]>
code.delx.au - refind/blob - install.sh
3 # Linux/MacOS X script to install rEFInd 7 # ./install.sh [options] 10 # "--notesp" to install to the OS X root filesystem rather than to the ESP. 11 # This option may not be used under Linux. 12 # "--usedefault {devicefile}" to install as default 13 # (/EFI/BOOT/BOOTX64.EFI and similar) to the specified device 14 # (/dev/sdd1 or whatever) without registering with the NVRAM. 15 # "--ownhfs {devicefile}" to install to an HFS+ volume that's NOT currently 16 # an OS X boot volume. 17 # "--root {dir}" to specify installation using the specified directory 18 # as the system's root 19 # "--alldrivers" to install all drivers along with regular files 20 # "--nodrivers" to suppress driver installation (default in Linux is 21 # driver used on /boot; --nodrivers is OS X default) 22 # "--shim {shimfile}" to install a shim.efi file for Secure Boot 23 # "--preloader" is synonymous with "--shim" 24 # "--localkeys" to re-sign x86-64 binaries with a locally-generated key 25 # "--yes" to assume a "yes" response to all prompts 27 # The "esp" option is valid only on Mac OS X; it causes 28 # installation to the EFI System Partition (ESP) rather than 29 # to the current OS X boot partition. Under Linux, this script 30 # installs to the ESP by default. 32 # This program is copyright (c) 2012 by Roderick W. Smith 33 # It is released under the terms of the GNU GPL, version 3, 34 # a copy of which should be included in the file COPYING.txt. 38 # 0.8.5 -- Refinement/cleanup of new OS X ESP-as-default policy 39 # 0.8.4 -- OS X default changed to install to ESP under /EFI/BOOT 40 # 0.7.9 -- Fixed bug that caused errors if dmraid utility not installed 41 # 0.7.7 -- Fixed bug that created mangled refind_linux.conf file; added ability 42 # to locate and mount ESP on Linux, if it's not mounted 43 # 0.7.6 -- Added --ownhfs {device-filename} option 44 # 0.7.5 -- Fixed bug when installing to ESP on recent versions of OS X 45 # 0.7.2 -- Fixed code that could be confused by use of autofs to mount the ESP 46 # 0.7.0 -- Added support for the new Btrfs driver 47 # 0.6.12 -- Added support for PreLoader as well as for shim 48 # 0.6.11 -- Improvements in script's ability to handle directories with spaces 50 # 0.6.9 -- Install gptsync on Macs 51 # 0.6.8 -- Bug fix: ESP scan now uses "uniq". 52 # 0.6.6 -- Bug fix: Upgrade drivers when installed to EFI/BOOT. Also enable 53 # copying shim.efi and MokManager.efi over themselves. 54 # 0.6.4 -- Copies ext2 driver rather than ext4 driver for ext2/3fs 55 # 0.6.3 -- Support for detecting rEFInd in EFI/BOOT and EFI/Microsoft/Boot 56 # directories & for installing to EFI/BOOT in BIOS mode 57 # 0.6.2-1 -- Added --yes option & tweaked key-copying for use with RPM install script 58 # 0.6.1 -- Added --root option; minor bug fixes 59 # 0.6.0 -- Changed --drivers to --alldrivers and added --nodrivers option; 60 # changed default driver installation behavior in Linux to install 61 # the driver needed to read /boot (if available) 62 # 0.5.1.2 -- Fixed bug that caused failure to generate refind_linux.conf file 63 # 0.5.1.1 -- Fixed bug that caused script failure under OS X 64 # 0.5.1 -- Added --shim & --localkeys options & create sample refind_linux.conf 66 # 0.5.0 -- Added --usedefault & --drivers options & changed "esp" option to "--esp" 67 # 0.4.5 -- Fixed check for rEFItBlesser in OS X 68 # 0.4.2 -- Added notice about BIOS-based OSes & made NVRAM changes in Linux smarter 69 # 0.4.1 -- Added check for rEFItBlesser in OS X 70 # 0.3.3.1 -- Fixed OS X 10.7 bug; also works as make target 71 # 0.3.2.1 -- Check for presence of source files; aborts if not present 72 # 0.3.2 -- Initial version 74 # Note: install.sh version numbers match those of the rEFInd package 75 # with which they first appeared. 79 LocalKeysBase
= "refind_local" 83 TargetX64
= "refind_x64.efi" 84 TargetIA32
= "refind_ia32.efi" 90 # Functions used by both OS X and Linux.... 95 # Install the driver required to read Linux /boot, if it's available 96 # Note: Under OS X, this will be installed only if a Linux partition 97 # is detected, in which case the ext4fs driver will be installed. 99 while [[ $# -gt 0 ]]; do 101 --notesp ) InstallToEspOnMac
= 0 106 TargetDir
=/ System
/ Library
/ CoreServices
109 --usedefault ) TargetDir
=/ EFI
/ BOOT
111 TargetX64
= "bootx64.efi" 112 TargetIA32
= "bootia32.efi" 119 --localkeys ) LocalKeys
= 1 121 --shim |
--preloader ) ShimSource
= " $2 " 122 ShimType
= `basename $ShimSource ` 125 --drivers |
--alldrivers ) InstallDrivers
