]>
code.delx.au - refind/blob - install.sh
3 # Linux/MacOS X script to install rEFInd
7 # ./install.sh [options]
10 # "--notesp" to install to the OS X root filesystem rather than to the ESP.
11 # This option may not be used under Linux.
12 # "--usedefault {devicefile}" to install as default
13 # (/EFI/BOOT/BOOTX64.EFI and similar) to the specified device
14 # (/dev/sdd1 or whatever) without registering with the NVRAM.
15 # "--ownhfs {devicefile}" to install to an HFS+ volume that's NOT currently
16 # an OS X boot volume.
17 # "--root {dir}" to specify installation using the specified directory
18 # as the system's root
19 # "--alldrivers" to install all drivers along with regular files
20 # "--nodrivers" to suppress driver installation (default in Linux is
21 # driver used on /boot; --nodrivers is OS X default)
22 # "--shim {shimfile}" to install a shim.efi file for Secure Boot
23 # "--preloader" is synonymous with "--shim"
24 # "--localkeys" to re-sign x86-64 binaries with a locally-generated key
25 # "--yes" to assume a "yes" response to all prompts
27 # The "esp" option is valid only on Mac OS X; it causes
28 # installation to the EFI System Partition (ESP) rather than
29 # to the current OS X boot partition. Under Linux, this script
30 # installs to the ESP by default.
32 # This program is copyright (c) 2012 by Roderick W. Smith
33 # It is released under the terms of the GNU GPL, version 3,
34 # a copy of which should be included in the file COPYING.txt.
38 # 0.8.5 -- Refinement/cleanup of new OS X ESP-as-default policy
39 # 0.8.4 -- OS X default changed to install to ESP under /EFI/BOOT
40 # 0.7.9 -- Fixed bug that caused errors if dmraid utility not installed
41 # 0.7.7 -- Fixed bug that created mangled refind_linux.conf file; added ability
42 # to locate and mount ESP on Linux, if it's not mounted
43 # 0.7.6 -- Added --ownhfs {device-filename} option
44 # 0.7.5 -- Fixed bug when installing to ESP on recent versions of OS X
45 # 0.7.2 -- Fixed code that could be confused by use of autofs to mount the ESP
46 # 0.7.0 -- Added support for the new Btrfs driver
47 # 0.6.12 -- Added support for PreLoader as well as for shim
48 # 0.6.11 -- Improvements in script's ability to handle directories with spaces
50 # 0.6.9 -- Install gptsync on Macs
51 # 0.6.8 -- Bug fix: ESP scan now uses "uniq".
52 # 0.6.6 -- Bug fix: Upgrade drivers when installed to EFI/BOOT. Also enable
53 # copying shim.efi and MokManager.efi over themselves.
54 # 0.6.4 -- Copies ext2 driver rather than ext4 driver for ext2/3fs
55 # 0.6.3 -- Support for detecting rEFInd in EFI/BOOT and EFI/Microsoft/Boot
56 # directories & for installing to EFI/BOOT in BIOS mode
57 # 0.6.2-1 -- Added --yes option & tweaked key-copying for use with RPM install script
58 # 0.6.1 -- Added --root option; minor bug fixes
59 # 0.6.0 -- Changed --drivers to --alldrivers and added --nodrivers option;
60 # changed default driver installation behavior in Linux to install
61 # the driver needed to read /boot (if available)
62 # 0.5.1.2 -- Fixed bug that caused failure to generate refind_linux.conf file
63 # 0.5.1.1 -- Fixed bug that caused script failure under OS X
64 # 0.5.1 -- Added --shim & --localkeys options & create sample refind_linux.conf
66 # 0.5.0 -- Added --usedefault & --drivers options & changed "esp" option to "--esp"
67 # 0.4.5 -- Fixed check for rEFItBlesser in OS X
68 # 0.4.2 -- Added notice about BIOS-based OSes & made NVRAM changes in Linux smarter
69 # 0.4.1 -- Added check for rEFItBlesser in OS X
70 # 0.3.3.1 -- Fixed OS X 10.7 bug; also works as make target
71 # 0.3.2.1 -- Check for presence of source files; aborts if not present
72 # 0.3.2 -- Initial version
74 # Note: install.sh version numbers match those of the rEFInd package
75 # with which they first appeared.
79 LocalKeysBase
= "refind_local"
83 TargetX64
= "refind_x64.efi"
84 TargetIA32
= "refind_ia32.efi"
90 # Functions used by both OS X and Linux....
95 # Install the driver required to read Linux /boot, if it's available
96 # Note: Under OS X, this will be installed only if a Linux partition
97 # is detected, in which case the ext4fs driver will be installed.
99 while [[ $# -gt 0 ]]; do
101 --notesp ) InstallToEspOnMac
= 0
106 TargetDir
=/ System
/ Library
/ CoreServices
109 --usedefault ) TargetDir
=/ EFI
/ BOOT
111 TargetX64
= "bootx64.efi"
112 TargetIA32
= "bootia32.efi"
119 --localkeys ) LocalKeys
= 1
121 --shim |
--preloader ) ShimSource
= " $2 "
122 ShimType
= `basename $ShimSource `
125 --drivers |
--alldrivers ) InstallDrivers
= "all"
127 --nodrivers ) InstallDrivers
= "none"
131 * ) echo "Usage: $0 [--notesp | --usedefault {device-file} | --root {dir} |"
132 echo " --ownhfs {device-file} ]"
133 echo " [--nodrivers | --alldrivers] [--shim {shim-filename}]"
134 echo " [--localkeys] [--yes]"
139 if [[ " $InstallToEspOnMac " == 0 && " $RootDir " == '/' && " $TargetDir " == '/EFI/BOOT' ]] ; then
140 echo "You may use --notesp OR --usedefault, but not both! Aborting!"
