From d1f5031321732e94ee434833accba16e1b412d8c Mon Sep 17 00:00:00 2001 From: "David P." Date: Mon, 4 Sep 2023 17:36:14 -0300 Subject: sync with archiso v70 5c36c85 (tag: v70) Add changelog for 70 29f4b00 Add changelog entry for terminal_output fix 8535d69 Use console as grub's terminal_output cedb3d1 configs/*/grub/grub.cfg: replace /dev/disk/by-uuid/ with UUID= 1da743c README.transfer.rst: update instructions 04d439d Rename docs/README.transfer to docs/README.transfer.rst a094153 Move SYSLINUX directory from /syslinux/ to /boot/syslinux/ c8474f8 Move the .uuid file to /boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid d96a356 mkarchiso: write grubenv in _make_common_bootmode_grub_cfg f750200 configs/*/grub/grub.cfg: reuse ARCHISO_HINT and ARCHISO_UUID passed from the embedded grub.cfg b94d7c4 Move grub files from /EFI/BOOT/ to /boot/grub/ on ISO 9660 f5ade89 Do not duplicate grub.cfg in efiboot.img 40e0976 mkarchiso: add more details to the comment in grub-embed.cfg 7c6f266 configs/*/profiledef.sh: honor SOURCE_DATE_EPOCH 28d2bc1 mkarchiso: do not place memtest86+ in netboot artifacts 0f34e44 configs/*/airootfs/etc/ssh/sshd_config: update to match 9.2p1-1 5587e03 Preload GRUB's NTFS, exFAT and UDF modules 3f95d39 configs/*/grub/grub.cfg: search for a .uuid file in /.disk/ and use the volume it's on 8d7ad3c mkarchiso: write a .uuid file to /.disk/ on ISO 9660 to allow GRUB to search for it ab3d788 Update URLs Signed-off-by: David P. --- CHANGELOG.rst | 40 +++++++ README.rst | 2 +- configs/baseline/airootfs/etc/ssh/sshd_config | 6 +- configs/baseline/grub/grub.cfg | 19 ++- configs/baseline/profiledef.sh | 4 +- configs/releng/airootfs/etc/ssh/sshd_config | 6 +- configs/releng/grub/grub.cfg | 27 +++-- configs/releng/profiledef.sh | 4 +- configs/releng/syslinux/parabolaiso_head.cfg | 2 +- configs/releng/syslinux/parabolaiso_tail.cfg | 4 +- docs/README.transfer | 133 --------------------- docs/README.transfer.rst | 165 ++++++++++++++++++++++++++ parabolaiso/mkparabolaiso | 143 ++++++++++++++-------- 13 files changed, 346 insertions(+), 209 deletions(-) delete mode 100644 docs/README.transfer create mode 100644 docs/README.transfer.rst diff --git a/CHANGELOG.rst b/CHANGELOG.rst index a0065a8..1299c48 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -11,9 +11,49 @@ Added Changed ------- +Deprecated +---------- + +Fixed +----- + Removed ------- +[70] - 2023-02-27 +================= + +Added +----- + +- Support *file system transposition* to simplify boot medium preparation for UEFI boot via extracting the ISO image + contents to a drive. ``grub.cfg`` does not hardcode the ISO volume label anymore, instead GRUB will search for volume + with a ``/boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid`` file on it. +- Preload GRUB's NTFS modules for UEFI that allegedly have native NTFS support. GRUB's exFAT and UDF modules are also + preloaded in case someone finds them useful. + +Changed +------- + +- Identify the ISO volume via a UUID instead of a file system label to avoid collisions of multiple ISOs created in the + same month. +- Honor ``SOURCE_DATE_EPOCH`` in the ``date`` command used by ``profiledef.sh`` of the shipped profiles. +- Do not duplicate ``grub.cfg`` in both ISO 9660 and the EFI system partition / El Torito image. GRUB will search for + the ISO volume and load the ``grub.cfg`` from there. +- Moved GRUB files on ISO 9660 from ``/EFI/BOOT/`` to a boot-platform neutral place ``/boot/grub/``. This does not apply + to the EFI binaries that remain in the default/fallback boot path. +- Move ``grubenv`` to ``/boot/grub/grubenv`` on ISO 9660 so that it is together with the rest of GRUB-specific files. + Additionally write more variables in it. The previous ``/${install_dir}/grubenv`` (``/parabola/grubenv`` for releng) + is deprecated and a future parabolaiso release will not create this file anymore. +- Moved syslinux directory from ``/syslinux/`` to ``/boot/syslinux/`` to keep most boot loader files in ``/boot/``. +- Update ``README.transfer`` documentation and convert it to reStructuredText. +- Use ``console`` as grub's ``terminal_output``, as ``gfxterm`` leads to a blank screen on some hardware. + +Removed +------- + +- Do not place memtest86+ in netboot artifacts. + [69] - 2022-12-24 ================= diff --git a/README.rst b/README.rst index 6415af4..fccab43 100644 --- a/README.rst +++ b/README.rst @@ -130,7 +130,7 @@ boot the iso image from GRUB with a version specific cow directory to mitigate o .. code:: sh loopback loop parabola.iso - load_env -f (loop)/parabola/grubenv + load_env -f (loop)/boot/grub/grubenv linux (loop)/parabola/boot/x86_64/vmlinuz-linux-libre ... \ cow_directory=parabola/${VERSION} ... initrd (loop)/parabola/boot/x86_64/initramfs-linux-libre-lts.img diff --git a/configs/baseline/airootfs/etc/ssh/sshd_config b/configs/baseline/airootfs/etc/ssh/sshd_config index 93f7d63..dc22c11 100644 --- a/configs/baseline/airootfs/etc/ssh/sshd_config +++ b/configs/baseline/airootfs/etc/ssh/sshd_config @@ -58,7 +58,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -#KbdInteractiveAuthentication yes +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -75,7 +75,7 @@ AuthorizedKeysFile .ssh/authorized_keys # be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin without-password". +# the setting of "PermitRootLogin prohibit-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. @@ -88,7 +88,7 @@ UsePAM yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes -PrintMotd no # pam does that +PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no diff --git a/configs/baseline/grub/grub.cfg b/configs/baseline/grub/grub.cfg index 50300d3..cb1a9fa 100644 --- a/configs/baseline/grub/grub.cfg +++ b/configs/baseline/grub/grub.cfg @@ -3,15 +3,18 @@ insmod part_gpt insmod part_msdos insmod fat insmod iso9660 +insmod ntfs +insmod ntfscomp +insmod exfat +insmod udf # Use graphics-mode output insmod all_video insmod font if loadfont "${prefix}/fonts/unicode.pf2" ; then - insmod gfxterm set gfxmode="auto" terminal_input console - terminal_output gfxterm + terminal_output console fi # Enable serial console @@ -20,6 +23,15 @@ if serial --unit=0 --speed=115200; then terminal_output --append serial fi +# Search for the ISO volume +if [ -z "${PARABOLAISO_UUID}" ]; then + if [ -z "${PARABOLAISO_HINT}" ]; then + regexp --set=1:PARABOLAISO_HINT '^\(([^)]+)\)' "${cmdpath}" + fi + search --no-floppy --set=root --file '%PARABOLAISO_SEARCH_FILENAME%' --hint "${PARABOLAISO_HINT}" + probe --set PARABOLAISO_UUID --fs-uuid "${root}" +fi + # Set default menu entry default=parabola timeout=15 @@ -29,7 +41,6 @@ timeout_style=menu menuentry "Parabola GNU/Linux-libre (x86_64, UEFI)" --class arch --class gnu-linux --class gnu --class os --id 'parabola' { set gfxpayload=keep - search --no-floppy --set=root --label %PARABOLAISO_LABEL% - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% + linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisodevice=UUID=${PARABOLAISO_UUID} initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img } diff --git a/configs/baseline/profiledef.sh b/configs/baseline/profiledef.sh index 27b0b6a..3452400 100644 --- a/configs/baseline/profiledef.sh +++ b/configs/baseline/profiledef.sh @@ -2,10 +2,10 @@ # shellcheck disable=SC2034 iso_name="parabola-baseline" -iso_label="PARA_$(date +%Y%m)" +iso_label="PARA_$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y%m)" iso_publisher="Parabola GNU/Linux-libre " iso_application="Parabola GNU/Linux-libre baseline" -iso_version="$(date +%Y.%m.%d)" +iso_version="$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)" install_dir="parabola" buildmodes=('iso') bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' diff --git a/configs/releng/airootfs/etc/ssh/sshd_config b/configs/releng/airootfs/etc/ssh/sshd_config index 93f7d63..dc22c11 100644 --- a/configs/releng/airootfs/etc/ssh/sshd_config +++ b/configs/releng/airootfs/etc/ssh/sshd_config @@ -58,7 +58,7 @@ AuthorizedKeysFile .ssh/authorized_keys #PermitEmptyPasswords no # Change to no to disable s/key passwords -#KbdInteractiveAuthentication yes +KbdInteractiveAuthentication no # Kerberos options #KerberosAuthentication no @@ -75,7 +75,7 @@ AuthorizedKeysFile .ssh/authorized_keys # be allowed through the KbdInteractiveAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via KbdInteractiveAuthentication may bypass -# the setting of "PermitRootLogin without-password". +# the setting of "PermitRootLogin prohibit-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and