= "all" 127 --nodrivers ) InstallDrivers
= "none" 131 * ) echo "Usage: $0 [--notesp | --usedefault {device-file} | --root {dir} |" 132 echo " --ownhfs {device-file} ]" 133 echo " [--nodrivers | --alldrivers] [--shim {shim-filename}]" 134 echo " [--localkeys] [--yes]" 139 if [[ " $InstallToEspOnMac " == 0 && " $RootDir " == '/' && " $TargetDir " == '/EFI/BOOT' ]] ; then 140 echo "You may use --notesp OR --usedefault, but not both! Aborting!" 143 if [[ " $RootDir " != '/' && " $TargetDir " == '/EFI/BOOT' ]] ; then 144 echo "You may use --root OR --usedefault, but not both! Aborting!" 147 if [[ " $TargetDir " != '/System/Library/CoreServices' && " $OwnHfs " == '1' ]] ; then 148 echo "If you use --ownhfs, you may NOT use --usedefault! Aborting!" 151 RLConfFile
= " $RootDir /boot/refind_linux.conf" 152 EtcKeysDir
= " $RootDir /etc/refind.d/keys" 155 # Get a yes/no response from the user and place it in the YesNo variable. 156 # If the AlwaysYes variable is set to 1, skip the user input and set "Y" 157 # in the YesNo variable. 159 if [[ $AlwaysYes == 1 ]] ; then 167 # Abort if the rEFInd files can't be found. 168 # Also sets $ConfFile to point to the configuration file, 169 # $IconsDir to point to the icons directory, and 170 # $ShimSource to the source of the shim.efi file (if necessary). 172 # Note: This check is satisfied if EITHER the 32- or the 64-bit version 173 # is found, even on the wrong platform. This is because the platform 174 # hasn't yet been determined. This could obviously be improved, but it 175 # would mean restructuring lots more code.... 176 if [[ ! -f " $RefindDir /refind_ia32.efi" && ! -f " $RefindDir /refind_x64.efi" ]] ; then 177 echo "The rEFInd binary file is missing! Aborting installation!" 181 if [[ -f " $RefindDir /refind.conf-sample" ]] ; then 182 ConfFile
= " $RefindDir /refind.conf-sample" 183 elif [[ -f " $ThisDir /refind.conf-sample" ]] ; then 184 ConfFile
= " $ThisDir /refind.conf-sample" 186 echo "The sample configuration file is missing! Aborting installation!" 190 if [[ -d " $RefindDir /icons" ]] ; then 191 IconsDir
= " $RefindDir /icons" 192 elif [[ -d " $ThisDir /icons" ]] ; then 193 IconsDir
= " $ThisDir /icons" 195 echo "The icons directory is missing! Aborting installation!" 199 if [[ " $ShimSource " != "none" ]] ; then 200 if [[ -f " $ShimSource " ]] ; then 201 if [[ $ShimType == "shimx64.efi" ||
$ShimType == "shim.efi" ]] ; then 202 TargetX64
= "grubx64.efi" 203 MokManagerSource
= `dirname " $ShimSource "` / MokManager.efi
204 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then 205 TargetX64
= "loader.efi" 206 MokManagerSource
= `dirname " $ShimSource "` / HashTool.efi
208 echo "Unknown shim/PreBootloader filename: $ShimType !" 209 echo "Known filenames are shimx64.efi, shim.efi, and PreLoader.efi. Aborting!" 213 echo "The specified shim/PreBootloader file, $ShimSource , doesn't exist!" 214 echo "Aborting installation!" 220 # Helper for CopyRefindFiles; copies shim files (including MokManager, if it's 221 # available) to target. 223 cp -fb " $ShimSource " " $InstallDir / $TargetDir / $TargetShim " 224 if [[ $?
!= 0 ]] ; then 227 if [[ -f " $MokManagerSource " ]] ; then 228 cp -fb " $MokManagerSource " " $InstallDir / $TargetDir /" 230 if [[ $?
!= 0 ]] ; then 235 # Copy the public keys to the installation medium 237 if [[ $LocalKeys == 1 ]] ; then 238 mkdir
-p " $InstallDir / $TargetDir /keys/" 239 cp " $EtcKeysDir / $LocalKeysBase .cer" " $InstallDir / $TargetDir /keys/" 240 cp " $EtcKeysDir / $LocalKeysBase .crt" " $InstallDir / $TargetDir /keys/" 244 # Determine (or guess) the filesystem used on the Linux /boot filesystem. 245 # Store the result in the BootFS global variable. 249 Blkid
= `which blkid 2> /dev/null` 251 if [[ $OSName == 'Linux' && -x " $Blkid " ]] ; then 252 BootPart
= `df /boot | grep dev | cut -f 1 -d " "` 253 BootFS
= ` $Blkid -o export $BootPart 2> /dev/null | grep TYPE= | cut -f 2 -d =` 255 if [[ $OSName == 'Darwin' ]] ; then 256 # 0FC63DAF-8483-4772-8E79-3D69D8477DE4 = Linux filesystem 257 # BC13C2FF-59E6-4262-A352-B275FD6F7172 = Freedesktop $boot partition 258 # 933AC7E1-2EB4-4F13-B844-0E14E2AEF915 = Freedesktop Linux /home 259 # E6D6D379-F507-44C2-A23C-238F2A3DF928 = Linux LVM 260 # A19D880F-05FC-4D3B-A006-743F0F84911E = Linux RAID 261 # 0657FD6D-A4AB-43C4-84E5-0933C84B4F4F = Linux swap 262 Temp
= $
( diskutil list |
