]> code.delx.au - refind/blob - install.sh
delx.au / code / refind / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix memory management error; version 0.6.4 release.
[refind] / install.sh
1 #!/bin/bash
2 #
3 # Linux/MacOS X script to install rEFInd
4 #
5 # Usage:
6 #
7 # ./install.sh [options]
8 #
9 # options include:
10 # "--esp" to install to the ESP rather than to the system's root
11 # filesystem. This is the default on Linux
12 # "--usedefault {devicefile}" to install as default
13 # (/EFI/BOOT/BOOTX64.EFI and similar) to the specified device
14 # (/dev/sdd1 or whatever) without registering with the NVRAM.
15 # "--alldrivers" to install all drivers along with regular files
16 # "--nodrivers" to suppress driver installation (default in Linux is
17 # driver used on /boot; --nodrivers is OS X default)
18 # "--shim {shimfile}" to install a shim.efi file for Secure Boot
19 # "--localkeys" to re-sign x86-64 binaries with a locally-generated key
20 #
21 # The "esp" option is valid only on Mac OS X; it causes
22 # installation to the EFI System Partition (ESP) rather than
23 # to the current OS X boot partition. Under Linux, this script
24 # installs to the ESP by default.
25 #
26 # This program is copyright (c) 2012 by Roderick W. Smith
27 # It is released under the terms of the GNU GPL, version 3,
28 # a copy of which should be included in the file COPYING.txt.
29 #
30 # Revision history:
31 #
32 # 0.6.4 -- Copies ext2 driver rather than ext4 driver for ext2/3fs
33 # 0.6.3 -- Support for detecting rEFInd in EFI/BOOT and EFI/Microsoft/Boot
34 # directories & for installing to EFI/BOOT in BIOS mode
35 # 0.6.2-1 -- Added --yes option & tweaked key-copying for use with RPM install script
36 # 0.6.1 -- Added --root option; minor bug fixes
37 # 0.6.0 -- Changed --drivers to --alldrivers and added --nodrivers option;
38 # changed default driver installation behavior in Linux to install
39 # the driver needed to read /boot (if available)
40 # 0.5.1.2 -- Fixed bug that caused failure to generate refind_linux.conf file
41 # 0.5.1.1 -- Fixed bug that caused script failure under OS X
42 # 0.5.1 -- Added --shim & --localkeys options & create sample refind_linux.conf
43 # in /boot
44 # 0.5.0 -- Added --usedefault & --drivers options & changed "esp" option to "--esp"
45 # 0.4.5 -- Fixed check for rEFItBlesser in OS X
46 # 0.4.2 -- Added notice about BIOS-based OSes & made NVRAM changes in Linux smarter
47 # 0.4.1 -- Added check for rEFItBlesser in OS X
48 # 0.3.3.1 -- Fixed OS X 10.7 bug; also works as make target
49 # 0.3.2.1 -- Check for presence of source files; aborts if not present
50 # 0.3.2 -- Initial version
51 #
52 # Note: install.sh version numbers match those of the rEFInd package
53 # with which they first appeared.
54
55 RootDir="/"
56 TargetDir=/EFI/refind
57 LocalKeysBase="refind_local"
58 ShimSource="none"
59 TargetShim="default"
60 TargetX64="refind_x64.efi"
61 TargetIA32="refind_ia32.efi"
62 LocalKeys=0
63 DeleteRefindDir=0
64 AlwaysYes=0
65
66 #
67 # Functions used by both OS X and Linux....
68 #
69
70 GetParams() {
71 InstallToEspOnMac=0
72 if [[ $OSName == "Linux" ]] ; then
73 # Install the driver required to read /boot, if it's available
74 InstallDrivers="boot"
75 else
76 InstallDrivers="none"
77 fi
78 while [[ $# -gt 0 ]]; do
79 case $1 in
80 --esp | --ESP) InstallToEspOnMac=1
81 ;;
82 --usedefault) TargetDir=/EFI/BOOT
83 TargetPart=$2
84 TargetX64="bootx64.efi"
85 TargetIA32="bootia32.efi"
86 shift
87 ;;
88 --root) RootDir=$2
89 shift
90 ;;
91 --localkeys) LocalKeys=1
92 ;;
93 --shim) ShimSource=$2
94 shift
95 ;;
96 --drivers | --alldrivers) InstallDrivers="all"
97 ;;
98 --nodrivers) InstallDrivers="none"
99 ;;
100 --yes) AlwaysYes=1
101 ;;
102 * ) echo "Usage: $0 [--esp | --usedefault {device-file} | --root {directory} ]"
103 echo " [--nodrivers | --alldrivers] [--shim {shim-filename}]"
104 echo " [--localkeys] [--yes]"
105 exit 1
106 esac
107 shift
108 done
109
110 if [[ $InstallToEspOnMac == 1 && $TargetDir == '/EFI/BOOT' ]] ; then
111 echo "You may use --esp OR --usedefault, but not both! Aborting!"
112 exit 1
113 fi
114 if [[ $RootDir != '/' && $TargetDir == '/EFI/BOOT' ]] ; then
115 echo "You may use --usedefault OR --root, but not both! Aborting!"