143 if [[ " $RootDir " != '/' && " $TargetDir " == '/EFI/BOOT' ]] ; then
144 echo "You may use --root OR --usedefault, but not both! Aborting!"
147 if [[ " $TargetDir " != '/System/Library/CoreServices' && " $OwnHfs " == '1' ]] ; then
148 echo "If you use --ownhfs, you may NOT use --usedefault! Aborting!"
151 RLConfFile
= " $RootDir /boot/refind_linux.conf"
152 EtcKeysDir
= " $RootDir /etc/refind.d/keys"
155 # Get a yes/no response from the user and place it in the YesNo variable.
156 # If the AlwaysYes variable is set to 1, skip the user input and set "Y"
157 # in the YesNo variable.
159 if [[ $AlwaysYes == 1 ]] ; then
167 # Abort if the rEFInd files can't be found.
168 # Also sets $ConfFile to point to the configuration file,
169 # $IconsDir to point to the icons directory, and
170 # $ShimSource to the source of the shim.efi file (if necessary).
172 # Note: This check is satisfied if EITHER the 32- or the 64-bit version
173 # is found, even on the wrong platform. This is because the platform
174 # hasn't yet been determined. This could obviously be improved, but it
175 # would mean restructuring lots more code....
176 if [[ ! -f " $RefindDir /refind_ia32.efi" && ! -f " $RefindDir /refind_x64.efi" ]] ; then
177 echo "The rEFInd binary file is missing! Aborting installation!"
181 if [[ -f " $RefindDir /refind.conf-sample" ]] ; then
182 ConfFile
= " $RefindDir /refind.conf-sample"
183 elif [[ -f " $ThisDir /refind.conf-sample" ]] ; then
184 ConfFile
= " $ThisDir /refind.conf-sample"
186 echo "The sample configuration file is missing! Aborting installation!"
190 if [[ -d " $RefindDir /icons" ]] ; then
191 IconsDir
= " $RefindDir /icons"
192 elif [[ -d " $ThisDir /icons" ]] ; then
193 IconsDir
= " $ThisDir /icons"
195 echo "The icons directory is missing! Aborting installation!"
199 if [[ " $ShimSource " != "none" ]] ; then
200 if [[ -f " $ShimSource " ]] ; then
201 if [[ $ShimType == "shimx64.efi" ||
$ShimType == "shim.efi" ]] ; then
202 TargetX64
= "grubx64.efi"
203 MokManagerSource
= `dirname " $ShimSource "` / MokManager.efi
204 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then
205 TargetX64
= "loader.efi"
206 MokManagerSource
= `dirname " $ShimSource "` / HashTool.efi
208 echo "Unknown shim/PreBootloader filename: $ShimType !"
209 echo "Known filenames are shimx64.efi, shim.efi, and PreLoader.efi. Aborting!"
213 echo "The specified shim/PreBootloader file, $ShimSource , doesn't exist!"
214 echo "Aborting installation!"
220 # Helper for CopyRefindFiles; copies shim files (including MokManager, if it's
221 # available) to target.
223 cp -fb " $ShimSource " " $InstallDir / $TargetDir / $TargetShim "
224 if [[ $?
!= 0 ]] ; then
227 if [[ -f " $MokManagerSource " ]] ; then
228 cp -fb " $MokManagerSource " " $InstallDir / $TargetDir /"
230 if [[ $?
!= 0 ]] ; then
235 # Copy the public keys to the installation medium
237 if [[ $LocalKeys == 1 ]] ; then
238 mkdir
-p " $InstallDir / $TargetDir /keys/"
239 cp " $EtcKeysDir / $LocalKeysBase .cer" " $InstallDir / $TargetDir /keys/"
240 cp " $EtcKeysDir / $LocalKeysBase .crt" " $InstallDir / $TargetDir /keys/"
244 # Determine (or guess) the filesystem used on the Linux /boot filesystem.
245 # Store the result in the BootFS global variable.
249 Blkid
= `which blkid 2> /dev/null`
251 if [[ $OSName == 'Linux' && -x " $Blkid " ]] ; then
252 BootPart
= `df /boot | grep dev | cut -f 1 -d " "`
253 BootFS
= ` $Blkid -o export $BootPart 2> /dev/null | grep TYPE= | cut -f 2 -d =`
255 if [[ $OSName == 'Darwin' ]] ; then
256 # 0FC63DAF-8483-4772-8E79-3D69D8477DE4 = Linux filesystem
257 # BC13C2FF-59E6-4262-A352-B275FD6F7172 = Freedesktop $boot partition
258 # 933AC7E1-2EB4-4F13-B844-0E14E2AEF915 = Freedesktop Linux /home
259 # E6D6D379-F507-44C2-A23C-238F2A3DF928 = Linux LVM
260 # A19D880F-05FC-4D3B-A006-743F0F84911E = Linux RAID
261 # 0657FD6D-A4AB-43C4-84E5-0933C84B4F4F = Linux swap
262 Temp
= $
( diskutil list |
grep -i '0FC63DAF-8483-4772-8E79-3D69D8477DE4\|BC13C2FF-59E6-4262-A352-B275FD6F7172\|933AC7E1-2EB4-4F13-B844-0E14E2AEF915\|E6D6D379-F507-44C2-A23C-238F2A3DF928\|A19D880F-05FC-4D3B-A006-743F0F84911E\|0657FD6D-A4AB-43C4-84E5-0933C84B4F4F\|Linux' )
264 if [[ -n $Temp ]] ; then
265 echo "Found suspected Linux partition(s); installing ext4fs driver."
271 # Copy drivers from $RefindDir/drivers_$1 to $InstallDir/$TargetDir/drivers_$1,
272 # honoring the $InstallDrivers condition. Must be passed a suitable
273 # architecture code (ia32 or x64).