grep -i '0FC63DAF-8483-4772-8E79-3D69D8477DE4\|BC13C2FF-59E6-4262-A352-B275FD6F7172\|933AC7E1-2EB4-4F13-B844-0E14E2AEF915\|E6D6D379-F507-44C2-A23C-238F2A3DF928\|A19D880F-05FC-4D3B-A006-743F0F84911E\|0657FD6D-A4AB-43C4-84E5-0933C84B4F4F\|Linux' ) 264 if [[ -n $Temp ]] ; then 265 echo "Found suspected Linux partition(s); installing ext4fs driver." 271 # Copy drivers from $RefindDir/drivers_$1 to $InstallDir/$TargetDir/drivers_$1, 272 # honoring the $InstallDrivers condition. Must be passed a suitable 273 # architecture code (ia32 or x64). 275 if [[ $InstallDrivers == "all" ]] ; then 276 mkdir
-p " $InstallDir / $TargetDir /drivers_ $1 " 277 cp " $ThisDir " / drivers_
$1 /* _
$1 .efi
" $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
278 cp " $RefindDir " / drivers_
$1 /* _
$1 .efi
" $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
279 elif [[ " $InstallDrivers " == "boot" ]] ; then 283 ext2 | ext3
) DriverType
= "ext2" 284 # Could use ext4, but that can create unwanted entries from symbolic 285 # links in / to /boot/vmlinuz if a separate /boot partition is used. 287 ext4
) DriverType
= "ext4" 289 reiserfs
) DriverType
= "reiserfs" 291 btrfs
) DriverType
= "btrfs" 293 hfsplus
) DriverType
= "hfs" 297 if [[ -n $BootFS ]] ; then 298 echo "Installing driver for $BootFS ( ${DriverType} _ $1 .efi)" 299 mkdir
-p " $InstallDir / $TargetDir /drivers_ $1 " 300 cp " $ThisDir /drivers_ $1 / ${DriverType} _ $1 .efi" " $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
301 cp " $RefindDir /drivers_ $1 / ${DriverType} _ $1 .efi" " $InstallDir / $TargetDir /drivers_ $1 " / 2 > / dev
/ null
306 # Copy tools (currently only gptsync, and that only on Macs) to the EFI/tools 307 # directory on the ESP. Must be passed a suitable architecture code (ia32 310 mkdir
-p " $InstallDir /EFI/tools" 311 if [[ $OSName == 'Darwin' ]] ; then 312 cp -f " $RefindDir /tools_ $1 /gptsync_ $1 .efi" " $InstallDir /EFI/tools/" 313 if [[ -f " $InstallDir /EFI/tools/gptsync.efi" ]] ; then 314 mv " $InstallDir /EFI/tools/gptsync.efi" " $InstallDir /EFI/tools/gptsync.efi-disabled" 315 echo "Found old gptsync.efi; disabling it by renaming it to gptsync.efi-disabled" 320 # Copy the rEFInd files to the ESP or OS X root partition. 321 # Sets Problems=1 if any critical commands fail. 323 mkdir
-p " $InstallDir / $TargetDir " 324 if [[ " $TargetDir " == '/EFI/BOOT' ]] ; then 325 cp " $RefindDir /refind_ia32.efi" " $InstallDir / $TargetDir / $TargetIA32 " 2 > / dev
/ null
326 if [[ $?
!= 0 ]] ; then 327 echo "Note: IA32 (x86) binary not installed!" 329 cp " $RefindDir /refind_x64.efi" " $InstallDir / $TargetDir / $TargetX64 " 2 > / dev
/ null
330 if [[ $?
!= 0 ]] ; then 333 if [[ " $ShimSource " != "none" ]] ; then 334 TargetShim
= "bootx64.efi" 337 if [[ $InstallDrivers == "all" ]] ; then 338 cp -r " $RefindDir " / drivers_
* " $InstallDir / $TargetDir /" 2 > / dev
/ null
339 cp -r " $ThisDir " / drivers_
* " $InstallDir / $TargetDir /" 2 > / dev
/ null
340 elif [[ $Upgrade == 1 ||
$InstallToEspOnMac == 1 ]] ; then 341 if [[ $Platform == 'EFI64' ]] ; then 350 if [[ $Platform == 'EFI64' ]] ; then 352 elif [[ $Platform == 'EFI32' ]] ; then 353 Refind
= 'bootia32.efi' 356 elif [[ $Platform == 'EFI64' ||
$TargetDir == "/EFI/Microsoft/Boot" ]] ; then 357 cp " $RefindDir /refind_x64.efi" " $InstallDir / $TargetDir / $TargetX64 " 358 if [[ $?
!= 0 ]] ; then 363 Refind
= "refind_x64.efi" 365 if [[ " $ShimSource " != "none" ]] ; then 366 if [[ " $TargetShim " == "default" ]] ; then 367 TargetShim
= `basename " $ShimSource "` 371 if [[ $LocalKeys == 0 ]] ; then 372 echo "Storing copies of rEFInd Secure Boot public keys in $EtcKeysDir " 373 mkdir
-p " $EtcKeysDir " 374 cp " $ThisDir /keys/refind.cer" " $EtcKeysDir " 2 > / dev
/ null
375 cp " $ThisDir /keys/refind.crt" " $EtcKeysDir " 2 > / dev
/ null
378 if [[ " $TargetDir " == '/System/Library/CoreServices' ]] ; then 379 SetupMacHfs
$TargetX64 381 elif [[ $Platform == 'EFI32' ]] ; then 382 cp " $RefindDir /refind_ia32.efi" " $InstallDir / $TargetDir / $TargetIA32 " 383 if [[ $?
!= 0 ]] ; then 388 Refind
= "refind_ia32.efi" 389 if [[ " $TargetDir " == '/System/Library/CoreServices' ]] ; then 390 SetupMacHfs
$TargetIA32 393 echo "Unknown platform! Aborting!" 396 echo "Copied rEFInd binary files" 398 if [[ -d " $InstallDir / $TargetDir /icons" ]] ; then 399 rm -rf " $InstallDir / $TargetDir /icons-backup" &> / dev
/ null
400 mv -f " $InstallDir / $TargetDir /icons" " $InstallDir / $TargetDir /icons-backup" 401 echo "Notice: Backed up existing icons directory as icons-backup." 403 cp -r " $IconsDir " " $InstallDir / $TargetDir " 404 if [[ $?
!= 0 ]] ; then 407 mkdir
-p " $InstallDir / $TargetDir /keys" 408 cp -rf " $ThisDir " / keys
/* .
