# bootloader.py # Anaconda's bootloader configuration module. # # Copyright (C) 2011 Red Hat, Inc. # # This copyrighted material is made available to anyone wishing to use, # modify, copy, or redistribute it subject to the terms and conditions of # the GNU General Public License v.2, or (at your option) any later version. # This program is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY expressed or implied, including the implied warranties of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General # Public License for more details. You should have received a copy of the # GNU General Public License along with this program; if not, write to the # Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA # 02110-1301, USA. Any Red Hat trademarks that are incorporated in the # source code or documentation are not subject to the GNU General Public # License and may only be used or replicated with the express permission of # Red Hat, Inc. # import collections import os import re import shutil import blivet from parted import PARTITION_BIOS_GRUB from glob import glob from itertools import chain import crypt from ordered_set import OrderedSet from pyanaconda import iutil from blivet.devicelibs import raid from pyanaconda.product import productName from pyanaconda.flags import flags, can_touch_runtime_system from blivet.fcoe import fcoe import pyanaconda.network from pyanaconda.errors import errorHandler, ERROR_RAISE, ZIPLError from pyanaconda.packaging.rpmostreepayload import RPMOSTreePayload from pyanaconda.nm import nm_device_hwaddress from blivet import platform from blivet.size import Size from pyanaconda.i18n import _, N_ import logging import subprocess log = logging.getLogger("anaconda") class serial_opts(object): def __init__(self): self.speed = None self.parity = None self.word = None self.stop = None self.flow = None def parse_serial_opt(arg): """ Parse and split serial console options. .. NOTE:: Documentation/kernel-parameters.txt says: ttyS[,options] Use the specified serial port. The options are of the form "bbbbpnf", where "bbbb" is the baud rate, "p" is parity ("n", "o", or "e"), "n" is number of bits, and "f" is flow control ("r" for RTS or omit it). Default is "9600n8". but note that everything after the baud rate is optional, so these are all valid: 9600, 19200n, 38400n8, 9600e7r. Also note that the kernel assumes 1 stop bit; this can't be changed. """ opts = serial_opts() m = re.match(r'\d+', arg) if m is None: return opts opts.speed = m.group() idx = len(opts.speed) try: opts.parity = arg[idx+0] opts.word = arg[idx+1] opts.flow = arg[idx+2] except IndexError: pass return opts def _is_on_sw_iscsi(device): """Tells whether a given device is on an software iSCSI disk.""" return all(isinstance(disk, blivet.devices.iScsiDiskDevice) and not disk.offload for disk in device.disks) def _is_on_ibft(device): """Tells whether a given device is ibft disk or not.""" return all(getattr(disk, "ibft", False) for disk in device.disks) class BootLoaderError(Exception): pass class Arguments(OrderedSet): def _merge_ip(self): """ Find ip= arguments targetting the same interface and merge them. """ # partition the input def partition_p(arg): # we are only interested in ip= parameters that use some kind of # automatic network setup: return arg.startswith("ip=") and arg.count(":") == 1 ip_params = filter(partition_p, self) rest = OrderedSet(filter(lambda p: not partition_p(p), self)) # split at the colon: ip_params = map(lambda p: p.split(":"), ip_params) # create mapping from nics to their configurations config = collections.defaultdict(list) for (nic, cfg) in ip_params: config[nic].append(cfg) # generate the new parameters: ip_params = set() for nic in config: ip_params.add("%s:%s" % (nic, ",".join(sorted(config[nic])))) # update the set self.clear() self.update(rest) self.update(ip_params) return self def __str__(self): self._merge_ip() return " ".join(list(self)) def add(self, key): self.discard(key) super(Arguments, self).add(key) def update(self, other): for key in other: self.discard(key) self.add(key) class BootLoaderImage(object): """ Base class for bootloader images. Suitable for non-linux OS images. """ def __init__(self, device=None, label=None, short=None): self.label = label self.short_label = short self.device = device class LinuxBootLoaderImage(BootLoaderImage): def __init__(self, device=None, label=None, short=None, version=None): super(LinuxBootLoaderImage, self).__init__(device=device, label=label) self.label = label # label string self.short_label = short # shorter label string self.device = device # StorageDevice instance self.version = version # kernel version string self._kernel = None # filename string self._initrd = None # filename string @property def kernel(self): filename = self._kernel if self.version and not filename: filename = "vmlinuz-%s" % self.version return filename @property def initrd(self): filename = self._initrd if self.version and not filename: filename = "initramfs-%s.img" % self.version return filename class TbootLinuxBootLoaderImage(LinuxBootLoaderImage): _multiboot = "tboot.gz" # filename string _mbargs = ["logging=vga,serial,memory"] _args = ["intel_iommu=on"] def __init__(self, device=None, label=None, short=None, version=None): super(TbootLinuxBootLoaderImage, self).__init__( device=device, label=label, short=short, version=version) @property def multiboot(self): return self._multiboot @property def mbargs(self): return self._mbargs @property def args(self): return self._args class BootLoader(object): name = "Generic Bootloader" packages = [] config_file = None config_file_mode = 0o600 can_dual_boot = False can_update = False image_label_attr = "label" encryption_support = False stage2_is_valid_stage1 = False # requirements for stage2 devices stage2_device = None stage2_device_types = [] stage2_raid_levels = [] stage2_raid_metadata = [] stage2_raid_member_types = [] stage2_mountpoints = ["/boot", "/"] stage2_bootable = False stage2_must_be_primary = True stage2_description = N_("/boot file system") stage2_max_end = Size("2 TiB") @property def stage2_format_types(self): return ["ext4", "ext3", "ext2"] preserve_args = [] global_no_preserve_args = ["stage2", "root", "rescue", "rd.live.check", "ip", "repo", "ks", "rd.lvm", "rd.md", "rd.luks", "rd.dm", "rd.lvm.lv"] _trusted_boot = False def __init__(self): self.boot_args = Arguments() self.dracut_args = Arguments() self.disks = [] self._disk_order = [] # timeout in seconds self._timeout = None self.password = None # console/serial stuff self.console = "" self.console_options = "" self._set_console() # list of BootLoaderImage instances representing bootable OSs self.linux_images = [] self.chain_images = [] # default image self._default_image = None self._update_only = False self.skip_bootloader = False self.errors = [] self.warnings = [] self.reset() def reset(self): """ Reset stage1 and stage2 values """ # the device the bootloader will be installed on self.stage1_device = None # the "boot disk", meaning the disk stage1 _will_ go on self.stage1_disk = None self.stage2_device = None self.stage2_is_preferred_stage1 = False self.errors = [] self.problems = [] self.warnings = [] # # disk list access # @property def disk_order(self): """Potentially partial order for disks.""" return self._disk_order @disk_order.setter def disk_order(self, order): log.debug("new disk order: %s", order) self._disk_order = order if self.disks: self._sort_disks() def _sort_disks(self): """Sort the internal disk list. """ for name in reversed(self.disk_order): try: idx = [d.name for d in self.disks].index(name) except ValueError: log.error("bios order specified unknown disk %s", name) continue self.disks.insert(0, self.disks.pop(idx)) def set_disk_list(self, disks): self.disks = disks[:] self._sort_disks() # # image list access # @property def default(self): """The default image.""" if not self._default_image and self.linux_images: self._default_image = self.linux_images[0] return self._default_image @default.setter def default(self, image): if image not in self.images: raise ValueError("new default image not in image list") log.debug("new default image: %s", image) self._default_image = image @property def images(self): """ List of OS images that will be included in the configuration. """ all_images = self.linux_images all_images.extend(i for i in self.chain_images if i.label) return all_images def clear_images(self): """Empty out the image list.""" self.linux_images = [] self.chain_images = [] def add_image(self, image): """Add a BootLoaderImage instance to the image list.""" if isinstance(image, LinuxBootLoaderImage): self.linux_images.append(image) else: self.chain_images.append(image) def image_label(self, image): """Return the appropriate image label for this bootloader.""" return getattr(image, self.image_label_attr) # # platform-specific data access # @property def disklabel_types(self): return platform.platform._disklabel_types @property def device_descriptions(self): return platform.platform.boot_stage1_constraint_dict["descriptions"] # # constraint checking for target devices # def _is_valid_md(self, device, raid_levels=None, metadata=None, member_types=None, desc=""): ret = True if device.type != "mdarray": return ret if raid_levels and device.level not in raid_levels: levels_str = ",".join("%s" % l for l in raid_levels) self.errors.append(_("RAID sets that contain '%(desc)s' must have one " "of the following raid levels: %(raid_level)s.") % {"desc" : desc, "raid_level" : levels_str}) ret = False # new arrays will be created with an appropriate metadata format if device.exists and \ metadata and device.metadata_version not in metadata: self.errors.append(_("RAID sets that contain '%(desc)s' must have one " "of the following metadata versions: %(metadata_versions)s.") % {"desc": desc, "metadata_versions": ",".join(metadata)}) ret = False if member_types: for member in device.members: if not