Compare commits

...

14 Commits
v2.1 ... main

Author SHA1 Message Date
Adrian Wannenmacher c666eb8e3f
update readme 2022-10-01 22:15:59 +02:00
Adrian Wannenmacher 4d4c2c7920
simplify program 2022-10-01 22:08:39 +02:00
Adrian Wannenmacher 38745b9d44
check depenencies only if enabled 2021-10-17 15:47:35 +02:00
Adrian Wannenmacher e4a9af9cd0
fix bug in enabling system 2021-10-17 15:42:00 +02:00
Adrian Wannenmacher bb931ff68c
fix pacman hook error 2021-10-17 15:34:27 +02:00
Adrian Wannenmacher 6924fd8cee
add a new feautre to make pacman installation possible 2021-10-17 15:19:54 +02:00
Adrian Wannenmacher 9514f84340
prepare for pacman package 2021-10-17 15:01:26 +02:00
Adrian Wannenmacher 107721ef8f
Allow separate kernel cmd for current system
This commit adds the requirement for a new kernel command line file at
`/etc/snap-pac-uki/kernel-cmd-current`. When generating current ukis, this file
will be used for the non-fallback variant instead of the generic `kernel-cmd`.

The reason for this change is hibernating. When saving the system state to RAM,
users might not want snapshot varints to resume from there. Previosly, this
would not have been a possible configuration.
2021-10-17 02:17:46 +02:00
Adrian Wannenmacher 944e65bdae
fix: 🐛 make secureboot detection work 2021-06-19 16:24:45 +02:00
Adrian Wannenmacher 5f890bb2a4
feat: add microcode if available 2021-06-19 15:48:39 +02:00
Adrian Wannenmacher 16c3dc6b66
feat: make efibootmgr and sbsign optional dependencies 2021-06-19 15:17:59 +02:00
Adrian Wannenmacher c4dc5fdc0a
fix: 🐛 stop removing uki uefi boot entries if deactivated 2021-06-18 21:17:02 +02:00
Adrian Wannenmacher 8a27b4e196
feat: add an option to stop creating efi boot entries 2021-06-18 20:02:35 +02:00
Adrian Wannenmacher 782be942eb
feat: stop deleting or overwriting config file 2021-06-18 20:02:03 +02:00
8 changed files with 53 additions and 51 deletions