275 if [[ $InstallDrivers == "all" ]] ; then
276 mkdir
-p " $InstallDir / $TargetDir /drivers_ $1 "
277 cp " $ThisDir " / drivers_
$1 /* _
$1 .efi
" $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
278 cp " $RefindDir " / drivers_
$1 /* _
$1 .efi
" $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
279 elif [[ " $InstallDrivers " == "boot" ]] ; then
283 ext2 | ext3
) DriverType
= "ext2"
284 # Could use ext4, but that can create unwanted entries from symbolic
285 # links in / to /boot/vmlinuz if a separate /boot partition is used.
287 ext4
) DriverType
= "ext4"
289 reiserfs
) DriverType
= "reiserfs"
291 btrfs
) DriverType
= "btrfs"
293 hfsplus
) DriverType
= "hfs"
297 if [[ -n $BootFS ]] ; then
298 echo "Installing driver for $BootFS ( ${DriverType} _ $1 .efi)"
299 mkdir
-p " $InstallDir / $TargetDir /drivers_ $1 "
300 cp " $ThisDir /drivers_ $1 / ${DriverType} _ $1 .efi" " $InstallDir / $TargetDir /drivers_ $1 /" 2 > / dev
/ null
301 cp " $RefindDir /drivers_ $1 / ${DriverType} _ $1 .efi" " $InstallDir / $TargetDir /drivers_ $1 " / 2 > / dev
/ null
306 # Copy tools (currently only gptsync, and that only on Macs) to the EFI/tools
307 # directory on the ESP. Must be passed a suitable architecture code (ia32
310 mkdir
-p " $InstallDir /EFI/tools"
311 if [[ $OSName == 'Darwin' ]] ; then
312 cp -f " $RefindDir /tools_ $1 /gptsync_ $1 .efi" " $InstallDir /EFI/tools/"
313 if [[ -f " $InstallDir /EFI/tools/gptsync.efi" ]] ; then
314 mv " $InstallDir /EFI/tools/gptsync.efi" " $InstallDir /EFI/tools/gptsync.efi-disabled"
315 echo "Found old gptsync.efi; disabling it by renaming it to gptsync.efi-disabled"
320 # Copy the rEFInd files to the ESP or OS X root partition.
321 # Sets Problems=1 if any critical commands fail.
323 mkdir
-p " $InstallDir / $TargetDir "
324 if [[ " $TargetDir " == '/EFI/BOOT' ]] ; then
325 cp " $RefindDir /refind_ia32.efi" " $InstallDir / $TargetDir / $TargetIA32 " 2 > / dev
/ null
326 if [[ $?
!= 0 ]] ; then
327 echo "Note: IA32 (x86) binary not installed!"
329 cp " $RefindDir /refind_x64.efi" " $InstallDir / $TargetDir / $TargetX64 " 2 > / dev
/ null
330 if [[ $?
!= 0 ]] ; then
333 if [[ " $ShimSource " != "none" ]] ; then
334 TargetShim
= "bootx64.efi"
337 if [[ $InstallDrivers == "all" ]] ; then
338 cp -r " $RefindDir " / drivers_
* " $InstallDir / $TargetDir /" 2 > / dev
/ null
339 cp -r " $ThisDir " / drivers_
* " $InstallDir / $TargetDir /" 2 > / dev
/ null
340 elif [[ $Upgrade == 1 ||
$InstallToEspOnMac == 1 ]] ; then
341 if [[ $Platform == 'EFI64' ]] ; then
350 if [[ $Platform == 'EFI64' ]] ; then
352 elif [[ $Platform == 'EFI32' ]] ; then
353 Refind
= 'bootia32.efi'
356 elif [[ $Platform == 'EFI64' ||
$TargetDir == "/EFI/Microsoft/Boot" ]] ; then
357 cp " $RefindDir /refind_x64.efi" " $InstallDir / $TargetDir / $TargetX64 "
358 if [[ $?
!= 0 ]] ; then
363 Refind
= "refind_x64.efi"
365 if [[ " $ShimSource " != "none" ]] ; then
366 if [[ " $TargetShim " == "default" ]] ; then
367 TargetShim
= `basename " $ShimSource "`
371 if [[ $LocalKeys == 0 ]] ; then
372 echo "Storing copies of rEFInd Secure Boot public keys in $EtcKeysDir "
373 mkdir
-p " $EtcKeysDir "
374 cp " $ThisDir /keys/refind.cer" " $EtcKeysDir " 2 > / dev
/ null
375 cp " $ThisDir /keys/refind.crt" " $EtcKeysDir " 2 > / dev
/ null
378 if [[ " $TargetDir " == '/System/Library/CoreServices' ]] ; then
379 SetupMacHfs
$TargetX64
381 elif [[ $Platform == 'EFI32' ]] ; then
382 cp " $RefindDir /refind_ia32.efi" " $InstallDir / $TargetDir / $TargetIA32 "
383 if [[ $?
!= 0 ]] ; then
388 Refind
= "refind_ia32.efi"
389 if [[ " $TargetDir " == '/System/Library/CoreServices' ]] ; then
390 SetupMacHfs
$TargetIA32
393 echo "Unknown platform! Aborting!"
396 echo "Copied rEFInd binary files"
398 if [[ -d " $InstallDir / $TargetDir /icons" ]] ; then
399 rm -rf " $InstallDir / $TargetDir /icons-backup" &> / dev
/ null
400 mv -f " $InstallDir / $TargetDir /icons" " $InstallDir / $TargetDir /icons-backup"
401 echo "Notice: Backed up existing icons directory as icons-backup."
403 cp -r " $IconsDir " " $InstallDir / $TargetDir "
404 if [[ $?
!= 0 ]] ; then
407 mkdir
-p " $InstallDir / $TargetDir /keys"
408 cp -rf " $ThisDir " / keys
/* .
