Age | Commit message (Collapse) | Author |
|
Look for the files in `*_validate_options` and error out early if they do
not exist.
|
|
file descriptors only for reading
Nothing should ever be written to these files, so let's make sure it cannot happen.
|
|
The `bootstrap` build mode never calls `_export_gpg_publickey`, so even if
the GPG key is passed with the `-g` option and thus the `gpg_key` variable
is set, the `${work_dir}/pubkey.gpg` file will not exist.
This has not caused any issue so far because the `ARCHISO_GNUPG_FD` file
descriptor opens the file for both reading and writing, which means the
file gets created if it does not exist.
Assign the exported public key file name to a `gpg_publickey` variable in
`_export_gpg_publickey` and check for it when the file is used.
Since the exist status of the gpg command cannot be checked, look for the
exported public key file instead.
|
|
The warning about SC2076 does not apply here.
|
|
Implements #203.
|
|
Make sure existing sig files are deleted before creating new ones and make sure to not sign any sig files.
This allows retrying failed mkarchiso runs without ending up with files such as vmlinuz.ipxe.sig.ipxe.sig.
Fixes #198
|
|
``-c`` is given.
(gitlab ci)
Added a CA structure to the codesigning certificates.
This to test the functionality of optional CA being in the signing message.
(mkarchiso)
Removed the ``sign_netboot_artifacts`` variable and instead
we'll now rely on ``if [[ -v cert_list ]]; then``.
Added ``ARCHISO_TLS_FD`` and ``ARCHISO_TLSCA_FD`` environment variables
to override the certificates used. This is so that third party CA's can
be used during building in a meaningful way without distrupting the
CA trust that is shipped by default.
_cms_sign_artifact() was added which signs the rootfs using OpenSSL CMS.
The files will be saved as "${artifact}.cms.sig". That would be for instance
"${isofs_dir}/${install_dir}/${arch}/airootfs.sfs.cms.sig".
|
|
This helps on systems with screwed or broken RTC.
|
|
--disable-shim-lock is required to support Secure Boot with custom signatures without using shim.
Otherwise GRUB will trow an error when trying to boot a kernel:
error: shim_lock protocol not found.
error: you need to load the kernel first.
The modules GRUB will use need to be preloaded otherwise the EFI binaries cannot be signed and used for Secure Boot.
See https://bugs.archlinux.org/task/71382.
GRUB will trow en error:
error: verification requested but nobody cares
These changes are done to support Secure Boot using custom keys (not shim) by simply extracting the boot loader
(BOOTx64.EFI and BOOTIA32.EFI), kernel, UEFI shell, signing them and then repacking the ISO.
For example.
Extract the files:
$ osirrox -indev archlinux-YYYY.MM.DD-x86_64.iso \
-extract_boot_images ./ \
-extract /EFI/BOOT/BOOTx64.EFI BOOTx64.EFI \
-extract /EFI/BOOT/BOOTIA32.EFI BOOTIA32.EFI \
-extract /shellx64.efi shellx64.efi \
-extract /shellia32.efi shellia32.efi \
-extract /arch/boot/x86_64/vmlinuz-linux vmlinuz-linux
Make the files writable:
$ chmod +w BOOTx64.EFI BOOTIA32.EFI shellx64.efi shellia32.efi vmlinuz-linux
Sign the files:
$ sbsign --key db.key --cert db.crt --output BOOTx64.EFI BOOTx64.EFI
$ sbsign --key db.key --cert db.crt --output BOOTIA32.EFI BOOTIA32.EFI
$ sbsign --key db.key --cert db.crt --output shellx64.efi shellx64.efi
$ sbsign --key db.key --cert db.crt --output shellia32.efi shellia32.efi
$ sbsign --key db.key --cert db.crt --output vmlinuz-linux vmlinuz-linux
Copy the boot loader and UEFI shell to the EFI system partition image:
$ mcopy -D oO -i eltorito_img2_uefi.img BOOTx64.EFI BOOTIA32.EFI ::/EFI/BOOT/
$ mcopy -D oO -i eltorito_img2_uefi.img shellx64.efi shellia32.efi ::/
Repack the ISO using the modified El Torito UEFI boot image and add the signed boot loader files, UEFI shell and
kernel to ISO9660:
$ xorriso -indev archlinux-YYYY.MM.DD-x86_64.iso \
-outdev archlinux-YYYY.MM.DD-x86_64-Secure_Boot.iso \
-boot_image any replay \
-append_partition 2 0xef eltorito_img2_uefi.img \
-map BOOTx64.EFI /EFI/BOOT/BOOTx64.EFI \
-map BOOTIA32.EFI /EFI/BOOT/BOOTIA32.EFI \
-map shellx64.efi /shellx64.efi \
-map shellia32.efi /shellia32.efi \
-map vmlinuz-linux /arch/boot/x86_64/vmlinuz-linux
Boot the resulting archlinux-YYYY.MM.DD-x86_64-Secure_Boot.iso.