self._device_type_match(member, member_types): self.errors.append(_("RAID sets that contain '%(desc)s' must " "have one of the following device " "types: %(types)s.") % {"desc" : desc, "types" : ",".join(member_types)}) ret = False log.debug("_is_valid_md(%s) returning %s", device.name, ret) return ret def _is_valid_disklabel(self, device, disklabel_types=None): ret = True if self.disklabel_types: for disk in device.disks: label_type = getattr(disk.format, "label_type", None) if not label_type or label_type not in self.disklabel_types: types_str = ",".join(disklabel_types) self.errors.append(_("%(name)s must have one of the following " "disklabel types: %(types)s.") % {"name" : device.name, "types" : types_str}) ret = False log.debug("_is_valid_disklabel(%s) returning %s", device.name, ret) return ret def _is_valid_format(self, device, format_types=None, mountpoints=None, desc=""): ret = True if format_types and device.format.type not in format_types: self.errors.append(_("%(desc)s cannot be of type %(type)s.") % {"desc" : desc, "type" : device.format.type}) ret = False if mountpoints and hasattr(device.format, "mountpoint") \ and device.format.mountpoint not in mountpoints: self.errors.append(_("%(desc)s must be mounted on one of %(mountpoints)s.") % {"desc" : desc, "mountpoints" : ", ".join(mountpoints)}) ret = False log.debug("_is_valid_format(%s) returning %s", device.name, ret) return ret def _is_valid_size(self, device, desc=""): ret = True msg = None errors = [] if device.format.min_size and device.format.max_size: msg = (_("%(desc)s must be between %(min)d and %(max)d MB in size") % {"desc" : desc, "min" : device.format.min_size, "max" : device.format.max_size}) if device.format.min_size and device.size < device.format.min_size: if msg is None: errors.append(_("%(desc)s must not be smaller than %(min)dMB.") % {"desc" : desc, "min" : device.format.min_size}) else: errors.append(msg) ret = False if device.format.max_size and device.size > device.format.max_size: if msg is None: errors.append(_("%(desc)s must not be larger than %(max)dMB.") % {"desc" : desc, "max" : device.format.max_size}) elif msg not in errors: # don't add the same error string twice errors.append(msg) ret = False log.debug("_is_valid_size(%s) returning %s", device.name, ret) return ret def _is_valid_location(self, device, max_end=None, desc=""): ret = True if max_end and device.type == "partition" and device.parted_partition: end_sector = device.parted_partition.geometry.end sector_size = device.parted_partition.disk.device.sectorSize end = Size(sector_size * end_sector) if end > max_end: self.errors.append(_("%(desc)s must be within the first %(max_end)s of " "the disk.") % {"desc": desc, "max_end": max_end}) ret = False log.debug("_is_valid_location(%s) returning %s", device.name, ret) return ret def _is_valid_partition(self, device, primary=None, desc=""): ret = True if device.type == "partition" and primary and not device.is_primary: self.errors.append(_("%s must be on a primary partition.") % desc) ret = False log.debug("_is_valid_partition(%s) returning %s", device.name, ret) return ret # # target/stage1 device access # def _device_type_index(self, device, types): """ Return the index of the matching type in types to device's type. Return None if no match is found. """ index = None try: index = types.index(device.type) except ValueError: if "disk" in types and device.is_disk: index = types.index("disk") return index def _device_type_match(self, device, types): """ Return True if device is of one of the types in the list types. """ return self._device_type_index(device, types) is not None def device_description(self, device): device_types = list(self.device_descriptions.keys()) idx = self._device_type_index(device, device_types) if idx is None: raise ValueError("No description available for %s" % device.type) # this looks unnecessarily complicated, but it handles the various # device types that we treat as disks return self.device_descriptions[device_types[idx]] def set_preferred_stage1_type(self, preferred): """ Set a preferred type of stage1 device. """ if not self.stage2_is_valid_stage1: # "partition" means first sector of stage2 and is only meaningful # for bootloaders that can use stage2 as stage1 return if preferred == "mbr": # "mbr" is already the default return # partition means "use the stage2 device for a stage1 device" self.stage2_is_preferred_stage1 = True def is_valid_stage1_device(self, device, early=False): """ Return True if the device is a valid stage1 target device. Also collect lists of errors and warnings. The criteria for being a valid stage1 target device vary from platform to platform. On some platforms a disk with an msdos disklabel is a valid stage1 target, while some platforms require a special device. Some examples of these special devices are EFI system partitions on EFI machines, PReP boot partitions on iSeries, and Apple bootstrap partitions on Mac. The 'early' keyword argument is a boolean flag indicating whether or not this check is being performed at a point where the mountpoint cannot be expected to be set for things like EFI system partitions. """ self.errors = [] self.warnings = [] valid = True constraint = platform.platform.boot_stage1_constraint_dict if device is None: return False if not self._device_type_match(device, constraint["device_types"]): log.debug("stage1 device cannot be of type %s", device.type) return False if _is_on_sw_iscsi(device) and not _is_on_ibft(device): log.debug("stage1 device cannot be on an iSCSI disk") return False description = self.device_description(device) if self.stage2_is_valid_stage1 and device == self.stage2_device: # special case valid = (self.stage2_is_preferred_stage1 and self.is_valid_stage2_device(device)) # we'll be checking stage2 separately so don't duplicate messages self.problems = [] self.warnings = [] return valid if device.protected: valid = False if not self._is_valid_disklabel(device, disklabel_types=self.disklabel_types): valid = False if not self._is_valid_size(device, desc=description): valid = False if not self._is_valid_location(device, max_end=constraint["max_end"], desc=description): valid = False if not self._is_valid_md(device, raid_levels=constraint["raid_levels"], metadata=constraint["raid_metadata"], member_types=constraint["raid_member_types"], desc=description): valid = False if not self.stage2_bootable and not getattr(device, "bootable", True): log.warning("%s not bootable", device.name) # XXX does this need to be here? if getattr(device.format, "label", None) in ("ANACONDA", "LIVE"): log.info("ignoring anaconda boot disk") valid = False if early: mountpoints = [] else: mountpoints = constraint["mountpoints"] if not self._is_valid_format(device, format_types=constraint["format_types"], mountpoints=mountpoints, desc=description): valid = False if not self.encryption_support and device.encrypted: self.errors.append(_("%s cannot be on an encrypted block " "device.") % description) valid = False log.debug("is_valid_stage1_device(%s) returning %s", device.name, valid) return valid def set_stage1_device(self, devices): self.stage1_device = None if not self.stage1_disk: self.reset() raise BootLoaderError("need stage1 disk to set stage1 device") if self.stage2_is_preferred_stage1: self.stage1_device = self.stage2_device return for device in devices: if self.stage1_disk not in device.disks: continue if self.is_valid_stage1_device(device): if flags.imageInstall and device.is_disk: # GRUB2 will install to /dev/loop0 but not to # /dev/mapper/ self.stage1_device = device.parents[0] else: self.stage1_device = device break if not self.stage1_device: self.reset() raise BootLoaderError("failed to find a suitable stage1 device") # # boot/stage2 device access # def is_valid_stage2_device(self, device, linux=True, non_linux=False): """ Return True if the device is suitable as a stage2 target device. Also collect lists of errors and warnings. """ self.errors = [] self.warnings = [] valid = True if device is None: return False if device.protected: valid = False if _is_on_sw_iscsi(device) and not _is_on_ibft(device): self.errors.append(_("%s cannot be on an iSCSI disk") % self.stage2_description) valid = False if not self._device_type_match(device, self.stage2_device_types): self.errors.append(_("%(desc)s cannot be of type %(type)s") % {"desc" : _(self.stage2_description), "type" : device.type}) valid = False if not self._is_valid_disklabel(device, disklabel_types=self.disklabel_types): valid = False if not self._is_valid_size(device, desc=_(self.stage2_description)): valid = False if self.stage2_max_end and not self._is_valid_location(device, max_end=self.stage2_max_end, desc=_(self.stage2_description)): valid = False if not self._is_valid_partition(device, primary=self.stage2_must_be_primary): valid = False if not self._is_valid_md(device, raid_levels=self.stage2_raid_levels, metadata=self.stage2_raid_metadata, member_types=self.stage2_raid_member_types, desc=_(self.stage2_description)): valid = False if linux and \ not self._is_valid_format(device, format_types=self.stage2_format_types, mountpoints=self.stage2_mountpoints, desc=_(self.stage2_description)): valid = False non_linux_format_types = platform.platform._non_linux_format_types if non_linux and \ not self._is_valid_format(device, format_types=non_linux_format_types): valid = False if not self.encryption_support and device.encrypted: self.errors.append(_("%s cannot be on an encrypted block " "device.") % _(self.stage2_description)) valid = False log.debug("is_valid_stage2_device(%s) returning %s", device.name, valid) return valid # # miscellaneous # def has_windows(self, devices): return False @property def timeout(self): """Bootloader timeout in seconds.""" if self._timeout is not None: t = self._timeout else: t = 5 return t def check(self): """ Run additional bootloader checks """ return True @timeout.setter def timeout(self, seconds): self._timeout = seconds @property def update_only(self): return self._update_only @update_only.setter def update_only(self, value): if value and not self.can_update: raise ValueError("this boot loader does not support updates") elif self.can_update: self._update_only = value def set_boot_args(self, *args, **kwargs): """ Set up the boot command line. Keyword Arguments: storage - a blivet.Storage instance All other arguments are expected to have a dracutSetupArgs() method. """ storage = kwargs.pop("storage", None) # # FIPS # boot_device = storage.mountpoints.get("/boot") if flags.cmdline.get("fips") == "1" and boot_device: self.boot_args.add("boot=%s" % self.stage2_device.fstab_spec) # # dracut # # storage from blivet.devices import NetworkStorageDevice dracut_devices = [storage.root_device] if self.stage2_device != storage.root_device: dracut_devices.append(self.stage2_device) dracut_devices.extend(storage.fsset.swap_devices) # Does /usr have its own device? If so, we need to tell dracut usr_device = storage.mountpoints.get("/usr") if usr_device: dracut_devices.extend([usr_device]) netdevs = [d for d in storage.devices if (getattr(d, "complete", True) and isinstance(d, NetworkStorageDevice))] rootdev = storage.root_device if any(rootdev.depends_on(netdev) for netdev in netdevs): dracut_devices = set(dracut_devices) # By this time this thread should be the only one running, and also # mountpoints is a property function that returns a new dict every # time, so iterating over the values is safe. for dev in storage.mountpoints.values(): if any(dev.depends_on(netdev) for netdev in netdevs): dracut_devices.add(dev) done = [] for device in dracut_devices: for dep in storage.devices: if dep in done: continue if device != dep and not device.depends_on(dep): continue setup_args = dep.dracut_setup_args() if not setup_args: continue self.boot_args.update(setup_args) self.dracut_args.update(setup_args) done.append(dep) # network storage # XXX this is nothing to be proud of if isinstance(dep, NetworkStorageDevice): setup_args = pyanaconda.network.dracutSetupArgs(dep) self.boot_args.update(setup_args) self.dracut_args.update(setup_args) # passed-in objects for cfg_obj in chain(args, kwargs.values()): if hasattr(cfg_obj, "dracutSetupArgs"): setup_args = cfg_obj.dracutSetupArgs() self.boot_args.update(setup_args) self.dracut_args.update(setup_args) elif hasattr(cfg_obj, "dracut_setup_args"): setup_args = cfg_obj.dracut_setup_args() self.boot_args.update(setup_args) self.dracut_args.update(setup_args) else: setup_string = cfg_obj.dracutSetupString() self.boot_args.add(setup_string) self.dracut_args.add(setup_string) # This is needed for FCoE, bug #743784. The case: # We discover LUN on an iface which is part of multipath setup. # If the iface is disconnected after discovery anaconda doesn't # write dracut ifname argument for the disconnected iface path # (in Network.dracutSetupArgs). # Dracut needs the explicit ifname= because biosdevname # fails to rename the iface (because of BFS booting from it). for nic, _dcb, _auto_vlan in fcoe().nics: try: hwaddr = nm_device_hwaddress(nic) except ValueError: continue self.boot_args.add("ifname=%s:%s" % (nic, hwaddr.lower())) # Add iscsi_firmware to trigger dracut running iscsistart # See rhbz#1099603 and rhbz#1185792 if len(glob("/sys/firmware/iscsi_boot*")) > 0: self.boot_args.add("iscsi_firmware") # # preservation of most of our boot args # for opt in flags.cmdline.keys(): if opt in self.global_no_preserve_args: continue arg = flags.cmdline.get(opt) new_arg = opt if arg: new_arg += "=%s" % arg self.boot_args.add(new_arg) # passed-in objects for cfg_obj in chain(args, kwargs.values()): if hasattr(cfg_obj, "dracutSetupArgs"): setup_args = cfg_obj.dracutSetupArgs() self.boot_args.update(setup_args) self.dracut_args.update(setup_args) elif hasattr(cfg_obj, "dracut_setup_args"): setup_args = cfg_obj.dracut_setup_args() self.boot_args.update(setup_args) self.dracut_args.update(setup_args) else: setup_string = cfg_obj.dracutSetupString() self.boot_args.add(setup_string) self.dracut_args.add(setup_string) # # configuration # @property def boot_prefix(self): """ Prefix, if any, to paths in /boot. """ if self.stage2_device.format.mountpoint == "/": prefix = "/boot" else: prefix = "" return prefix def _set_console(self): """ Set console options based on boot arguments. """ console = flags.cmdline.get("console", "") console = os.path.basename(console) self.console, _x, self.console_options = console.partition(",") def write_config_console(self, config): """Write console-related configuration lines.""" pass def write_config_password(self, config): """Write password-related configuration lines.""" pass def write_config_header(self, config): """Write global configuration lines.""" self.write_config_console(config) self.write_config_password(config) def write_config_images(self, config): """Write image configuration entries.""" raise NotImplementedError() def write_config_post(self): pass def write_config(self): """ Write the bootloader configuration. """ if not self.config_file: raise BootLoaderError("no config file defined for this boot loader") config_path = os.path.normpath(iutil.getSysroot() + self.config_file) if os.access(config_path, os.R_OK): os.rename(config_path, config_path + ".anacbak") config = iutil.open_with_perm(config_path, "w", self.config_file_mode) self.write_config_header(config) self.write_config_images(config) config.close() self.write_config_post() @property def trusted_boot(self): return self._trusted_boot @trusted_boot.setter def trusted_boot(self, trusted_boot): self._trusted_boot = trusted_boot # # installation # def write(self): """ Write the bootloader configuration and install the bootloader. """ if self.skip_bootloader: return if self.update_only: self.update() return self.write_config() os.sync() self.stage2_device.format.sync(root=iutil.getTargetPhysicalRoot()) self.install() def install(self, args=None): raise NotImplementedError() def update(self): """ Update an existing bootloader configuration. """ pass class GRUB(BootLoader): name = "GRUB" _config_dir = "grub" _config_file = "grub.conf" _device_map_file = "device.map" can_dual_boot = True can_update = True stage2_is_valid_stage1 = True stage2_bootable = True stage2_must_be_primary = False # list of strings representing options for boot device types stage2_device_types = ["partition", "mdarray"] stage2_raid_levels = [raid.RAID1] stage2_raid_member_types = ["partition"] stage2_raid_metadata = ["0", "0.90", "1.0"] packages = ["grub"] _serial_consoles = ["ttyS"] def __init__(self): super(GRUB, self).__init__() self.encrypted_password = "" # # grub-related conveniences # def grub_device_name(self, device): """ Return a grub-friendly representation of device. """ disk = getattr(device, "disk", device) name = "(hd%d" % self.disks.index(disk) if hasattr(device, "disk"): name += ",%d" % (device.parted_partition.number - 1,) name += ")" return name @property def grub_config_dir(self): """ Config dir, adjusted for grub's view of the world. """ return self.boot_prefix + self._config_dir # # configuration # @property def config_dir(self): """ Full path to configuration directory. """ return "/boot/" + self._config_dir @property def config_file(self): """ Full path to configuration file. """ return "%s/%s" % (self.config_dir, self._config_file) @property def device_map_file(self): """ Full path to device.map file. """ return "%s/%s" % (self.config_dir, self._device_map_file) @property def grub_conf_device_line(self): return "" @property def splash_dir(self): """ relative path to splash image directory.""" return GRUB._config_dir @property def has_serial_console(self): """ true if the console is a serial console. """ return any(self.console.startswith(sconsole) for sconsole in self._serial_consoles) @property def serial_command(self): command = "" if self.console and self.has_serial_console: unit = self.console[-1] command = ["serial"] s = parse_serial_opt(self.console_options) if unit and unit != '0': command.append("--unit=%s" % unit) if s.speed and s.speed != '9600': command.append("--speed=%s" % s.speed) if s.parity: if s.parity == 'o': command.append("--parity=odd") elif s.parity == 'e': command.append("--parity=even") if s.word and s.word != '8': command.append("--word=%s" % s.word) if s.stop and s.stop != '1': command.append("--stop=%s" % s.stop) command = " ".join(command) return command def write_config_console(self, config): """ Write console-related configuration. """ if not self.console: return if self.has_serial_console: config.write("%s\n" % self.serial_command) config.write("terminal --timeout=%s serial console\n" % self.timeout) console_arg = "console=%s" % self.console if self.console_options: console_arg += ",%s" % self.console_options self.boot_args.add(console_arg) def _encrypt_password(self): """ Make sure self.encrypted_password is set up correctly. """ if self.encrypted_password: return if not self.password: raise BootLoaderError("cannot encrypt empty password") # Encrypt using sha512 and 16 character salt self.encrypted_password = crypt.crypt(self.password, crypt.METHOD_SHA512) def write_config_password(self, config): """ Write password-related configuration. """ if not self.password and not self.encrypted_password: return self._encrypt_password() password_line = "--encrypted " + self.encrypted_password config.write("password %s\n" % password_line) def write_config_header(self, config): """Write global configuration information. """ if self.boot_prefix: have_boot = "do not " else: have_boot = "" s = """# grub.conf generated by anaconda # Note that you do not have to rerun grub after making changes to this file. # NOTICE: You %(do)shave a /boot partition. This means that all kernel and # initrd paths are relative to %(boot)s, eg. # root %(grub_target)s # kernel %(prefix)s/vmlinuz-version ro root=%(root_device)s # initrd %(prefix)s/initrd-[generic-]version.img """ % {"do": have_boot, "boot": self.stage2_device.format.mountpoint, "root_device": self.stage2_device.path, "grub_target": self.grub_device_name(self.stage1_device), "prefix": self.boot_prefix} config.write(s) config.write("boot=%s\n" % self.stage1_device.path) config.write(self.grub_conf_device_line) # find the index of the default image try: default_index = self.images.index(self.default) except ValueError: # pylint: disable=no-member e = "Failed to find default image (%s)" % self.default.label raise BootLoaderError(e) config.write("default=%d\n" % default_index) config.write("timeout=%d\n" % self.timeout) self.write_config_console(config) if iutil.isConsoleOnVirtualTerminal(self.console): splash = "splash.xpm.gz" splash_path = os.path.normpath("%s/boot/%s/%s" % (iutil.getSysroot(), self.splash_dir, splash)) if os.access(splash_path, os.R_OK): grub_root_grub_name = self.grub_device_name(self.stage2_device) config.write("splashimage=%s/%s/%s\n" % (grub_root_grub_name, self.splash_dir, splash)) config.write("hiddenmenu\n") self.write_config_password(config) def write_config_images(self, config): """ Write image entries into configuration file. """ for image in self.images: args = Arguments() if isinstance(image, LinuxBootLoaderImage): grub_root = self.grub_device_name(self.stage2_device) args.update(["ro", "root=%s" % image.device.fstab_spec]) args.update(self.boot_args) if isinstance(image, TbootLinuxBootLoaderImage): args.update(image.args) snippet = ("\tkernel %(prefix)s/%(multiboot)s %(mbargs)s\n" "\tmodule %(prefix)s/%(kernel)s %(args)s\n" "\tmodule %(prefix)s/%(initrd)s\n" % {"prefix": self.boot_prefix, "multiboot": image.multiboot, "mbargs": image.mbargs, "kernel": image.kernel, "args": args, "initrd": image.initrd}) else: snippet = ("\tkernel %(prefix)s/%(kernel)s %(args)s\n" "\tinitrd %(prefix)s/%(initrd)s\n" % {"prefix": self.boot_prefix, "kernel": image.kernel, "args": args, "initrd": image.initrd}) stanza = ("title %(label)s (%(version)s)\n" "\troot %(grub_root)s\n" "%(snippet)s" % {"label": image.label, "version": image.version, "grub_root": grub_root, "snippet": snippet}) else: stanza = ("title %(label)s\n" "\trootnoverify %(grub_root)s\n" "\tchainloader +1\n" % {"label": image.label, "grub_root": self.grub_device_name(image.device)}) log.info("bootloader.py: used boot args: %s ", args) config.write(stanza) def write_device_map(self): """ Write out a device map containing all supported devices. """ map_path = os.path.normpath(iutil.getSysroot() + self.device_map_file) if os.access(map_path, os.R_OK): os.rename(map_path, map_path + ".anacbak") dev_map = open(map_path, "w") dev_map.write("# this device map was generated by anaconda\n") for disk in self.disks: dev_map.write("%s %s\n" % (self.grub_device_name(disk), disk.path)) dev_map.close() def write_config_post(self): """ Perform additional configuration after writing config file(s). """ super(GRUB, self).write_config_post() # make symlink for menu.lst (grub's default config file name) menu_lst = "%s%s/menu.lst" % (iutil.getSysroot(), self.config_dir) if os.access(menu_lst, os.R_OK): try: os.rename(menu_lst, menu_lst + '.anacbak') except OSError as e: log.error("failed to back up %s: %s", menu_lst, e) try: os.symlink(self._config_file, menu_lst) except OSError as e: log.error("failed to create grub menu.lst symlink: %s", e) # make symlink to grub.conf in /etc since that's where configs belong etc_grub = "%s/etc/%s" % (iutil.getSysroot(), self._config_file) if os.access(etc_grub, os.R_OK): try: os.unlink(etc_grub) except OSError as e: log.error("failed to remove %s: %s", etc_grub, e) try: os.symlink("..%s" % self.config_file, etc_grub) except OSError as e: log.error("failed to create /etc/grub.conf symlink: %s", e) def write_config(self): """ Write bootloader configuration to disk. """ # write device.map self.write_device_map() # this writes the actual configuration file super(GRUB, self).write_config() # # installation # @property def install_targets(self): """ List of (stage1, stage2) tuples representing install targets. """ targets = [] # make sure we have stage1 and stage2 installed with redundancy # so that boot can succeed even in the event of failure or removal # of some of the disks containing the member partitions of the # /boot array. If the stage1 is not a disk, it probably needs to # be a partition on a particular disk (biosboot, prepboot), so only # add the redundant targets if installing stage1 to a disk that is # a member of the stage2 array. # Look for both mdraid and btrfs raid if self.stage2_device.type == "mdarray" and \ self.stage2_device.level in self.stage2_raid_levels: stage2_raid = True # Set parents to the list of partitions in the RAID stage2_parents = self.stage2_device.parents elif self.stage2_device.type == "btrfs subvolume" and \ self.stage2_device.parents[0].data_level in self.stage2_raid_levels: stage2_raid = True # Set parents to the list of partitions in the parent volume stage2_parents = self.stage2_device.parents[0].parents else: stage2_raid = False if stage2_raid and \ self.stage1_device.is_disk and \ self.stage2_device.depends_on(self.stage1_device): for stage2dev in stage2_parents: # if target disk contains any of /boot array's member # partitions, set up stage1 on each member's disk stage1dev = stage2dev.disk targets.append((stage1dev, self.stage2_device)) else: targets.append((self.stage1_device, self.stage2_device)) return targets def install(self, args=None): rc = iutil.execInSysroot("grub-install", ["--just-copy"]) if rc: raise BootLoaderError("boot loader install failed") for (stage1dev, stage2dev) in self.install_targets: cmd = ("root %(stage2dev)s\n" "install --stage2=%(config_dir)s/stage2" " /%(grub_config_dir)s/stage1 d %(stage1dev)s" " /%(grub_config_dir)s/stage2 p" " %(stage2dev)s/%(grub_config_dir)s/%(config_basename)s\n" % {"grub_config_dir": self.grub_config_dir, "config_dir": self.config_dir, "config_basename": self._config_file, "stage1dev": self.grub_device_name(stage1dev), "stage2dev": self.grub_device_name(stage2dev)}) (pread, pwrite) = os.pipe() os.write(pwrite, cmd.encode("utf-8")) os.close(pwrite) args = ["--batch", "--no-floppy", "--device-map=%s" % self.device_map_file] rc = iutil.execInSysroot("grub", args, stdin=pread) os.close(pread) if rc: raise BootLoaderError("boot loader install failed") def update(self): self.install() # # miscellaneous # def has_windows(self, devices): """ Potential boot devices containing non-linux operating systems. """ # make sure we don't clobber error/warning lists errors = self.errors[:] warnings = self.warnings[:] ret = [d for d in devices if self.is_valid_stage2_device(d, linux=False, non_linux=True)] self.errors = errors self.warnings = warnings return bool(ret) # Add a warning about certain RAID situations to is_valid_stage2_device def is_valid_stage2_device(self, device, linux=True, non_linux=False): valid = super(GRUB, self).is_valid_stage2_device(device, linux, non_linux) # If the stage2 device is on a raid1, check that the stage1 device is also redundant, # either by also being part of an array or by being a disk (which is expanded # to every disk in the array by install_targets). if self.stage1_device and self.stage2_device and \ self.stage2_device.type == "mdarray" and \ self.stage2_device.level in self.stage2_raid_levels and \ self.stage1_device.type != "mdarray": if not self.stage1_device.is_disk: msg = _("boot loader stage2 device %(stage2dev)s is on a multi-disk array, but boot loader stage1 device %(stage1dev)s is not. " \ "A drive failure in %(stage2dev)s could render the system unbootable.") % \ {"stage1dev" : self.stage1_device.name, "stage2dev" : self.stage2_device.name} self.warnings.append(msg) elif not self.stage2_device.depends_on(self.stage1_device): msg = _("boot loader stage2 device %(stage2dev)s is on a multi-disk array, but boot loader stage1 device %(stage1dev)s is not part of this array. " \ "The stage1 boot loader will only be installed to a single drive.") % \ {"stage1dev" : self.stage1_device.name, "stage2dev" : self.stage2_device.name} self.warnings.append(msg) return valid class GRUB2(GRUB): """ GRUBv2 - configuration - password (insecure), password_pbkdf2 - http://www.gnu.org/software/grub/manual/grub.html#Invoking-grub_002dmkpasswd_002dpbkdf2 - --users per-entry specifies which users can access, otherwise entry is unrestricted - /etc/grub/custom.cfg - how does grub resolve names of md arrays? - disable automatic use of grub-mkconfig? - on upgrades? - BIOS boot partition (GPT) - parted /dev/sda set bios_grub on - can't contain a file system - 31KiB min, 1MiB recommended """ name = "GRUB2" packages = ["grub2"] _config_file = "grub.cfg" _config_dir = "grub2" defaults_file = "/etc/default/grub" stage2_max_end = None can_dual_boot = True can_update = True terminal_type = "gfxterm" # requirements for boot devices stage2_device_types = ["partition", "mdarray", "lvmlv"] stage2_raid_levels = [raid.RAID0, raid.RAID1, raid.RAID4, raid.RAID5, raid.RAID6, raid.RAID10] stage2_raid_metadata = ["0", "0.90", "1.0", "1.2"] stage2_format_types = ["ext4", "ext3", "ext2", "btrfs", "xfs"] def __init__(self): super(GRUB2, self).