[ cd ] er
" $InstallDir / $TargetDir /keys/" 2 > / dev
/ null
409 cp -rf " $EtcKeysDir " /* .
[ cd ] er
" $InstallDir / $TargetDir /keys/" 2 > / dev
/ null
410 if [[ -f " $InstallDir / $TargetDir /refind.conf" ]] ; then
411 echo "Existing refind.conf file found; copying sample file as refind.conf-sample"
412 echo "to avoid overwriting your customizations."
414 cp -f " $ConfFile " " $InstallDir / $TargetDir "
415 if [[ $?
!= 0 ]] ; then
419 echo "Copying sample configuration file as refind.conf; edit this file to configure"
422 cp -f " $ConfFile " " $InstallDir / $TargetDir /refind.conf"
423 if [[ $?
!= 0 ]] ; then
427 if [[ $DeleteRefindDir == 1 ]] ; then
428 echo "Deleting the temporary directory $RefindDir "
431 } # CopyRefindFiles()
433 # Mount the partition the user specified with the --usedefault or --ownhfs option
434 MountDefaultTarget
() {
435 InstallDir
=/ tmp
/ refind_install
436 mkdir
-p " $InstallDir "
438 if [[ $OSName == 'Darwin' ]] ; then
439 if [[ $OwnHfs == '1' ]] ; then
440 Temp
= `diskutil info " $TargetPart " | grep "Mount Point"`
441 InstallDir
= `echo $Temp | cut -f 3-30 -d ' '`
442 if [[ $InstallDir == '' ]] ; then
443 InstallDir
=/ tmp
/ refind_install
444 mount
-t hfs
" $TargetPart " " $InstallDir "
449 mount
-t msdos
" $TargetPart " " $InstallDir "
451 elif [[ $OSName == 'Linux' ]] ; then
452 mount
-t vfat
" $TargetPart " " $InstallDir "
454 if [[ $?
!= 0 ]] ; then
455 echo "Couldn't mount $TargetPart ! Aborting!"
459 } # MountDefaultTarget()
462 # A series of OS X support functions....
465 # Mount the ESP at /Volumes/ESP or determine its current mount
467 # Sets InstallDir to the ESP mount point
468 # Sets UnmountEsp if we mounted it
470 # Identify the ESP. Note: This returns the FIRST ESP found;
471 # if the system has multiple disks, this could be wrong!
472 Temp
= $
( mount |
sed -n -E "/^(\/dev\/disk[0-9]+s[0-9]+) on \/ \(.*$/s//\1/p" )
474 Temp
= $
( diskutil list |
grep " EFI " |
grep -o 'disk.*' |
head -n 1 )
475 if [ -z $Temp ]; then
476 echo "Warning: root device doesn't have an EFI partition"
479 echo "Warning: root device could not be found"
481 if [ -z $Temp ]; then
482 Temp
= $
( diskutil list |
sed -n -E '/^ *[0-9]+:[ ]+EFI EFI[ ]+[0-9.]+ [A-Z]+[ ]+(disk[0-9]+s[0-9]+)$/ { s//\1/p
486 if [ -z $Temp ]; then
487 echo "Could not find an EFI partition. Aborting!"
491 Esp
=/ dev
/ `echo $Temp `
492 # If the ESP is mounted, use its current mount point....
493 Temp
= `df -P | grep " $Esp "`
494 InstallDir
= `echo $Temp | cut -f 6 -d ' '`
495 if [[ " $InstallDir " == '' ]] ; then
496 mkdir
/ Volumes
/ ESP
&> / dev
/ null
497 mount
-t msdos
" $Esp " / Volumes
/ ESP
498 # Some systems have HFS+ "ESPs." They shouldn't, but they do. If this is
499 # detected, mount it as such and set appropriate options.
500 if [[ $?
!= 0 ]] ; then
501 mount
-t hfs
" $Esp " / Volumes
/ Esp
504 if [[ $?
!= 0 ]] ; then
505 echo "Unable to mount ESP! Aborting! \n "
510 InstallDir
= "/Volumes/ESP"
514 # Set up for booting from Mac HFS+ volume that boots rEFInd in MJG's way
515 # (http://mjg59.dreamwidth.org/7468.html)
516 # Must be passed the original rEFInd binary filename (without a path).
518 if [[ -s " $InstallDir /mach_kernel" ]] ; then
519 echo "Attempt to install rEFInd to a partition with a /mach_kernel file! Aborting!"
522 cp -n " $InstallDir / $TargetDir /boot.efi" " $InstallDir / $TargetDir /boot.efi-backup" &> / dev
/ null
523 ln -f " $InstallDir / $TargetDir / $1 " " $InstallDir / $TargetDir /boot.efi"
524 touch " $InstallDir /mach_kernel"
525 rm " $InstallDir / $TargetDir /SystemVersion.plist" &> / dev
/ null
526 cat - << ENDOFHERE >> " $InstallDir / $TargetDir /SystemVersion.plist"
527 <xml version="1.0" encoding="UTF-8"?>
528 <plist version="1.0">
530 <key>ProductBuildVersion</key>
532 <key>ProductName</key>
533 <string>rEFInd</string>
534 <key>ProductVersion</key>
535 <string>0.7.6</string>
541 # Control the OS X installation.
542 # Sets Problems=1 if problems found during the installation.
544 echo "Installing rEFInd on OS X...."
545 if [[ " $InstallToEspOnMac " == "1" ]] ; then
547 elif [[ " $TargetDir " == "/EFI/BOOT" ||
" $OwnHfs " == '1' ]] ; then
550 InstallDir
= " $RootDir /"
552 echo "Installing rEFInd to the partition mounted at $InstallDir "
553 Platform
= `ioreg -l -p IODeviceTree | grep firmware-abi | cut -d " \" " -f 4`
555 if [[ $InstallToEspOnMac == "1" ]] ; then
556 bless
--mount " $InstallDir " --setBoot --file " $InstallDir / $TargetDir / $Refind "
557 elif [[ " $TargetDir " != "/EFI/BOOT" ]] ; then
558 bless
--setBoot --folder " $InstallDir / $TargetDir " --file " $InstallDir / $TargetDir / $Refind "
560 if [[ $?