KbdInteractiveAuthentication to 'no'. @@ -88,7 +88,7 @@ UsePAM yes #X11DisplayOffset 10 #X11UseLocalhost yes #PermitTTY yes -PrintMotd no # pam does that +PrintMotd no #PrintLastLog yes #TCPKeepAlive yes #PermitUserEnvironment no diff --git a/configs/releng/grub/grub.cfg b/configs/releng/grub/grub.cfg index 44942f1..a72ca7a 100644 --- a/configs/releng/grub/grub.cfg +++ b/configs/releng/grub/grub.cfg @@ -3,15 +3,18 @@ insmod part_gpt insmod part_msdos insmod fat insmod iso9660 +insmod ntfs +insmod ntfscomp +insmod exfat +insmod udf # Use graphics-mode output insmod all_video insmod font if loadfont "${prefix}/fonts/unicode.pf2" ; then - insmod gfxterm set gfxmode="auto" terminal_input console - terminal_output gfxterm + terminal_output console fi # Enable serial console @@ -20,6 +23,15 @@ if serial --unit=0 --speed=115200; then terminal_output --append serial fi +# Search for the ISO volume +if [ -z "${PARABOLAISO_UUID}" ]; then + if [ -z "${PARABOLAISO_HINT}" ]; then + regexp --set=1:PARABOLAISO_HINT '^\(([^)]+)\)' "${cmdpath}" + fi + search --no-floppy --set=root --file '%PARABOLAISO_SEARCH_FILENAME%' --hint "${PARABOLAISO_HINT}" + probe --set PARABOLAISO_UUID --fs-uuid "${root}" +fi + # Set default menu entry default=parabola timeout=15 @@ -32,15 +44,13 @@ play 600 988 1 1319 4 menuentry "Parabola GNU/Linux-libre install medium (x86_64, UEFI)" --class arch --class gnu-linux --class gnu --class os --id 'parabola' { set gfxpayload=keep - search --no-floppy --set=root --label %PARABOLAISO_LABEL% - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% + linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisodevice=UUID=${PARABOLAISO_UUID} initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img } menuentry "Parabola GNU/Linux-libre install medium with speakup screen reader (x86_64, UEFI)" --hotkey s --class arch --class gnu-linux --class gnu --class os --id 'parabola-accessibility' { set gfxpayload=keep - search --no-floppy --set=root --label %PARABOLAISO_LABEL% - linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisolabel=%PARABOLAISO_LABEL% accessibility=on + linux /%INSTALL_DIR%/boot/x86_64/vmlinuz-linux-libre parabolaisobasedir=%INSTALL_DIR% parabolaisodevice=UUID=${PARABOLAISO_UUID} accessibility=on initrd /%INSTALL_DIR%/boot/x86_64/initramfs-linux-libre.img } @@ -48,18 +58,15 @@ if [ "${grub_platform}" == "efi" ]; then if [ "${grub_cpu}" == "x86_64" ]; then menuentry "Run Memtest86+ (RAM test)" --class memtest86 --class gnu --class tool { set gfxpayload=800x600,1024x768 - search --fs-uuid --no-floppy --set=root --label %PARABOLAISO_LABEL% - linux /%INSTALL_DIR%/boot/memtest.efi + linux /boot/memtest86+/memtest.efi } menuentry "UEFI Shell" { insmod chain - search --no-floppy --set=root --label %PARABOLAISO_LABEL% chainloader /shellx64.efi } elif [ "${grub_cpu}" == "i386" ]; then menuentry "UEFI Shell" { insmod chain - search --no-floppy --set=root --label %PARABOLAISO_LABEL% chainloader /shellia32.efi } fi diff --git a/configs/releng/profiledef.sh b/configs/releng/profiledef.sh index 12df102..29cd03d 100644 --- a/configs/releng/profiledef.sh +++ b/configs/releng/profiledef.sh @@ -2,10 +2,10 @@ # shellcheck disable=SC2034 iso_name="parabola" -iso_label="PARA_$(date +%Y%m)" +iso_label="PARA_$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y%m)" iso_publisher="Parabola GNU/Linux-libre " iso_application="Parabola GNU/Linux-libre Live/Rescue CD" -iso_version="$(date +%Y.%m.%d)" +iso_version="$(date --date="@${SOURCE_DATE_EPOCH:-$(date +%s)}" +%Y.%m.%d)" install_dir="parabola" buildmodes=('iso') bootmodes=('bios.syslinux.mbr' 'bios.syslinux.eltorito' diff --git a/configs/releng/syslinux/parabolaiso_head.cfg b/configs/releng/syslinux/parabolaiso_head.cfg index 591097e..4f56858 100644 --- a/configs/releng/syslinux/parabolaiso_head.cfg +++ b/configs/releng/syslinux/parabolaiso_head.cfg @@ -12,7 +12,7 @@ MENU CMDLINEROW 14 MENU HELPMSGROW 16 MENU HELPMSGENDROW 29 -# Refer to http://syslinux.zytor.com/wiki/index.php/Doc/menu +# Refer to https://wiki.syslinux.org/wiki/index.php/Comboot/menu.c32 MENU COLOR border 35;40 #ff777caa #a0000000 std MENU COLOR title 1;35;40 #ff777caa #a0000000 std diff --git a/configs/releng/syslinux/parabolaiso_tail.cfg b/configs/releng/syslinux/parabolaiso_tail.cfg index