116 exit 1
117 fi
118 if [[ $RootDir != '/' && $InstallToEspOnMac == 1 ]] ; then
119 echo "You may use --root OR --esp, but not both! Aborting!"
120 exit 1
121 fi
122
123 RLConfFile="$RootDir/boot/refind_linux.conf"
124 EtcKeysDir="$RootDir/etc/refind.d/keys"
125 } # GetParams()
126
127 # Get a yes/no response from the user and place it in the YesNo variable.
128 # If the AlwaysYes variable is set to 1, skip the user input and set "Y"
129 # in the YesNo variable.
130 ReadYesNo() {
131 if [[ $AlwaysYes == 1 ]] ; then
132 YesNo="Y"
133 echo "Y"
134 else
135 read YesNo
136 fi
137 }
138
139 # Abort if the rEFInd files can't be found.
140 # Also sets $ConfFile to point to the configuration file,
141 # $IconsDir to point to the icons directory, and
142 # $ShimSource to the source of the shim.efi file (if necessary).
143 CheckForFiles() {
144 # Note: This check is satisfied if EITHER the 32- or the 64-bit version
145 # is found, even on the wrong platform. This is because the platform
146 # hasn't yet been determined. This could obviously be improved, but it
147 # would mean restructuring lots more code....
148 if [[ ! -f $RefindDir/refind_ia32.efi && ! -f $RefindDir/refind_x64.efi ]] ; then
149 echo "The rEFInd binary file is missing! Aborting installation!"
150 exit 1
151 fi
152
153 if [[ -f $RefindDir/refind.conf-sample ]] ; then
154 ConfFile=$RefindDir/refind.conf-sample
155 elif [[ -f $ThisDir/refind.conf-sample ]] ; then
156 ConfFile=$ThisDir/refind.conf-sample
157 else
158 echo "The sample configuration file is missing! Aborting installation!"
159 exit 1
160 fi
161
162 if [[ -d $RefindDir/icons ]] ; then
163 IconsDir=$RefindDir/icons
164 elif [[ -d $ThisDir/icons ]] ; then
165 IconsDir=$ThisDir/icons
166 else
167 echo "The icons directory is missing! Aborting installation!"
168 exit 1
169 fi
170
171 if [[ $ShimSource != "none" ]] ; then
172 if [[ -f $ShimSource ]] ; then
173 TargetX64="grubx64.efi"
174 MokManagerSource=`dirname $ShimSource`/MokManager.efi
175 else
176 echo "The specified shim file, $ShimSource, doesn't exist!"
177 echo "Aborting installation!"
178 exit 1
179 fi
180 fi
181 } # CheckForFiles()
182
183 # Helper for CopyRefindFiles; copies shim files (including MokManager, if it's
184 # available) to target.
185 CopyShimFiles() {
186 cp $ShimSource $InstallDir/$TargetDir/$TargetShim
187 if [[ $? != 0 ]] ; then
188 Problems=1
189 fi
190 if [[ -f $MokManagerSource ]] ; then
191 cp $MokManagerSource $InstallDir/$TargetDir/
192 fi
193 if [[ $? != 0 ]] ; then
194 Problems=1
195 fi
196 } # CopyShimFiles()
197
198 # Copy the public keys to the installation medium
199 CopyKeys() {
200 if [[ $LocalKeys == 1 ]] ; then
201 mkdir -p $InstallDir/$TargetDir/keys/
202 cp $EtcKeysDir/$LocalKeysBase.cer $InstallDir/$TargetDir/keys/
203 cp $EtcKeysDir/$LocalKeysBase.crt $InstallDir/$TargetDir/keys/
204 # else
205 # cp $ThisDir/refind.cer $InstallDir/$TargetDir/keys/
206 # cp $ThisDir/refind.crt $InstallDir/$TargetDir/keys/
207 fi
208 } # CopyKeys()
209
210 # Copy drivers from $RefindDir/drivers_$1 to $InstallDir/$TargetDir/drivers_$1,
211 # honoring the $InstallDrivers condition. Must be passed a suitable
212 # architecture code (ia32 or x64).
213 CopyDrivers() {
214 if [[ $InstallDrivers == "all" ]] ; then
215 mkdir -p $InstallDir/$TargetDir/drivers_$1
216 cp $RefindDir/drivers_$1/*_$1.efi $InstallDir/$TargetDir/drivers_$1/ 2> /dev/null
217 cp $ThisDir/drivers_$1/*_$1.efi $InstallDir/$TargetDir/drivers_$1/ 2> /dev/null
218 elif [[ $InstallDrivers == "boot" && -x `which blkid` ]] ; then
219 BootPart=`df /boot | grep dev | cut -f 1 -d " "`
220 BootFS=`blkid -o export $BootPart 2> /dev/null | grep TYPE= | cut -f 2 -d =`
221 DriverType=""
222 case $BootFS in
223 ext2 | ext3) DriverType="ext2"
224 # Could use ext4, but that can create unwanted entries from symbolic
225 # links in / to /boot/vmlinuz if a separate /boot partition is used.