View File

@ -13,17 +13,17 @@ required (though the name remains).
### Prerequisites
This tool expects that you already set up snapper. It also expects that each
snapshots linux and initramfs files (`/boot/vmlinuz-linux` and
`/boot/initramfs-linux.img`) as well as a kernel command line file
(`/etc/snap-pac-uki/kernel-cmd`) are available within each snapshot.
While not depending on it directly, this tool expects that you already set up
snapper. It expects, that each snapshot contains its kernel
(`/boot/vmlinuz-linux`) and initramfs (`/boot/intitramfs-linux.img`), as well as
a kernel command line file (`/etc/snap-pac-uki/kernel-cmd`).
The fallback initramfs (`/boot/initramfs-linux-fallback.img`) and fallback
command line file (`/etc/snap-pac-uki/kernel-cmd-fallback`) are only required
on the current system.
For generating the current and fallback UKIs, the kernel and initramfs files of
the currently running system are used. For a kernel cmd, it uses
`/etc/snap-pac-uki/kernel-cmd-current` and `/etc/snap-pac-uki/kernel-cmd-fallback`.
EFI boot options are only created for each snapshot. If you want the UKIs
created for the current system, you'll need to add boot entries yourself:
If you want to boot a UKI directly, use the `efibootmgr` command to create an
entry.
```bash
# template
@ -53,7 +53,7 @@ efibootmgr -c \
1. You can install the dependencies of this program with the following command:
```bash
pacman -S fish efibootmgr jq ripgrep sbsigntools sed snapper
pacman -S fish ripgrep sbsigntools sed
```
2. Download the latest release from [here][releases] and unpack it.

View File

@ -8,8 +8,13 @@ if not test -d "/etc/snap-pac-uki"
echo "created config dir."
end
cp ./src/config.fish /etc/snap-pac-uki/config.fish
echo "installed config script."
if not test -f "/etc/snap-pac-uki/config.fish"
cp ./src/config.fish /etc/snap-pac-uki/config.fish
echo "installed config script."
else
cp ./src/config.fish /etc/snap-pac-uki/config-new.fish
echo "found existing config script -> installed as -new file."
end
cp ./pacman/* /usr/share/libalpm/hooks/
echo "installed pacman hooks."

View File

@ -1,5 +1,14 @@
function config -d "sets some configuration variables"
# If this is not set to "yes", snap-pac-uki will not do anything when
# executed.
#
# This is to make sure that this program can be installed with pacman. If
# this wasn't done, pacman would install this program with an default
# config, which most likely wouldn't work correctly. Therefore this needs
# to be set to "yes" by the user, once they've configured snap-pac-uki.
set -g CFG_ENABLED "no"
# A directory where ukis can be built.
#
# It is recommended to keep this within /tmp, as the generated data will not
@ -12,18 +21,6 @@ function config -d "sets some configuration variables"
# images.
set -g CFG_DEFAULT_SUBVOL "@"
# The device the EFI partition resides on
set -g CFG_EFI_DEV "/dev/nvme0n1"
# The "efi directory" that will contain the ukis
set -g CFG_EFI_PATH "\EFI\Linux"
# The efi partitions number on the device
set -g CFG_EFI_PART "1"
# The snapper config name
set -g CFG_SNAPSHOT_CONFIG "root"
# The linux fs path containing all snapshot data
set -g CFG_SNAPSHOT_PATH "/.snapshots"

View File

@ -7,12 +7,8 @@ end
function check_deps -d "checks if all dependencies are available"
set -l dependencies \
"efibootmgr" \
"jq" \
"rg" \
"sbsign" \
"sed" \
"snapper" \
for dep in $dependencies
which $dep >/dev/null 2>/dev/null
@ -21,13 +17,19 @@ function check_deps -d "checks if all dependencies are available"
error "missing depenency: $dep"
end
end
which "sbsign" >/dev/null 2>/dev/null
if test $status != "0" -a $CFG_SECUREBOOT = "yes"
set -g CFG_SECUREBOOT "no"
echo "CFG_SECUREBOOT overwriten to \"no\": 'sbsign' not available"
end
end
function find_tasks -d "finds out what the program needs to do"
function find_ukiless_snapshots -d "find"
set -ge TASK_UKI
for id in (snapper -c $CFG_SNAPSHOT_CONFIG --jsonout ls | jq ".$CFG_SNAPSHOT_CONFIG [] | .number")
if test "$id" = "0"
for id in (ls $CFG_SNAPSHOT_PATH)
if test $id = "0"
continue
end
@ -43,6 +45,7 @@ function create_uki -d "creates a new uki" -a variant id
switch $variant
case "rolling"
set bd "$CFG_BUILD_DIR/current"
set current "-current"
case "fallback"
set bd "$CFG_BUILD_DIR/current"
set fallback "-fallback"
@ -54,12 +57,17 @@ function create_uki -d "creates a new uki" -a variant id
error "unknown uki variant: $variant"
end
# create initrd
set initrd "$bd/initramfs-linux$fallback.img"
cat "$prefix/boot/initramfs-linux$fallback.img" >> $initrd
# create uki
objcopy \
--add-section .osrel="$bd/os-release$fallback" --change-section-vma .osrel=0x20000 \
--add-section .cmdline="$bd/kernel-cmd$fallback" --change-section-vma .cmdline=0x30000 \
--add-section .cmdline="$bd/kernel-cmd$current$fallback" --change-section-vma .cmdline=0x30000 \
--add-section .splash="$prefix/usr/share/systemd/bootctl/splash-arch.bmp" --change-section-vma .splash=0x40000 \
--add-section .linux="$prefix/boot/vmlinuz-linux" --change-section-vma .linux=0x2000000 \
--add-section .initrd="$prefix/boot/initramfs-linux$fallback.img" --change-section-vma .initrd=0x3000000 \
--add-section .initrd="$initrd" --change-section-vma .initrd=0x3000000 \
"$prefix/usr/lib/systemd/boot/efi/linuxx64.efi.stub" "$bd/arch-linux$fallback$snid.efi.unsigned"
# sign
@ -105,7 +113,7 @@ function create_current_uki -d "creates an uki for the current system"
# create default
cp "/usr/lib/os-release" "$bd/os-release"
sed "s/SNAPSHOT/$CFG_DEFAULT_SUBVOL/" <"/etc/snap-pac-uki/kernel-cmd" >"$bd/kernel-cmd"
sed "s/SNAPSHOT/$CFG_DEFAULT_SUBVOL/" <"/etc/snap-pac-uki/kernel-cmd-current" >"$bd/kernel-cmd-current"
create_uki rolling
# create fallbac
@ -114,21 +122,21 @@ function create_current_uki -d "creates an uki for the current system"
create_uki fallback
end
function add_efi_entry -d "adds an efi boot entry for a snapshot uki" -a id
efibootmgr -q -C -d $CFG_EFI_DEV -p $CFG_EFI_PART \
-l "$CFG_EFI_PATH\arch-linux-$id.efi" \
-L "Arch Linux (Snapshot $id)"
end
function main
# prepare for execution
check_deps
source "/etc/snap-pac-uki/config.fish"
config
if test "$CFG_ENABLED" != "yes"
echo "==> snap-pac-uki not enabled in config file" 1>&2
exit 0
end
check_deps
switch $argv[1]
case "snapshots"
find_tasks
find_ukiless_snapshots
for id in $TASK_UKI
echo "==> found snapshot without uki: $id"
@ -137,9 +145,6 @@ function main
cp "$CFG_BUILD_DIR/$id/arch-linux-$id.efi" "$CFG_UKI_DIR"
echo " -> copied uki for snapshot $id into uki directory"
add_efi_entry $id
echo " -> created efi boot entry for uki of snapshot $id"
end
case "current"
@ -155,13 +160,11 @@ function main
case "clean"
echo "==> cleaning ukis"
set ids (snapper -c $CFG_SNAPSHOT_CONFIG --jsonout ls | jq ".$CFG_SNAPSHOT_CONFIG [] | .number")
set ids (ls $CFG_SNAPSHOT_PATH)
for uki in (ls "$CFG_UKI_DIR" | rg "[0-9]" | sed "s/arch-linux-\([0-9]*\).efi/\1/")
if not contains "$uki" $ids
echo " -> cleaning uki and boot entry for removed snapshot $uki"
rm "$CFG_UKI_DIR/arch-linux-$uki.efi"
efibootmgr -q -b (efibootmgr -v | rg "arch-linux-$uki.efi" | sed "s/\*//;s/Boot0*\(.*\) Arch .*/\1/") -B
end
end

View File

@ -3,9 +3,6 @@
rm /usr/local/bin/snap-pac-uki
echo "removed script."
rm /etc/snap-pac-uki/config.fish
echo "removed config script."
for name in (ls ./pacman)
rm /usr/share/libalpm/hooks/$name
end