__init__() self.encryption_support = True self.stage2_format_types += ["lvmlv"] self.skip_bootloader = flags.cmdline.getbool("skip_grub", False) # XXX we probably need special handling for raid stage1 w/ gpt disklabel # since it's unlikely there'll be a bios boot partition on each disk # # grub-related conveniences # def grub_device_name(self, device): """ Return a grub-friendly representation of device. Disks and partitions use the (hdX,Y) notation, while lvm and md devices just use their names. """ disk = None name = "(%s)" % device.name if device.is_disk: disk = device elif hasattr(device, "disk"): disk = device.disk if disk is not None: name = "(hd%d" % self.disks.index(disk) if hasattr(device, "disk"): lt = device.disk.format.label_type name += ",%s%d" % (lt, device.parted_partition.number) name += ")" return name def write_config_console(self, config): if not self.console: return console_arg = "console=%s" % self.console if self.console_options: console_arg += ",%s" % self.console_options self.boot_args.add(console_arg) def write_device_map(self): """ Write out a device map containing all supported devices. """ map_path = os.path.normpath(iutil.getSysroot() + self.device_map_file) if os.access(map_path, os.R_OK): os.rename(map_path, map_path + ".anacbak") devices = self.disks if self.stage1_device not in devices: devices.append(self.stage1_device) for disk in self.stage2_device.disks: if disk not in devices: devices.append(disk) devices = [d for d in devices if d.is_disk] if len(devices) == 0: return dev_map = open(map_path, "w") dev_map.write("# this device map was generated by anaconda\n") for drive in devices: dev_map.write("%s %s\n" % (self.grub_device_name(drive), drive.path)) dev_map.close() def write_defaults(self): defaults_file = "%s%s" % (iutil.getSysroot(), self.defaults_file) defaults = open(defaults_file, "w+") defaults.write("GRUB_TIMEOUT=%d\n" % self.timeout) defaults.write("GRUB_DISTRIBUTOR=\"$(sed 's, release .*$,,g' /etc/system-release)\"\n") defaults.write("GRUB_DEFAULT=saved\n") defaults.write("GRUB_DISABLE_SUBMENU=true\n") if self.console and self.has_serial_console: defaults.write("GRUB_TERMINAL=\"serial console\"\n") defaults.write("GRUB_SERIAL_COMMAND=\"%s\"\n" % self.serial_command) else: defaults.write("GRUB_TERMINAL_OUTPUT=\"%s\"\n" % self.terminal_type) # this is going to cause problems for systems containing multiple # linux installations or even multiple boot entries with different # boot arguments log.info("bootloader.py: used boot args: %s ", self.boot_args) defaults.write("GRUB_CMDLINE_LINUX=\"%s\"\n" % self.boot_args) defaults.write("GRUB_CMDLINE_XEN_DEFAULT=\"console=none dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx\"\n") defaults.write("GRUB_DISABLE_RECOVERY=\"true\"\n") defaults.write("GRUB_THEME=\"/boot/grub2/themes/system/theme.txt\"\n") defaults.write("GRUB_DISABLE_OS_PROBER=\"true\"\n") defaults.close() def _encrypt_password(self): """ Make sure self.encrypted_password is set up properly. """ if self.encrypted_password: return if not self.password: raise RuntimeError("cannot encrypt empty password") (pread, pwrite) = os.pipe() passwords = "%s\n%s\n" % (self.password, self.password) os.write(pwrite, passwords.encode("utf-8")) os.close(pwrite) buf = iutil.execWithCapture("grub2-mkpasswd-pbkdf2", [], stdin=pread, root=iutil.getSysroot()) os.close(pread) self.encrypted_password = buf.split()[-1].strip() if not self.encrypted_password.startswith("grub.pbkdf2."): raise BootLoaderError("failed to encrypt boot loader password") def write_password_config(self): if not self.password and not self.encrypted_password: return users_file = iutil.getSysroot() + "/etc/grub.d/01_users" header = iutil.open_with_perm(users_file, "w", 0o700) header.write("#!/bin/sh -e\n\n") header.write("cat << \"EOF\"\n") # XXX FIXME: document somewhere that the username is "root" header.write("set superusers=\"root\"\n") header.write("export superusers\n") self._encrypt_password() password_line = "password_pbkdf2 root " + self.encrypted_password header.write("%s\n" % password_line) header.write("EOF\n") header.close() def write_config(self): self.write_config_console(None) # See if we have a password and if so update the boot args before we # write out the defaults file. if self.password or self.encrypted_password: self.boot_args.add("rd.shell=0") self.write_defaults() # if we fail to setup password auth we should complete the # installation so the system is at least bootable try: self.write_password_config() except (BootLoaderError, OSError, RuntimeError) as e: log.error("boot loader password setup failed: %s", e) # disable non-xen entries os.chmod("%s/etc/grub.d/10_linux" % iutil.getSysroot(), 0o644) # make sure the default entry is the OS we are installing if self.default is not None: # find the index of the default image try: default_index = self.images.index(self.default) except ValueError: # pylint: disable=no-member log.warning("Failed to find default image (%s), defaulting to 0", self.default.label) default_index = 0 rc = iutil.execInSysroot("grub2-set-default", [str(default_index)]) if rc: log.error("failed to set default menu entry to %s", productName) # now tell grub2 to generate the main configuration file rc = iutil.execInSysroot("grub2-mkconfig", ["-o", self.config_file]) if rc: raise BootLoaderError("failed to write boot loader configuration") # # installation # def install(self, args=None): if args is None: args = [] # XXX will installing to multiple drives work as expected with GRUBv2? for (stage1dev, stage2dev) in self.install_targets: grub_args = args + ["--no-floppy", stage1dev.path] if stage1dev == stage2dev: # This is hopefully a temporary hack. GRUB2 currently refuses # to install to a partition's boot block without --force. grub_args.insert(0, '--force') else: if flags.nombr: grub_args.insert(0, '--grub-setup=/bin/true') log.info("bootloader.py: mbr update by grub2 disabled") else: log.info("bootloader.py: mbr will be updated for grub2") rc = iutil.execWithRedirect("grub2-install", grub_args, root=iutil.getSysroot(), env_prune=['MALLOC_PERTURB_']) if rc: raise BootLoaderError("boot loader install failed") def write(self): """ Write the bootloader configuration and install the bootloader. """ if self.skip_bootloader: return if self.update_only: self.update() return try: self.write_device_map() self.stage2_device.format.sync(root=iutil.getTargetPhysicalRoot()) os.sync() self.install() os.sync() self.stage2_device.format.sync(root=iutil.getTargetPhysicalRoot()) finally: self.write_config() os.sync() self.stage2_device.format.sync(root=iutil.getTargetPhysicalRoot()) def check(self): """ When installing to the mbr of a disk grub2 needs enough space before the first partition in order to embed its core.img Until we have a way to ask grub2 what the size is we check to make sure it starts >= 512K, otherwise return an error. """ ret = True base_gap_bytes = 32256 # 31.5KiB advanced_gap_bytes = 524288 # 512KiB self.errors = [] self.warnings = [] if self.stage1_device == self.stage2_device: return ret # These are small enough to fit if self.stage2_device.type == "partition": min_start = base_gap_bytes else: min_start = advanced_gap_bytes if not self.stage1_disk: return False # If the first partition starts too low and there is no biosboot partition show an error. error_msg = None biosboot = False parts = self.stage1_disk.format.parted_disk.partitions for p in parts: if p.getFlag(PARTITION_BIOS_GRUB): biosboot = True break start = p.geometry.start * p.disk.device.sectorSize if start < min_start: error_msg = _("%(deviceName)s may not have enough space for grub2 to embed " "core.img when using the %(fsType)s file system on %(deviceType)s") \ % {"deviceName": self.stage1_device.name, "fsType": self.stage2_device.format.type, "deviceType": self.stage2_device.type} if error_msg and not biosboot: log.error(error_msg) self.errors.append(error_msg) ret = False return ret class EFIBase(object): @property def _config_dir(self): return "efi/EFI/%s" % (self.efi_dir,) # pylint: disable=no-member def efibootmgr(self, *args, **kwargs): if flags.imageInstall or flags.dirInstall: log.info("Skipping efibootmgr for image/directory install.") return "" if "noefi" in flags.cmdline: log.info("Skipping efibootmgr for noefi") return "" if kwargs.pop("capture", False): exec_func = iutil.execWithCapture else: exec_func = iutil.execWithRedirect if "root" not in kwargs: kwargs["root"] = iutil.getSysroot() return exec_func("efibootmgr", list(args), **kwargs) @property def efi_dir_as_efifs_dir(self): ret = self._config_dir.replace('efi/', '') return "\\" + ret.replace('/', '\\') def _add_single_efi_boot_target(self, partition): boot_disk = partition.disk boot_part_num = str(partition.parted_partition.number) rc = self.efibootmgr( "-c", "-w", "-L", productName.split("-")[0], # pylint: disable=no-member "-d", boot_disk.path, "-p", boot_part_num, "-l", self.efi_dir_as_efifs_dir + self._efi_binary, # pylint: disable=no-member root=iutil.getSysroot() ) if rc: raise BootLoaderError("failed to set new efi boot target. This is most likely a kernel or firmware bug.") def add_efi_boot_target(self): if self.stage1_device.type == "partition": # pylint: disable=no-member self._add_single_efi_boot_target(self.stage1_device) # pylint: disable=no-member elif self.stage1_device.type == "mdarray": # pylint: disable=no-member for parent in self.stage1_device.parents: # pylint: disable=no-member self._add_single_efi_boot_target(parent) def remove_efi_boot_target(self): buf = self.efibootmgr(capture=True) for line in buf.splitlines(): try: (slot, _product) = line.split(None, 1) except ValueError: continue if _product == productName.split("-")[0]: # pylint: disable=no-member slot_id = slot[4:8] # slot_id is hex, we can't use .isint and use this regex: if not re.match("^[0-9a-fA-F]+$", slot_id): log.warning("failed to parse efi boot slot (%s)", slot) continue rc = self.efibootmgr("-b", slot_id, "-B", root=iutil.getSysroot()) if rc: raise BootLoaderError("failed to remove old efi boot entry. This is most likely a kernel or firmware bug.") def update(self): self.install() def write(self): """ Write the bootloader configuration and install the bootloader. """ if self.skip_bootloader: # pylint: disable=no-member return if self.update_only: # pylint: disable=no-member self.update() return try: os.sync() self.stage2_device.format.sync(root=iutil.getTargetPhysicalRoot()) # pylint: disable=no-member self.install() finally: self.write_config() # pylint: disable=no-member def check(self): return True def install(self, args=None): if not flags.leavebootorder: self.remove_efi_boot_target() self.add_efi_boot_target() class EFIGRUB1(EFIBase, GRUB): packages = ["efibootmgr"] can_dual_boot = False # list of strings representing options for boot device types stage2_device_types = ["partition"] stage2_raid_levels = [] stage2_raid_member_types = [] stage2_raid_metadata = [] stage2_is_valid_stage1 = False stage2_bootable = False stage2_max_end_mb = None # # configuration # @property def efi_product_path(self): """ The EFI product path. eg: HD(1,800,64000,faacb4ef-e361-455e-bd97-ca33632550c3) """ buf = self.efibootmgr("-v", stderr="/dev/tty5", capture=True) matches = re.search(productName + r'\s+(HD$.