2017-11-18 17:09:20 +01:00
|
|
|
/* SPDX-License-Identifier: LGPL-2.1+ */
|
2013-02-08 17:24:43 +01:00
|
|
|
/***
|
|
|
|
|
This file is part of systemd.
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
Copyright 2013-2015 Kay Sievers
|
|
|
|
|
Copyright 2013 Lennart Poettering
|
2013-02-08 17:24:43 +01:00
|
|
|
|
|
|
|
|
systemd is free software; you can redistribute it and/or modify it
|
|
|
|
|
under the terms of the GNU Lesser General Public License as published by
|
|
|
|
|
the Free Software Foundation; either version 2.1 of the License, or
|
|
|
|
|
(at your option) any later version.
|
|
|
|
|
|
|
|
|
|
systemd is distributed in the hope that it will be useful, but
|
|
|
|
|
WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
|
|
|
Lesser General Public License for more details.
|
|
|
|
|
|
|
|
|
|
You should have received a copy of the GNU Lesser General Public License
|
|
|
|
|
along with systemd; If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
***/
|
|
|
|
|
|
2017-04-06 15:12:17 +02:00
|
|
|
#include <blkid.h>
|
2015-02-08 17:18:30 +01:00
|
|
|
#include <ctype.h>
|
2015-09-23 03:01:06 +02:00
|
|
|
#include <dirent.h>
|
|
|
|
|
#include <errno.h>
|
2015-02-08 17:18:30 +01:00
|
|
|
#include <ftw.h>
|
2015-09-23 03:01:06 +02:00
|
|
|
#include <getopt.h>
|
|
|
|
|
#include <limits.h>
|
2016-07-19 20:45:10 +02:00
|
|
|
#include <linux/magic.h>
|
2015-02-08 17:18:30 +01:00
|
|
|
#include <stdbool.h>
|
2015-09-23 03:01:06 +02:00
|
|
|
#include <stdio.h>
|
|
|
|
|
#include <stdlib.h>
|
|
|
|
|
#include <string.h>
|
|
|
|
|
#include <sys/mman.h>
|
|
|
|
|
#include <sys/stat.h>
|
|
|
|
|
#include <sys/statfs.h>
|
|
|
|
|
#include <unistd.h>
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2018-01-11 00:39:12 +01:00
|
|
|
#include "sd-id128.h"
|
|
|
|
|
|
2015-10-27 03:01:06 +01:00
|
|
|
#include "alloc-util.h"
|
2015-09-23 03:01:06 +02:00
|
|
|
#include "blkid-util.h"
|
2017-10-17 18:23:16 +02:00
|
|
|
#include "bootspec.h"
|
2017-02-21 17:13:36 +01:00
|
|
|
#include "copy.h"
|
2016-01-31 09:41:43 +01:00
|
|
|
#include "dirent-util.h"
|
2015-02-08 17:18:30 +01:00
|
|
|
#include "efivars.h"
|
2015-10-25 13:14:12 +01:00
|
|
|
#include "fd-util.h"
|
2015-10-26 18:05:03 +01:00
|
|
|
#include "fileio.h"
|
2017-02-21 17:13:36 +01:00
|
|
|
#include "fs-util.h"
|
2015-10-26 23:01:30 +01:00
|
|
|
#include "locale-util.h"
|
2016-07-19 20:19:20 +02:00
|
|
|
#include "parse-util.h"
|
2015-04-04 11:52:57 +02:00
|
|
|
#include "rm-rf.h"
|
2017-02-21 17:13:36 +01:00
|
|
|
#include "stat-util.h"
|
2015-10-24 22:58:24 +02:00
|
|
|
#include "string-util.h"
|
2016-07-19 20:19:20 +02:00
|
|
|
#include "strv.h"
|
2017-10-17 18:23:16 +02:00
|
|
|
#include "terminal-util.h"
|
2016-07-19 20:19:20 +02:00
|
|
|
#include "umask-util.h"
|
2015-09-23 03:01:06 +02:00
|
|
|
#include "util.h"
|
2016-07-19 20:19:20 +02:00
|
|
|
#include "verbs.h"
|
|
|
|
|
#include "virt.h"
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static char *arg_path = NULL;
|
2017-11-17 13:55:05 +01:00
|
|
|
static bool arg_print_path = false;
|
2016-07-19 18:39:54 +02:00
|
|
|
static bool arg_touch_variables = true;
|
|
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
static int acquire_esp(
|
|
|
|
|
bool unprivileged_mode,
|
|
|
|
|
uint32_t *ret_part,
|
|
|
|
|
uint64_t *ret_pstart,
|
|
|
|
|
uint64_t *ret_psize,
|
|
|
|
|
sd_id128_t *ret_uuid) {
|
|
|
|
|
|
|
|
|
|
char *np;
|
2016-07-19 20:19:20 +02:00
|
|
|
int r;
|
|
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
/* Find the ESP, and log about errors. Note that find_esp_and_warn() will log in all error cases on its own,
|
|
|
|
|
* except for ENOKEY (which is good, we want to show our own message in that case, suggesting use of --path=)
|
|
|
|
|
* and EACCESS (only when we request unprivileged mode; in this case we simply eat up the error here, so that
|
|
|
|
|
* --list and --status work too, without noise about this). */
|
|
|
|
|
|
|
|
|
|
r = find_esp_and_warn(arg_path, unprivileged_mode, &np, ret_part, ret_pstart, ret_psize, ret_uuid);
|
|
|
|
|
if (r == -ENOKEY)
|
2017-10-20 18:31:34 +02:00
|
|
|
return log_error_errno(r,
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
"Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.\n"
|
2017-10-20 18:31:34 +02:00
|
|
|
"Alternatively, use --path= to specify path to mount point.");
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
free_and_replace(arg_path, np);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-11-17 13:55:05 +01:00
|
|
|
log_debug("Using EFI System Partition at %s.", arg_path);
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-17 20:12:50 +01:00
|
|
|
/* search for "#### LoaderInfo: systemd-boot 218 ####" string inside the binary */
|
2015-03-18 03:29:31 +01:00
|
|
|
static int get_file_version(int fd, char **v) {
|
2015-02-08 17:18:30 +01:00
|
|
|
struct stat st;
|
|
|
|
|
char *buf;
|
|
|
|
|
const char *s, *e;
|
|
|
|
|
char *x = NULL;
|
|
|
|
|
int r = 0;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
assert(fd >= 0);
|
2015-02-08 17:18:30 +01:00
|
|
|
assert(v);
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (fstat(fd, &st) < 0)
|
2016-07-19 20:46:17 +02:00
|
|
|
return log_error_errno(errno, "Failed to stat EFI binary: %m");
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2016-07-19 20:46:17 +02:00
|
|
|
if (st.st_size < 27) {
|
|
|
|
|
*v = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
2016-07-19 20:46:17 +02:00
|
|
|
}
|
2013-11-06 18:28:39 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
buf = mmap(NULL, st.st_size, PROT_READ, MAP_PRIVATE, fd, 0);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (buf == MAP_FAILED)
|
2016-07-19 20:46:17 +02:00
|
|
|
return log_error_errno(errno, "Failed to memory map EFI binary: %m");
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
s = memmem(buf, st.st_size - 8, "#### LoaderInfo: ", 17);
|
|
|
|
|
if (!s)
|
|
|
|
|
goto finish;
|
|
|
|
|
s += 17;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
e = memmem(s, st.st_size - (s - buf), " ####", 5);
|
|
|
|
|
if (!e || e - s < 3) {
|
2015-03-18 03:29:31 +01:00
|
|
|
log_error("Malformed version string.");
|
2015-02-08 17:18:30 +01:00
|
|
|
r = -EINVAL;
|
|
|
|
|
goto finish;
|
|
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
x = strndup(s, e - s);
|
|
|
|
|
if (!x) {
|
2015-03-18 03:29:31 +01:00
|
|
|
r = log_oom();
|
2015-02-08 17:18:30 +01:00
|
|
|
goto finish;
|
|
|
|
|
}
|
|
|
|
|
r = 1;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
finish:
|
2016-07-19 20:46:17 +02:00
|
|
|
(void) munmap(buf, st.st_size);
|
2015-02-08 17:18:30 +01:00
|
|
|
*v = x;
|
|
|
|
|
return r;
|
|
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int enumerate_binaries(const char *esp_path, const char *path, const char *prefix) {
|
2015-03-18 03:29:31 +01:00
|
|
|
char *p;
|
|
|
|
|
_cleanup_closedir_ DIR *d = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
struct dirent *de;
|
|
|
|
|
int r = 0, c = 0;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(esp_path, "/", path);
