|
|
|
@ -20,7 +20,7 @@ create_partitions() {
|
|
|
|
|
disk_image="$1"
|
|
|
|
|
sgdisk "${disk_image}" --zap-all
|
|
|
|
|
case $ARCH in
|
|
|
|
|
arm64|armhf)
|
|
|
|
|
arm64)
|
|
|
|
|
sgdisk "${disk_image}" \
|
|
|
|
|
--new=15:0:204800 \
|
|
|
|
|
--typecode=15:ef00 \
|
|
|
|
@ -64,40 +64,42 @@ install_grub() {
|
|
|
|
|
efi_boot_dir="/boot/efi/EFI/BOOT"
|
|
|
|
|
chroot mountpoint mkdir -p "${efi_boot_dir}"
|
|
|
|
|
|
|
|
|
|
if [ -n "$partuuid" ]; then
|
|
|
|
|
if [ "${SUBPROJECT:-}" = minimized ] && [ -n "$partuuid" ]; then
|
|
|
|
|
echo "GRUB_FORCE_PARTUUID=$partuuid" >> mountpoint/etc/default/grub.d/40-force-partuuid.cfg
|
|
|
|
|
fi
|
|
|
|
|
|
|
|
|
|
chroot mountpoint apt-get -y update
|
|
|
|
|
|
|
|
|
|
# UEFI GRUB modules are meant to be used equally by Secure Boot and
|
|
|
|
|
# non-Secure Boot systems. If you need an extra module not already
|
|
|
|
|
# provided or run into "Secure Boot policy forbids loading X" problems,
|
|
|
|
|
# please file a bug against grub2 to include the affected module.
|
|
|
|
|
# The modules below only make sense on non-Secure Boot UEFI systems.
|
|
|
|
|
# Otherwise, with Secure Boot enabled GRUB will refuse to load them.
|
|
|
|
|
# Any modules already in debian/build-efi-images do not need to be listed.
|
|
|
|
|
# Furthermore, other modules such as terminal, video_* and efi_* are all
|
|
|
|
|
# already available.
|
|
|
|
|
case $ARCH in
|
|
|
|
|
arm64)
|
|
|
|
|
chroot mountpoint apt-get -qqy install --no-install-recommends grub-efi-arm64 grub-efi-arm64-bin
|
|
|
|
|
grub_modules="serial"
|
|
|
|
|
efi_target=arm64-efi
|
|
|
|
|
;;
|
|
|
|
|
armhf)
|
|
|
|
|
chroot mountpoint apt-get -qqy install --no-install-recommends grub-efi-arm grub-efi-arm-bin
|
|
|
|
|
efi_target=arm-efi
|
|
|
|
|
;;
|
|
|
|
|
amd64)
|
|
|
|
|
chroot mountpoint apt-get install -qqy grub-pc
|
|
|
|
|
chroot mountpoint apt-get install -qqy grub-efi-amd64-signed shim-signed
|
|
|
|
|
chroot mountpoint apt-get install -qqy grub-efi-amd64-signed grub-efi-amd64 shim-signed
|
|
|
|
|
grub_modules="multiboot serial usb usb_keyboard"
|
|
|
|
|
efi_target=x86_64-efi
|
|
|
|
|
;;
|
|
|
|
|
esac
|
|
|
|
|
|
|
|
|
|
# This call to rewrite the debian package manifest is added here to capture
|
|
|
|
|
cat << EOF >> mountpoint/etc/default/grub.d/50-cloudimg-settings.cfg
|
|
|
|
|
${IMAGE_STR}
|
|
|
|
|
# For Cloud Image compatability
|
|
|
|
|
GRUB_PRELOAD_MODULES="${GRUB_PRELOAD_MODULES:-$grub_modules}"
|
|
|
|
|
EOF
|
|
|
|
|
|
|
|
|
|
# This call to populate the package manifest is added here to capture
|
|
|
|
|
# grub-efi packages that otherwise would not make it into the base
|
|
|
|
|
# manifest. filesystem.packages is moved into place via symlinking to
|
|
|
|
|
# livecd.ubuntu-cpc.manifest by live-build/auto/build after lb_binary runs
|
|
|
|
|
# and at that time snaps are added to the manifest (create-manifest is
|
|
|
|
|
# not called here as it calls snap-seed-parse, resulting in duplicate
|
|
|
|
|
# snap listings)
|
|
|
|
|
chroot mountpoint dpkg-query -W > binary/boot/filesystem.packages
|
|
|
|
|
create_manifest "mountpoint" "binary/boot/filesystem.packages"
|
|
|
|
|
|
|
|
|
|
chroot mountpoint grub-install "${loop_device}" \
|
|
|
|
|
--boot-directory=/boot \
|
|
|
|
@ -105,7 +107,8 @@ install_grub() {
|
|
|
|
|
--target=${efi_target} \
|
|
|
|
|
--removable \
|
|
|
|
|
--uefi-secure-boot \
|
|
|
|
|
--no-nvram
|
|
|
|
|
--no-nvram \
|
|
|
|
|
--modules="${grub_modules}"
|
|
|
|
|
|
|
|
|
|
if [ -f mountpoint/boot/efi/EFI/BOOT/grub.cfg ]; then
|
|
|
|
|
sed -i "s| root| root hd0,gpt1|" mountpoint/boot/efi/EFI/BOOT/grub.cfg
|
|
|
|
|