+?$)', buf) if matches and matches.groups(): return matches.group(1) return "" @property def grub_conf_device_line(self): return "device %s %s\n" % (self.grub_device_name(self.stage2_device), self.efi_product_path) class EFIGRUB(EFIBase, GRUB2): packages = ["grub2-efi", "efibootmgr", "shim"] can_dual_boot = False stage2_is_valid_stage1 = False stage2_bootable = False _efi_binary = "\\shim.efi" def __init__(self): super(EFIGRUB, self).__init__() self.efi_dir = 'BOOT' class Aarch64EFIGRUB(EFIGRUB): _serial_consoles = ["ttyAMA", "ttyS"] class XenEFI(EFIGRUB): packages = ["efibootmgr"] _config_file = 'xen.cfg' # stage2 not used at all, so allow any type stage2_device_types = ["partition", "mdarray", "lvmlv"] def __init__(self): super(XenEFI, self).__init__() self.efi_dir = 'qubes' def add_efi_boot_target(self): if self.stage1_device.type == "partition": boot_disk = self.stage1_device.disk boot_part_num = self.stage1_device.parted_partition.number elif self.stage1_device.type == "mdarray": # FIXME: I'm just guessing here. This probably needs the full # treatment, ie: multiple targets for each member. boot_disk = self.stage1_device.parents[0].disk boot_part_num = self.stage1_device.parents[0].parted_partition.number boot_part_num = str(boot_part_num) # could be an old version, replace in case xen_efi_target = "{}/{}".format(iutil.getSysroot() + self.config_dir, "xen.efi") if os.path.exists(xen_efi_target): os.remove(xen_efi_target) xen_efi = [x for x in sorted(os.listdir(iutil.getSysroot() + self.config_dir)) if x.startswith('xen-') and x.endswith('.efi')][-1] shutil.copy("{}/{}".format(iutil.getSysroot() + self.config_dir, xen_efi), xen_efi_target) rc = self.efibootmgr("-c", "-w", "-L", productName, "-d", boot_disk.path, "-p", boot_part_num, "-l", self.efi_dir_as_efifs_dir + "\\xen.efi", root=iutil.getSysroot()) if rc: raise BootLoaderError("failed to set new efi boot target") def add_image(self, image): super(XenEFI, self).add_image(image) shutil.copy("{}/boot/{}".format(iutil.getSysroot(), image.kernel), os.path.normpath( "{}/{}".format(iutil.getSysroot() + self.config_dir, image.kernel))) if image.initrd is not None: shutil.copy("{}/boot/{}".format(iutil.getSysroot(), image.initrd), os.path.normpath( "{}/{}".format(iutil.getSysroot() + self.config_dir, image.initrd))) def write_config_header(self, config): config.write("[global]\n") config.write("default={}\n".format(self.default.version)) def write_config_images(self, config): for image in self.images: config.write("\n") config.write("[{}]\n".format(image.version)) config.write("options=loglvl=all dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx\n") config.write("kernel={} root={} {}\n".format( image.kernel, image.device.fstab_spec, self.boot_args)) config.write("ramdisk={}\n".format(image.initrd)) def write_config_console(self, config): pass def write_config_post(self): pass def is_valid_stage2_device(self, device, linux=True, non_linux=False): """ XenEFI doesn't use stage2 at all, so allow anything here """ return True write_config = BootLoader.write_config class MacEFIGRUB(XenEFI): """Special EFI handling for macOS HFS+ ESP partition. Typical GRUB2 installations would execute the script located at /usr/libexec/mactel-boot-setup which would modify the HFS+ ESP files and bless the specified efi. However, we are not using GRUB at this time which would cause that script to exit earlier. In this class, we will execute the relevant commands to symlink the efi file in the /System directory as well the cfg file. Lastly, macOS requires the bootable efi file to be blessed. """ def __init__(self): super(MacEFIGRUB, self).__init__() self._mountpoint = "/boot/efi" # fixme: extract from writeBootLoader() self._system_label = "Qubes OS" self._mactel_sys_dir = "{}/{}".format(self._mountpoint, "/System/Library/Coreservices") self._mactel_artwork_dir = "{}/{}".format("/usr/share/pixmaps/bootloader/apple", self.efi_dir) def mactel_config(self): """Modifies the HFS+ ESP partition to be bootable. Based on the /usr/libexec/mactel-boot-setup script, we will create two symlinks pointing to the Qubes Xen version that is installed and configured for the system. We also need to run hfs-bless on the specific EFI file we allow to be bootable. """ log.info("mactel configure MacEFI boot partition") not_ready = False xen_efi_file = "{}/{}".format(iutil.getSysroot() + self.config_dir, "xen.efi") if not os.path.exists(xen_efi_file): log.waring("mactel efi file not found: %s", xen_efi_file) not_ready = True xen_cfg_file = "{}/{}".format(iutil.getSysroot() + self.config_dir, "xen.cfg") if not os.path.exists(xen_cfg_file): log.warning("mactel efi cfg not found: %s", xen_cfg_file) not_ready = True if not_ready: log.error("mactel cannot continue with mactel_config. see log for details.") return sys_dir = iutil.getSysroot() + self._mactel_sys_dir if not os.path.exists(sys_dir): try: os.makedirs(sys_dir) except Exception as error: log.warning("mactel tried to create sys_dir %s but received error: %s", sys_dir, error) src_efi = "{}/{}".format("../../../EFI/" + self.efi_dir, "xen.efi") sys_efi = "{}/{}".format(sys_dir, "boot.efi") self._symlink(src_efi, sys_efi) src_cfg = "{}/{}".format("../../../EFI/" + self.efi_dir, "xen.cfg") sys_cfg = "{}/{}".format(sys_dir, "xen.cfg") # convention for Xen's cfg lookup self._symlink(src_cfg, sys_cfg) result_code = iutil.execInSysroot("touch", ["{}/{}".format(self._mountpoint, "mach_kernel")]) if result_code: log.error("mactel failed to touch: %s", "{}/{}".format(self._mountpoint, "mach_kernel")) text = """ ProductBuildVersion ProductName Linux ProductVersion {} """.format(self._system_label) sys_ver_file_name = "{}/{}".format(sys_dir, "SystemVersion.plist") try: with open(sys_ver_file_name, "w") as sys_version_file: sys_version_file.write(text) except IOError as error: log.error("mactel failed to open %s for write: %s", sys_ver_file_name, error) cfg_ver_file_name = "{}/{}".format(iutil.getSysroot() + self.config_dir, "SystemVersion.plist") self._copy_file(sys_ver_file_name, cfg_ver_file_name) bless_file = "{}/{}".format(self.config_dir, "xen.efi") result_code = iutil.execInSysroot("hfs-bless", [bless_file]) if result_code: log.error("mactel failed to run 'hfs-bless %s'", bless_file) # make the partition macOS friendly (e.g. to set rescue mode from macOS) fseventsd = "{}/{}".format(iutil.getSysroot() + self._mountpoint, ".fseventsd") try: os.makedirs(fseventsd) except Exception as error: log.error("mactel could not make directory %s: %s", fseventsd, error) touch_files = [ "{}/{}/{}".format(self._mountpoint, ".fseventsd", "no_log"), "{}/{}".format(self._mountpoint, ".metadata_never_index"), "{}/{}".format(self._mountpoint, ".Trashes")] result_code = iutil.execInSysroot("touch", touch_files) if result_code: log.error("mactel failed to touch: %s", touch_files) text = """Qubes OS CAUTION -- This partition is used to boot Qubes OS on a macOS machine. Modifying the contents could render your installation unbootable. RESCUE / RECOVERY MODE -- In the event that you need to boot into Rescue mode, you will need to change the default Xen configuration. 0. Backup your xen.cfg. cp /EFI/qubes/xen.cfg /EFI/qubes/xen.cfg~ 1. Open /EFI/qubes/xen.cfg 2. Look at the sections with the named headers. One may already be named "qubes-rescue", which we will use in Step 4 below. If not, we will need to make one. Copy your current configuration to another entry. But change the kernel line to only have "rescue" at the end. As an example only: [qubes-rescue] options=loglvl=all dom0_mem=min:1024M dom0_mem=max:4096M iommu=no-igfx kernel=vmlinuz-4.14.13-2.pvops.qubes.x86_64 rescue ramdisk=initramfs-4.14.13-2.pvops.qubes.x86_64.img Do not simply copy this section above. You will need to make sure all of your existing parameters, vmlinuz and initramfs versions match your current kernel(s) you are booting. 3. At the top of the file, edit the default link to use your new entry. [global] default=qubes-rescue Now when you reboot using Boot Camp and select "Qubes OS", it will boot into Rescue mode. To revert, change the default entry back to the original first entry name.""" readme = "{}/{}".format(iutil.getSysroot() + self._mountpoint, "00-README.txt") try: with open(readme, "w") as readme_file: readme_file.write(text) except IOError as error: log.error("mactel failed to open %s for write: %s", readme, error) def mactel_install_qubes_artwork(self): """Configures the Qubes logo and label for macOS boot selector. Shows during boot selection options. .disk_label is defined as a text representation of the volume label converted to a special image. See this link for more details: http://refit.sourceforge.net/info/vollabel.html .VolumeIcon.icns is defined as an ICNS image format of 512x512. """ log.info("mactel creating Qubes Artwork") artwork_dir = self._mactel_artwork_dir if not os.path.exists(artwork_dir): log.debug("mactel using sysroot for artwork prefix") artwork_dir = iutil.getSysroot() + artwork_dir if not os.path.exists(artwork_dir): log.warning("mactel artwork missing from: %s", artwork_dir) return icon_src = artwork_dir + ".icns" if os.path.exists(icon_src): icon_dst_fil = "{}/{}".format(iutil.getSysroot() + self._mountpoint, ".VolumeIcon.icns") self._copy_file(icon_src, icon_dst_fil) else: log.warning("mactel volume icon not found: %s", icon_src) src_files = os.listdir(artwork_dir) for file_name in src_files: full_file_name = "{}/{}".format(artwork_dir, file_name) if os.path.isfile(full_file_name): sys_dir_file_name = "{}/{}".format(iutil.getSysroot() + self._mactel_sys_dir, "." + file_name) self._copy_file(full_file_name, sys_dir_file_name) config_dir = iutil.getSysroot() + self.config_dir if os.path.exists(config_dir): dest = "{}/{}".format(config_dir, "." + file_name) self._copy_file(full_file_name, dest) def install(self, args=None): super(MacEFIGRUB, self).install() log.info("Installing mactel MacEFI") self.mactel_config() self.mactel_install_qubes_artwork() def is_valid_stage1_device(self, device, early=False): valid = super(MacEFIGRUB, self).is_valid_stage1_device(device, early) # Make sure we don't pick the OSX root partition if valid and getattr(device.format, "name", "") != "Linux HFS+ ESP": valid = False if hasattr(device.format, "name"): log.debug("device.format.name is '%s'", device.format.name) log.debug("MacEFIGRUB.is_valid_stage1_device(%s) returning %s", device.name, valid) return valid @staticmethod def _symlink(source="", target=""): """Creates a symlink between source and target.""" try: os.symlink(source, target) except OSError as error: log.error("mactel failed to symlink %s -> %s : %s", source, target, error) @staticmethod def _copy_file(source="", target=""): """Copies source to target using shutil. Also chmod to 0644.""" try: shutil.copy(source, target) os.chmod(target, 0o644) except OSError as error: log.error("mactel failed to copy %s to %s: %s", source, target, error) # Inherit abstract methods from BootLoader # pylint: disable=abstract-method class YabootBase(BootLoader): def write_config_password(self, config): if self.password: config.write("password=%s\n" % self.password) config.write("restricted\n") def write_config_images(self, config): for image in self.images: if not isinstance(image, LinuxBootLoaderImage): # mac os images are handled specially in the header on mac continue args = Arguments() if self.password: args.add("rd.shell=0") if image.initrd: initrd_line = "\tinitrd=%s/%s\n" % (self.boot_prefix, image.initrd) else: initrd_line = "" root_device_spec = image.device.fstab_spec if root_device_spec.startswith("/"): root_line = "\troot=%s\n" % root_device_spec else: args.add("root=%s" % root_device_spec) root_line = "" args.update(self.boot_args) log.info("bootloader.py: used boot args: %s ", args) stanza = ("image=%(boot_prefix)s%(kernel)s\n" "\tlabel=%(label)s\n" "\tread-only\n" "%(initrd_line)s" "%(root_line)s" "\tappend=\"%(args)s\"\n\n" % {"kernel": image.kernel, "initrd_line": initrd_line, "label": self.image_label(image), "root_line": root_line, "args": args, "boot_prefix": self.boot_prefix}) config.write(stanza) class Yaboot(YabootBase): name = "Yaboot" _config_file = "yaboot.conf" prog = "ybin" image_label_attr = "short_label" packages = ["yaboot"] # stage2 device requirements stage2_device_types = ["partition", "mdarray"] stage2_device_raid_levels = [raid.RAID1] # # configuration # @property def config_dir(self): conf_dir = "/etc" if self.stage2_device.format.mountpoint == "/boot": conf_dir = "/boot/etc" return conf_dir @property def config_file(self): return "%s/%s" % (self.config_dir, self._config_file) def write_config_header(self, config): if self.stage2_device.type == "mdarray": boot_part_num = self.stage2_device.parents[0].parted_partition.number else: boot_part_num = self.stage2_device.parted_partition.number # yaboot.conf timeout is in tenths of a second. Brilliant. header = ("# yaboot.conf generated by anaconda\n\n" "boot=%(stage1dev)s\n" "init-message=\"Welcome to %(product)s!\\nHit for " "boot options\"\n\n" "partition=%(part_num)d\n" "timeout=%(timeout)d\n" "install=/usr/lib/yaboot/yaboot\n" "delay=5\n" "enablecdboot\n" "enableofboot\n" "enablenetboot\n" % {"stage1dev": self.stage1_device.path, "product": productName, "part_num": boot_part_num, "timeout": self.timeout * 10}) config.write(header) self.write_config_variant_header(config) self.write_config_password(config) config.write("\n") def write_config_variant_header(self, config): config.write("nonvram\n") config.write("mntpoint=/boot/yaboot\n") config.write("usemount\n") def write_config_post(self): super(Yaboot, self).write_config_post() # make symlink in /etc to yaboot.conf if config is in /boot/etc etc_yaboot_conf = iutil.getSysroot() + "/etc/yaboot.conf" if not os.access(etc_yaboot_conf, os.R_OK): try: os.symlink("../boot/etc/yaboot.conf", etc_yaboot_conf) except OSError as e: log.error("failed to create /etc/yaboot.conf symlink: %s", e) def write_config(self): if not os.path.isdir(iutil.getSysroot() + self.config_dir): os.mkdir(iutil.getSysroot() + self.config_dir) # this writes the config super(Yaboot, self).write_config() # # installation # def install(self, args=None): args = ["-f", "-C", self.config_file] rc = iutil.execInSysroot(self.prog, args) if rc: raise BootLoaderError("boot loader installation failed") class IPSeriesYaboot(Yaboot): prog = "mkofboot" # # configuration # def write_config_variant_header(self, config): config.write("nonvram\n") # only on pSeries? config.write("fstype=raw\n") # # installation # def install(self, args=None): self.updatePowerPCBootList() super(IPSeriesYaboot, self).install() def updatePowerPCBootList(self): if not can_touch_runtime_system("updatePowerPCBootList", touch_live=True): return log.debug("updatePowerPCBootList: self.stage1_device.path = %s", self.stage1_device.path) buf = iutil.execWithCapture("nvram", ["--print-config=boot-device"]) if len(buf) == 0: log.error("FAIL: nvram --print-config=boot-device") return boot_list = buf.strip().split() log.debug("updatePowerPCBootList: boot_list = %s", boot_list) buf = iutil.execWithCapture("ofpathname", [self.stage1_device.path]) if len(buf) > 0: boot_disk = buf.strip() log.debug("updatePowerPCBootList: boot_disk = %s", boot_disk) else: log.error("FAIL: ofpathname %s", self.stage1_device.path) return # Place the disk containing the PReP partition first. # Remove all other occurances of it. boot_list = [boot_disk] + [x for x in boot_list if x != boot_disk] log.debug("updatePowerPCBootList: updated boot_list = %s", boot_list) update_value = "boot-device=%s" % " ".join(boot_list) rc = iutil.execWithRedirect("nvram", ["--update-config", update_value]) if rc: log.error("FAIL: nvram --update-config %s", update_value) else: log.info("Updated PPC boot list with the command: nvram --update-config %s", update_value) class IPSeriesGRUB2(GRUB2): # GRUB2 sets /boot bootable and not the PReP partition. This causes the Open Firmware BIOS not # to present the disk as a bootable target. If stage2_bootable is False, then the PReP partition # will be marked bootable. Confusing. stage2_bootable = False terminal_type = "ofconsole" # # installation # def install(self, args=None): if flags.leavebootorder: log.info("leavebootorder passed as an option. Will not update the NVRAM boot list.") else: self.updateNVRAMBootList() super(IPSeriesGRUB2, self).install(args=["--no-nvram"]) # This will update the PowerPC's (ppc) bios boot devive order list def updateNVRAMBootList(self): if not can_touch_runtime_system("updateNVRAMBootList", touch_live=True): return log.debug("updateNVRAMBootList: self.stage1_device.path = %s", self.stage1_device.path) buf = iutil.execWithCapture("nvram", ["--print-config=boot-device"]) if len(buf) == 0: log.error("Failed to determine nvram boot device") return boot_list = buf.strip().replace("\"", "").split() log.debug("updateNVRAMBootList: boot_list = %s", boot_list) buf = iutil.execWithCapture("ofpathname", [self.stage1_device.path]) if len(buf) > 0: boot_disk = buf.strip() else: log.error("Failed to translate boot path into device name") return # Place the disk containing the PReP partition first. # Remove all other occurances of it. boot_list = [boot_disk] + [x for x in boot_list if x != boot_disk] update_value = "boot-device=%s" % " ".join(boot_list) rc = iutil.execWithRedirect("nvram", ["--update-config", update_value]) if rc: log.error("Failed to update new boot device order") # # In addition to the normal grub configuration variable, add one more to set the size of the # console's window to a standard 80x24 # def write_defaults(self): super(IPSeriesGRUB2, self).write_defaults() defaults_file = "%s%s" % (iutil.getSysroot(), self.defaults_file) defaults = open(defaults_file, "a+") # The terminfo's X and Y size, and output location could change in the future defaults.write("GRUB_TERMINFO=\"terminfo -g 80x24 console\"\n") # Disable OS Prober on pSeries systems # TODO: This will disable across all POWER platforms. Need to get # into blivet and rework how it segments the POWER systems # to allow for differentiation between PowerNV and # PowerVM / POWER on qemu/kvm defaults.write("GRUB_DISABLE_OS_PROBER=true\n") defaults.close() class MacYaboot(Yaboot): prog = "mkofboot" can_dual_boot = True # # configuration # def write_config_variant_header(self, config): try: mac_os = [i for i in self.chain_images if i.label][0] except IndexError: pass else: config.write("macosx=%s\n" % mac_os.device.path) config.write("magicboot=/usr/lib/yaboot/ofboot\n") class ZIPL(BootLoader): name = "ZIPL" config_file = "/etc/zipl.conf" packages = ["s390utils-base"] # stage2 device requirements stage2_device_types = ["partition"] @property def stage2_format_types(self): if productName.startswith("Red Hat "): # pylint: disable=no-member return ["xfs", "ext4", "ext3", "ext2"] else: return ["ext4", "ext3", "ext2", "xfs"] image_label_attr = "short_label" preserve_args = ["cio_ignore", "rd.znet", "rd_ZNET"] def __init__(self): super(ZIPL, self).