# Revision history:
#
+# 0.10.5 -- More improvement to handling of disks (other than /dev/[sh]d? disks).
+# 0.10.4 -- Improved handling of disks (other than /dev/[sh]d? disks).
+# 0.10.2 -- Improved Secure Boot detection in Linux, fixed --usedefault in OS X,
+# and fixed bug that could cause mountesp to be installed as a FILE
+# called /usr/local/bin in OS X.
# 0.10.1 -- Improve extraction of default kernel options from /proc/cmdline.
# Add support for AMD64 (aka AARCH64, aa64) platform. Added
# warning when --alldrivers used without --usedefault.
<key>ProductName</key>
<string>rEFInd</string>
<key>ProductVersion</key>
- <string>0.10.0</string>
+ <string>0.10.5</string>
</dict>
</plist>
ENDOFHERE
} # SetupMacHfs()
CheckForSIP() {
- if [[ -x "/usr/bin/csrutil" ]] ; then
+ if [[ -x "/usr/bin/csrutil" && -z "$TargetPart" ]] ; then
local OKToInstall=`/usr/bin/csrutil status | \
grep "Protection status: disabled\|enabled (Apple Internal)\|NVRAM Protections: disabled"`
if [[ -z "$OKToInstall" ]] ; then
# Sets Problems=1 if problems found during the installation.
InstallOnOSX() {
echo "Installing rEFInd on OS X...."
- if [[ "$InstallToEspOnMac" == "1" ]] ; then
+ if [[ "$InstallToEspOnMac" == "1" && -z "$TargetPart" ]] ; then
MountOSXESP
elif [[ "$TargetDir" == "/EFI/BOOT" || "$OwnHfs" == '1' ]] ; then
MountDefaultTarget
DetermineTargetDir
CheckForSIP
CopyRefindFiles
- cp "$ThisDir/mountesp" /usr/local/bin &> /dev/null
- if [[ $InstallToEspOnMac == "1" ]] ; then
+ mkdir -p /usr/local/bin &> /dev/null
+ cp "$ThisDir/mountesp" /usr/local/bin/ &> /dev/null
+ if [[ $InstallToEspOnMac == "1" && -z "$TargetPart" ]] ; then
bless --mount "$InstallDir" --setBoot --file "$InstallDir/$TargetDir/$Refind" --shortform
elif [[ "$TargetDir" != "/EFI/BOOT" ]] ; then
bless --setBoot --folder "$InstallDir/$TargetDir" --file "$InstallDir/$TargetDir/$Refind"
# If we're NOT in Secure Boot mode but the user HAS specified the --shim
# or --localkeys option, warn the user and offer to abort.
CheckSecureBoot() {
- local IsSecureBoot
- if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
+ IsSecureBoot="0"
+ if [[ -f /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c ]] ; then
+ IsSecureBoot=`od -An -t u1 /sys/firmware/efi/efivars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c | awk '{print substr($0,length,1)}'`
+ elif [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
- else
- IsSecureBoot="0"
fi
if [[ $IsSecureBoot == "1" && "$TargetDir" != '/EFI/BOOT' && "$ShimSource" == "none" ]] ; then
echo ""
# Sign a single binary. Requires parameters:
# $1 = source file
# $2 = destination file
-# Also assumes that the SBSign, PESign, UseSBSign, UsePESign, and various key variables are set
-# appropriately.
+# Also assumes that the SBSign and various key variables are set appropriately.
# Aborts script on error
SignOneBinary() {
- $SBSign --key "$PrivateKey" --cert "$CertKey" --output "$2" "$1"
- if [[ $? != 0 ]] ; then
+ $SBSign --key "$PrivateKey" --cert "$CertKey" --output "$2" "$1" 2>&1 >/dev/null | \
+ grep -v "data remaining.*gaps between PE/COFF sections"
+ if [[ "${PIPESTATUS[0]}" != 0 ]] ; then
echo "Problem signing the binary $1! Aborting!"
exit 1
fi
# and EspFilesystem the filesystem (always "vfat")
FindLinuxESP() {
echo "The ESP doesn't seem to be mounted! Trying to find it...."
+ local Name
local Drive
local PartNum
local TableType
local DmStatus
local SkipIt
local Dmraid
- for Drive in `ls /dev/[sh]d?` ; do
+ for Name in `lsblk -r | grep disk | cut -f 1 -d " "` ; do
+ Drive="/dev/$Name"
SkipIt=0
Dmraid=`which dmraid 2> /dev/null`
if [ -x "$Dmraid" ] ; then
if [[ $EspFilesystem != 'vfat' ]] ; then
echo "$RootDir/$InstallDir doesn't seem to be on a VFAT filesystem. The ESP must be"
echo "mounted at $RootDir/boot or $RootDir/boot/efi and it must be VFAT! Aborting!"
- exit 1
+ if [[ -d /sys/firmware/efi ]] ; then
+ exit 1
+ else
+ echo "The computer appears to be running in BIOS mode and has no ESP. You should"
+ echo "create an ESP, and ideally boot in EFI mode, before installing rEFInd."
+ exit 0
+ fi
fi
echo "ESP was found at $InstallDir using $EspFilesystem"
} # FindMountedESP
# If this fails, sets Problems=1
AddBootEntry() {
local PartNum
+ local InstallDisk
+ local InstallPart
+ local Name
Efibootmgr=`which efibootmgr 2> /dev/null`
if [[ "$Efibootmgr" ]] ; then
- InstallDisk=`grep "$InstallDir" /etc/mtab | cut -d " " -f 1 | cut -c 1-8`
- PartNum=`grep "$InstallDir" /etc/mtab | cut -d " " -f 1 | cut -c 9-10`
+ InstallPart=`grep "$InstallDir" /etc/mtab | cut -d " " -f 1`
+ for Name in `lsblk -r | grep disk | cut -f 1 -d " "` ; do
+ if [[ $InstallPart == *"$Name"* ]] ; then
+ InstallDisk="/dev/"$Name
+ PartNum=${InstallPart#$InstallDisk}
+ PartNum=`echo "${PartNum//[!0-9]/}"`
+ break
+ fi
+ done
+ if [[ -z $InstallDisk || -z $PartNum ]] ; then
+ echo "Could not identify ESP in AddBootEntry()!"
+ Problems=1
+ return 1
+ fi
EntryFilename="$TargetDir/$Refind"
EfiEntryFilename=`echo ${EntryFilename//\//\\\}`
EfiEntryFilename2=`echo ${EfiEntryFilename} | sed s/\\\\\\\\/\\\\\\\\\\\\\\\\/g`