!= 0 ]] ; then
563 if [[ -f / Library
/ StartupItems
/ rEFItBlesser ||
-d / Library
/ StartupItems
/ rEFItBlesser
]] ; then
565 echo "/Library/StartupItems/rEFItBlesser found!"
566 echo "This program is part of rEFIt, and will cause rEFInd to fail to work after"
567 echo -n "its first boot. Do you want to remove rEFItBlesser (Y/N)? "
569 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
570 echo "Deleting /Library/StartupItems/rEFItBlesser..."
571 rm -r / Library
/ StartupItems
/ rEFItBlesser
573 echo "Not deleting rEFItBlesser."
577 echo "WARNING: If you have an Advanced Format disk, *DO NOT* attempt to check the"
578 echo "bless status with 'bless --info', since this is known to cause disk corruption"
579 echo "on some systems!!"
585 # Now a series of Linux support functions....
588 # Check for evidence that we're running in Secure Boot mode. If so, and if
589 # appropriate options haven't been set, warn the user and offer to abort.
590 # If we're NOT in Secure Boot mode but the user HAS specified the --shim
591 # or --localkeys option, warn the user and offer to abort.
593 # FIXME: Although I checked the presence (and lack thereof) of the
594 # /sys/firmware/efi/vars/SecureBoot* files on my Secure Boot test system
595 # before releasing this script, I've since found that they are at least
596 # sometimes present when Secure Boot is absent. This means that the first
597 # test can produce false alarms. A better test is highly desirable.
599 VarFile
= `ls -d /sys/firmware/efi/vars/SecureBoot* 2> /dev/null`
600 if [[ -n " $VarFile " && " $TargetDir " != '/EFI/BOOT' && " $ShimSource " == "none" ]] ; then
602 echo "CAUTION: Your computer appears to support Secure Boot, but you haven't"
603 echo "specified a valid shim.efi file source. If you've disabled Secure Boot and"
604 echo "intend to leave it disabled, this is fine; but if Secure Boot is active, the"
605 echo "resulting installation won't boot. You can read more about this topic at"
606 echo "http://www.rodsbooks.com/refind/secureboot.html."
608 echo -n "Do you want to proceed with installation (Y/N)? "
610 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
611 echo "OK; continuing with the installation..."
617 if [[ " $ShimSource " != "none" && ! -n " $VarFile " ]] ; then
619 echo "You've specified installing using a shim.efi file, but your computer does not"
620 echo "appear to be running in Secure Boot mode. Although installing in this way"
621 echo "should work, it's unnecessarily complex. You may continue, but unless you"
622 echo "plan to enable Secure Boot, you should consider stopping and omitting the"
623 echo "--shim option. You can read more about this topic at"
624 echo "http://www.rodsbooks.com/refind/secureboot.html."
626 echo -n "Do you want to proceed with installation (Y/N)? "
628 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
629 echo "OK; continuing with the installation..."
635 if [[ $LocalKeys != 0 && ! -n " $VarFile " ]] ; then
637 echo "You've specified re-signing your rEFInd binaries with locally-generated keys,"
638 echo "but your computer does not appear to be running in Secure Boot mode. The"
639 echo "keys you generate will be useless unless you enable Secure Boot. You may"
640 echo "proceed with this installation, but before you do so, you may want to read"
641 echo "more about it at http://www.rodsbooks.com/refind/secureboot.html."
643 echo -n "Do you want to proceed with installation (Y/N)? "
645 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
646 echo "OK; continuing with the installation..."
652 } # CheckSecureBoot()
654 # Check for the presence of locally-generated keys from a previous installation in
655 # $EtcKeysDir (/etc/refind.d/keys). If they're not present, generate them using
658 PrivateKey
= " $EtcKeysDir / $LocalKeysBase .key"
659 CertKey
= " $EtcKeysDir / $LocalKeysBase .crt"
660 DerKey
= " $EtcKeysDir / $LocalKeysBase .cer"
661 OpenSSL
= `which openssl 2> /dev/null`
663 # Do the work only if one or more of the necessary keys is missing
664 # TODO: Technically, we don't need the DerKey; but if it's missing and openssl
665 # is also missing, this will fail. This could be improved.
666 if [[ ! -f " $PrivateKey " ||
! -f " $CertKey " ||
! -f " $DerKey " ]] ; then
667 echo "Generating a fresh set of local keys...."
668 mkdir
-p " $EtcKeysDir "
669 chmod 0700 " $EtcKeysDir "
670 if [[ ! -x " $OpenSSL " ]] ; then
671 echo "Can't find openssl, which is required to create your private signing keys!"
675 if [[ -f " $PrivateKey " ]] ; then
676 echo "Backing up existing $PrivateKey "
677 cp -f " $PrivateKey " " $PrivateKey .backup" 2 > / dev
/ null
679 if [[ -f " $CertKey " ]] ; then
680 echo "Backing up existing $CertKey "
681 cp -f " $CertKey " " $CertKey .backup" 2 > / dev
/ null
683 if [[ -f " $DerKey " ]] ; then
684 echo "Backing up existing $DerKey "
685 cp -f " $DerKey " " $DerKey .backup" 2 > / dev
/ null
687 " $OpenSSL " req
-new -x509 -newkey rsa
: 2048 -keyout " $PrivateKey " -out " $CertKey " \
688 -nodes -days 3650 -subj "/CN=Locally-generated rEFInd key/"
689 " $OpenSSL " x509
-in " $CertKey " -out " $DerKey " -outform DER
690 chmod 0600 " $PrivateKey "
692 echo "Using existing local keys...."