[ cd ] er
" $InstallDir / $TargetDir /keys/" 2 > / dev
/ null
409 cp -rf " $EtcKeysDir " /* .
[ cd ] er
" $InstallDir / $TargetDir /keys/" 2 > / dev
/ null
410 if [[ -f " $InstallDir / $TargetDir /refind.conf" ]] ; then 411 echo "Existing refind.conf file found; copying sample file as refind.conf-sample" 412 echo "to avoid overwriting your customizations." 414 cp -f " $ConfFile " " $InstallDir / $TargetDir " 415 if [[ $?
!= 0 ]] ; then 419 echo "Copying sample configuration file as refind.conf; edit this file to configure" 422 cp -f " $ConfFile " " $InstallDir / $TargetDir /refind.conf" 423 if [[ $?
!= 0 ]] ; then 427 if [[ $DeleteRefindDir == 1 ]] ; then 428 echo "Deleting the temporary directory $RefindDir " 431 } # CopyRefindFiles() 433 # Mount the partition the user specified with the --usedefault or --ownhfs option 434 MountDefaultTarget
() { 435 InstallDir
=/ tmp
/ refind_install
436 mkdir
-p " $InstallDir " 438 if [[ $OSName == 'Darwin' ]] ; then 439 if [[ $OwnHfs == '1' ]] ; then 440 Temp
= `diskutil info " $TargetPart " | grep "Mount Point"` 441 InstallDir
= `echo $Temp | cut -f 3-30 -d ' '` 442 if [[ $InstallDir == '' ]] ; then 443 InstallDir
=/ tmp
/ refind_install
444 mount
-t hfs
" $TargetPart " " $InstallDir " 449 mount
-t msdos
" $TargetPart " " $InstallDir " 451 elif [[ $OSName == 'Linux' ]] ; then 452 mount
-t vfat
" $TargetPart " " $InstallDir " 454 if [[ $?
!= 0 ]] ; then 455 echo "Couldn't mount $TargetPart ! Aborting!" 459 } # MountDefaultTarget() 462 # A series of OS X support functions.... 465 # Mount the ESP at /Volumes/ESP or determine its current mount 467 # Sets InstallDir to the ESP mount point 468 # Sets UnmountEsp if we mounted it 470 # Identify the ESP. Note: This returns the FIRST ESP found; 471 # if the system has multiple disks, this could be wrong! 472 Temp
= $
( mount |
sed -n -E "/^(\/dev\/disk[0-9]+s[0-9]+) on \/ \(.*$/s//\1/p" ) 474 Temp
= $
( diskutil list |
grep " EFI " |
grep -o 'disk.*' |
head -n 1 ) 475 if [ -z $Temp ]; then 476 echo "Warning: root device doesn't have an EFI partition" 479 echo "Warning: root device could not be found" 481 if [ -z $Temp ]; then 482 Temp
= $
( diskutil list |
sed -n -E '/^ *[0-9]+:[ ]+EFI EFI[ ]+[0-9.]+ [A-Z]+[ ]+(disk[0-9]+s[0-9]+)$/ { s//\1/p 486 if [ -z $Temp ]; then 487 echo "Could not find an EFI partition. Aborting!" 491 Esp
=/ dev
/ `echo $Temp ` 492 # If the ESP is mounted, use its current mount point.... 493 Temp
= `df -P | grep " $Esp "` 494 InstallDir
= `echo $Temp | cut -f 6 -d ' '` 495 if [[ " $InstallDir " == '' ]] ; then 496 mkdir
/ Volumes
/ ESP
&> / dev
/ null
497 mount
-t msdos
" $Esp " / Volumes
/ ESP
498 # Some systems have HFS+ "ESPs." They shouldn't, but they do. If this is 499 # detected, mount it as such and set appropriate options. 500 if [[ $?
!= 0 ]] ; then 501 mount
-t hfs
" $Esp " / Volumes
/ Esp
504 if [[ $?
!= 0 ]] ; then 505 echo "Unable to mount ESP! Aborting! \n " 510 InstallDir
= "/Volumes/ESP" 514 # Set up for booting from Mac HFS+ volume that boots rEFInd in MJG's way 515 # (http://mjg59.dreamwidth.org/7468.html) 516 # Must be passed the original rEFInd binary filename (without a path). 518 if [[ -s " $InstallDir /mach_kernel" ]] ; then 519 echo "Attempt to install rEFInd to a partition with a /mach_kernel file! Aborting!" 522 cp -n " $InstallDir / $TargetDir /boot.efi" " $InstallDir / $TargetDir /boot.efi-backup" &> / dev
/ null
523 ln -f " $InstallDir / $TargetDir / $1 " " $InstallDir / $TargetDir /boot.efi" 524 touch " $InstallDir /mach_kernel" 525 rm " $InstallDir / $TargetDir /SystemVersion.plist" &> / dev
/ null
526 cat - << ENDOFHERE >> " $InstallDir / $TargetDir /SystemVersion.plist" 527 <xml version="1.0" encoding="UTF-8"?> 528 <plist version="1.0"> 530 <key>ProductBuildVersion</key> 532 <key>ProductName</key> 533 <string>rEFInd</string> 534 <key>ProductVersion</key> 535 <string>0.7.6</string> 541 # Control the OS X installation. 542 # Sets Problems=1 if problems found during the installation. 544 echo "Installing rEFInd on OS X...." 545 if [[ " $InstallToEspOnMac " == "1" ]] ; then 547 elif [[ " $TargetDir " == "/EFI/BOOT" ||
" $OwnHfs " == '1' ]] ; then 550 InstallDir
= " $RootDir /" 552 echo "Installing rEFInd to the partition mounted at $InstallDir " 553 Platform
= `ioreg -l -p IODeviceTree | grep firmware-abi | cut -d " \" " -f 4` 555 if [[ $InstallToEspOnMac == "1" ]] ; then 556 bless
--mount " $InstallDir " --setBoot --file " $InstallDir / $TargetDir / $Refind " 557 elif [[ " $TargetDir " != "/EFI/BOOT" ]] ; then 558 bless
--setBoot --folder " $InstallDir / $TargetDir " --file " $InstallDir / $TargetDir / $Refind " 560 if [[ $?