|
2015-02-08 17:18:30 +01:00
|
|
|
d = opendir(p);
|
|
|
|
|
if (!d) {
|
2015-03-18 03:29:31 +01:00
|
|
|
if (errno == ENOENT)
|
|
|
|
|
return 0;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return log_error_errno(errno, "Failed to read \"%s\": %m", p);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2016-01-31 09:41:43 +01:00
|
|
|
FOREACH_DIRENT(de, d, break) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_close_ int fd = -1;
|
|
|
|
|
_cleanup_free_ char *v = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (!endswith_no_case(de->d_name, ".efi"))
|
2015-02-08 17:18:30 +01:00
|
|
|
continue;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (prefix && !startswith_no_case(de->d_name, prefix))
|
2015-02-08 17:18:30 +01:00
|
|
|
continue;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
|
|
|
|
|
if (fd < 0)
|
|
|
|
|
return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
r = get_file_version(fd, &v);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r > 0)
|
2016-05-07 23:30:18 +02:00
|
|
|
printf(" File: %s/%s/%s (%s)\n", special_glyph(TREE_RIGHT), path, de->d_name, v);
|
2015-02-08 17:18:30 +01:00
|
|
|
else
|
2016-05-07 23:30:18 +02:00
|
|
|
printf(" File: %s/%s/%s\n", special_glyph(TREE_RIGHT), path, de->d_name);
|
2015-02-08 17:18:30 +01:00
|
|
|
c++;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return c;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int status_binaries(const char *esp_path, sd_id128_t partition) {
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
printf("Boot Loader Binaries:\n");
|
|
|
|
|
|
2017-07-11 17:30:29 +02:00
|
|
|
if (!esp_path) {
|
|
|
|
|
printf(" ESP: Cannot find or access mount point of ESP.\n\n");
|
|
|
|
|
return -ENOENT;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
printf(" ESP: %s", esp_path);
|
|
|
|
|
if (!sd_id128_is_null(partition))
|
|
|
|
|
printf(" (/dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x)", SD_ID128_FORMAT_VAL(partition));
|
|
|
|
|
printf("\n");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
r = enumerate_binaries(esp_path, "EFI/systemd", NULL);
|
|
|
|
|
if (r == 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
log_error("systemd-boot not installed in ESP.");
|
2015-02-08 17:18:30 +01:00
|
|
|
else if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8"
(which is for example the default in Debian), the file system becomes case
sensitive. This means that a file created as "FooBarBaz" cannot be accessed as
"foobarbaz" since those are then considered different files.
Moreover, a file created as "FooBar" can then also not be accessed as "foobar",
and it also prevents such a file from being created, as both would use the same
8.3 short name "FOOBAR".
Even though the UEFI specification [0] does give the canonical spelling for
the files mentioned above, not all implementations completely conform to that,
so it's possible that those files would already exist, but with a different
spelling, causing subtle bugs when scanning or modifying the ESP.
While the proper fix would of course be that everybody conformed to the
standard, we can work around this problem by just referencing the files by
their 8.3 short names, i.e. using upper case.
Fixes: #3740
[0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-21 02:29:54 +02:00
|
|
|
r = enumerate_binaries(esp_path, "EFI/BOOT", "boot");
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r == 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
log_error("No default/fallback boot loader installed in ESP.");
|
2015-02-08 17:18:30 +01:00
|
|
|
else if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
2015-07-25 03:26:32 +02:00
|
|
|
printf("\n");
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int print_efi_option(uint16_t id, bool in_order) {
|
2015-02-24 23:57:47 +01:00
|
|
|
_cleanup_free_ char *title = NULL;
|
|
|
|
|
_cleanup_free_ char *path = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
sd_id128_t partition;
|
|
|
|
|
bool active;
|
|
|
|
|
int r = 0;
|
|
|
|
|
|
|
|
|
|
r = efi_get_boot_option(id, &title, &partition, &path, &active);
|
|
|
|
|
if (r < 0)
|
2015-02-24 23:57:47 +01:00
|
|
|
return r;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
/* print only configured entries with partition information */
|
2016-07-21 16:06:31 +02:00
|
|
|
if (!path || sd_id128_is_null(partition))
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
efi_tilt_backslashes(path);
|
|
|
|
|
|
|
|
|
|
printf(" Title: %s\n", strna(title));
|
|
|
|
|
printf(" ID: 0x%04X\n", id);
|
|
|
|
|
printf(" Status: %sactive%s\n", active ? "" : "in", in_order ? ", boot-order" : "");
|
|
|
|
|
printf(" Partition: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n", SD_ID128_FORMAT_VAL(partition));
|
2016-05-07 23:30:18 +02:00
|
|
|
printf(" File: %s%s\n", special_glyph(TREE_RIGHT), path);
|
2015-02-08 17:18:30 +01:00
|
|
|
printf("\n");
|
|
|
|
|
|
2015-02-24 23:57:47 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int status_variables(void) {
|
|
|
|
|
int n_options, n_order;
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_free_ uint16_t *options = NULL, *order = NULL;
|
|
|
|
|
int i;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
n_options = efi_get_boot_options(&options);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (n_options == -ENOENT)
|
2016-07-19 20:47:09 +02:00
|
|
|
return log_error_errno(n_options,
|
|
|
|
|
"Failed to access EFI variables, efivarfs"
|
2015-03-18 03:29:31 +01:00
|
|
|
" needs to be available at /sys/firmware/efi/efivars/.");
|
2016-07-19 20:47:09 +02:00
|
|
|
if (n_options < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return log_error_errno(n_options, "Failed to read EFI boot entries: %m");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
n_order = efi_get_boot_order(&order);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (n_order == -ENOENT)
|
2015-02-08 17:18:30 +01:00
|
|
|
n_order = 0;
|
2015-03-18 03:29:31 +01:00
|
|
|
else if (n_order < 0)
|
|
|
|
|
return log_error_errno(n_order, "Failed to read EFI boot order.");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* print entries in BootOrder first */
|
2015-03-18 03:29:31 +01:00
|
|
|
printf("Boot Loader Entries in EFI Variables:\n");
|
2015-02-08 17:18:30 +01:00
|
|
|
for (i = 0; i < n_order; i++)
|
|
|
|
|
print_efi_option(order[i], true);
|
|
|
|
|
|
|
|
|
|
/* print remaining entries */
|
|
|
|
|
for (i = 0; i < n_options; i++) {
|
|
|
|
|
int j;
|
|
|
|
|
|
|
|
|
|
for (j = 0; j < n_order; j++)
|
2015-03-18 03:29:31 +01:00
|
|
|
if (options[i] == order[j])
|
2016-08-30 16:50:19 +02:00
|
|
|
goto next_option;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
print_efi_option(options[i], false);
|
2016-08-30 16:50:19 +02:00
|
|
|
|
|
|
|
|
next_option:
|
|
|
|
|
continue;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2017-10-17 18:23:16 +02:00
|
|
|
static int status_entries(const char *esp_path, sd_id128_t partition) {
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