e5339a2..dcbb413 100644 --- a/configs/releng/syslinux/parabolaiso_tail.cfg +++ b/configs/releng/syslinux/parabolaiso_tail.cfg @@ -7,12 +7,12 @@ MENU LABEL Boot existing OS COM32 chain.c32 APPEND hd0 0 -# http://www.memtest.org/ +# https://www.memtest.org/ LABEL memtest MENU LABEL Run Memtest86+ (RAM test) LINUX /%INSTALL_DIR%/boot/memtest -# http://hdt-project.org/ +# https://wiki.syslinux.org/wiki/index.php/Hdt_(Hardware_Detection_Tool) LABEL hdt MENU LABEL Hardware Information (HDT) COM32 hdt.c32 diff --git a/docs/README.transfer b/docs/README.transfer deleted file mode 100644 index 2cf28e3..0000000 --- a/docs/README.transfer +++ /dev/null @@ -1,133 +0,0 @@ -INDEX ------ - -* Transfer ISO file to target medium (configs/releng) - * To -> CD / DVD / BD - * To -> USB-key / SD / HDD / SSD - * PC-BIOS (MBR) - * PC-BIOS (ISOHYBRID-MBR) - * PC-EFI (GPT) [x86_64 only] - * PC-EFI (ISOHYBRID-GPT) [x86_64 only] - - - -*** Transfer ISO image to target medium (configs/releng) - -ISO images names consist of: parabola-..
-dual.iso - -Where: - Year - Month -
Day - - -** To -> CD / DVD / BD - -Note: All ISO images are booteable on a PC-BIOS via "El Torito" in no-emulation mode, - All x86_64 ISO images are booteable on a PC-EFI via "El Torito" in no-emulation mode. - -Nomeclature: - scsibus number - target number - lun number - (Note: see cdrecord -scanbus, for these numbers) - - -1) Write it directly using your favorite recording program. -# cdrecord dev=,, -dao parabola-..
-dual.iso - - -** To -> USB Flash Drive (USB-key) / Memory card (SD) / - Hard-Disk Drive (HDD) / Solid-State Drive (SSD) - -Note: These steps are the general workflow, you can skip some of them, - using another filesystem if your bootloader supports it, - installing to another directory than "parabola/" or using more than - one partition. Just ensure that main boot params options - (parabolaisolabel= and parabolaisobasedir=) are set correctly according to your setup. - -Nomeclature: -: Device node of the drive where ISO contents should be copied - (example: /dev/sdx) -: Device node of the partition on - (example: /dev/sdx1) -: Mount point path where is mounted - (example: /mnt/sdx/1) -: Path to the ISO file parabola-..
-dual.iso - (example: ~/parabola-2012.07.22-dual.iso) -: Represents the filesystem label of the - (example: PARA_201302) - - -* PC-BIOS (MBR): - -Note: Using here a MBR partition mode as example, but GPT should also works - if machine firmware is not broken. - Just ensure that partition is set with attribute "2: legacy BIOS bootable" - and use gptmbr.bin instead of mbr.bin for syslinux. - -1) Create one partition entry in MBR and mark it as "active" (booteable). -Note: Type "b" for FAT32, "83" for EXTFS or "7" for NTFS. -# fdisk - -2) Create a FAT32, EXTFS or NTFS filesystem on such partition and setup a label. -Note: COW is not supported on NTFS. -# mkfs.fat -F 32 -n -# mkfs.ext4 -L -# mkfs.ntfs -L - -3) Mount target filesystem. -# mount - -4) Extract ISO image on target filesystem. -# bsdtar -x --exclude=isolinux/ --exclude=EFI/ --exclude=loader/ -f -C - -5) Install syslinux bootloader on target filesystem. -# extlinux -i /parabola/boot/syslinux - -6) Unmount target filesystem. -# umount - -7) Install syslinux MBR boot code on target drive. -# dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/mbr.bin of= - - -* PC-BIOS (ISOHYBRID-MBR): - -Note: This method is the most easily, quick and dirty, but is the most limited - if you want to use your target medium for other purposes. - If using this does not work, use PC-BIOS (MBR) method instead. - -1) Dump ISO file to target medium. -# dd if= of= - - -* PC-EFI (GPT) [x86_64 only] - -Note: Using here a GPT partition mode as example, but MBR should also works - if machine firmware is not broken. - -1) Create one partition entry in GPT (of type "ef00") -# gdisk - -2) Create a FAT32 filesystem on such partition and setup a label. -# mkfs.fat -F 32 -n - -3) Mount target filesystem. -# mount - -4) Extract ISO image on target filesystem. -# bsdtar -x --exclude=isolinux/ --exclude=EFI/parabolaiso/ --exclude=parabola/boot/syslinux/ -f -C - -5) Unmount target filesystem. -# umount - - -* PC-EFI (ISOHYBRID-GPT) [x86_64 only] - -Note: This method is the most easily, quick and dirty, but is