!= 0 ]] ; then 563 if [[ -f / Library
/ StartupItems
/ rEFItBlesser ||
-d / Library
/ StartupItems
/ rEFItBlesser
]] ; then 565 echo "/Library/StartupItems/rEFItBlesser found!" 566 echo "This program is part of rEFIt, and will cause rEFInd to fail to work after" 567 echo -n "its first boot. Do you want to remove rEFItBlesser (Y/N)? " 569 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 570 echo "Deleting /Library/StartupItems/rEFItBlesser..." 571 rm -r / Library
/ StartupItems
/ rEFItBlesser
573 echo "Not deleting rEFItBlesser." 577 echo "WARNING: If you have an Advanced Format disk, *DO NOT* attempt to check the" 578 echo "bless status with 'bless --info', since this is known to cause disk corruption" 579 echo "on some systems!!" 585 # Now a series of Linux support functions.... 588 # Check for evidence that we're running in Secure Boot mode. If so, and if 589 # appropriate options haven't been set, warn the user and offer to abort. 590 # If we're NOT in Secure Boot mode but the user HAS specified the --shim 591 # or --localkeys option, warn the user and offer to abort. 593 # FIXME: Although I checked the presence (and lack thereof) of the 594 # /sys/firmware/efi/vars/SecureBoot* files on my Secure Boot test system 595 # before releasing this script, I've since found that they are at least 596 # sometimes present when Secure Boot is absent. This means that the first 597 # test can produce false alarms. A better test is highly desirable. 599 VarFile
= `ls -d /sys/firmware/efi/vars/SecureBoot* 2> /dev/null` 600 if [[ -n " $VarFile " && " $TargetDir " != '/EFI/BOOT' && " $ShimSource " == "none" ]] ; then 602 echo "CAUTION: Your computer appears to support Secure Boot, but you haven't" 603 echo "specified a valid shim.efi file source. If you've disabled Secure Boot and" 604 echo "intend to leave it disabled, this is fine; but if Secure Boot is active, the" 605 echo "resulting installation won't boot. You can read more about this topic at" 606 echo "http://www.rodsbooks.com/refind/secureboot.html." 608 echo -n "Do you want to proceed with installation (Y/N)? " 610 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 611 echo "OK; continuing with the installation..." 617 if [[ " $ShimSource " != "none" && ! -n " $VarFile " ]] ; then 619 echo "You've specified installing using a shim.efi file, but your computer does not" 620 echo "appear to be running in Secure Boot mode. Although installing in this way" 621 echo "should work, it's unnecessarily complex. You may continue, but unless you" 622 echo "plan to enable Secure Boot, you should consider stopping and omitting the" 623 echo "--shim option. You can read more about this topic at" 624 echo "http://www.rodsbooks.com/refind/secureboot.html." 626 echo -n "Do you want to proceed with installation (Y/N)? " 628 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 629 echo "OK; continuing with the installation..." 635 if [[ $LocalKeys != 0 && ! -n " $VarFile " ]] ; then 637 echo "You've specified re-signing your rEFInd binaries with locally-generated keys," 638 echo "but your computer does not appear to be running in Secure Boot mode. The" 639 echo "keys you generate will be useless unless you enable Secure Boot. You may" 640 echo "proceed with this installation, but before you do so, you may want to read" 641 echo "more about it at http://www.rodsbooks.com/refind/secureboot.html." 643 echo -n "Do you want to proceed with installation (Y/N)? " 645 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 646 echo "OK; continuing with the installation..." 652 } # CheckSecureBoot() 654 # Check for the presence of locally-generated keys from a previous installation in 655 # $EtcKeysDir (/etc/refind.d/keys). If they're not present, generate them using 658 PrivateKey
= " $EtcKeysDir / $LocalKeysBase .key" 659 CertKey
= " $EtcKeysDir / $LocalKeysBase .crt" 660 DerKey
= " $EtcKeysDir / $LocalKeysBase .cer" 661 OpenSSL
= `which openssl 2> /dev/null` 663 # Do the work only if one or more of the necessary keys is missing 664 # TODO: Technically, we don't need the DerKey; but if it's missing and openssl 665 # is also missing, this will fail. This could be improved. 666 if [[ ! -f " $PrivateKey " ||
! -f " $CertKey " ||
! -f " $DerKey " ]] ; then 667 echo "Generating a fresh set of local keys...." 668 mkdir
-p " $EtcKeysDir " 669 chmod 0700 " $EtcKeysDir " 670 if [[ ! -x " $OpenSSL " ]] ; then 671 echo "Can't find openssl, which is required to create your private signing keys!" 675 if [[ -f " $PrivateKey " ]] ; then 676 echo "Backing up existing $PrivateKey " 677 cp -f " $PrivateKey " " $PrivateKey .backup" 2 > / dev
/ null
679 if [[ -f " $CertKey " ]] ; then 680 echo "Backing up existing $CertKey " 681 cp -f " $CertKey " " $CertKey .backup" 2 > / dev
/ null
683 if [[ -f " $DerKey " ]] ; then 684 echo "Backing up existing $DerKey " 685 cp -f " $DerKey " " $DerKey .backup" 2 > / dev
/ null
687 " $OpenSSL " req
-new -x509 -newkey rsa
: 2048 -keyout " $PrivateKey " -out " $CertKey " \
688 -nodes -days 3650 -subj "/CN=Locally-generated rEFInd key/" 689 " $OpenSSL " x509
-in " $CertKey " -out " $DerKey " -outform DER
690 chmod 0600 " $PrivateKey " 692 echo "Using existing local keys...." 696 # Sign a single binary. Requires parameters: 698 # $2 = destination file 699 # Also assumes that the SBSign, PESign, UseSBSign, UsePESign, and various key variables are set 701 # Aborts script on error 703 $SBSign --key " $PrivateKey " --cert " $CertKey " --output " $2 " " $1 " 704 if [[ $?