__init__() self.stage1_name = None # # configuration # @property def boot_dir(self): return "/boot" def write_config_images(self, config): for image in self.images: if "kdump" in (image.initrd or image.kernel): # no need to create bootloader entries for kdump continue args = Arguments() if image.initrd: initrd_line = "\tramdisk=%s/%s\n" % (self.boot_dir, image.initrd) else: initrd_line = "" args.add("root=%s" % image.device.fstab_spec) args.update(self.boot_args) if image.device.type == "btrfs subvolume": args.update(["rootflags=subvol=%s" % image.device.name]) log.info("bootloader.py: used boot args: %s ", args) stanza = ("[%(label)s]\n" "\timage=%(boot_dir)s/%(kernel)s\n" "%(initrd_line)s" "\tparameters=\"%(args)s\"\n" % {"label": self.image_label(image), "kernel": image.kernel, "initrd_line": initrd_line, "args": args, "boot_dir": self.boot_dir}) config.write(stanza) def write_config_header(self, config): header = ("[defaultboot]\n" "defaultauto\n" "prompt=1\n" "timeout=%(timeout)d\n" "default=%(default)s\n" "target=/boot\n" % {"timeout": self.timeout, "default": self.image_label(self.default)}) config.write(header) # # installation # def install(self, args=None): buf = iutil.execWithCapture("zipl", [], root=iutil.getSysroot()) for line in buf.splitlines(): if line.startswith("Preparing boot device: "): # Output here may look like: # Preparing boot device: dasdb (0200). # Preparing boot device: dasdl. # We want to extract the device name and pass that. name = re.sub(r".+?: ", "", line) self.stage1_name = re.sub(r"(\s$.+$)?\.$", "", name) # a limitation of s390x is that the kernel parameter list must not # exceed 896 bytes; there is nothing we can do about this, so just # catch the error and show it to the user instead of crashing elif line.startswith("Error: The length of the parameters "): errorHandler.cb(ZIPLError(line)) if not self.stage1_name: raise BootLoaderError("could not find IPL device") # do the reipl iutil.reIPL(self.stage1_name) class EXTLINUX(BootLoader): name = "EXTLINUX" _config_file = "extlinux.conf" _config_dir = "/boot/extlinux" # stage1 device requirements stage1_device_types = ["disk"] # stage2 device requirements stage2_format_types = ["ext4", "ext3", "ext2"] stage2_device_types = ["partition"] stage2_bootable = True packages = ["syslinux-extlinux"] @property def config_file(self): return "%s/%s" % (self._config_dir, self._config_file) @property def boot_prefix(self): """ Prefix, if any, to paths in /boot. """ if self.stage2_device.format.mountpoint == "/": prefix = "/boot" else: prefix = "" return prefix def write_config_console(self, config): if not self.console: return console_arg = "console=%s" % self.console if self.console_options: console_arg += ",%s" % self.console_options self.boot_args.add(console_arg) def write_config_images(self, config): self.write_config_console(config) xen_gz = [x for x in os.listdir(iutil.getSysroot() + self.config_dir) if x.startswith('xen-') and x.endswith('.gz')][0] for image in self.images: args = Arguments() args.update(["root=%s" % image.device.fstab_spec, "ro"]) if image.device.type == "btrfs subvolume": args.update(["rootflags=subvol=%s" % image.device.name]) args.update(self.boot_args) log.info("bootloader.py: used boot args: %s ", args) # extlinux labels cannot have spaces label = "%s(%s)" % (self.image_label(image), image.version) label = label.replace(" ", "") stanza = ("label %(label)s\n" "\tkernel mboot.c32\n" "\tappend %(boot_prefix)s/%(xen)s --- " "%(boot_prefix)s/%(kernel)s %(args)s --- " "%(boot_prefix)s/%(initrd)s\n" % {"label": label, "xen": xen_gz, "kernel": image.kernel, "initrd": image.initrd, "args": args, "boot_prefix": self.boot_prefix}) config.write(stanza) def write_config_header(self, config): header = ("# extlinux.conf generated by anaconda\n\n" "ui menu.c32\n\n" "menu autoboot Welcome to %(productName)s. Automatic boot in # second{,s}. Press a key for options.\n" "menu title %(productName)s Boot Options.\n" "menu hidden\n\n" "timeout %(timeout)d\n" "#totaltimeout 9000\n\n" % {"productName": productName, "timeout": self.timeout *10}) config.write(header) if self.default is not None: config.write("default %(default)s\n\n" % {"default" : self.image_label(self.default).replace(" ", "")}) self.write_config_password(config) def write_config_password(self, config): if self.password: config.write("menu master passwd %s\n" % self.password) config.write("menu notabmsg Press [Tab] and enter the password to edit options") def write_config_post(self): etc_extlinux = os.path.normpath(iutil.getSysroot() + "/etc/" + self._config_file) if not os.access(etc_extlinux, os.R_OK): try: os.symlink("../boot/%s" % self._config_file, etc_extlinux) except OSError as e: log.warning("failed to create /etc/extlinux.conf symlink: %s", e) def write_config(self): super(EXTLINUX, self).write_config() # # installation # def install(self, args=None): args = ["--install", self._config_dir] rc = iutil.execInSysroot("extlinux", args) if rc: raise BootLoaderError("boot loader install failed") # every platform that wants a bootloader needs to be in this dict bootloader_by_platform = { platform.X86: GRUB2, platform.EFI: XenEFI, platform.MacEFI: MacEFIGRUB, platform.PPC: GRUB2, platform.IPSeriesPPC: IPSeriesGRUB2, platform.NewWorldPPC: MacYaboot, platform.S390: ZIPL, platform.Aarch64EFI: Aarch64EFIGRUB, platform.ARM: EXTLINUX, platform.omapARM: EXTLINUX, } if flags.cmdline.get("legacygrub") == "1": log.info("Using legacy grub (0.9x)") bootloader_by_platform.update({ platform.X86: GRUB, platform.EFI: EFIGRUB1, }) def get_bootloader(): platform_name = platform.platform.__class__.__name__ if flags.extlinux: cls = EXTLINUX else: cls = bootloader_by_platform.get(platform.platform.__class__, BootLoader) log.info("bootloader %s on %s platform", cls.__name__, platform_name) return cls() # anaconda-specific functions def writeSysconfigKernel(storage, version, instClass): # get the name of the default kernel package based on the version kernel_basename = "vmlinuz-" + version kernel_file = "/boot/%s" % kernel_basename if not os.path.isfile(iutil.getSysroot() + kernel_file): kernel_file = "/boot/efi/EFI/%s/%s" % (instClass.efi_dir, kernel_basename) if not os.path.isfile(iutil.getSysroot() + kernel_file): log.error("failed to recreate path to default kernel image") return try: import rpm except ImportError: log.error("failed to import rpm python module") return ts = rpm.TransactionSet(iutil.getSysroot()) mi = ts.dbMatch('basenames', kernel_file) try: h = next(mi) except StopIteration: log.error("failed to get package name for default kernel") return kernel = h.name.decode() f = open(iutil.getSysroot() + "/etc/sysconfig/kernel", "w+") f.write("# UPDATEDEFAULT specifies if new-kernel-pkg should make\n" "# new kernels the default\n") # only update the default if we're setting the default to linux (#156678) if storage.bootloader.default.device == storage.root_device: f.write("UPDATEDEFAULT=yes\n") else: f.write("UPDATEDEFAULT=no\n") f.write("\n") f.write("# DEFAULTKERNEL specifies the default kernel package type\n") f.write("DEFAULTKERNEL=%s\n" % kernel) if storage.bootloader.trusted_boot: f.write("# HYPERVISOR specifies the default multiboot kernel\n") f.write("HYPERVISOR=/boot/tboot.gz\n") f.write("HYPERVISOR_ARGS=logging=vga,serial,memory\n") f.close() def writeBootLoaderFinal(storage, payload, instClass, ksdata): """ Do the final write of the bootloader. """ # set up dracut/fips boot args # XXX FIXME: do this from elsewhere? storage.bootloader.set_boot_args(storage=storage, payload=payload) try: storage.bootloader.write() except BootLoaderError as e: log.error("bootloader.write failed: %s", e) if errorHandler.cb(e) == ERROR_RAISE: raise def writeBootLoader(storage, payload, instClass, ksdata): """ Write bootloader configuration to disk. When we get here, the bootloader will already have a default linux image. We only have to add images for the non-default kernels and adjust the default to reflect whatever the default variant is. """ if not storage.bootloader.skip_bootloader: stage1_device = storage.bootloader.stage1_device log.info("boot loader stage1 target device is %s", stage1_device.name) stage2_device = storage.bootloader.stage2_device log.info("boot loader stage2 target device is %s", stage2_device.name) # Bridge storage EFI configuration to bootloader if hasattr(storage.bootloader, 'efi_dir'): storage.bootloader.efi_dir = instClass.efi_dir if isinstance(payload, RPMOSTreePayload): if storage.bootloader.skip_bootloader: log.info("skipping boot loader install per user request") return writeBootLoaderFinal(storage, payload, instClass, ksdata) return # get a list of installed kernel packages # add whatever rescue kernels we can find to the end kernel_versions = list(payload.kernelVersionList) rescue_versions = glob(iutil.getSysroot() + "/boot/vmlinuz-*-rescue-*") rescue_versions += glob(iutil.getSysroot() + "/boot/efi/EFI/%s/vmlinuz-*-rescue-*" % instClass.efi_dir) kernel_versions += (f.split("/")[-1][8:] for f in rescue_versions) if not kernel_versions: log.warning("no kernel was installed -- boot loader config unchanged") return # all the linux images' labels are based on the default image's base_label = productName base_short_label = "linux" # The first one is the default kernel. Update the bootloader's default # entry to reflect the details of the default kernel. version = kernel_versions.pop(0) default_image = LinuxBootLoaderImage(device=storage.root_device, version=version, label=base_label, short=base_short_label) storage.bootloader.add_image(default_image) storage.bootloader.default = default_image # write out /etc/sysconfig/kernel writeSysconfigKernel(storage, version, instClass) if storage.bootloader.skip_bootloader: log.info("skipping boot loader install per user request") return # now add an image for each of the other kernels for version in kernel_versions: label = "%s-%s" % (base_label, version) short = "%s-%s" % (base_short_label, version) if storage.bootloader.trusted_boot: image = TbootLinuxBootLoaderImage( device=storage.root_device, version=version, label=label, short=short) else: image = LinuxBootLoaderImage(device=storage.root_device, version=version, label=label, short=short) storage.bootloader.add_image(image) writeBootLoaderFinal(storage, payload, instClass, ksdata)