|
|
Do not limit file copying to only grub.cfg and instead copy all GRUB configuration files and assets to both the ISO9660 and FAT image.
This will allow for including custom images, fonts, etc.
To easily match all non-configuration files (i.e. files without the .cfg extension), bash's extended glob feature will be enabled.
Actions common to multiple _make_bootmode_uefi-*.grub are split off into dedicated functions:
* _make_common_bootmode_grub_copy_to_efibootimg,
* _make_common_bootmode_grub_copy_to_isofs,
* _make_common_bootmode_grub_cfg.
Use the same du command in all efiboot_imgsize variable assignments.
Fixes #185.
|
|
LC_ALL=C.UTF-8, unlike LC_ALL=C, does not override LANGUAGE.
See https://sourceware.org/bugzilla/show_bug.cgi?id=16621 and https://savannah.gnu.org/bugs/?62815
|
|
Update authors
Update CHANGELOG
|
|
Fixes #183
|
|
Even though archiso created ISOs do not support Secure Boot, having SBAT would allow users to more easily repack the files in the ISO to add a signed shim.
Fixes #174
|
|
* Fix typos and wording,
* Remove impossible TODO.
|
|
|
|
The glibc 2.35-6 package ships with the C.UTF-8 locale included, so mkarchiso does not need to use a non-UTF-8 locale anymore.
Implements #175.
|
|
|
|
|
|
valication_error variable is not changed when mmd and/or mcopy are missing.
|
|
are specified
Fixes #151.
|
|
erofs-utils 1.4 introduced a --quiet option.
Related to #148.
|
|
mksquashfs supports a -quiet option since squashfs-tools 4.4.
Use this option in non-verbose mode instead of redirecting stdout of the whole command to /dev/null.
This allows to have only one instance of mksquashfs in _run_mksquashfs instead of multiple ones in if-then-else.
Related to #148.
|
|
Only the total size is relevant.
Related to #148.
|
|
The output is irrelevant, we only need the return code.
Related to #148.
|
|
The `xorriso -as mkisofs` option `-quiet` is interpreted too late. Use native xorriso option `-report_about SORRY` instead and ensure it is the first option.
Related to #148.
|
|
mkfs.fat does not have a -q/--quiet option, so redirect its stdout to /dev/null instead.
See https://github.com/dosfstools/dosfstools/issues/103 .
Related to #148.
|
|
artifacts
netboot does not need any of the boot loaders or their files.
Fixes #150.
|
|
printf is a bash builtin, so by using it an external command can be avoided.
Due to the differences between date(1) and strftime(3), the time zone output will not contain a colon anymore. Fortunately, that is still a supported format according to https://en.wikipedia.org/wiki/ISO_8601#Time_offsets_from_UTC .
|
|
specified
|
|
_validate_requirements_buildmode_*
The bootstrap build mode does not use packages.${arch}, ${bootmodes[@]} or $airootfs_image_type so there's no need to validate them.