_cleanup_(boot_config_free) BootConfig config = {};
|
|
|
|
|
|
|
|
|
|
printf("Default Boot Entry:\n");
|
|
|
|
|
|
|
|
|
|
r = boot_entries_load_config(esp_path, &config);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r, "Failed to load bootspec config from \"%s/loader\": %m",
|
|
|
|
|
esp_path);
|
|
|
|
|
|
|
|
|
|
if (config.default_entry < 0)
|
|
|
|
|
printf("%zu entries, no entry suitable as default", config.n_entries);
|
|
|
|
|
else {
|
|
|
|
|
const BootEntry *e = &config.entries[config.default_entry];
|
|
|
|
|
|
2017-10-20 17:58:13 +02:00
|
|
|
printf(" title: %s\n", boot_entry_title(e));
|
2017-10-17 18:23:16 +02:00
|
|
|
if (e->version)
|
|
|
|
|
printf(" version: %s\n", e->version);
|
|
|
|
|
if (e->kernel)
|
|
|
|
|
printf(" linux: %s\n", e->kernel);
|
|
|
|
|
if (!strv_isempty(e->initrd)) {
|
|
|
|
|
_cleanup_free_ char *t;
|
|
|
|
|
|
|
|
|
|
t = strv_join(e->initrd, " ");
|
|
|
|
|
if (!t)
|
|
|
|
|
return log_oom();
|
|
|
|
|
|
|
|
|
|
printf(" initrd: %s\n", t);
|
|
|
|
|
}
|
|
|
|
|
if (!strv_isempty(e->options)) {
|
|
|
|
|
_cleanup_free_ char *t;
|
|
|
|
|
|
|
|
|
|
t = strv_join(e->options, " ");
|
|
|
|
|
if (!t)
|
|
|
|
|
return log_oom();
|
|
|
|
|
|
|
|
|
|
printf(" options: %s\n", t);
|
|
|
|
|
}
|
|
|
|
|
if (e->device_tree)
|
|
|
|
|
printf(" devicetree: %s\n", e->device_tree);
|
|
|
|
|
puts("");
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int compare_product(const char *a, const char *b) {
|
|
|
|
|
size_t x, y;
|
|
|
|
|
|
|
|
|
|
assert(a);
|
|
|
|
|
assert(b);
|
|
|
|
|
|
|
|
|
|
x = strcspn(a, " ");
|
|
|
|
|
y = strcspn(b, " ");
|
|
|
|
|
if (x != y)
|
|
|
|
|
return x < y ? -1 : x > y ? 1 : 0;
|
|
|
|
|
|
|
|
|
|
return strncmp(a, b, x);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int compare_version(const char *a, const char *b) {
|
|
|
|
|
assert(a);
|
|
|
|
|
assert(b);
|
|
|
|
|
|
|
|
|
|
a += strcspn(a, " ");
|
|
|
|
|
a += strspn(a, " ");
|
|
|
|
|
b += strcspn(b, " ");
|
|
|
|
|
b += strspn(b, " ");
|
|
|
|
|
|
|
|
|
|
return strverscmp(a, b);
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
static int version_check(int fd_from, const char *from, int fd_to, const char *to) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_free_ char *a = NULL, *b = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
int r;
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
assert(fd_from >= 0);
|
2015-02-08 17:18:30 +01:00
|
|
|
assert(from);
|
2017-02-21 17:13:36 +01:00
|
|
|
assert(fd_to >= 0);
|
2015-02-08 17:18:30 +01:00
|
|
|
assert(to);
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
r = get_file_version(fd_from, &a);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r == 0) {
|
2015-03-18 03:29:31 +01:00
|
|
|
log_error("Source file \"%s\" does not carry version information!", from);
|
|
|
|
|
return -EINVAL;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
r = get_file_version(fd_to, &b);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r == 0 || compare_product(a, b) != 0) {
|
2015-03-18 03:29:31 +01:00
|
|
|
log_notice("Skipping \"%s\", since it's owned by another boot loader.", to);
|
|
|
|
|
return -EEXIST;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (compare_version(a, b) < 0) {
|
2015-03-18 03:29:31 +01:00
|
|
|
log_warning("Skipping \"%s\", since a newer boot loader version exists already.", to);
|
|
|
|
|
return -ESTALE;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
static int copy_file_with_version_check(const char *from, const char *to, bool force) {
|
|
|
|
|
_cleanup_close_ int fd_from = -1, fd_to = -1;
|
|
|
|
|
_cleanup_free_ char *t = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
int r;
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
fd_from = open(from, O_RDONLY|O_CLOEXEC|O_NOCTTY);
|
|
|
|
|
if (fd_from < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return log_error_errno(errno, "Failed to open \"%s\" for reading: %m", from);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
if (!force) {
|
2017-02-21 17:13:36 +01:00
|
|
|
fd_to = open(to, O_RDONLY|O_CLOEXEC|O_NOCTTY);
|
|
|
|
|
if (fd_to < 0) {
|
|
|
|
|
if (errno != -ENOENT)
|
|
|
|
|
return log_error_errno(errno, "Failed to open \"%s\" for reading: %m", to);
|
|
|
|
|
} else {
|
|
|
|
|
r = version_check(fd_from, from, fd_to, to);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
if (lseek(fd_from, 0, SEEK_SET) == (off_t) -1)
|
|
|
|
|
return log_error_errno(errno, "Failed to seek in \%s\": %m", from);
|
|
|
|
|
|
|
|
|
|
fd_to = safe_close(fd_to);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
2017-02-21 17:13:36 +01:00
|
|
|
}
|
2015-03-18 03:29:31 +01:00
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
r = tempfn_random(to, NULL, &t);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_oom();
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
RUN_WITH_UMASK(0000) {
|
|
|
|
|
fd_to = open(t, O_WRONLY|O_CREAT|O_CLOEXEC|O_EXCL|O_NOFOLLOW, 0644);
|
|
|
|
|
if (fd_to < 0)
|
|
|
|
|
return log_error_errno(errno, "Failed to open \"%s\" for writing: %m", t);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
r = copy_bytes(fd_from, fd_to, (uint64_t) -1, COPY_REFLINK);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0) {
|
2017-08-17 18:09:44 +02:00
|
|
|
(void) unlink(t);
|
|
|
|
|
return log_error_errno(r, "Failed to copy data from \"%s\" to \"%s\": %m", from, t);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
(void) copy_times(fd_from, fd_to);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-08-17 18:09:44 +02:00
|
|
|
r = fsync(fd_to);
|
|
|
|
|
if (r < 0) {
|
|
|
|
|
(void) unlink_noerrno(t);
|
|
|
|
|
return log_error_errno(errno, "Failed to copy data from \"%s\" to \"%s\": %m", from, t);
|
|
|
|
|
}
|
|
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
r = renameat(AT_FDCWD, t, AT_FDCWD, to);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0) {
|
2017-02-21 17:13:36 +01:00
|
|
|
(void) unlink_noerrno(t);
|
|
|
|
|
return log_error_errno(errno, "Failed to rename \"%s\" to \"%s\": %m", t, to);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
log_info("Copied \"%s\" to \"%s\".", from, to);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int mkdir_one(const char *prefix, const char *suffix) {
|
|
|
|
|
char *p;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(prefix, "/", suffix);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (mkdir(p, 0700) < 0) {
|
2015-03-18 03:29:31 +01:00
|
|
|
if (errno != EEXIST)
|
|
|
|
|
return log_error_errno(errno, "Failed to create \"%s\": %m", p);
|
2015-02-08 17:18:30 +01:00
|
|
|
} else
|
2015-03-18 03:29:31 +01:00
|
|
|
log_info("Created \"%s\".", p);
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
static const char *efi_subdirs[] = {
|
|
|
|
|
"EFI",
|
|
|
|
|
"EFI/systemd",
|
bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8"
(which is for example the default in Debian), the file system becomes case
sensitive. This means that a file created as "FooBarBaz" cannot be accessed as
"foobarbaz" since those are then considered different files.