!= 0 ]] ; then 705 echo "Problem signing the binary $1 ! Aborting!" 710 # Re-sign the x86-64 binaries with a locally-generated key, First look for appropriate 711 # key files in $EtcKeysDir. If they're present, use them to re-sign the binaries. If 712 # not, try to generate new keys and store them in $EtcKeysDir. 714 SBSign
= `which sbsign 2> /dev/null` 715 echo "Found sbsign at $SBSign " 716 TempDir
= "/tmp/refind_local" 717 if [[ ! -x " $SBSign " ]] ; then 718 echo "Can't find sbsign, which is required to sign rEFInd with your own keys!" 723 mkdir
-p " $TempDir /drivers_x64" 724 cp " $RefindDir /refind.conf-sample $TempDir " 2 > / dev
/ null
725 cp " $ThisDir /refind.conf-sample $TempDir " 2 > / dev
/ null
726 cp " $RefindDir /refind_ia32.efi $TempDir " 2 > / dev
/ null
727 cp -a " $RefindDir /drivers_ia32 $TempDir " 2 > / dev
/ null
728 cp -a " $ThisDir /drivers_ia32 $TempDir " 2 > / dev
/ null
729 SignOneBinary
" $RefindDir /refind_x64.efi" " $TempDir /refind_x64.efi" 731 IFS
= $
( echo -en " \n\b " ) 732 for Driver
in `ls " $RefindDir "/drivers_x64/*.efi " $ThisDir "/drivers_x64/*.efi 2> /dev/null` ; do 733 TempName
= `basename " $Driver "` 734 SignOneBinary
" $Driver " " $TempDir /drivers_x64/ $TempName " 741 # Locate and mount an ESP, if possible, based on parted output. 742 # Should be called only if /boot/efi is NOT an acceptable ESP. 743 # Sets InstallDir to the mounted ESP's path ($RootDir/boot/efi) 744 # and EspFilesystem the filesystem (always "vfat") 746 echo "The ESP doesn't seem to be mounted! Trying to find it...." 753 for Drive
in `ls /dev/[sh]d?` ; do 755 Dmraid
= `which dmraid 2> /dev/null` 756 if [ -x " $Dmraid " ] ; then 757 DmStatus
= `dmraid -r | grep $Drive ` 758 if [ -n " $DmStatus " ] ; then 759 echo " $Drive seems to be part of a RAID array; skipping!" 763 TableType
= `parted $Drive print -m -s 2>/dev/null | awk -F: ' $1 == "' $Drive '" { print $6 }'` 764 if [[ $TableType == 'gpt' && $SkipIt == 0 ]] ; then # read only GPT disks that aren't part of dmraid array 765 PartNum
= `LANG=C parted $Drive print -m -s 2>/dev/null | awk -F: ' $7 ~ "(^boot| boot)" { print $1 }' | head -n 1` 766 if [ " $PartNum " -eq " $PartNum " ] 2 > / dev
/ null
; then 767 InstallDir
= " $RootDir /boot/efi" 769 mount
$Drive$PartNum $InstallDir 770 EspFilesystem
= `grep " $Drive $PartNum .*/boot/efi" /etc/mtab | uniq | grep -v autofs | cut -d " " -f 3` 771 if [[ $EspFilesystem != 'vfat' ]] ; then 774 echo "Mounting ESP at $InstallDir " 777 fi # $PartNum -eq $PartNum 782 # Identifies the ESP's location (/boot or /boot/efi, or these locations under 783 # the directory specified by --root); aborts if the ESP isn't mounted at 785 # Sets InstallDir to the ESP mount point. 787 mount
/ boot
&> / dev
/ null
788 mount
/ boot
/ efi
&> / dev
/ null
789 EspLine
= `df " $RootDir /boot/efi" 2> /dev/null | grep boot/efi` 790 if [[ ! -n " $EspLine " ]] ; then 791 EspLine
= `df " $RootDir "/boot | grep boot` 793 InstallDir
= `echo $EspLine | cut -d " " -f 6` 795 if [[ -n " $InstallDir " ]] ; then 796 EspFilesystem
= `grep -w " $InstallDir " /etc/mtab | uniq | grep -v autofs | cut -d " " -f 3` 798 if [[ $EspFilesystem != 'vfat' ]] ; then 801 if [[ $EspFilesystem != 'vfat' ]] ; then 802 echo " $RootDir / $InstallDir doesn't seem to be on a VFAT filesystem. The ESP must be" 803 echo "mounted at $RootDir /boot or $RootDir /boot/efi and it must be VFAT! Aborting!" 806 echo "ESP was found at $InstallDir using $EspFilesystem " 809 # Uses efibootmgr to add an entry for rEFInd to the EFI's NVRAM. 810 # If this fails, sets Problems=1 814 Efibootmgr
= `which efibootmgr 2> /dev/null` 815 if [[ " $Efibootmgr " ]] ; then 816 InstallDisk
= `grep " $InstallDir " /etc/mtab | cut -d " " -f 1 | cut -c 1-8` 817 PartNum
= `grep " $InstallDir " /etc/mtab | cut -d " " -f 1 | cut -c 9-10` 818 EntryFilename
= " $TargetDir / $Refind " 819 EfiEntryFilename
= `echo ${EntryFilename//\//\\\} ` 820 EfiEntryFilename2
= `echo ${EfiEntryFilename} | sed s/ \\\\\\\\ / \\\\\\\\\\\\\\\\ /g` 821 ExistingEntry
= `" $Efibootmgr " -v | grep -i " $EfiEntryFilename2 "` 823 if [[ " $ExistingEntry " ]] ; then 824 ExistingEntryBootNum
= `echo " $ExistingEntry " | cut -c 5-8` 825 FirstBoot
= `" $Efibootmgr " | grep BootOrder | cut -c 12-15` 826 if [[ " $ExistingEntryBootNum " != " $FirstBoot " ]] ; then 827 echo "An existing rEFInd boot entry exists, but isn't set as the default boot" 828 echo "manager. The boot order is being adjusted to make rEFInd the default boot" 829 echo "manager. If this is NOT what you want, you should use efibootmgr to" 830 echo "manually adjust your EFI's boot order." 831 " $Efibootmgr " -b $ExistingEntryBootNum -B &> / dev
/ null
838 if [[ $InstallIt == "1" ]] ; then 839 echo "Installing it!" 840 " $Efibootmgr " -c -l " $EfiEntryFilename " -L "rEFInd Boot Manager" -d $InstallDisk -p $PartNum &> / dev
/ null
841 if [[ $?
