP="$DEV" +fi # extract grub.cfg from image -sudo mount ${DEV}p3 /mnt -cp /mnt/boot/grub/grub.cfg $TMPD/ -sudo umount /mnt +sudo mount ${DEVP}3 $TMPD/mnt +cp $TMPD/mnt/boot/grub/grub.cfg $TMPD/ +sudo umount $TMPD/mnt # setup uefi partition -sudo mount ${DEV}p2 /mnt -if [ -d "/mnt/EFI/BOOT" ]; then - sudo mkdir -p /mnt/EFI/ubuntu - sudo mkdir -p /mnt/EFI/ubuntu/fonts - if [ -f "/mnt/EFI/BOOT/BOOTX64.EFI" ]; then - sudo mv /mnt/EFI/BOOT/BOOTX64.EFI /mnt/EFI/BOOT/BOOTX64.EFI.debian +sudo mount ${DEVP}2 $TMPD/mnt +if [ -d "$TMPD/mnt/EFI/BOOT" ]; then + sudo mkdir -p $TMPD/mnt/EFI/ubuntu + sudo mkdir -p $TMPD/mnt/EFI/ubuntu/fonts + if [ -f "$TMPD/mnt/EFI/BOOT/BOOTX64.EFI" -a ! -f "$TMPD/mnt/EFI/BOOT/BOOTX64.EFI.debian" ]; then + sudo mv $TMPD/mnt/EFI/BOOT/BOOTX64.EFI $TMPD/mnt/EFI/BOOT/BOOTX64.EFI.debian fi - sudo cp $TMPD/1/usr/share/grub/unicode.pf2 /mnt/EFI/ubuntu/fonts/ - sudo cp $TMPD/2/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed /mnt/EFI/BOOT/grubx64.efi - sudo cp $TMPD/3/usr/lib/shim/shimx64.efi.signed /mnt/EFI/BOOT/BOOTX64.EFI - sudo cp $TMPD/grub.cfg /mnt/EFI/ubuntu/ + sudo cp $TMPD/1/usr/share/grub/unicode.pf2 $TMPD/mnt/EFI/ubuntu/fonts/ + sudo cp $TMPD/2/usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed $TMPD/mnt/EFI/BOOT/grubx64.efi + sudo cp $TMPD/3/usr/lib/shim/shimx64.efi.signed $TMPD/mnt/EFI/BOOT/BOOTX64.EFI + sudo cp $TMPD/grub.cfg $TMPD/mnt/EFI/ubuntu/ else echo "error: no UEFI found on lx-trainer.img" fi -sudo umount /mnt +sudo umount $TMPD/mnt -# cleanup loop device -sudo losetup -d $DEV +if [ -n "$IMG" ]; then + # cleanup loop device + sudo losetup -d $DEV +fi # cleanup temp space rm -rf $TMPD + +echo "done. no errors." |