226 ;;
227 ext4) DriverType="ext4"
228 ;;
229 reiserfs) DriverType="reiserfs"
230 ;;
231 hfsplus) DriverType="hfs"
232 ;;
233 *) BootFS=""
234 esac
235 if [[ -n $BootFS ]] ; then
236 echo "Installing driver for $BootFS (${DriverType}_$1.efi)"
237 mkdir -p $InstallDir/$TargetDir/drivers_$1
238 cp $RefindDir/drivers_$1/${DriverType}_$1.efi $InstallDir/$TargetDir/drivers_$1/ 2> /dev/null
239 cp $ThisDir/drivers_$1/${DriverType}_$1.efi $InstallDir/$TargetDir/drivers_$1/ 2> /dev/null
240 fi
241 fi
242 }
243
244 # Copy the rEFInd files to the ESP or OS X root partition.
245 # Sets Problems=1 if any critical commands fail.
246 CopyRefindFiles() {
247 mkdir -p $InstallDir/$TargetDir
248 if [[ $TargetDir == '/EFI/BOOT' ]] ; then
249 cp $RefindDir/refind_ia32.efi $InstallDir/$TargetDir/$TargetIA32 2> /dev/null
250 if [[ $? != 0 ]] ; then
251 echo "Note: IA32 (x86) binary not installed!"
252 fi
253 cp $RefindDir/refind_x64.efi $InstallDir/$TargetDir/$TargetX64 2> /dev/null
254 if [[ $? != 0 ]] ; then
255 Problems=1
256 fi
257 if [[ $ShimSource != "none" ]] ; then
258 TargetShim="bootx64.efi"
259 CopyShimFiles
260 fi
261 if [[ $InstallDrivers == "all" ]] ; then
262 cp -r $RefindDir/drivers_* $InstallDir/$TargetDir/ 2> /dev/null
263 cp -r $ThisDir/drivers_* $InstallDir/$TargetDir/ 2> /dev/null
264 fi
265 Refind=""
266 CopyKeys
267 elif [[ $Platform == 'EFI64' || $TargetDir == "/EFI/Microsoft/Boot" ]] ; then
268 cp $RefindDir/refind_x64.efi $InstallDir/$TargetDir/$TargetX64
269 if [[ $? != 0 ]] ; then
270 Problems=1
271 fi
272 CopyDrivers x64
273 Refind="refind_x64.efi"
274 CopyKeys
275 if [[ $ShimSource != "none" ]] ; then
276 if [[ $TargetShim == "default" ]] ; then
277 TargetShim=`basename $ShimSource`
278 fi
279 CopyShimFiles
280 Refind=$TargetShim
281 if [[ $LocalKeys == 0 ]] ; then
282 echo "Storing copies of rEFInd Secure Boot public keys in $EtcKeysDir"
283 mkdir -p $EtcKeysDir
284 cp $ThisDir/keys/refind.cer $EtcKeysDir 2> /dev/null
285 cp $ThisDir/keys/refind.crt $EtcKeysDir 2> /dev/null
286 fi
287 fi
288 elif [[ $Platform == 'EFI32' ]] ; then
289 cp $RefindDir/refind_ia32.efi $InstallDir/$TargetDir/$TargetIA32
290 if [[ $? != 0 ]] ; then
291 Problems=1
292 fi
293 CopyDrivers ia32
294 Refind="refind_ia32.efi"
295 else
296 echo "Unknown platform! Aborting!"
297 exit 1
298 fi
299 echo "Copied rEFInd binary files"
300 echo ""
301 if [[ -d $InstallDir/$TargetDir/icons ]] ; then
302 rm -rf $InstallDir/$TargetDir/icons-backup &> /dev/null
303 mv -f $InstallDir/$TargetDir/icons $InstallDir/$TargetDir/icons-backup
304 echo "Notice: Backed up existing icons directory as icons-backup."
305 fi
306 cp -r $IconsDir $InstallDir/$TargetDir
307 if [[ $? != 0 ]] ; then
308 Problems=1
309 fi
310 mkdir -p $InstallDir/$TargetDir/keys
311 cp -rf $ThisDir/keys/*.[cd]er $InstallDir/$TargetDir/keys/ 2> /dev/null
312 cp -rf $EtcKeysDir/*.[cd]er $InstallDir/$TargetDir/keys/ 2> /dev/null
313 if [[ -f $InstallDir/$TargetDir/refind.conf ]] ; then
314 echo "Existing refind.conf file found; copying sample file as refind.conf-sample"
315 echo "to avoid overwriting your customizations."
316 echo ""
317 cp -f $ConfFile $InstallDir/$TargetDir
318 if [[ $? != 0 ]] ; then
319 Problems=1
320 fi
321 else
322 echo "Copying sample configuration file as refind.conf; edit this file to configure"
323 echo "rEFInd."