Moreover, a file created as "FooBar" can then also not be accessed as "foobar",
and it also prevents such a file from being created, as both would use the same
8.3 short name "FOOBAR".
Even though the UEFI specification [0] does give the canonical spelling for
the files mentioned above, not all implementations completely conform to that,
so it's possible that those files would already exist, but with a different
spelling, causing subtle bugs when scanning or modifying the ESP.
While the proper fix would of course be that everybody conformed to the
standard, we can work around this problem by just referencing the files by
their 8.3 short names, i.e. using upper case.
Fixes: #3740
[0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-21 02:29:54 +02:00
|
|
|
"EFI/BOOT",
|
2015-03-18 03:29:31 +01:00
|
|
|
"loader",
|
2016-10-19 13:50:47 +02:00
|
|
|
"loader/entries",
|
|
|
|
|
NULL
|
2015-03-18 03:29:31 +01:00
|
|
|
};
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int create_dirs(const char *esp_path) {
|
2016-07-19 20:26:24 +02:00
|
|
|
const char **i;
|
2015-02-08 17:18:30 +01:00
|
|
|
int r;
|
|
|
|
|
|
2016-07-19 20:26:24 +02:00
|
|
|
STRV_FOREACH(i, efi_subdirs) {
|
|
|
|
|
r = mkdir_one(esp_path, *i);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int copy_one_file(const char *esp_path, const char *name, bool force) {
|
2015-03-18 03:29:31 +01:00
|
|
|
char *p, *q;
|
2015-02-08 17:18:30 +01:00
|
|
|
int r;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(BOOTLIBDIR "/", name);
|
|
|
|
|
q = strjoina(esp_path, "/EFI/systemd/", name);
|
2017-02-21 17:13:36 +01:00
|
|
|
r = copy_file_with_version_check(p, q, force);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-02-17 20:12:50 +01:00
|
|
|
if (startswith(name, "systemd-boot")) {
|
2015-02-08 17:18:30 +01:00
|
|
|
int k;
|
2015-03-18 03:29:31 +01:00
|
|
|
char *v;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* Create the EFI default boot loader name (specified for removable devices) */
|
2017-12-14 19:02:29 +01:00
|
|
|
v = strjoina(esp_path, "/EFI/BOOT/BOOT",
|
|
|
|
|
name + STRLEN("systemd-boot"));
|
2016-07-19 20:43:54 +02:00
|
|
|
ascii_strupper(strrchr(v, '/') + 1);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-02-21 17:13:36 +01:00
|
|
|
k = copy_file_with_version_check(p, v, force);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (k < 0 && r == 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
r = k;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return r;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int install_binaries(const char *esp_path, bool force) {
|
|
|
|
|
struct dirent *de;
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_closedir_ DIR *d = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
int r = 0;
|
|
|
|
|
|
|
|
|
|
if (force) {
|
|
|
|
|
/* Don't create any of these directories when we are
|
|
|
|
|
* just updating. When we update we'll drop-in our
|
|
|
|
|
* files (unless there are newer ones already), but we
|
|
|
|
|
* won't create the directories for them in the first
|
|
|
|
|
* place. */
|
|
|
|
|
r = create_dirs(esp_path);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
2015-02-17 20:12:50 +01:00
|
|
|
d = opendir(BOOTLIBDIR);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (!d)
|
|
|
|
|
return log_error_errno(errno, "Failed to open \""BOOTLIBDIR"\": %m");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-01-31 09:41:43 +01:00
|
|
|
FOREACH_DIRENT(de, d, break) {
|
2015-02-08 17:18:30 +01:00
|
|
|
int k;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (!endswith_no_case(de->d_name, ".efi"))
|
2015-02-08 17:18:30 +01:00
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
k = copy_one_file(esp_path, de->d_name, force);
|
|
|
|
|
if (k < 0 && r == 0)
|
|
|
|
|
r = k;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return r;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static bool same_entry(uint16_t id, const sd_id128_t uuid, const char *path) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_free_ char *opath = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
sd_id128_t ouuid;
|
2015-03-18 03:29:31 +01:00
|
|
|
int r;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
r = efi_get_boot_option(id, NULL, &ouuid, &opath, NULL);
|
|
|
|
|
if (r < 0)
|
2015-02-08 17:18:30 +01:00
|
|
|
return false;
|
|
|
|
|
if (!sd_id128_equal(uuid, ouuid))
|
2015-03-18 03:29:31 +01:00
|
|
|
return false;
|
2015-02-08 17:18:30 +01:00
|
|
|
if (!streq_ptr(path, opath))
|
2015-03-18 03:29:31 +01:00
|
|
|
return false;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return true;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int find_slot(sd_id128_t uuid, const char *path, uint16_t *id) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_free_ uint16_t *options = NULL;
|
|
|
|
|
int n, i;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
n = efi_get_boot_options(&options);
|
|
|
|
|
if (n < 0)
|
|
|
|
|
return n;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-02-17 20:12:50 +01:00
|
|
|
/* find already existing systemd-boot entry */
|
2015-03-18 03:29:31 +01:00
|
|
|
for (i = 0; i < n; i++)
|
2015-02-08 17:18:30 +01:00
|
|
|
if (same_entry(options[i], uuid, path)) {
|
2015-03-18 03:29:31 +01:00
|
|
|
*id = options[i];
|
|
|
|
|
return 1;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* find free slot in the sorted BootXXXX variable list */
|
2015-03-18 03:29:31 +01:00
|
|
|
for (i = 0; i < n; i++)
|
2015-02-08 17:18:30 +01:00
|
|
|
if (i != options[i]) {
|
2015-03-18 03:29:31 +01:00
|
|
|
*id = i;
|
|
|
|
|
return 1;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* use the next one */
|
|
|
|
|
if (i == 0xffff)
|
|
|
|
|
return -ENOSPC;
|
2015-03-18 03:29:31 +01:00
|
|
|
*id = i;
|
|
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int insert_into_order(uint16_t slot, bool first) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_free_ uint16_t *order = NULL;
|
|
|
|
|
uint16_t *t;
|
|
|
|
|
int n, i;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
n = efi_get_boot_order(&order);
|
|
|
|
|
if (n <= 0)
|
2015-02-08 17:18:30 +01:00
|
|
|
/* no entry, add us */
|
2015-03-18 03:29:31 +01:00
|
|
|
return efi_set_boot_order(&slot, 1);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* are we the first and only one? */
|
2015-03-18 03:29:31 +01:00
|
|
|
if (n == 1 && order[0] == slot)
|
|
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* are we already in the boot order? */
|
2015-03-18 03:29:31 +01:00
|
|
|
for (i = 0; i < n; i++) {
|
2015-02-08 17:18:30 +01:00
|
|
|
if (order[i] != slot)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