!= 0 ]] ; then 847 else # efibootmgr not found 852 if [[ $EfibootmgrProblems ]] ; then 854 echo "ALERT: There were problems running the efibootmgr program! You may need to" 855 echo "rename the $Refind binary to the default name (EFI/boot/bootx64.efi" 856 echo "on x86-64 systems or EFI/boot/bootia32.efi on x86 systems) to have it run!" 859 echo "rEFInd has been set as the default boot manager." 863 # Create a minimal/sample refind_linux.conf file in /boot. 864 GenerateRefindLinuxConf
() { 865 if [[ -f " $RLConfFile " ]] ; then 866 echo "Existing $RLConfFile found; not overwriting." 868 echo "Creating $RLConfFile ; edit it to adjust kernel options." 869 if [[ -f " $RootDir /etc/default/grub" ]] ; then 870 # We want the default options used by the distribution, stored here.... 871 source " $RootDir /etc/default/grub" 872 echo "Setting default boot options based on $RootDir /etc/default/grub" 874 RootFS
= `df " $RootDir " | grep dev | cut -f 1 -d " "` 875 StartOfDevname
= `echo " $RootFS " | cut -b 1-7` 876 if [[ " $StartOfDevname " == "/dev/sd" ||
" $StartOfDevName " == "/dev/hd" ]] ; then 877 # Identify root filesystem by UUID rather than by device node, if possible 878 Uuid
= `blkid -o export -s UUID " $RootFS " 2> /dev/null | grep UUID=` 879 if [[ -n $Uuid ]] ; then 883 DefaultOptions
= " $GRUB_CMDLINE_LINUX $GRUB_CMDLINE_LINUX_DEFAULT " 884 echo " \" Boot with standard options \" \" ro root= $RootFS $DefaultOptions \" " > $RLConfFile 885 echo " \" Boot to single-user mode \" \" ro root= $RootFS $DefaultOptions single \" " >> $RLConfFile 886 echo " \" Boot with minimal options \" \" ro root= $RootFS \" " >> $RLConfFile 890 # Set varaibles for installation in EFI/BOOT directory 892 TargetDir
= "/EFI/BOOT" 893 if [[ $ShimSource == "none" ]] ; then 894 TargetX64
= "bootx64.efi" 895 TargetIA32
= "bootia32.efi" 897 if [[ $ShimType == "shim.efi" ||
$ShimType == "shimx64.efi" ]] ; then 898 TargetX64
= "grubx64.efi" 899 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then 900 TargetX64
= "loader.efi" 902 echo "Unknown shim/PreBootloader type: $ShimType " 906 TargetIA32
= "bootia32.efi" 907 TargetShim
= "bootx64.efi" 909 } # SetFilenamesForBoot() 911 # Set variables for installation in EFI/Microsoft/Boot directory 913 TargetDir
= "/EFI/Microsoft/Boot" 914 if [[ $ShimSource == "none" ]] ; then 915 TargetX64
= "bootmgfw.efi" 917 if [[ $ShimType == "shim.efi" ||
$ShimType == "shimx64.efi" ]] ; then 918 TargetX64
= "grubx64.efi" 919 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then 920 TargetX64
= "loader.efi" 922 echo "Unknown shim/PreBootloader type: $ShimType " 926 TargetShim
= "bootmgfw.efi" 930 # TargetDir defaults to /EFI/refind; however, this function adjusts it as follows: 931 # - If an existing refind.conf is available in /EFI/BOOT or /EFI/Microsoft/Boot, 932 # install to that directory under the suitable name; but DO NOT do this if 933 # refind.conf is also in /EFI/refind. 934 # - If booted in BIOS mode and the ESP lacks any other EFI files, install to 936 # - If booted in BIOS mode and there's no refind.conf file and there is a 937 # /EFI/Microsoft/Boot/bootmgfw.efi file, move it down one level and 938 # install under that name, "hijacking" the Windows boot loader filename 939 DetermineTargetDir
() { 942 if [[ -f $InstallDir / EFI
/ BOOT
/ refind.conf
]] ; then 946 if [[ -f $InstallDir / EFI
/ Microsoft
/ Boot
/ refind.conf
]] ; then 950 if [[ -f $InstallDir / EFI
/ refind
/ refind.conf
]] ; then 951 TargetDir
= "/EFI/refind" 954 if [[ $Upgrade == 1 ]] ; then 955 echo "Found rEFInd installation in $InstallDir $TargetDir ; upgrading it." 958 if [[ ! -d / sys
/ firmware
/ efi
&& $Upgrade == 0 ]] ; then # BIOS-mode 959 FoundEfiFiles
= `find " $InstallDir /EFI/BOOT" -name "*.efi" 2> /dev/null` 960 FoundConfFiles
= `find " $InstallDir " -name "refind\.conf" 2> /dev/null` 961 if [[ ! -n " $FoundConfFiles " && -f " $InstallDir /EFI/Microsoft/Boot/bootmgfw.efi" ]] ; then 962 mv -n " $InstallDir /EFI/Microsoft/Boot/bootmgfw.efi" " $InstallDir /EFI/Microsoft" &> / dev
/ null