324 echo ""
325 cp -f $ConfFile $InstallDir/$TargetDir/refind.conf
326 if [[ $? != 0 ]] ; then
327 Problems=1
328 fi
329 fi
330 if [[ $DeleteRefindDir == 1 ]] ; then
331 echo "Deleting the temporary directory $RefindDir"
332 rm -r $RefindDir
333 fi
334 } # CopyRefindFiles()
335
336 # Mount the partition the user specified with the --usedefault option
337 MountDefaultTarget() {
338 InstallDir=/tmp/refind_install
339 mkdir -p $InstallDir
340 if [[ $OSName == 'Darwin' ]] ; then
341 mount -t msdos $TargetPart $InstallDir
342 elif [[ $OSName == 'Linux' ]] ; then
343 mount -t vfat $TargetPart $InstallDir
344 fi
345 if [[ $? != 0 ]] ; then
346 echo "Couldn't mount $TargetPart ! Aborting!"
347 rmdir $InstallDir
348 exit 1
349 fi
350 UnmountEsp=1
351 } # MountDefaultTarget()
352
353 #
354 # A series of OS X support functions....
355 #
356
357 # Mount the ESP at /Volumes/ESP or determine its current mount
358 # point.
359 # Sets InstallDir to the ESP mount point
360 # Sets UnmountEsp if we mounted it
361 MountOSXESP() {
362 # Identify the ESP. Note: This returns the FIRST ESP found;
363 # if the system has multiple disks, this could be wrong!
364 Temp=`diskutil list | grep " EFI "`
365 Esp=/dev/`echo $Temp | cut -f 5 -d ' '`
366 # If the ESP is mounted, use its current mount point....
367 Temp=`df | grep $Esp`
368 InstallDir=`echo $Temp | cut -f 6 -d ' '`
369 if [[ $InstallDir == '' ]] ; then
370 mkdir /Volumes/ESP &> /dev/null
371 mount -t msdos $Esp /Volumes/ESP
372 if [[ $? != 0 ]] ; then
373 echo "Unable to mount ESP! Aborting!\n"
374 exit 1
375 fi
376 UnmountEsp=1
377 InstallDir="/Volumes/ESP"
378 fi
379 } # MountOSXESP()
380
381 # Control the OS X installation.
382 # Sets Problems=1 if problems found during the installation.
383 InstallOnOSX() {
384 echo "Installing rEFInd on OS X...."
385 if [[ $TargetDir == "/EFI/BOOT" ]] ; then
386 MountDefaultTarget
387 elif [[ $InstallToEspOnMac == "1" ]] ; then
388 MountOSXESP
389 else
390 InstallDir="$RootDir/"
391 fi
392 echo "Installing rEFInd to the partition mounted at '$InstallDir'"
393 Platform=`ioreg -l -p IODeviceTree | grep firmware-abi | cut -d "\"" -f 4`
394 CopyRefindFiles
395 if [[ $InstallToEspOnMac == "1" ]] ; then
396 bless --mount $InstallDir --setBoot --file $InstallDir/$TargetDir/$Refind
397 elif [[ $TargetDir != "/EFI/BOOT" ]] ; then
398 bless --setBoot --folder $InstallDir/$TargetDir --file $InstallDir/$TargetDir/$Refind
399 fi
400 if [[ $? != 0 ]] ; then
401 Problems=1
402 fi
403 if [[ -f /Library/StartupItems/rEFItBlesser || -d /Library/StartupItems/rEFItBlesser ]] ; then
404 echo
405 echo "/Library/StartupItems/rEFItBlesser found!"
406 echo "This program is part of rEFIt, and will cause rEFInd to fail to work after"
407 echo -n "its first boot. Do you want to remove rEFItBlesser (Y/N)? "
408 ReadYesNo
409 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
410 echo "Deleting /Library/StartupItems/rEFItBlesser..."
411 rm -r /Library/StartupItems/rEFItBlesser
412 else
413 echo "Not deleting rEFItBlesser."
414 fi
415 fi
416 echo
417 echo "WARNING: If you have an Advanced Format disk, *DO NOT* attempt to check the"
418 echo "bless status with 'bless --info', since this is known to cause disk corruption"
419 echo "on some systems!!"
420 echo
421 } # InstallOnOSX()
422
423
424 #
425 # Now a series of Linux support functions....
426 #
427
428 # Check for evidence that we're running in Secure Boot mode. If so, and if
429 # appropriate options haven't been set, warn the user and offer to abort.
430 # If we're NOT in Secure Boot mode but the user HAS specified the --shim
431 # or --localkeys option, warn the user and offer to abort.
432 #
433 # FIXME: Although I checked the presence (and lack thereof) of the
434 # /sys/firmware/efi/vars/SecureBoot* files on my Secure Boot test system
435 # before releasing this script, I've since found that they are at least
436 # sometimes present when Secure Boot is absent. This means that the first
437 # test can produce false alarms. A better test is highly desirable.