the most limited - if you want to use your target medium for other purposes. - If using this does not work, use PC-EFI (GPT) method instead. - -1) Dump ISO file to target medium. -# dd if= of= diff --git a/docs/README.transfer.rst b/docs/README.transfer.rst new file mode 100644 index 0000000..c09b41d --- /dev/null +++ b/docs/README.transfer.rst @@ -0,0 +1,165 @@ +============================================== +Transfer ISO to target medium (configs/releng) +============================================== + +ISO images names consist of: ``parabola-YYYY.MM.DD-x86_64.iso``. + +Where: ``YYYY`` is the year, ``MM`` the month and ``DD`` the day. + +.. contents:: + +Burn to an optical disc +======================= + + .. note:: + All ISO images are BIOS and UEFI bootable via "El Torito" in no-emulation mode. + +Burn the ISO using your favorite disc burning program. + +For example: + +.. code:: sh + + xorriso -as cdrecord -v -sao dev=/dev/sr0 parabola-YYYY.MM.DD-x86_64.iso + +Write to an USB flash drive / memory card / hard disk drive / solid state drive / etc. +====================================================================================== + + .. tip:: + See https://wiki.archlinux.org/title/USB_flash_installation_medium for more detailed instructions. + +Nomeclature: + +```` + Device node of the drive where ISO contents should be copied (example: ``/dev/sdx``). +```` + Device node of the partition on ```` (example: ``/dev/sdx1``). +```` + Represents the file system label of the ``parabola-YYYY.MM.DD-x86_64.iso`` (example: ``ARCH_201703``). + +ISOHYBRID (BIOS and UEFI) +------------------------- + + .. note:: + This method is the most easily, quick and dirty, but is the most limited if you want to use your target medium + for other purposes. If using this does not work, use the `File system transposition (UEFI only)`_ method instead. + +Directly write the ISO file to the target medium: + +.. code:: sh + + dd bs=4M if=parabola-YYYY.MM.DD-x86_64.iso of= conv=fsync oflag=direct status=progress + +File system transposition (UEFI only) +-------------------------------- + +This method extracts the contents of the ISO onto a prepared UEFI-bootable volume. + +If your drive is already partitioned and formatted, skip to the "Mount the target file system" step. + + .. note:: + Using MBR with one FAT formatted active partition is the most compatible method. + +1. Partition the drive with *fdisk*. + + .. code:: sh + + fdisk + + 1) Create a new MBR partition table with command ``o``. + + .. warning:: + This will destroy all data on the drive. + + 2) Create a new primary partition with command ``n`` and set its type code to ``0c`` with command ``t``. + + 3) Mark the partition as bootable with the ``a`` command. + + 4) Write the changes and exit with ``w``. + +2. Format the newly created partition to FAT32 + + .. code:: sh + + mkfs.fat -F 32 /dev/disk/by-id/-part1 + +3. Mount the target file system + + .. code:: sh + + mount /mnt + +4. Extract the ISO image on the target file system. + + .. code:: sh + + bsdtar -x --exclude=boot/syslinux/ -f parabola-YYYY.MM.DD-x86_64.iso -C /mnt + +5. Unmount the target file system. + + .. code:: sh + + umount /mnt + +Manual formatting (BIOS only) +----------------------------- + + .. note:: + These steps are the general workflow, you can skip some of them, using another file system if your boot loader + supports it, installing to another directory than ``arch/`` or using more than one partition. Just ensure that + main boot parameters (``archisolabel=`` and ``archisobasedir=``) are set correctly according to your setup. + + Using here a MBR partition mode as example, but GPT should also work if the machine firmware is not broken. Just + ensure that partition is set with attribute ``2: legacy BIOS bootable`` and use ``gptmbr.bin`` instead of + ``mbr.bin`` for syslinux. + +1) Create one partition entry in MBR and mark it as "active" (bootable). + + .. note:: + Type ``b`` for FAT32, ``83`` for EXTFS or ``7`` for NTFS. + + .. code:: sh + + fdisk + +2) Create a FAT32, EXTFS or NTFS file system on such partition and setup a label. + + .. note:: + COW is not supported on NTFS. + + .. code:: sh + + mkfs.fat -F 32 -n + mkfs.ext4 -L + mkfs.ntfs -L + +3) Mount the target file system. + + .. code:: sh + + mount /mnt + +4) Extract the ISO image on the target file system. + + .. code:: sh + + bsdtar -x --exclude=boot/grub/ --exclude=EFI/ -f parabola-YYYY.MM.DD-x86_64.iso -C /mnt + +5) Install the syslinux boot loader on the target file system. + + .. code:: sh + + extlinux -i /mnt/boot/syslinux + +6) Unmount the target file system. + + .. code:: sh + + umount /mnt + +7) Install syslinux MBR boot code on the target drive. + + .. code:: sh + + dd bs=440 count=1 conv=notrunc if=/usr/lib/syslinux/bios/mbr.bin of= + diff --git a/parabolaiso/mkparabolaiso b/parabolaiso/mkparabolaiso index ac2d6ec..78826a2 100755 --- a/parabolaiso/mkparabolaiso +++ b/parabolaiso/mkparabolaiso @@ -479,39 +479,38 @@ _make_boot_on_iso9660() { # Prepare syslinux for booting from MBR (isohybrid) _make_bootmode_bios.syslinux.mbr() { _msg_info "Setting up SYSLINUX for BIOS booting from a disk..." - install -d -m 0755 -- "${isofs_dir}/syslinux" + install -d -m 0755 -- "${isofs_dir}/boot/syslinux" for _cfg in "${profile}/syslinux/"*.cfg; do sed "s|%PARABOLAISO_LABEL%|${iso_label}|g; s|%INSTALL_DIR%|${install_dir}|g; s|%ARCH%|${arch}|g" \ - "${_cfg}" > "${isofs_dir}/syslinux/${_cfg##*/}" + "${_cfg}" > "${isofs_dir}/boot/syslinux/${_cfg##*/}" done if [[ -e "${profile}/syslinux/splash.png" ]]; then - install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/syslinux/" + install -m 0644 -- "${profile}/syslinux/splash.png" "${isofs_dir}/boot/syslinux/" fi - install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/syslinux/" - install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/syslinux/" - install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/syslinux/" + install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/"*.c32 "${isofs_dir}/boot/syslinux/" + install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/lpxelinux.0" "${isofs_dir}/boot/syslinux/" + install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/memdisk" "${isofs_dir}/boot/syslinux/" _run_dual '_run_once _make_boot_on_iso9660' - if [[ -e "${isofs_dir}/syslinux/hdt.c32" ]]; then - install -d -m 0755 -- "${isofs_dir}/syslinux/hdt" + if [[ -e "${isofs_dir}/boot/syslinux/hdt.c32" ]]; then + install -d -m 0755 -- "${isofs_dir}/boot/syslinux/hdt" if [[ -e "${pacstrap_dir}/usr/share/hwdata/pci.ids" ]]; then gzip -cn9 "${pacstrap_dir}/usr/share/hwdata/pci.ids" > \ - "${isofs_dir}/syslinux/hdt/pciids.gz" + "${isofs_dir}/boot/syslinux/hdt/pciids.gz" fi find "${pacstrap_dir}/usr/lib/modules" -name 'modules.alias' -print -exec gzip -cn9 '{}' ';' -quit > \ - "${isofs_dir}/syslinux/hdt/modalias.gz" + "${isofs_dir}/boot/syslinux/hdt/modalias.gz" fi # Add other aditional/extra files to ${install_dir}/boot/ if [[ -e "${pacstrap_dir}/boot/memtest86+/memtest.bin" ]]; then + install -d -m 0755 -- "${isofs_dir}/boot/memtest86+/" # rename for PXE: https://wiki.parabola.nu/index.php/Syslinux#Using_memtest - install -m 0644 -- "${pacstrap_dir}/boot/memtest86+/memtest.bin" "${isofs_dir}/${install_dir}/boot/memtest" - install -d -m 0755 -- "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/" - install -m 0644 -- "${pacstrap_dir}/usr/share/licenses/common/GPL2/license.txt" \ - "${isofs_dir}/${install_dir}/boot/licenses/memtest86+/" + install -m 0644 -- "${pacstrap_dir}/boot/memtest86+/memtest.bin" "${isofs_dir}/boot/memtest86+/memtest" + install -m 0644 -- "${pacstrap_dir}/usr/share/licenses/common/GPL2/license.txt" "${isofs_dir}/boot/memtest86+/" fi _msg_info "Done! SYSLINUX set up for BIOS booting from a disk successfully." } @@ -519,9 +518,9 @@ _make_bootmode_bios.syslinux.mbr() { # Prepare syslinux for El-Torito booting _make_bootmode_bios.syslinux.eltorito() { _msg_info "Setting up SYSLINUX for BIOS booting from an optical disc..." - install -d -m 0755 -- "${isofs_dir}/syslinux" - install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/syslinux/" - install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/syslinux/" + install -d -m 0755 -- "${isofs_dir}/boot/syslinux" + install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/isolinux.bin" "${isofs_dir}/boot/syslinux/" + install -m 0644 -- "${pacstrap_dir}/usr/lib/syslinux/bios/isohdpfx.bin" "${isofs_dir}/boot/syslinux/" # ISOLINUX and SYSLINUX installation is shared _run_once _make_bootmode_bios.syslinux.mbr @@ -572,18 +571,7 @@ _make_efibootimg() { mmd -i "${efibootimg}" ::/EFI ::/EFI/BOOT } -# Copy GRUB files to efiboot.img which is used by both IA32 UEFI and x64 UEFI. -_make_common_bootmode_grub_copy_to_efibootimg() { - local files_to_copy=() - - files_to_copy+=("${work_dir}/grub/"*) - if compgen -G "${profile}/grub/!