#
# Revision history:
#
+# 0.8.7 -- Better detection of Secure Boot mode & fixed errors when copying
+# Shim & MokManager files over themselves; fixed bug that caused
+# inappropriate installation to EFI/BOOT/bootx64.efi
+# 0.8.6 -- Fixed bugs that caused misidentification of ESP on disks with
+# partition numbers over 10 on OS X and misidentification of mount
+# point if already-mounted ESP had space in path.
# 0.8.5 -- Refinement/cleanup of new OS X ESP-as-default policy
# 0.8.4 -- OS X default changed to install to ESP under /EFI/BOOT
# 0.7.9 -- Fixed bug that caused errors if dmraid utility not installed
exit 1
fi
+ echo "ShimSource is $ShimSource"
if [[ "$ShimSource" != "none" ]] ; then
if [[ -f "$ShimSource" ]] ; then
if [[ $ShimType == "shimx64.efi" || $ShimType == "shim.efi" ]] ; then
# Helper for CopyRefindFiles; copies shim files (including MokManager, if it's
# available) to target.
CopyShimFiles() {
- cp -fb "$ShimSource" "$InstallDir/$TargetDir/$TargetShim"
- if [[ $? != 0 ]] ; then
- Problems=1
- fi
- if [[ -f "$MokManagerSource" ]] ; then
- cp -fb "$MokManagerSource" "$InstallDir/$TargetDir/"
+ local inode1=`ls -i "$ShimSource" 2> /dev/null | cut -f 1 -d " "`
+ local inode2=`ls -i "$InstallDir/$TargetDir/$TargetShim" 2> /dev/null | cut -f 1 -d " "`
+ if [[ $inode1 != $inode2 ]] ; then
+ cp -fb "$ShimSource" "$InstallDir/$TargetDir/$TargetShim"
+ if [[ $? != 0 ]] ; then
+ Problems=1
+ fi
fi
- if [[ $? != 0 ]] ; then
- Problems=1
+ inode1=`ls -i "$MokManagerSource" 2> /dev/null | cut -f 1 -d " "`
+ local TargetMMName=`basename $MokManagerSource`
+ inode2=`ls -i "$InstallDir/$TargetDir/$TargetMMName" 2> /dev/null | cut -f 1 -d " "`
+ if [[ $inode1 != $inode2 ]] ; then
+ if [[ -f "$MokManagerSource" ]] ; then
+ cp -fb "$MokManagerSource" "$InstallDir/$TargetDir/"
+ fi
+ if [[ $? != 0 ]] ; then
+ Problems=1
+ fi
fi
} # CopyShimFiles()
DetermineTargetDir() {
Upgrade=0
- if [[ -f $InstallDir/EFI/BOOT/refind.conf ]] ; then
+ if [[ -f $InstallDir/EFI/BOOT/refind.conf && ! -f $InstallDir/EFI/refind/refind.conf ]] ; then
SetVarsForBoot
Upgrade=1
fi
- if [[ -f $InstallDir/EFI/Microsoft/Boot/refind.conf ]] ; then
+ if [[ -f $InstallDir/EFI/Microsoft/Boot/refind.conf && ! -f $InstallDir/EFI/refind/refind.conf ]] ; then
SetVarsForMsBoot
Upgrade=1
fi
- if [[ -f $InstallDir/EFI/refind/refind.conf ]] ; then
+ if [[ -f $InstallDir/EFI/refind/refind.conf && foofoo ]] ; then
TargetDir="/EFI/refind"
- if [[ "$OSName" == 'Darwin' ]] ; then
+ if [[ $ShimSource == "none" ]] ; then
TargetX64="refind_x64.efi"
TargetIA32="refind_ia32.efi"
fi
fi
Esp=/dev/`echo $Temp`
# If the ESP is mounted, use its current mount point....
- Temp=`df -P | grep "$Esp"`
- InstallDir=`echo $Temp | cut -f 6 -d ' '`
+ Temp=`df -P | grep "$Esp "`
+ InstallDir=`echo $Temp | cut -f 6- -d ' '`
if [[ "$InstallDir" == '' ]] ; then
mkdir /Volumes/ESP &> /dev/null
mount -t msdos "$Esp" /Volumes/ESP
<key>ProductName</key>
<string>rEFInd</string>
<key>ProductVersion</key>
- <string>0.8.5</string>
+ <string>0.9.1</string>
</dict>
</plist>
ENDOFHERE
# appropriate options haven't been set, warn the user and offer to abort.
# If we're NOT in Secure Boot mode but the user HAS specified the --shim
# or --localkeys option, warn the user and offer to abort.
-#
-# FIXME: Although I checked the presence (and lack thereof) of the
-# /sys/firmware/efi/vars/SecureBoot* files on my Secure Boot test system
-# before releasing this script, I've since found that they are at least
-# sometimes present when Secure Boot is absent. This means that the first
-# test can produce false alarms. A better test is highly desirable.
CheckSecureBoot() {
- VarFile=`ls -d /sys/firmware/efi/vars/SecureBoot* 2> /dev/null`
- if [[ -n "$VarFile" && "$TargetDir" != '/EFI/BOOT' && "$ShimSource" == "none" ]] ; then
+ local IsSecureBoot
+ if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
+ IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
+ else
+ IsSecureBoot="0"
+ fi
+ if [[ $IsSecureBoot == "1" && "$TargetDir" != '/EFI/BOOT' && "$ShimSource" == "none" ]] ; then
echo ""
- echo "CAUTION: Your computer appears to support Secure Boot, but you haven't"
- echo "specified a valid shim.efi file source. If you've disabled Secure Boot and"
- echo "intend to leave it disabled, this is fine; but if Secure Boot is active, the"
- echo "resulting installation won't boot. You can read more about this topic at"
+ echo "CAUTION: Your computer appears to be booted with Secure Boot, but you haven't"
+ echo "specified a valid shim.efi file source. Chances are you should re-run with"
+ echo "the --shim option. You can read more about this topic at"
echo "http://www.rodsbooks.com/refind/secureboot.html."
echo ""
echo -n "Do you want to proceed with installation (Y/N)? "
fi
fi
- if [[ "$ShimSource" != "none" && ! -n "$VarFile" ]] ; then
+ if [[ "$ShimSource" != "none" && ! $IsSecureBoot == "1" ]] ; then
echo ""
echo "You've specified installing using a shim.efi file, but your computer does not"
echo "appear to be running in Secure Boot mode. Although installing in this way"
fi
fi
- if [[ $LocalKeys != 0 && ! -n "$VarFile" ]] ; then
+ if [[ $LocalKeys != 0 && ! $IsSecureBoot == "1" ]] ; then
echo ""
echo "You've specified re-signing your rEFInd binaries with locally-generated keys,"
echo "but your computer does not appear to be running in Secure Boot mode. The"