438 CheckSecureBoot() {
439 VarFile=`ls -d /sys/firmware/efi/vars/SecureBoot* 2> /dev/null`
440 if [[ -n $VarFile && $TargetDir != '/EFI/BOOT' && $ShimSource == "none" ]] ; then
441 echo ""
442 echo "CAUTION: Your computer appears to support Secure Boot, but you haven't"
443 echo "specified a valid shim.efi file source. If you've disabled Secure Boot and"
444 echo "intend to leave it disabled, this is fine; but if Secure Boot is active, the"
445 echo "resulting installation won't boot. You can read more about this topic at"
446 echo "http://www.rodsbooks.com/refind/secureboot.html."
447 echo ""
448 echo -n "Do you want to proceed with installation (Y/N)? "
449 ReadYesNo
450 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
451 echo "OK; continuing with the installation..."
452 else
453 exit 0
454 fi
455 fi
456
457 if [[ $ShimSource != "none" && ! -n $VarFile ]] ; then
458 echo ""
459 echo "You've specified installing using a shim.efi file, but your computer does not"
460 echo "appear to be running in Secure Boot mode. Although installing in this way"
461 echo "should work, it's unnecessarily complex. You may continue, but unless you"
462 echo "plan to enable Secure Boot, you should consider stopping and omitting the"
463 echo "--shim option. You can read more about this topic at"
464 echo "http://www.rodsbooks.com/refind/secureboot.html."
465 echo ""
466 echo -n "Do you want to proceed with installation (Y/N)? "
467 ReadYesNo
468 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
469 echo "OK; continuing with the installation..."
470 else
471 exit 0
472 fi
473 fi
474
475 if [[ $LocalKeys != 0 && ! -n $VarFile ]] ; then
476 echo ""
477 echo "You've specified re-signing your rEFInd binaries with locally-generated keys,"
478 echo "but your computer does not appear to be running in Secure Boot mode. The"
479 echo "keys you generate will be useless unless you enable Secure Boot. You may"
480 echo "proceed with this installation, but before you do so, you may want to read"
481 echo "more about it at http://www.rodsbooks.com/refind/secureboot.html."
482 echo ""
483 echo -n "Do you want to proceed with installation (Y/N)? "
484 ReadYesNo
485 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
486 echo "OK; continuing with the installation..."
487 else
488 exit 0
489 fi
490 fi
491
492 } # CheckSecureBoot()
493
494 # Check for the presence of locally-generated keys from a previous installation in
495 # $EtcKeysDir (/etc/refind.d/keys). If they're not present, generate them using
496 # openssl.
497 GenerateKeys() {
498 PrivateKey=$EtcKeysDir/$LocalKeysBase.key
499 CertKey=$EtcKeysDir/$LocalKeysBase.crt
500 DerKey=$EtcKeysDir/$LocalKeysBase.cer
501 OpenSSL=`which openssl 2> /dev/null`
502
503 # Do the work only if one or more of the necessary keys is missing
504 # TODO: Technically, we don't need the DerKey; but if it's missing and openssl
505 # is also missing, this will fail. This could be improved.
506 if [[ ! -f $PrivateKey || ! -f $CertKey || ! -f $DerKey ]] ; then
507 echo "Generating a fresh set of local keys...."
508 mkdir -p $EtcKeysDir
509 chmod 0700 $EtcKeysDir
510 if [[ ! -x $OpenSSL ]] ; then
511 echo "Can't find openssl, which is required to create your private signing keys!"
512 echo "Aborting!"
513 exit 1
514 fi
515 if [[ -f $PrivateKey ]] ; then
516 echo "Backing up existing $PrivateKey"
517 cp -f $PrivateKey $PrivateKey.backup 2> /dev/null
518 fi
519 if [[ -f $CertKey ]] ; then
520 echo "Backing up existing $CertKey"
521 cp -f $CertKey $CertKey.backup 2> /dev/null
522 fi
523 if [[ -f $DerKey ]] ; then
524 echo "Backing up existing $DerKey"
525 cp -f $DerKey $DerKey.backup 2> /dev/null
526 fi
527 $OpenSSL req -new -x509 -newkey rsa:2048 -keyout $PrivateKey -out $CertKey \
528 -nodes -days 3650 -subj "/CN=Locally-generated rEFInd key/"
529 $OpenSSL x509 -in $CertKey -out $DerKey -outform DER
530 chmod 0600 $PrivateKey
531 else
532 echo "Using existing local keys...."
533 fi
534 }
535
536 # Sign a single binary. Requires parameters:
537 # $1 = source file
538 # $2 = destination file
539 # Also assumes that the SBSign, PESign, UseSBSign, UsePESign, and various key variables are set
540 # appropriately.
541 # Aborts script on error
542 SignOneBinary() {
543 $SBSign --key $PrivateKey --cert $CertKey --output $2 $1
544 if [[ $? != 0 ]] ; then
545 echo "Problem signing the binary $1! Aborting!"
546 exit 1
547 fi
548 }
549
550 # Re-sign the x86-64 binaries with a locally-generated key, First look for appropriate
551 # key files in $EtcKeysDir. If they're present, use them to re-sign the binaries. If
552 # not, try to generate new keys and store them in $EtcKeysDir.
553 ReSignBinaries() {
554 SBSign=`which sbsign 2> /dev/null`
555 echo "Found sbsign at $SBSign"
556 TempDir="/tmp/refind_local"
557 if [[ ! -x $SBSign ]] ; then
558 echo "Can't find sbsign, which is required to sign rEFInd with your own keys!"