696 # Sign a single binary. Requires parameters:
698 # $2 = destination file
699 # Also assumes that the SBSign, PESign, UseSBSign, UsePESign, and various key variables are set
701 # Aborts script on error
703 $SBSign --key " $PrivateKey " --cert " $CertKey " --output " $2 " " $1 "
704 if [[ $?
!= 0 ]] ; then
705 echo "Problem signing the binary $1 ! Aborting!"
710 # Re-sign the x86-64 binaries with a locally-generated key, First look for appropriate
711 # key files in $EtcKeysDir. If they're present, use them to re-sign the binaries. If
712 # not, try to generate new keys and store them in $EtcKeysDir.
714 SBSign
= `which sbsign 2> /dev/null`
715 echo "Found sbsign at $SBSign "
716 TempDir
= "/tmp/refind_local"
717 if [[ ! -x " $SBSign " ]] ; then
718 echo "Can't find sbsign, which is required to sign rEFInd with your own keys!"
723 mkdir
-p " $TempDir /drivers_x64"
724 cp " $RefindDir /refind.conf-sample $TempDir " 2 > / dev
/ null
725 cp " $ThisDir /refind.conf-sample $TempDir " 2 > / dev
/ null
726 cp " $RefindDir /refind_ia32.efi $TempDir " 2 > / dev
/ null
727 cp -a " $RefindDir /drivers_ia32 $TempDir " 2 > / dev
/ null
728 cp -a " $ThisDir /drivers_ia32 $TempDir " 2 > / dev
/ null
729 SignOneBinary
" $RefindDir /refind_x64.efi" " $TempDir /refind_x64.efi"
731 IFS
= $
( echo -en " \n\b " )
732 for Driver
in `ls " $RefindDir "/drivers_x64/*.efi " $ThisDir "/drivers_x64/*.efi 2> /dev/null` ; do
733 TempName
= `basename " $Driver "`
734 SignOneBinary
" $Driver " " $TempDir /drivers_x64/ $TempName "
741 # Locate and mount an ESP, if possible, based on parted output.
742 # Should be called only if /boot/efi is NOT an acceptable ESP.
743 # Sets InstallDir to the mounted ESP's path ($RootDir/boot/efi)
744 # and EspFilesystem the filesystem (always "vfat")
746 echo "The ESP doesn't seem to be mounted! Trying to find it...."
753 for Drive
in `ls /dev/[sh]d?` ; do
755 Dmraid
= `which dmraid 2> /dev/null`
756 if [ -x " $Dmraid " ] ; then
757 DmStatus
= `dmraid -r | grep $Drive `
758 if [ -n " $DmStatus " ] ; then
759 echo " $Drive seems to be part of a RAID array; skipping!"
763 TableType
= `parted $Drive print -m -s 2>/dev/null | awk -F: ' $1 == "' $Drive '" { print $6 }'`
764 if [[ $TableType == 'gpt' && $SkipIt == 0 ]] ; then # read only GPT disks that aren't part of dmraid array
765 PartNum
= `LANG=C parted $Drive print -m -s 2>/dev/null | awk -F: ' $7 ~ "(^boot| boot)" { print $1 }' | head -n 1`
766 if [ " $PartNum " -eq " $PartNum " ] 2 > / dev
/ null
; then
767 InstallDir
= " $RootDir /boot/efi"
769 mount
$Drive$PartNum $InstallDir
770 EspFilesystem
= `grep " $Drive $PartNum .*/boot/efi" /etc/mtab | uniq | grep -v autofs | cut -d " " -f 3`
771 if [[ $EspFilesystem != 'vfat' ]] ; then
774 echo "Mounting ESP at $InstallDir "
777 fi # $PartNum -eq $PartNum
782 # Identifies the ESP's location (/boot or /boot/efi, or these locations under
783 # the directory specified by --root); aborts if the ESP isn't mounted at
785 # Sets InstallDir to the ESP mount point.
787 mount
/ boot
&> / dev
/ null
788 mount
/ boot
/ efi
&> / dev
/ null
789 EspLine
= `df " $RootDir /boot/efi" 2> /dev/null | grep boot/efi`
790 if [[ ! -n " $EspLine " ]] ; then
791 EspLine
= `df " $RootDir "/boot | grep boot`
793 InstallDir
= `echo $EspLine | cut -d " " -f 6`
795 if [[ -n " $InstallDir " ]] ; then
796 EspFilesystem
= `grep -w " $InstallDir " /etc/mtab | uniq | grep -v autofs | cut -d " " -f 3`
798 if [[ $EspFilesystem != 'vfat' ]] ; then
801 if [[ $EspFilesystem != 'vfat' ]] ; then
802 echo " $RootDir / $InstallDir doesn't seem to be on a VFAT filesystem. The ESP must be"
803 echo "mounted at $RootDir /boot or $RootDir /boot/efi and it must be VFAT! Aborting!"
806 echo "ESP was found at $InstallDir using $EspFilesystem "
809 # Uses efibootmgr to add an entry for rEFInd to the EFI's NVRAM.
810 # If this fails, sets Problems=1
814 Efibootmgr
= `which efibootmgr 2> /dev/null`
815 if [[ " $Efibootmgr " ]] ; then
816 InstallDisk
= `grep " $InstallDir " /etc/mtab | cut -d " " -f 1 | cut -c 1-8`
817 PartNum
= `grep " $InstallDir " /etc/mtab | cut -d " " -f 1 | cut -c 9-10`
818 EntryFilename
= " $TargetDir / $Refind "
819 EfiEntryFilename
= `echo ${EntryFilename//\//\\\} `
820 EfiEntryFilename2
= `echo ${EfiEntryFilename} | sed s/ \\\\\\\\ / \\\\\\\\\\\\\\\\ /g`
821 ExistingEntry
= `" $Efibootmgr " -v | grep -i " $EfiEntryFilename2 "`
823 if [[ " $ExistingEntry " ]] ; then
824 ExistingEntryBootNum
= `echo " $ExistingEntry " | cut -c 5-8`
825 FirstBoot
= `" $Efibootmgr " | grep BootOrder | cut -c 12-15`
826 if [[ " $ExistingEntryBootNum " != " $FirstBoot " ]] ; then
827 echo "An existing rEFInd boot entry exists, but isn't set as the default boot"
828 echo "manager. The boot order is being adjusted to make rEFInd the default boot"
829 echo "manager. If this is NOT what you want, you should use efibootmgr to"
830 echo "manually adjust your EFI's boot order."