/* we do not require to be the first one, all is fine */
|
|
|
|
|
if (!first)
|
2015-03-18 03:29:31 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* move us to the first slot */
|
2015-03-18 03:29:31 +01:00
|
|
|
memmove(order + 1, order, i * sizeof(uint16_t));
|
2015-02-08 17:18:30 +01:00
|
|
|
order[0] = slot;
|
2015-03-18 03:29:31 +01:00
|
|
|
return efi_set_boot_order(order, n);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* extend array */
|
2015-03-18 03:29:31 +01:00
|
|
|
t = realloc(order, (n + 1) * sizeof(uint16_t));
|
|
|
|
|
if (!t)
|
|
|
|
|
return -ENOMEM;
|
|
|
|
|
order = t;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
/* add us to the top or end of the list */
|
|
|
|
|
if (first) {
|
2015-03-18 03:29:31 +01:00
|
|
|
memmove(order + 1, order, n * sizeof(uint16_t));
|
2015-02-08 17:18:30 +01:00
|
|
|
order[0] = slot;
|
|
|
|
|
} else
|
2015-03-18 03:29:31 +01:00
|
|
|
order[n] = slot;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return efi_set_boot_order(order, n + 1);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int remove_from_order(uint16_t slot) {
|
2015-02-24 23:57:47 +01:00
|
|
|
_cleanup_free_ uint16_t *order = NULL;
|
2015-03-18 03:29:31 +01:00
|
|
|
int n, i;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
n = efi_get_boot_order(&order);
|
|
|
|
|
if (n <= 0)
|
|
|
|
|
return n;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
for (i = 0; i < n; i++) {
|
2015-02-08 17:18:30 +01:00
|
|
|
if (order[i] != slot)
|
|
|
|
|
continue;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (i + 1 < n)
|
|
|
|
|
memmove(order + i, order + i+1, (n - i) * sizeof(uint16_t));
|
|
|
|
|
return efi_set_boot_order(order, n - 1);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int install_variables(const char *esp_path,
|
|
|
|
|
uint32_t part, uint64_t pstart, uint64_t psize,
|
|
|
|
|
sd_id128_t uuid, const char *path,
|
|
|
|
|
bool first) {
|
2015-03-18 03:29:31 +01:00
|
|
|
char *p;
|
2015-02-08 17:18:30 +01:00
|
|
|
uint16_t slot;
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
if (!is_efi_boot()) {
|
2015-03-18 03:29:31 +01:00
|
|
|
log_warning("Not booted with EFI, skipping EFI variable setup.");
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(esp_path, path);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (access(p, F_OK) < 0) {
|
|
|
|
|
if (errno == ENOENT)
|
2015-03-18 03:29:31 +01:00
|
|
|
return 0;
|
2016-07-19 20:47:09 +02:00
|
|
|
|
|
|
|
|
return log_error_errno(errno, "Cannot access \"%s\": %m", p);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
r = find_slot(uuid, path, &slot);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r,
|
|
|
|
|
r == -ENOENT ?
|
|
|
|
|
"Failed to access EFI variables. Is the \"efivarfs\" filesystem mounted?" :
|
|
|
|
|
"Failed to determine current boot order: %m");
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2016-07-19 20:26:24 +02:00
|
|
|
if (first || r == 0) {
|
2015-02-08 17:18:30 +01:00
|
|
|
r = efi_add_boot_option(slot, "Linux Boot Manager",
|
|
|
|
|
part, pstart, psize,
|
|
|
|
|
uuid, path);
|
2015-03-18 03:29:31 +01:00
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r, "Failed to create EFI Boot variable entry: %m");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
log_info("Created EFI boot entry \"Linux Boot Manager\".");
|
|
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return insert_into_order(slot, first);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int remove_boot_efi(const char *esp_path) {
|
2015-03-18 03:29:31 +01:00
|
|
|
char *p;
|
|
|
|
|
_cleanup_closedir_ DIR *d = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
struct dirent *de;
|
2015-03-18 03:29:31 +01:00
|
|
|
int r, c = 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8"
(which is for example the default in Debian), the file system becomes case
sensitive. This means that a file created as "FooBarBaz" cannot be accessed as
"foobarbaz" since those are then considered different files.
Moreover, a file created as "FooBar" can then also not be accessed as "foobar",
and it also prevents such a file from being created, as both would use the same
8.3 short name "FOOBAR".
Even though the UEFI specification [0] does give the canonical spelling for
the files mentioned above, not all implementations completely conform to that,
so it's possible that those files would already exist, but with a different
spelling, causing subtle bugs when scanning or modifying the ESP.
While the proper fix would of course be that everybody conformed to the
standard, we can work around this problem by just referencing the files by
their 8.3 short names, i.e. using upper case.
Fixes: #3740
[0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-21 02:29:54 +02:00
|
|
|
p = strjoina(esp_path, "/EFI/BOOT");
|
2015-02-08 17:18:30 +01:00
|
|
|
d = opendir(p);
|
|
|
|
|
if (!d) {
|
2015-03-18 03:29:31 +01:00
|
|
|
if (errno == ENOENT)
|
|
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return log_error_errno(errno, "Failed to open directory \"%s\": %m", p);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2016-01-31 09:41:43 +01:00
|
|
|
FOREACH_DIRENT(de, d, break) {
|
2015-03-18 03:29:31 +01:00
|
|
|
_cleanup_close_ int fd = -1;
|
|
|
|
|
_cleanup_free_ char *v = NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
if (!endswith_no_case(de->d_name, ".efi"))
|
2015-02-08 17:18:30 +01:00
|
|
|
continue;
|
|
|
|
|
|
2016-07-21 02:20:12 +02:00
|
|
|
if (!startswith_no_case(de->d_name, "boot"))
|
2015-02-08 17:18:30 +01:00
|
|
|
continue;
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
|
2015-05-23 13:02:56 +02:00
|
|
|
if (fd < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return log_error_errno(errno, "Failed to open \"%s/%s\" for reading: %m", p, de->d_name);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
r = get_file_version(fd, &v);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
|
|
|
|
if (r > 0 && startswith(v, "systemd-boot ")) {
|
|
|
|
|
r = unlinkat(dirfd(d), de->d_name, 0);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(errno, "Failed to remove \"%s/%s\": %m", p, de->d_name);
|
|
|
|
|
|
2015-08-06 13:59:38 +02:00
|
|
|
log_info("Removed \"%s/%s\".", p, de->d_name);
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
c++;
|
|
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return c;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int rmdir_one(const char *prefix, const char *suffix) {
|
|
|
|
|
char *p;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(prefix, "/", suffix);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (rmdir(p) < 0) {
|