559 echo "Aborting!"
560 exit 1
561 fi
562 GenerateKeys
563 mkdir -p $TempDir/drivers_x64
564 cp $RefindDir/refind.conf-sample $TempDir 2> /dev/null
565 cp $ThisDir/refind.conf-sample $TempDir 2> /dev/null
566 cp $RefindDir/refind_ia32.efi $TempDir 2> /dev/null
567 cp -a $RefindDir/drivers_ia32 $TempDir 2> /dev/null
568 cp -a $ThisDir/drivers_ia32 $TempDir 2> /dev/null
569 SignOneBinary $RefindDir/refind_x64.efi $TempDir/refind_x64.efi
570 for Driver in `ls $RefindDir/drivers_x64/*.efi $ThisDir/drivers_x64/*.efi 2> /dev/null` ; do
571 TempName=`basename $Driver`
572 SignOneBinary $Driver $TempDir/drivers_x64/$TempName
573 done
574 RefindDir=$TempDir
575 DeleteRefindDir=1
576 }
577
578 # Identifies the ESP's location (/boot or /boot/efi, or these locations under
579 # the directory specified by --root); aborts if the ESP isn't mounted at
580 # either location.
581 # Sets InstallDir to the ESP mount point.
582 FindLinuxESP() {
583 EspLine=`df $RootDir/boot/efi 2> /dev/null | grep boot/efi`
584 if [[ ! -n $EspLine ]] ; then
585 EspLine=`df $RootDir/boot | grep boot`
586 fi
587 InstallDir=`echo $EspLine | cut -d " " -f 6`
588 if [[ -n $InstallDir ]] ; then
589 EspFilesystem=`grep $InstallDir /etc/mtab | cut -d " " -f 3`
590 fi
591 if [[ $EspFilesystem != 'vfat' ]] ; then
592 echo "$RootDir/boot/efi doesn't seem to be on a VFAT filesystem. The ESP must be"
593 echo "mounted at $RootDir/boot or $RootDir/boot/efi and it must be VFAT! Aborting!"
594 exit 1
595 fi
596 echo "ESP was found at $InstallDir using $EspFilesystem"
597 } # FindLinuxESP
598
599 # Uses efibootmgr to add an entry for rEFInd to the EFI's NVRAM.
600 # If this fails, sets Problems=1
601 AddBootEntry() {
602 InstallIt="0"
603 Efibootmgr=`which efibootmgr 2> /dev/null`
604 if [[ $Efibootmgr ]] ; then
605 InstallDisk=`grep $InstallDir /etc/mtab | cut -d " " -f 1 | cut -c 1-8`
606 PartNum=`grep $InstallDir /etc/mtab | cut -d " " -f 1 | cut -c 9-10`
607 EntryFilename=$TargetDir/$Refind
608 EfiEntryFilename=`echo ${EntryFilename//\//\\\}`
609 EfiEntryFilename2=`echo ${EfiEntryFilename} | sed s/\\\\\\\\/\\\\\\\\\\\\\\\\/g`
610 ExistingEntry=`$Efibootmgr -v | grep -i $EfiEntryFilename2`
611
612 if [[ $ExistingEntry ]] ; then
613 ExistingEntryBootNum=`echo $ExistingEntry | cut -c 5-8`
614 FirstBoot=`$Efibootmgr | grep BootOrder | cut -c 12-15`
615 if [[ $ExistingEntryBootNum != $FirstBoot ]] ; then
616 echo "An existing rEFInd boot entry exists, but isn't set as the default boot"
617 echo "manager. The boot order is being adjusted to make rEFInd the default boot"
618 echo "manager. If this is NOT what you want, you should use efibootmgr to"
619 echo "manually adjust your EFI's boot order."
620 $Efibootmgr -b $ExistingEntryBootNum -B &> /dev/null
621 InstallIt="1"
622 fi
623 else
624 InstallIt="1"
625 fi
626
627 if [[ $InstallIt == "1" ]] ; then
628 echo "Installing it!"
629 $Efibootmgr -c -l $EfiEntryFilename -L "rEFInd Boot Manager" -d $InstallDisk -p $PartNum &> /dev/null
630 if [[ $? != 0 ]] ; then
631 EfibootmgrProblems=1
632 Problems=1
633 fi
634 fi
635
636 else # efibootmgr not found
637 EfibootmgrProblems=1
638 Problems=1
639 fi
640
641 if [[ $EfibootmgrProblems ]] ; then
642 echo
643 echo "ALERT: There were problems running the efibootmgr program! You may need to"
644 echo "rename the $Refind binary to the default name (EFI/boot/bootx64.efi"
645 echo "on x86-64 systems or EFI/boot/bootia32.efi on x86 systems) to have it run!"
646 echo
647 fi
648 } # AddBootEntry()
649
650 # Create a minimal/sample refind_linux.conf file in /boot.
651 GenerateRefindLinuxConf() {
652 if [[ -f $RLConfFile ]] ; then
653 echo "Existing $RLConfFile found; not overwriting."