831 " $Efibootmgr " -b $ExistingEntryBootNum -B &> / dev
/ null
838 if [[ $InstallIt == "1" ]] ; then
839 echo "Installing it!"
840 " $Efibootmgr " -c -l " $EfiEntryFilename " -L "rEFInd Boot Manager" -d $InstallDisk -p $PartNum &> / dev
/ null
841 if [[ $?
!= 0 ]] ; then
847 else # efibootmgr not found
852 if [[ $EfibootmgrProblems ]] ; then
854 echo "ALERT: There were problems running the efibootmgr program! You may need to"
855 echo "rename the $Refind binary to the default name (EFI/boot/bootx64.efi"
856 echo "on x86-64 systems or EFI/boot/bootia32.efi on x86 systems) to have it run!"
859 echo "rEFInd has been set as the default boot manager."
863 # Create a minimal/sample refind_linux.conf file in /boot.
864 GenerateRefindLinuxConf
() {
865 if [[ -f " $RLConfFile " ]] ; then
866 echo "Existing $RLConfFile found; not overwriting."
868 echo "Creating $RLConfFile ; edit it to adjust kernel options."
869 if [[ -f " $RootDir /etc/default/grub" ]] ; then
870 # We want the default options used by the distribution, stored here....
871 source " $RootDir /etc/default/grub"
872 echo "Setting default boot options based on $RootDir /etc/default/grub"
874 RootFS
= `df " $RootDir " | grep dev | cut -f 1 -d " "`
875 StartOfDevname
= `echo " $RootFS " | cut -b 1-7`
876 if [[ " $StartOfDevname " == "/dev/sd" ||
" $StartOfDevName " == "/dev/hd" ]] ; then
877 # Identify root filesystem by UUID rather than by device node, if possible
878 Uuid
= `blkid -o export -s UUID " $RootFS " 2> /dev/null | grep UUID=`
879 if [[ -n $Uuid ]] ; then
883 DefaultOptions
= " $GRUB_CMDLINE_LINUX $GRUB_CMDLINE_LINUX_DEFAULT "
884 echo " \" Boot with standard options \" \" ro root= $RootFS $DefaultOptions \" " > $RLConfFile
885 echo " \" Boot to single-user mode \" \" ro root= $RootFS $DefaultOptions single \" " >> $RLConfFile
886 echo " \" Boot with minimal options \" \" ro root= $RootFS \" " >> $RLConfFile
890 # Set varaibles for installation in EFI/BOOT directory
892 TargetDir
= "/EFI/BOOT"
893 if [[ $ShimSource == "none" ]] ; then
894 TargetX64
= "bootx64.efi"
895 TargetIA32
= "bootia32.efi"
897 if [[ $ShimType == "shim.efi" ||
$ShimType == "shimx64.efi" ]] ; then
898 TargetX64
= "grubx64.efi"
899 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then
900 TargetX64
= "loader.efi"
902 echo "Unknown shim/PreBootloader type: $ShimType "
906 TargetIA32
= "bootia32.efi"
907 TargetShim
= "bootx64.efi"
909 } # SetFilenamesForBoot()
911 # Set variables for installation in EFI/Microsoft/Boot directory
913 TargetDir
= "/EFI/Microsoft/Boot"
914 if [[ $ShimSource == "none" ]] ; then
915 TargetX64
= "bootmgfw.efi"
917 if [[ $ShimType == "shim.efi" ||
$ShimType == "shimx64.efi" ]] ; then
918 TargetX64
= "grubx64.efi"
919 elif [[ $ShimType == "preloader.efi" ||
$ShimType == "PreLoader.efi" ]] ; then
920 TargetX64
= "loader.efi"
922 echo "Unknown shim/PreBootloader type: $ShimType "
926 TargetShim
= "bootmgfw.efi"
930 # TargetDir defaults to /EFI/refind; however, this function adjusts it as follows:
931 # - If an existing refind.conf is available in /EFI/BOOT or /EFI/Microsoft/Boot,
932 # install to that directory under the suitable name; but DO NOT do this if
933 # refind.conf is also in /EFI/refind.
934 # - If booted in BIOS mode and the ESP lacks any other EFI files, install to
936 # - If booted in BIOS mode and there's no refind.conf file and there is a
937 # /EFI/Microsoft/Boot/bootmgfw.efi file, move it down one level and
938 # install under that name, "hijacking" the Windows boot loader filename
939 DetermineTargetDir
() {
942 if [[ -f $InstallDir / EFI
/ BOOT
/ refind.conf
]] ; then
946 if [[ -f $InstallDir / EFI
/ Microsoft
/ Boot
/ refind.conf
]] ; then
950 if [[ -f $InstallDir / EFI
/ refind
/ refind.conf
]] ; then
951 TargetDir
= "/EFI/refind"
954 if [[ $Upgrade == 1 ]] ; then
955 echo "Found rEFInd installation in $InstallDir $TargetDir ; upgrading it."