2015-03-18 03:29:31 +01:00
|
|
|
if (!IN_SET(errno, ENOENT, ENOTEMPTY))
|
|
|
|
|
return log_error_errno(errno, "Failed to remove \"%s\": %m", p);
|
2013-02-08 17:24:43 +01:00
|
|
|
} else
|
2015-03-18 03:29:31 +01:00
|
|
|
log_info("Removed \"%s\".", p);
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
return 0;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static int remove_binaries(const char *esp_path) {
|
|
|
|
|
char *p;
|
|
|
|
|
int r, q;
|
2015-03-18 03:29:31 +01:00
|
|
|
unsigned i;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
p = strjoina(esp_path, "/EFI/systemd");
|
2015-04-04 11:52:57 +02:00
|
|
|
r = rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
q = remove_boot_efi(esp_path);
|
|
|
|
|
if (q < 0 && r == 0)
|
|
|
|
|
r = q;
|
|
|
|
|
|
2016-10-19 21:15:20 +02:00
|
|
|
for (i = ELEMENTSOF(efi_subdirs)-1; i > 0; i--) {
|
2015-03-18 03:29:31 +01:00
|
|
|
q = rmdir_one(esp_path, efi_subdirs[i-1]);
|
|
|
|
|
if (q < 0 && r == 0)
|
|
|
|
|
r = q;
|
|
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
|
|
|
|
return r;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int remove_variables(sd_id128_t uuid, const char *path, bool in_order) {
|
|
|
|
|
uint16_t slot;
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
if (!is_efi_boot())
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
r = find_slot(uuid, path, &slot);
|
|
|
|
|
if (r != 1)
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
r = efi_remove_boot_option(slot);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
if (in_order)
|
2015-03-18 03:29:31 +01:00
|
|
|
return remove_from_order(slot);
|
2016-07-19 20:47:09 +02:00
|
|
|
|
|
|
|
|
return 0;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int install_loader_config(const char *esp_path) {
|
|
|
|
|
|
2016-07-19 20:48:22 +02:00
|
|
|
char machine_string[SD_ID128_STRING_MAX];
|
2017-02-21 17:44:35 +01:00
|
|
|
_cleanup_(unlink_and_freep) char *t = NULL;
|
|
|
|
|
_cleanup_fclose_ FILE *f = NULL;
|
2016-07-19 20:48:22 +02:00
|
|
|
sd_id128_t machine_id;
|
|
|
|
|
const char *p;
|
2017-02-21 17:44:35 +01:00
|
|
|
int r, fd;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:48:22 +02:00
|
|
|
r = sd_id128_get_machine(&machine_id);
|
|
|
|
|
if (r < 0)
|
2017-08-17 18:09:44 +02:00
|
|
|
return log_error_errno(r, "Failed to get machine id: %m");
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:48:22 +02:00
|
|
|
p = strjoina(esp_path, "/loader/loader.conf");
|
2017-02-21 17:44:35 +01:00
|
|
|
|
|
|
|
|
if (access(p, F_OK) >= 0) /* Silently skip creation if the file already exists (early check) */
|
|
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
fd = open_tmpfile_linkable(p, O_WRONLY|O_CLOEXEC, &t);
|
|
|
|
|
if (fd < 0)
|
|
|
|
|
return log_error_errno(fd, "Failed to open \"%s\" for writing: %m", p);
|
|
|
|
|
|
|
|
|
|
f = fdopen(fd, "we");
|
|
|
|
|
if (!f) {
|
|
|
|
|
safe_close(fd);
|
|
|
|
|
return log_oom();
|
|
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:48:22 +02:00
|
|
|
fprintf(f, "#timeout 3\n");
|
|
|
|
|
fprintf(f, "default %s-*\n", sd_id128_to_string(machine_id, machine_string));
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-08-17 18:09:44 +02:00
|
|
|
r = fflush_sync_and_check(f);
|
2016-07-19 20:48:22 +02:00
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r, "Failed to write \"%s\": %m", p);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-02-21 17:44:35 +01:00
|
|
|
r = link_tmpfile(fd, t, p);
|
|
|
|
|
if (r == -EEXIST)
|
|
|
|
|
return 0; /* Silently skip creation if the file exists now (recheck) */
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r, "Failed to move \"%s\" into place: %m", p);
|
|
|
|
|
|
|
|
|
|
t = mfree(t);
|
|
|
|
|
|
|
|
|
|
return 1;
|
2015-02-08 17:18:30 +01:00
|
|
|
}
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static int help(int argc, char *argv[], void *userdata) {
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
printf("%s [COMMAND] [OPTIONS...]\n"
|
|
|
|
|
"\n"
|
2015-07-05 00:03:50 +02:00
|
|
|
"Install, update or remove the systemd-boot EFI boot manager.\n\n"
|
2015-02-08 17:18:30 +01:00
|
|
|
" -h --help Show this help\n"
|
|
|
|
|
" --version Print version\n"
|
|
|
|
|
" --path=PATH Path to the EFI System Partition (ESP)\n"
|
2017-11-17 13:55:05 +01:00
|
|
|
" -p --print-path Print path to the EFI partition\n"
|
2015-02-08 17:18:30 +01:00
|
|
|
" --no-variables Don't touch EFI variables\n"
|
|
|
|
|
"\n"
|
2015-05-22 23:40:19 +02:00
|
|
|
"Commands:\n"
|
2015-02-17 20:12:50 +01:00
|
|
|
" status Show status of installed systemd-boot and EFI variables\n"
|
2017-10-17 18:23:16 +02:00
|
|
|
" list List boot entries\n"
|
2015-02-17 20:12:50 +01:00
|
|
|
" install Install systemd-boot to the ESP and EFI variables\n"
|
|
|
|
|
" update Update systemd-boot in the ESP and EFI variables\n"
|
|
|
|
|
" remove Remove systemd-boot from the ESP and EFI variables\n",
|
2015-02-08 17:18:30 +01:00
|
|
|
program_invocation_short_name);
|
|
|
|
|
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
static int parse_argv(int argc, char *argv[]) {
|
|
|
|
|
enum {
|
|
|
|
|
ARG_PATH = 0x100,
|
|
|
|
|
ARG_VERSION,
|
|
|
|
|
ARG_NO_VARIABLES,
|
2013-02-08 17:24:43 +01:00
|
|
|
};
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
static const struct option options[] = {
|
|
|
|
|
{ "help", no_argument, NULL, 'h' },
|
|
|
|
|
{ "version", no_argument, NULL, ARG_VERSION },
|
|
|
|
|
{ "path", required_argument, NULL, ARG_PATH },
|
2017-11-17 13:55:05 +01:00
|
|
|
{ "print-path", no_argument, NULL, 'p' },
|
2015-02-08 17:18:30 +01:00
|
|
|
{ "no-variables", no_argument, NULL, ARG_NO_VARIABLES },
|
|
|
|
|
{ NULL, 0, NULL, 0 }
|
|
|
|
|
};
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
int c, r;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
|
|
|
|
assert(argc >= 0);
|
|
|
|
|
assert(argv);
|
|
|
|
|
|
2017-11-17 13:55:05 +01:00
|
|
|
while ((c = getopt_long(argc, argv, "hp", options, NULL)) >= 0)
|
2015-02-08 17:18:30 +01:00
|
|
|
switch (c) {
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
case 'h':
|
2016-07-19 20:19:20 +02:00
|
|
|
help(0, NULL, NULL);
|
2013-02-08 17:24:43 +01:00
|
|
|
return 0;
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
case ARG_VERSION:
|
2015-09-23 03:01:06 +02:00
|
|
|
return version();
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
case ARG_PATH:
|
2016-07-19 20:19:20 +02:00
|
|
|
r = free_and_strdup(&arg_path, optarg);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_oom();
|
2015-02-08 17:18:30 +01:00
|
|
|
break;
|
|
|
|
|
|
2017-11-17 13:55:05 +01:00
|
|
|
case 'p':
|
|
|
|
|
arg_print_path = true;
|
|