654 else
655 if [[ -f "$RootDir/etc/default/grub" ]] ; then
656 # We want the default options used by the distribution, stored here....
657 source "$RootDir/etc/default/grub"
658 fi
659 RootFS=`df $RootDir | grep dev | cut -f 1 -d " "`
660 StartOfDevname=`echo $RootFS | cut -b 1-7`
661 if [[ $StartOfDevname == "/dev/sd" || $StartOfDevName == "/dev/hd" ]] ; then
662 # Identify root filesystem by UUID rather than by device node, if possible
663 Uuid=`blkid -o export $RootFS 2> /dev/null | grep UUID=`
664 if [[ -n $Uuid ]] ; then
665 RootFS=$Uuid
666 fi
667 fi
668 DefaultOptions="$GRUB_CMDLINE_LINUX $GRUB_CMDLINE_LINUX_DEFAULT"
669 echo "\"Boot with standard options\" \"ro root=$RootFS $DefaultOptions \"" > $RLConfFile
670 echo "\"Boot to single-user mode\" \"ro root=$RootFS $DefaultOptions single\"" >> $RLConfFile
671 echo "\"Boot with minimal options\" \"ro root=$RootFS\"" >> $RLConfFile
672 fi
673 }
674
675 # Set varaibles for installation in EFI/BOOT directory
676 SetVarsForBoot() {
677 TargetDir="/EFI/BOOT"
678 if [[ $ShimSource == "none" ]] ; then
679 TargetX64="bootx64.efi"
680 TargetIA32="bootia32.efi"
681 else
682 TargetX64="grubx64.efi"
683 TargetIA32="bootia32.efi"
684 TargetShim="bootx64.efi"
685 fi
686 } # SetFilenamesForBoot()
687
688 # Set variables for installation in EFI/Microsoft/Boot directory
689 SetVarsForMsBoot() {
690 TargetDir="/EFI/Microsoft/Boot"
691 if [[ $ShimSource == "none" ]] ; then
692 TargetX64="bootmgfw.efi"
693 else
694 TargetX64="grubx64.efi"
695 TargetShim="bootmgfw.efi"
696 fi
697 }
698
699 # TargetDir defaults to /EFI/refind; however, this function adjusts it as follows:
700 # - If an existing refind.conf is available in /EFI/BOOT or /EFI/Microsoft/Boot,
701 # install to that directory under the suitable name; but DO NOT do this if
702 # refind.conf is also in /EFI/refind.
703 # - If booted in BIOS mode and the ESP lacks any other EFI files, install to
704 # /EFI/BOOT
705 # - If booted in BIOS mode and there's no refind.conf file and there is a
706 # /EFI/Microsoft/Boot/bootmgfw.efi file, move it down one level and
707 # install under that name, "hijacking" the Windows boot loader filename
708 DetermineTargetDir() {
709 Upgrade=0
710
711 if [[ -f $InstallDir/EFI/BOOT/refind.conf ]] ; then
712 SetVarsForBoot
713 Upgrade=1
714 fi
715 if [[ -f $InstallDir/EFI/Microsoft/Boot/refind.conf ]] ; then
716 SetVarsForMsBoot
717 Upgrade=1
718 fi
719 if [[ -f $InstallDir/EFI/refind/refind.conf ]] ; then
720 TargetDir="/EFI/refind"
721 Upgrade=1
722 fi
723 if [[ $Upgrade == 1 ]] ; then
724 echo "Found rEFInd installation in $InstallDir$TargetDir; upgrading it."
725 fi
726
727 if [[ ! -d /sys/firmware/efi && $Upgrade == 0 ]] ; then # BIOS-mode
728 FoundEfiFiles=`find $InstallDir/EFI/BOOT -name "*.efi" 2> /dev/null`
729 FoundConfFiles=`find $InstallDir -name "refind\.conf" 2> /dev/null`
730 if [[ ! -n $FoundConfFiles && -f $InstallDir/EFI/Microsoft/Boot/bootmgfw.efi ]] ; then
731 mv -n $InstallDir/EFI/Microsoft/Boot/bootmgfw.efi $InstallDir/EFI/Microsoft &> /dev/null
732 SetVarsForMsBoot
733 echo "Running in BIOS mode with a suspected Windows installation; moving boot loader"
734 echo "files so as to install to $InstallDir$TargetDir."
735 elif [[ ! -n $FoundEfiFiles ]] ; then # In BIOS mode and no default loader; install as default loader
736 SetVarsForBoot
737 echo "Running in BIOS mode with no existing default boot loader; installing to"
738 echo $InstallDir$TargetDir
739 else
740 echo "Running in BIOS mode with an existing default boot loader; backing it up and"
741 echo "installing rEFInd in its place."
742 if [[ -d $InstallDir/EFI/BOOT-rEFIndBackup ]] ; then
743 echo ""
744 echo "Caution: An existing backup of a default boot loader exists! If the current"
745 echo "default boot loader and the backup are different boot loaders, the current"
746 echo "one will become inaccessible."