958 if [[ ! -d / sys
/ firmware
/ efi
&& $Upgrade == 0 ]] ; then # BIOS-mode
959 FoundEfiFiles
= `find " $InstallDir /EFI/BOOT" -name "*.efi" 2> /dev/null`
960 FoundConfFiles
= `find " $InstallDir " -name "refind\.conf" 2> /dev/null`
961 if [[ ! -n " $FoundConfFiles " && -f " $InstallDir /EFI/Microsoft/Boot/bootmgfw.efi" ]] ; then
962 mv -n " $InstallDir /EFI/Microsoft/Boot/bootmgfw.efi" " $InstallDir /EFI/Microsoft" &> / dev
/ null
964 echo "Running in BIOS mode with a suspected Windows installation; moving boot loader"
965 echo "files so as to install to $InstallDir $TargetDir ."
966 elif [[ ! -n " $FoundEfiFiles " ]] ; then # In BIOS mode and no default loader; install as default loader
968 echo "Running in BIOS mode with no existing default boot loader; installing to"
969 echo $InstallDir$TargetDir
971 echo "Running in BIOS mode with an existing default boot loader; backing it up and"
972 echo "installing rEFInd in its place."
973 if [[ -d " $InstallDir /EFI/BOOT-rEFIndBackup" ]] ; then
975 echo "Caution: An existing backup of a default boot loader exists! If the current"
976 echo "default boot loader and the backup are different boot loaders, the current"
977 echo "one will become inaccessible."
979 echo -n "Do you want to proceed with installation (Y/N)? "
981 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
982 echo "OK; continuing with the installation..."
987 mv -n " $InstallDir /EFI/BOOT" " $InstallDir /EFI/BOOT-rEFIndBackup"
991 } # DetermineTargetDir()
993 # Controls rEFInd installation under Linux.
994 # Sets Problems=1 if something goes wrong.
996 if [[ " $TargetDir " == "/System/Library/CoreServices" ]] ; then
997 echo "You may not use the --ownhfs option under Linux! Aborting!"
1000 echo "Installing rEFInd on Linux...."
1001 modprobe efivars
&> / dev
/ null
1002 if [[ $TargetDir == "/EFI/BOOT" ]] ; then
1009 if [[ $CpuType == 'x86_64' ]] ; then
1011 elif [[ ( $CpuType == 'i386' ||
$CpuType == 'i486' ||
$CpuType == 'i586' ||
$CpuType == 'i686' ) ]] ; then
1013 # If we're in EFI mode, do some sanity checks, and alert the user or even
1014 # abort. Not in BIOS mode, though, since that could be used on an emergency
1015 # disc to try to recover a troubled Linux installation.
1016 if [[ -d / sys
/ firmware
/ efi
]] ; then
1017 if [[ " $ShimSource " != "none" && " $TargetDir " != "/BOOT/EFI" ]] ; then
1019 echo "CAUTION: shim does not currently supports 32-bit systems, so you should not"
1020 echo "use the --shim option to install on such systems. Aborting!"
1025 echo "CAUTION: This Linux installation uses a 32-bit kernel. 32-bit EFI-based"
1026 echo "computers are VERY RARE. If you've installed a 32-bit version of Linux"
1027 echo "on a 64-bit computer, you should manually install the 64-bit version of"
1028 echo "rEFInd. If you're installing on a Mac, you should do so from OS X. If"
1029 echo "you're positive you want to continue with this installation, answer 'Y'"
1030 echo "to the following question..."
1032 echo -n "Are you sure you want to continue (Y/N)? "
1034 if [[ $YesNo == "Y" ||
$YesNo == "y" ]] ; then
1035 echo "OK; continuing with the installation..."
1041 echo "Unknown CPU type ' $CpuType '; aborting!"
1045 if [[ $LocalKeys == 1 ]] ; then
1051 if [[ " $TargetDir " != "/EFI/BOOT" && " $TargetDir " != "/EFI/Microsoft/Boot" ]] ; then
1053 GenerateRefindLinuxConf
1055 } # InstallOnLinux()
1058 # The main part of the script. Sets a few environment variables,
1059 # performs a few startup checks, and then calls functions to
1060 # install under OS X or Linux, depending on the detected platform.
1064 ThisDir
= "$( cd -P " $
( dirname " ${BASH_SOURCE[0]} " ) " && pwd )"
1065 RefindDir
= " $ThisDir /refind"
1066 ThisScript
= " $ThisDir /`basename $0 `"
1067 if [[ `whoami` != "root" ]] ; then
1068 echo "Not running as root; attempting to elevate privileges via sudo...."
1069 sudo
" $ThisScript " "$@"
1070 if [[ $?
!= 0 ]] ; then
1071 echo "This script must be run as root (or using sudo). Exiting!"
1078 if [[ $OSName == 'Darwin' ]] ; then
1079 if [[ " $ShimSource " != "none" ]] ; then
1080 echo "The --shim option is not supported on OS X! Exiting!"
1083 if [[ " $LocalKeys " != 0 ]] ; then
1084 echo "The --localkeys option is not supported on OS X! Exiting!"
1087 if [[ $InstallToEspOnMac == 1 ]] ; then
1089 TargetX64
= "bootx64.efi"
1090 TargetIA32
= "bootia32.efi"
1093 elif [[ $OSName == 'Linux' ]] ; then
1096 echo "Running on unknown OS; aborting!"
1097 if [[ " $InstallToEspOnMac " == 0 ]] ; then
1098 echo "The --notesp option is not supported on Linux! Exiting!"
1103 if [[ $Problems ]] ; then
1106 echo "Installation has completed, but problems were detected. Review the output for"
1107 echo "error messages and take corrective measures as necessary. You may need to"
1108 echo "re-run this script or install manually before rEFInd will work."
1112 echo "Installation has completed successfully."
1116 if [[ $UnmountEsp == '1' ]] ; then
1117 echo "Unmounting install dir"
1121 if [[ " $InstallDir " == / tmp
/ refind_install
]] ; then