(*.cfg)" &> /dev/null; then - files_to_copy+=("${profile}/grub/"!(*.cfg)) - fi - mcopy -i "${efibootimg}" "${files_to_copy[@]}" ::/EFI/BOOT/ -} - -# Copy GRUB files to efiboot.img which is used by both IA32 UEFI and x64 UEFI. +# Copy GRUB files to ISO 9660 which is used by both IA32 UEFI and x64 UEFI _make_common_bootmode_grub_copy_to_isofs() { local files_to_copy=() @@ -591,37 +579,86 @@ _make_common_bootmode_grub_copy_to_isofs() { if compgen -G "${profile}/grub/!(*.cfg)" &> /dev/null; then files_to_copy+=("${profile}/grub/"!(*.cfg)) fi - install -m 0644 -- "${files_to_copy[@]}" "${isofs_dir}/EFI/BOOT/" + install -d -m 0755 -- "${isofs_dir}/boot/grub" + install -m 0644 -- "${files_to_copy[@]}" "${isofs_dir}/boot/grub/" } # Prepare GRUB configuration files _make_common_bootmode_grub_cfg(){ - local _cfg + local _cfg parabolaiso_uuid search_filename install -d -- "${work_dir}/grub" + # Precalculate the ISO's modification date in UTC, i.e. its "UUID" + TZ=UTC printf -v parabolaiso_uuid '%(%F-%H-%M-%S-00)T' "$SOURCE_DATE_EPOCH" + # Create a /boot/grub/YYYY-mm-dd-HH-MM-SS-00.uuid file on ISO 9660. GRUB will search for it to find the ISO + # volume. This is similar to what grub-mkrescue does, except it places the file in /.disk/, but we opt to use a + # directory that does not start with a dot to avoid it being accidentally missed when copying the ISO's contents. + : > "${work_dir}/grub/${parabolaiso_uuid}.uuid" + search_filename="/boot/grub/${parabolaiso_uuid}.uuid" + # Fill GRUB configuration files for _cfg in "${profile}/grub/"*'.cfg'; do sed "s|%PARABOLAISO_LABEL%|${iso_label}|g; s|%INSTALL_DIR%|${install_dir}|g; - s|%ARCH%|${arch}|g" \ + s|%ARCH%|${arch}|g; + s|%PARABOLAISO_SEARCH_FILENAME%|${search_filename}|g" \ "${_cfg}" > "${work_dir}/grub/${_cfg##*/}" done - # Add all GRUB files to the list of files used to calculate the required FAT image size. - efiboot_files+=("${work_dir}/grub/" - "${profile}/grub/"!(*.cfg)) + # Prepare grub.cfg that will be embedded inside the GRUB binaries IFS='' read -r -d '' grubembedcfg <<'EOF' || true if ! [ -d "$cmdpath" ]; then - # On some firmware, GRUB has a wrong cmdpath when booted from an optical disc. - # https://gitlab.archlinux.org/archlinux/archiso/-/issues/183 - if regexp --set=1:isodevice '^(\([^)]+\))\/?[Ee][Ff][Ii]\/[Bb][Oo][Oo][Tt]\/?$' "$cmdpath"; then - cmdpath="${isodevice}/EFI/BOOT" + # On some firmware, GRUB has a wrong cmdpath when booted from an optical disc. During El Torito boot, GRUB is + # launched from a case-insensitive FAT-formatted EFI system partition, but it seemingly cannot access that partition + # and sets cmdpath to the whole cd# device which has case-sensitive ISO 9660 + Rock Ridge + Joliet file systems. + # See https://gitlab.archlinux.org/archlinux/archiso/-/issues/183 and https://savannah.gnu.org/bugs/?62886 + if regexp --set=1:parabolaiso_bootdevice '^\(([^)]+)\)\/?[Ee][Ff][Ii]\/[Bb][Oo][Oo][Tt]\/?$' "${cmdpath}"; then + set cmdpath="(${parabolaiso_bootdevice})/EFI/BOOT" + set PARABOLAISO_HINT="${parabolaiso_bootdevice}" + fi +fi + +# Prepare a hint for the search command using the device in cmdpath +if [ -z "${PARABOLAISO_HINT}" ]; then + regexp --set=1:PARABOLAISO_HINT '^\(([^)]+)\)' "${cmdpath}" +fi + +# Search for the ISO volume +if search --no-floppy --set=parabolaiso_device --file '%PARABOLAISO_SEARCH_FILENAME%' --hint "${PARABOLAISO_HINT}"; then + set PARABOLAISO_HINT="${parabolaiso_device}" + if probe --set PARABOLAISO_UUID --fs-uuid "${PARABOLAISO_HINT}"; then + export PARABOLAISO_UUID fi +else + echo "Could not find a volume with a '%PARABOLAISO_SEARCH_FILENAME%' file on it!" +fi + +# Load grub.cfg +if [ "${PARABOLAISO_HINT}" == 'memdisk' -o -z "${PARABOLAISO_HINT}" ]; then + echo 'Could not find the ISO volume!' +elif [ -e "(${PARABOLAISO_HINT})/boot/grub/grub.cfg" ]; then + export PARABOLAISO_HINT + set root="${PARABOLAISO_HINT}" + configfile "(${PARABOLAISO_HINT})/boot/grub/grub.cfg" +else + echo "File '(${PARABOLAISO_HINT})/boot/grub/grub.cfg' not found!" fi -configfile "${cmdpath}/grub.cfg" EOF + grubembedcfg="${grubembedcfg//'%PARABOLAISO_SEARCH_FILENAME%'/"${search_filename}"}" printf '%s\n' "$grubembedcfg" > "${work_dir}/grub-embed.cfg" + + # Write grubenv + printf '%.1024s' \ + "$(printf '# GRUB Environment Block\nNAME=%s\nVERSION=%s\nPARABOLAISO_LABEL=%s\nINSTALL_DIR=%s\nARCH=%s\nPARABOLAISO_SEARCH_FILENAME=%s\n%s' \ + "${iso_name}" \ + "${iso_version}" \ + "${iso_label}" \ + "${install_dir}" \ + "${arch}" \ + "${search_filename}" \ + "$(printf '%0.1s' "#"{1..1024})")" \ + > "${work_dir}/grub/grubenv" } _make_bootmode_uefi-ia32.grub.esp() { @@ -632,11 +669,11 @@ _make_bootmode_uefi-ia32.grub.esp() { # Create EFI binary # Module list from https://bugs.archlinux.org/task/71382#comment202911 - grubmodules=(all_video at_keyboard boot btrfs cat chain configfile echo efifwsetup efinet ext2 f2fs fat font \ + grubmodules=(all_video at_keyboard boot btrfs cat chain configfile echo efifwsetup efinet exfat ext2 f2fs fat font \ gfxmenu gfxterm gzio halt hfsplus iso9660 jpeg keylayouts linux loadenv loopback lsefi lsefimmap \ - minicmd normal part_apple part_gpt part_msdos png read reboot regexp search search_fs_file \ - search_fs_uuid search_label serial sleep tpm usb usbserial_common usbserial_ftdi usbserial_pl2303 \ - usbserial_usbdebug video xfs zstd) + minicmd normal ntfs ntfscomp part_apple part_gpt part_msdos png read reboot regexp search \ + search_fs_file search_fs_uuid search_label serial sleep tpm udf usb usbserial_common usbserial_ftdi \ + usbserial_pl2303 usbserial_usbdebug video xfs zstd) grub-mkstandalone -O i386-efi \ --modules="${grubmodules[*]}" \ --locales="en@quot" \ @@ -662,7 +699,7 @@ _make_bootmode_uefi-ia32.grub.esp() { mcopy -i "${efibootimg}" "${work_dir}/BOOTIA32.EFI" ::/EFI/BOOT/BOOTIA32.EFI # Copy GRUB files - _run_once _make_common_bootmode_grub_copy_to_efibootimg + _run_once _make_common_bootmode_grub_copy_to_isofs if [[ -e "${pacstrap_dir}/usr/share/edk2-shell/ia32/Shell_Full.efi" ]]; then mcopy -i "${efibootimg}" "${pacstrap_dir}/usr/share/edk2-shell/ia32/Shell_Full.efi" ::/shellia32.efi @@ -1063,6 +1100,10 @@ _export_netboot_artifacts() { _msg_info "Exporting netboot artifacts..." install -d -m 0755 "${out_dir}" cp -a -- "${isofs_dir}/${install_dir}/" "${out_dir}/" + + # Remove grubenv since it serves no purpose in netboot artifacts + rm -f -- "${out_dir}/${install_dir}/grubenv" + _msg_info "Done!" du -hs -- "${out_dir}/${install_dir}" } @@ -1315,9 +1356,9 @@ _validate_requirements_buildmode_netboot() { _add_xorrisofs_options_bios.syslinux.eltorito() { xorrisofs_options+=( # El Torito boot image for x86 BIOS - '-eltorito-boot' 'syslinux/isolinux.bin' + '-eltorito-boot' 'bot/syslinux/isolinux.bin' # El Torito boot catalog file - '-eltorito-catalog' 'syslinux/boot.cat' + '-eltorito-catalog' 'boot/syslinux/boot.cat' # Required options to boot with ISOLINUX '-no-emul-boot' '-boot-load-size' '4' '-boot-info-table' ) @@ -1327,7 +1368,7 @@ _add_xorrisofs_options_bios.syslinux.eltorito() { _add_xorrisofs_options_bios.syslinux.mbr() { xorrisofs_options+=( # SYSLINUX MBR bootstrap code; does not work without "-eltorito-boot syslinux/isolinux.bin" - '-isohybrid-mbr' "${isofs_dir}/syslinux/isohdpfx.bin" + '-isohybrid-mbr' "${isofs_dir}/boot/syslinux/isohdpfx.bin" # When GPT is used, create an additional partition in the MBR (besides 0xEE) for sectors 0–1 (MBR # bootstrap code area) and mark it as bootable # May allow booting on some systems @@ -1725,7 +1766,13 @@ _make_version() { install -d -m 0755 -- "${isofs_dir}/${install_dir}" # Write version file to ISO 9660 printf '%s\n' "${iso_version}" > "${isofs_dir}/${install_dir}/version" + + fi + if [[ "${buildmode}" == "iso" ]]; then # Write grubenv with version information to ISO 9660 + # TODO: after sufficient time has passed, do not create this file anymore when GRUB boot modes are used. + # _make_common_bootmode_grub_cfg already creates ${isofs_dir}/boot/grub/grubenv + rm -f -- "${isofs_dir}/${install_dir}/grubenv" printf '%.1024s' "$(printf '# GRUB Environment Block\nNAME=%s\nVERSION=%s\n%s' \ "${iso_name}" "${iso_version}" "$(printf '%0.1s' "#"{1..1024})")" \ > "${isofs_dir}/${install_dir}/grubenv" -- cgit v1.2.2