747 echo ""
748 echo -n "Do you want to proceed with installation (Y/N)? "
749 ReadYesNo
750 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
751 echo "OK; continuing with the installation..."
752 else
753 exit 0
754 fi
755 fi
756 mv -n $InstallDir/EFI/BOOT $InstallDir/EFI/BOOT-rEFIndBackup
757 SetVarsForBoot
758 fi
759 fi # BIOS-mode
760 } # DetermineTargetDir()
761
762 # Controls rEFInd installation under Linux.
763 # Sets Problems=1 if something goes wrong.
764 InstallOnLinux() {
765 echo "Installing rEFInd on Linux...."
766 modprobe efivars &> /dev/null
767 if [[ $TargetDir == "/EFI/BOOT" ]] ; then
768 MountDefaultTarget
769 else
770 FindLinuxESP
771 DetermineTargetDir
772 fi
773 CpuType=`uname -m`
774 if [[ $CpuType == 'x86_64' ]] ; then
775 Platform="EFI64"
776 elif [[ ($CpuType == 'i386' || $CpuType == 'i486' || $CpuType == 'i586' || $CpuType == 'i686') ]] ; then
777 Platform="EFI32"
778 # If we're in EFI mode, do some sanity checks, and alert the user or even
779 # abort. Not in BIOS mode, though, since that could be used on an emergency
780 # disc to try to recover a troubled Linux installation.
781 if [[ -d /sys/firmware/efi ]] ; then
782 if [[ $ShimSource != "none" && $TargetDir != "/BOOT/EFI" ]] ; then
783 echo ""
784 echo "CAUTION: Neither rEFInd nor shim currently supports 32-bit systems, so you"
785 echo "should not use the --shim option to install on such systems. Aborting!"
786 echo ""
787 exit 1
788 fi
789 echo
790 echo "CAUTION: This Linux installation uses a 32-bit kernel. 32-bit EFI-based"
791 echo "computers are VERY RARE. If you've installed a 32-bit version of Linux"
792 echo "on a 64-bit computer, you should manually install the 64-bit version of"
793 echo "rEFInd. If you're installing on a Mac, you should do so from OS X. If"
794 echo "you're positive you want to continue with this installation, answer 'Y'"
795 echo "to the following question..."
796 echo
797 echo -n "Are you sure you want to continue (Y/N)? "
798 ReadYesNo
799 if [[ $YesNo == "Y" || $YesNo == "y" ]] ; then
800 echo "OK; continuing with the installation..."
801 else
802 exit 0
803 fi
804 fi # in EFI mode
805 else
806 echo "Unknown CPU type '$CpuType'; aborting!"
807 exit 1
808 fi
809
810 if [[ $LocalKeys == 1 ]] ; then
811 ReSignBinaries
812 fi
813
814 CheckSecureBoot
815 CopyRefindFiles
816 if [[ $TargetDir != "/EFI/BOOT" && $TargetDir != "/EFI/Microsoft/Boot" ]] ; then
817 AddBootEntry
818 GenerateRefindLinuxConf
819 fi
820 } # InstallOnLinux()
821
822 #
823 # The main part of the script. Sets a few environment variables,
824 # performs a few startup checks, and then calls functions to
825 # install under OS X or Linux, depending on the detected platform.
826 #
827
828 OSName=`uname -s`
829 GetParams $@
830 ThisDir="$( cd -P "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
831 RefindDir="$ThisDir/refind"
832 ThisScript="$ThisDir/`basename $0`"
833 if [[ `whoami` != "root" ]] ; then
834 echo "Not running as root; attempting to elevate privileges via sudo...."
835 sudo $ThisScript "$@"
836 if [[ $? != 0 ]] ; then
837 echo "This script must be run as root (or using sudo). Exiting!"
838 exit 1
839 else
840 exit 0
841 fi
842 fi
843 CheckForFiles
844 if [[ $OSName == 'Darwin' ]] ; then
845 if [[ $ShimSource != "none" ]] ; then
846 echo "The --shim option is not supported on OS X! Exiting!"
847 exit 1
848 fi
849 if [[ $LocalKeys != 0 ]] ; then
850 echo "The --localkeys option is not supported on OS X! Exiting!"
851 exit 1
852 fi
853 InstallOnOSX $1
854 elif [[ $OSName == 'Linux' ]] ; then
855 InstallOnLinux
856 else
857 echo "Running on unknown OS; aborting!"
858 fi
859
860 if [[ $Problems ]] ; then
861 echo
862 echo "ALERT:"
863 echo "Installation has completed, but problems were detected. Review the output for"
864 echo "error messages and take corrective measures as necessary. You may need to"
865 echo "re-run this script or install manually before rEFInd will work."
866 echo
867 else
868 echo
869 echo "Installation has completed successfully."
870 echo
871 fi
872
873 if [[ $UnmountEsp ]] ; then
874 echo "Unmounting install dir"
875 umount $InstallDir
876 fi
877
878 if [[ $InstallDir == /tmp/refind_install ]] ; then
879 # sleep 5
880 rmdir $InstallDir
881 fi