|
|
|
break;
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
case ARG_NO_VARIABLES:
|
|
|
|
|
arg_touch_variables = false;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case '?':
|
|
|
|
|
return -EINVAL;
|
|
|
|
|
|
|
|
|
|
default:
|
2015-03-18 03:29:31 +01:00
|
|
|
assert_not_reached("Unknown option");
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-02-08 17:18:30 +01:00
|
|
|
return 1;
|
|
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2015-03-21 15:28:55 +01:00
|
|
|
static void read_loader_efi_var(const char *name, char **var) {
|
|
|
|
|
int r;
|
|
|
|
|
|
|
|
|
|
r = efi_get_variable_string(EFI_VENDOR_LOADER, name, var);
|
|
|
|
|
if (r < 0 && r != -ENOENT)
|
|
|
|
|
log_warning_errno(r, "Failed to read EFI variable %s: %m", name);
|
|
|
|
|
}
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static int verb_status(int argc, char *argv[], void *userdata) {
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
sd_id128_t uuid = SD_ID128_NULL;
|
2017-11-17 13:50:08 +01:00
|
|
|
int r, k;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
r = acquire_esp(geteuid() != 0, NULL, NULL, NULL, &uuid);
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-11-17 13:55:05 +01:00
|
|
|
if (arg_print_path) {
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
if (r == -EACCES) /* If we couldn't acquire the ESP path, log about access errors (which is the only
|
|
|
|
|
* error the find_esp_and_warn() won't log on its own) */
|
|
|
|
|
return log_error_errno(r, "Failed to determine ESP: %m");
|
2017-11-17 13:55:05 +01:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
puts(arg_path);
|
|
|
|
|
return 0;
|
|
|
|
|
}
|
2015-03-21 15:28:55 +01:00
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
r = 0; /* If we couldn't determine the path, then don't consider that a problem from here on, just show what we
|
|
|
|
|
* can show */
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
if (is_efi_boot()) {
|
2016-07-19 18:39:54 +02:00
|
|
|
_cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL;
|
|
|
|
|
sd_id128_t loader_part_uuid = SD_ID128_NULL;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
read_loader_efi_var("LoaderFirmwareType", &fw_type);
|
|
|
|
|
read_loader_efi_var("LoaderFirmwareInfo", &fw_info);
|
|
|
|
|
read_loader_efi_var("LoaderInfo", &loader);
|
|
|
|
|
read_loader_efi_var("LoaderImageIdentifier", &loader_path);
|
2015-03-21 15:28:55 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
if (loader_path)
|
|
|
|
|
efi_tilt_backslashes(loader_path);
|
|
|
|
|
|
2017-11-17 13:50:08 +01:00
|
|
|
k = efi_loader_get_device_part_uuid(&loader_part_uuid);
|
|
|
|
|
if (k < 0 && k != -ENOENT)
|
|
|
|
|
r = log_warning_errno(k, "Failed to read EFI variable LoaderDevicePartUUID: %m");
|
2016-07-19 20:19:20 +02:00
|
|
|
|
|
|
|
|
printf("System:\n");
|
|
|
|
|
printf(" Firmware: %s (%s)\n", strna(fw_type), strna(fw_info));
|
|
|
|
|
|
2017-11-17 13:50:08 +01:00
|
|
|
k = is_efi_secure_boot();
|
|
|
|
|
if (k < 0)
|
|
|
|
|
r = log_warning_errno(k, "Failed to query secure boot status: %m");
|
2016-07-19 20:19:20 +02:00
|
|
|
else
|
2017-11-17 13:50:08 +01:00
|
|
|
printf(" Secure Boot: %sd\n", enable_disable(k));
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-11-17 13:50:08 +01:00
|
|
|
k = is_efi_secure_boot_setup_mode();
|
|
|
|
|
if (k < 0)
|
|
|
|
|
r = log_warning_errno(k, "Failed to query secure boot mode: %m");
|
2016-07-19 20:19:20 +02:00
|
|
|
else
|
2017-11-17 13:50:08 +01:00
|
|
|
printf(" Setup Mode: %s\n", k ? "setup" : "user");
|
2016-07-19 20:19:20 +02:00
|
|
|
printf("\n");
|
|
|
|
|
|
2017-07-11 17:30:29 +02:00
|
|
|
printf("Current Loader:\n");
|
2016-07-19 20:19:20 +02:00
|
|
|
printf(" Product: %s\n", strna(loader));
|
2016-07-25 22:17:48 +02:00
|
|
|
if (!sd_id128_is_null(loader_part_uuid))
|
2017-07-11 17:30:29 +02:00
|
|
|
printf(" ESP: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
|
2016-07-19 20:19:20 +02:00
|
|
|
SD_ID128_FORMAT_VAL(loader_part_uuid));
|
|
|
|
|
else
|
2017-07-11 17:30:29 +02:00
|
|
|
printf(" ESP: n/a\n");
|
2016-07-19 20:19:20 +02:00
|
|
|
printf(" File: %s%s\n", special_glyph(TREE_RIGHT), strna(loader_path));
|
|
|
|
|
printf("\n");
|
|
|
|
|
} else
|
2017-07-11 17:30:29 +02:00
|
|
|
printf("System:\n Not booted with EFI\n\n");
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2017-12-11 22:15:03 +01:00
|
|
|
if (arg_path) {
|
|
|
|
|
k = status_binaries(arg_path, uuid);
|
|
|
|
|
if (k < 0)
|
|
|
|
|
r = k;
|
|
|
|
|
}
|
2016-07-19 20:19:20 +02:00
|
|
|
|
2017-07-11 17:30:29 +02:00
|
|
|
if (is_efi_boot()) {
|
2017-11-17 13:50:08 +01:00
|
|
|
k = status_variables();
|
|
|
|
|
if (k < 0)
|
|
|
|
|
r = k;
|
2017-07-11 17:30:29 +02:00
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-12-11 22:15:03 +01:00
|
|
|
if (arg_path) {
|
|
|
|
|
k = status_entries(arg_path, uuid);
|
|
|
|
|
if (k < 0)
|
|
|
|
|
r = k;
|
|
|
|
|
}
|
2017-10-17 18:23:16 +02:00
|
|
|
|
2017-11-17 13:50:08 +01:00
|
|
|
return r;
|
2016-07-19 20:19:20 +02:00
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2017-10-17 18:23:16 +02:00
|
|
|
static int verb_list(int argc, char *argv[], void *userdata) {
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
_cleanup_(boot_config_free) BootConfig config = {};
|
2017-10-17 18:23:16 +02:00
|
|
|
sd_id128_t uuid = SD_ID128_NULL;
|
|
|
|
|
unsigned n;
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
int r;
|
2017-10-17 18:23:16 +02:00
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
/* If we lack privileges we invoke find_esp_and_warn() in "unprivileged mode" here, which does two things: turn
|
|
|
|
|
* off logging about access errors and turn off potentially privileged device probing. Here we're interested in
|
|
|
|
|
* the latter but not the former, hence request the mode, and log about EACCES. */
|
2017-10-17 18:23:16 +02:00
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
r = acquire_esp(geteuid() != 0, NULL, NULL, NULL, &uuid);
|
|
|
|
|
if (r == -EACCES) /* We really need the ESP path for this call, hence also log about access errors */
|
|
|
|
|
return log_error_errno(r, "Failed to determine ESP: %m");
|
2017-10-17 18:23:16 +02:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
r = boot_entries_load_config(arg_path, &config);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return log_error_errno(r, "Failed to load bootspec config from \"%s/loader\": %m",
|
|
|
|
|
arg_path);
|
|
|
|
|
|
|
|
|
|
printf("Available boot entries:\n");
|
|
|
|
|
|
|
|
|
|
for (n = 0; n < config.n_entries; n++) {
|
|
|
|
|
const BootEntry *e = &config.entries[n];
|
|
|
|
|
|
|
|
|
|
printf(" title: %s%s%s%s%s%s\n",