Requirements common to iso and netboot are checked with the _validate_common_requirements_buildmode_iso_netboot function.
Fixes #149.
* Rename _validate_requirements_buildmode_all to _validate_common_requirements_buildmode_all to prevent potential conflicts since we are using _validate_requirements_buildmode_${_buildmode} to run the functions.
* Improve searching in an array. See https://stackoverflow.com/a/15394738.
|
|
$pkg_list_from_file and $bootstrap_pkg_list_from_file are arrays, they must be referenced as such. Fixes https://bugs.archlinux.org/task/71852.
Remove quotes from arithmetic expressions.
|
|
Add new -G option to set gpg's --sender. This allows to see who signed the rootfs image without needing to import the gpg key from the keyring in initramfs.
|
|
* Add --batch, since gpg is run in a script.
* Add --no-armor (this is the default). Armored output provides no benifit here.
* Add --no-include-key-block (this is the default). There is no need to have the gpg key in the signature. The mkinitcpio hook will verify the signature against the included keyring.
Remove the output files before running gpg. Otherwise gpg --batch will fail if they exist.
|
|
Fixes #147.
|
|
This could prevent a few issues when creating an image file when re-running mkarchiso after a failure.
Remove useless test before running rm -f. The command will always succeed.
|
|
mounting the file system
mkfs.ext4 with its -d option can "copy the contents of the given directory into the root directory of the filesystem".
This allows to get rid of the last directly used mount and umount commands in mkarchiso.
Additionally try to make the ext4 image somewhat reproducible by setting E2FSPROGS_FAKE_TIME to SOURCE_DATE_EPOCH, clearing the UUID and using a reproducible hash seed.
See https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=e1f7100643a46456be107b33098f6034b0835e6d .
Place mkfs.ext4 options in an array to avoid duplicating the command.
Related to #40.
|
|
archiso/initcpio/*:
Remove mkinitcpio-archiso scripts as they have been split out into a separate project.
docs/README.{altbootmethods,bootparams}:
Remove mkinitcpio-archiso specific documentation.
|
|
archiso/mkarchiso:
Do not run `_build_iso_base` with `_run_once`, as it sets variables which are important to functions that are called
after it.
|
|
* Merge _make_efi_dir_on_iso9660 into _make_bootmode_uefi-x64.systemd-boot.eltorito since it's specific to that boot mode.
* Split off FAT image creation into _make_efibootimg, so it can be reused by other functions.
* Add/improve comments to better document what the script does.
|
|
LC_ALL overrides LANG and all LC_* variables, so use it instead.
See https://www.gnu.org/software/gettext/manual/html_node/Locale-Environment-Variables.html#Locale-Environment-Variables .
|
|
Alternative to 3d6651abf74ee4eb91212bd9a7d3478c95126cfb which caused issues.
Fixes https://bugs.archlinux.org/task/70580 .
|
|
This reverts commit 3d6651abf74ee4eb91212bd9a7d3478c95126cfb.
A missing $PATH breaks scripts that do not hardcode binary paths.
Fixes https://bugs.archlinux.org/task/71416 .
|
|
archiso/mkarchiso:
Generalize the handling of ucode files (e.g. copying, signing, size calculation) by introducing the global readonly
array of expected ucode names instead of hardcoding them in various functions.
When making use of ucode files in `_make_boot_on_iso9660()`, `_make_bootmode_uef-x86.systemd-boot.esp()` and
`_sign_netboot_artifacts()` create a list of files that is guaranteed to contain existing files.
Fixes #132
|
|
|
|
Use the new, prettier short URLs.
|
|
Fixes #138
|
|
Environment variables can interfere with the commands in chroot.
This causes issues when the environment variables specify a path that does not exist inside the chroot, e.g. if TMPDIR is set to a custom value.
Fixes https://bugs.archlinux.org/task/70580 .
|
|
|
|
|