964 echo "Running in BIOS mode with a suspected Windows installation; moving boot loader" 965 echo "files so as to install to $InstallDir $TargetDir ." 966 elif [[ ! -n " $FoundEfiFiles " ]] ; then # In BIOS mode and no default loader; install as default loader 968 echo "Running in BIOS mode with no existing default boot loader; installing to" 969 echo $InstallDir$TargetDir 971 echo "Running in BIOS mode with an existing default boot loader; backing it up and" 972 echo "installing rEFInd in its place." 973 if [[ -d " $InstallDir /EFI/BOOT-rEFIndBackup" ]] ; then 975 echo "Caution: An existing backup of a default boot loader exists! If the current" 976 echo "default boot loader and the backup are different boot loaders, the current" 977 echo "one will become inaccessible." 979 echo -n "Do you want to proceed with installation (Y/N)? " 981 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 982 echo "OK; continuing with the installation..." 987 mv -n " $InstallDir /EFI/BOOT" " $InstallDir /EFI/BOOT-rEFIndBackup" 991 } # DetermineTargetDir() 993 # Controls rEFInd installation under Linux. 994 # Sets Problems=1 if something goes wrong. 996 if [[ " $TargetDir " == "/System/Library/CoreServices" ]] ; then 997 echo "You may not use the --ownhfs option under Linux! Aborting!" 1000 echo "Installing rEFInd on Linux...." 1001 modprobe efivars
&> / dev
/ null
1002 if [[ $TargetDir == "/EFI/BOOT" ]] ; then 1009 if [[ $CpuType == 'x86_64' ]] ; then 1011 elif [[ ( $CpuType == 'i386' ||
$CpuType == 'i486' ||
$CpuType == 'i586' ||
$CpuType == 'i686' ) ]] ; then 1013 # If we're in EFI mode, do some sanity checks, and alert the user or even 1014 # abort. Not in BIOS mode, though, since that could be used on an emergency 1015 # disc to try to recover a troubled Linux installation. 1016 if [[ -d / sys
/ firmware
/ efi
]] ; then 1017 if [[ " $ShimSource " != "none" && " $TargetDir " != "/BOOT/EFI" ]] ; then 1019 echo "CAUTION: shim does not currently supports 32-bit systems, so you should not" 1020 echo "use the --shim option to install on such systems. Aborting!" 1025 echo "CAUTION: This Linux installation uses a 32-bit kernel. 32-bit EFI-based" 1026 echo "computers are VERY RARE. If you've installed a 32-bit version of Linux" 1027 echo "on a 64-bit computer, you should manually install the 64-bit version of" 1028 echo "rEFInd. If you're installing on a Mac, you should do so from OS X. If" 1029 echo "you're positive you want to continue with this installation, answer 'Y'" 1030 echo "to the following question..." 1032 echo -n "Are you sure you want to continue (Y/N)? " 1034 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then 1035 echo "OK; continuing with the installation..." 1041 echo "Unknown CPU type ' $CpuType '; aborting!" 1045 if [[ $LocalKeys == 1 ]] ; then 1051 if [[ " $TargetDir " != "/EFI/BOOT" && " $TargetDir " != "/EFI/Microsoft/Boot" ]] ; then 1053 GenerateRefindLinuxConf
1055 } # InstallOnLinux() 1058 # The main part of the script. Sets a few environment variables, 1059 # performs a few startup checks, and then calls functions to 1060 # install under OS X or Linux, depending on the detected platform. 1064 ThisDir
= "$( cd -P " $
( dirname " ${BASH_SOURCE[0]} " ) " && pwd )" 1065 RefindDir
= " $ThisDir /refind" 1066 ThisScript
= " $ThisDir /`basename $0 `" 1067 if [[ `whoami` != "root" ]] ; then 1068 echo "Not running as root; attempting to elevate privileges via sudo...." 1069 sudo
" $ThisScript " "$@" 1070 if [[ $?
!= 0 ]] ; then 1071 echo "This script must be run as root (or using sudo). Exiting!" 1078 if [[ $OSName == 'Darwin' ]] ; then 1079 if [[ " $ShimSource " != "none" ]] ; then 1080 echo "The --shim option is not supported on OS X! Exiting!" 1083 if [[ " $LocalKeys " != 0 ]] ; then 1084 echo "The --localkeys option is not supported on OS X! Exiting!" 1087 if [[ $InstallToEspOnMac == 1 ]] ; then 1089 TargetX64
= "bootx64.efi" 1090 TargetIA32
= "bootia32.efi" 1093 elif [[ $OSName == 'Linux' ]] ; then 1096 echo "Running on unknown OS; aborting!" 1097 if [[ " $InstallToEspOnMac " == 0 ]] ; then 1098 echo "The --notesp option is not supported on Linux! Exiting!" 1103 if [[ $Problems ]] ; then 1106 echo "Installation has completed, but problems were detected. Review the output for" 1107 echo "error messages and take corrective measures as necessary. You may need to" 1108 echo "re-run this script or install manually before rEFInd will work." 1112 echo "Installation has completed successfully." 1116 if [[ $UnmountEsp == '1' ]] ; then 1117 echo "Unmounting install dir" 1121 if [[ " $InstallDir " == / tmp
/ refind_install
]] ; then