|
|
|
|
|
ansi_highlight(),
|
2017-10-20 17:58:13 +02:00
|
|
|
boot_entry_title(e),
|
2017-10-17 18:23:16 +02:00
|
|
|
ansi_normal(),
|
|
|
|
|
ansi_highlight_green(),
|
2017-12-19 09:21:02 +01:00
|
|
|
n == (unsigned) config.default_entry ? " (default)" : "",
|
2017-10-17 18:23:16 +02:00
|
|
|
ansi_normal());
|
|
|
|
|
if (e->version)
|
|
|
|
|
printf(" version: %s\n", e->version);
|
|
|
|
|
if (e->machine_id)
|
|
|
|
|
printf(" machine-id: %s\n", e->machine_id);
|
|
|
|
|
if (e->architecture)
|
|
|
|
|
printf(" architecture: %s\n", e->architecture);
|
|
|
|
|
if (e->kernel)
|
|
|
|
|
printf(" linux: %s\n", e->kernel);
|
|
|
|
|
if (!strv_isempty(e->initrd)) {
|
|
|
|
|
_cleanup_free_ char *t;
|
|
|
|
|
|
|
|
|
|
t = strv_join(e->initrd, " ");
|
|
|
|
|
if (!t)
|
|
|
|
|
return log_oom();
|
|
|
|
|
|
|
|
|
|
printf(" initrd: %s\n", t);
|
|
|
|
|
}
|
|
|
|
|
if (!strv_isempty(e->options)) {
|
|
|
|
|
_cleanup_free_ char *t;
|
|
|
|
|
|
|
|
|
|
t = strv_join(e->options, " ");
|
|
|
|
|
if (!t)
|
|
|
|
|
return log_oom();
|
|
|
|
|
|
|
|
|
|
printf(" options: %s\n", t);
|
|
|
|
|
}
|
|
|
|
|
if (e->device_tree)
|
|
|
|
|
printf(" devicetree: %s\n", e->device_tree);
|
|
|
|
|
|
|
|
|
|
puts("");
|
2017-07-11 17:30:29 +02:00
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2017-10-17 18:23:16 +02:00
|
|
|
return 0;
|
2016-07-19 20:19:20 +02:00
|
|
|
}
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static int verb_install(int argc, char *argv[], void *userdata) {
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
sd_id128_t uuid = SD_ID128_NULL;
|
|
|
|
|
uint64_t pstart = 0, psize = 0;
|
|
|
|
|
uint32_t part = 0;
|
|
|
|
|
bool install;
|
|
|
|
|
int r;
|
|
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
r = acquire_esp(false, &part, &pstart, &psize, &uuid);
|
2016-07-19 20:19:20 +02:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
install = streq(argv[0], "install");
|
|
|
|
|
|
|
|
|
|
RUN_WITH_UMASK(0002) {
|
|
|
|
|
r = install_binaries(arg_path, install);
|
2015-02-08 17:18:30 +01:00
|
|
|
if (r < 0)
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
if (install) {
|
2015-03-18 03:29:31 +01:00
|
|
|
r = install_loader_config(arg_path);
|
|
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
}
|
2016-07-19 20:19:20 +02:00
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
if (arg_touch_variables)
|
|
|
|
|
r = install_variables(arg_path,
|
|
|
|
|
part, pstart, psize, uuid,
|
|
|
|
|
"/EFI/systemd/systemd-boot" EFI_MACHINE_TYPE_NAME ".efi",
|
|
|
|
|
install);
|
2013-02-08 17:24:43 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
return r;
|
|
|
|
|
}
|
2015-02-08 17:18:30 +01:00
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static int verb_remove(int argc, char *argv[], void *userdata) {
|
|
|
|
|
sd_id128_t uuid = SD_ID128_NULL;
|
|
|
|
|
int r;
|
2015-02-08 17:18:30 +01:00
|
|
|
|
efi: rework find_esp() error propagation/logging a bit
This renames find_esp() to find_esp_and_warn() and tries to normalize its
behaviour:
1. Change the error that is returned when we can't find the ESP to
ENOKEY (from ENOENT). This way the error code can only mean one
thing: that our search loop didn't find a good candidate.
2. Really log about all errors, except for ENOKEY and EACCES, and
document the letter cases.
3. Normalize parameters to the call: separate out the path parameter in
two: an input path and an output path. That way the memory management
is clear: we will access the input parameter only for reading, and
only write out the output parameter, using malloc() memory.
Before the calling convention were quire surprising for internal API
code, as the path parameter had to be malloc() memory and might and
might not have changed.
4. Rename bootctl's find_esp_warn() to acquire_esp(), and make it a
simple wrapper around find_esp_warn(), that basically just adds the
friendly logging for the ENOKEY case. This rework removes double
logging in a number of error cases, as we no longer log here in
anything but ENOKEY, and leave that entirely to find_esp_warn().
5. find_esp_and_warn() now takes a bool flag parameter
"unprivileged_mode", which disables logging in the EACCES case, and
skips privileged validation of the path. This makes the function less
magic, and doesn't hide this internal silencing automatism from the
caller anymore.
With all that in place "bootctl list" and "bootctl status" work properly
(or as good as they can) when I invoke the tools whithout privileges on
my system where /boot is not world-readable
2017-12-11 22:04:46 +01:00
|
|
|
r = acquire_esp(false, NULL, NULL, NULL, &uuid);
|
2016-07-19 20:19:20 +02:00
|
|
|
if (r < 0)
|
|
|
|
|
return r;
|
|
|
|
|
|
|
|
|
|
r = remove_binaries(arg_path);
|
|
|
|
|
|
|
|
|
|
if (arg_touch_variables) {
|
|
|
|
|
int q;
|
|
|
|
|
|
|
|
|
|
q = remove_variables(uuid, "/EFI/systemd/systemd-boot" EFI_MACHINE_TYPE_NAME ".efi", true);
|
|
|
|
|
if (q < 0 && r == 0)
|
|
|
|
|
r = q;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2015-03-18 03:29:31 +01:00
|
|
|
return r;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
static int bootctl_main(int argc, char *argv[]) {
|
|
|
|
|
|
|
|
|
|
static const Verb verbs[] = {
|
2017-12-14 21:23:02 +01:00
|
|
|
{ "help", VERB_ANY, VERB_ANY, 0, help },
|
|
|
|
|
{ "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
|
|
|
|
|
{ "list", VERB_ANY, 1, 0, verb_list },
|
|
|
|
|
{ "install", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
|
|
|
|
|
{ "update", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
|
|
|
|
|
{ "remove", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_remove },
|
2016-07-19 20:19:20 +02:00
|
|
|
{}
|
|
|
|
|
};
|
|
|
|
|
|
|
|
|
|
return dispatch_verb(argc, argv, verbs, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
2013-02-08 17:24:43 +01:00
|
|
|
int main(int argc, char *argv[]) {
|
2014-08-02 17:12:21 +02:00
|
|
|
int r;
|
2013-02-08 17:24:43 +01:00
|
|
|
|
|
|
|
|
log_parse_environment();
|
|
|
|
|
log_open();
|
|
|
|
|
|
2016-07-19 20:19:20 +02:00
|
|
|
/* If we run in a container, automatically turn of EFI file system access */
|
|
|
|
|
if (detect_container() > 0)
|
|
|
|
|
arg_touch_variables = false;
|
|
|
|
|
|
2013-02-08 17:24:43 +01:00
|
|
|
r = parse_argv(argc, argv);
|
2014-08-02 17:12:21 +02:00
|
|
|
if (r <= 0)
|
2013-02-08 17:24:43 +01:00
|
|
|
goto finish;
|
|
|
|
|
|
|
|
|
|
r = bootctl_main(argc, argv);
|
2014-08-02 17:12:21 +02:00
|
|
|
|
|
|
|
|
finish:
|
2016-07-19 20:19:20 +02:00
|
|
|
free(arg_path);
|
2014-08-02 17:12:21 +02:00
|
|
|
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
|
2013-02-08 17:24:43 +01:00
|
|
|
}
|