GPTSYNC_DIR=gptsync
EFILIB_DIR=EfiLib
export EDK2BASE=/usr/local/UDK2014/MyWorkSpace
-export REFIND_VERSION='L"0.10.0.10"'
+export REFIND_VERSION='L"0.10.0.11"'
# The "all" target builds with the TianoCore library if possible, but falls
# back on the more easily-installed GNU-EFI library if TianoCore isn't
-refind (0.10.0-1) UNRELEASED; urgency=medium
+refind (0.10.0.11-0ppa9) trusty; urgency=medium
- * Initial release (Closes: #715426)
+ * Version bump
- -- Tianon Gravi <tianon@debian.org> Wed, 25 Nov 2015 09:07:15 -0800
+ -- Roderick Smith <rodsmith@rodsbooks.com> Wed, 09 Dec 2015 12:52:52 -0500
+
+refind (0.10.0-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sun, 08 Nov 2015 16:53:35 -0500
+
+refind (0.9.2-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sat, 19 Sep 2015 10:42:58 -0400
+
+refind (0.9.1-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sun, 13 Sep 2015 17:14:29 -0400
+
+refind (0.9.0-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sun, 26 Jul 2015 12:36:11 -0400
+
+refind (0.8.7-0ppa2) trusty; urgency=medium
+
+ * Fix Debian packaging error affecting IA32 platforms
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Thu, 19 Mar 2015 20:25:03 -0400
+
+refind (0.8.7-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sun, 01 Mar 2015 18:32:25 -0500
+
+refind (0.8.6-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Roderick Smith <rodsmith@rodsbooks.com> Sun, 08 Feb 2015 09:38:43 -0500
+
+refind (0.8.4-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Rod Smith <rodsmith@rodsbooks.com> Mon, 08 Dec 2014 12:28:56 -0400
+
+refind (0.8.3-0ppa1) trusty; urgency=medium
+
+ * Version bump
+
+ -- Rod Smith <rodsmith@rodsbooks.com> Sun, 06 Jul 2014 12:28:56 -0400
+
+refind (0.8.2-0ppa3) trusty; urgency=medium
+
+ * Removed stray debugging code that caused pause during startup
+
+ -- Rod Smith <rodsmith@rodsbooks.com> Sun, 08 Jun 2014 16:48:48 -0400
+
+refind (0.8.2-0ppa2) trusty; urgency=medium
+
+ * Version bump
+
+ -- Rod Smith <rodsmith@rodsbooks.com> Sun, 08 Jun 2014 12:32:48 -0400
+
+refind (0.8.1-0ppa2) trusty; urgency=medium
+
+ * Revised Debian package to not use version numbers in /usr/share directory names
+
+ -- Rod Smith <rodsmith@louiswu.rodsbooks.com> Fri, 16 May 2014 14:57:11 -0400
+
+refind (0.8.0-0ppa1) trusty; urgency=medium
+
+ * Updated for version 0.8.0
+
+ -- Rod Smith <rod.smith@canonical.com> Fri, 16 May 2014 09:01:45 -0400
+
+refind (0.7.8-0ppa1) trusty; urgency=low
+
+ [ Roderick W. Smith ]
+ * Initial release. (Closes: #1136112)
+
+ -- Rod Smith <rod.smith@canonical.com> Sun, 9 Mar 2014 07:59:50 -0500
--- /dev/null
+#!/bin/sh
+
+set -e
+
+. /usr/share/debconf/confmodule
+
+db_input high refind/install_to_esp || true
+
+db_go || true
Package: refind
Architecture: amd64 i386 arm64
-Depends: efibootmgr, openssl, parted, ${misc:Depends}
+Depends: debconf, efibootmgr, openssl, parted, ${misc:Depends}
Description: boot manager for EFI-based computers
A graphical boot manager for EFI- and UEFI-based computers, such as all
Intel-based Macs and recent (most 2011 and later) PCs. rEFInd presents a
--- /dev/null
+[type: gettext/rfc822deb] templates
--- /dev/null
+# SOME DESCRIPTIVE TITLE.
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.
+#
+#, fuzzy
+msgid ""
+msgstr ""
+"Project-Id-Version: refind\n"
+"Report-Msgid-Bugs-To: refind@packages.debian.org\n"
+"POT-Creation-Date: 2015-12-09 13:29-0500\n"
+"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
+"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
+"Language-Team: LANGUAGE <LL@li.org>\n"
+"Language: \n"
+"MIME-Version: 1.0\n"
+"Content-Type: text/plain; charset=CHARSET\n"
+"Content-Transfer-Encoding: 8bit\n"
+
+#. Type: boolean
+#. Description
+#: ../templates:1001
+msgid "Automatically install rEFInd to the ESP?"
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../templates:1001
+msgid ""
+"It is necessary to install rEFInd to the EFI System Partition (ESP) for it "
+"to control the boot process."
+msgstr ""
+
+#. Type: boolean
+#. Description
+#: ../templates:1001
+#, no-c-format
+msgid ""
+"Not installing the new rEFInd binary on the ESP may leave the system in an "
+"unbootable state. Alternatives to automatically installing rEFInd include "
+"running /usr/sbin/refind-install by hand or installing the rEFInd binaries "
+"manually by copying them from subdirectories of /usr/share/refind-%Version."
+msgstr ""
set -e
-# Remove any existing NVRAM entry for rEFInd, to avoid creating a duplicate.
-ExistingEntry=`efibootmgr | grep "rEFInd Boot Manager" | cut -c 5-8`
-if [[ -n $ExistingEntry ]] ; then
- efibootmgr --bootnum $ExistingEntry --delete-bootnum &> /dev/null
+if [ -f /usr/share/debconf/confmodule ] ; then
+ . /usr/share/debconf/confmodule
fi
-cd /usr/share/refind
+install_to_esp() {
+ # Remove any existing NVRAM entry for rEFInd, to avoid creating a duplicate.
+ ExistingEntry=`efibootmgr | grep "rEFInd Boot Manager" | cut -c 5-8`
+ if [[ -n $ExistingEntry ]] ; then
+ efibootmgr --bootnum $ExistingEntry --delete-bootnum &> /dev/null
+ fi
-if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
- IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
-else
- IsSecureBoot="0"
-fi
-# Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
-# present, the script uses shim rather than PreLoader.
-declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
-if [[ ! -n $ShimFile ]] ; then
- declare ShimFile=`find /boot -name PreLoader\.efi 2> /dev/null | head -n 1`
-fi
-declare SBSign=`which sbsign 2> /dev/null`
-declare OpenSSL=`which openssl 2> /dev/null`
-
-# Run the rEFInd installation script. Do so with the --shim option
-# if Secure Boot mode is suspected and if a shim program can be
-# found, or without it if not. If a shim installation is attempted
-# and the sbsign and openssl programs can be found, do the install
-# using a local signing key. Note that this option is undesirable
-# for a distribution, since it would then require the user to
-# enroll an extra MOK. I'm including it here because I'm NOT a
-# distribution maintainer, and I want to encourage users to use
-# their own local keys.
-if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
- if [[ -n $SBSign && -n $OpenSSL ]] ; then
- ./refind-install --shim $ShimFile --localkeys --yes
- else
- ./refind-install --shim $ShimFile --yes
- fi
-else
- if [[ -n $SBSign && -n $OpenSSL ]] ; then
- ./refind-install --localkeys --yes
- else
- ./refind-install --yes
- fi
-fi
+ cd /usr/share/refind
+
+ if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
+ IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
+ else
+ IsSecureBoot="0"
+ fi
+ # Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
+ # present, the script uses shim rather than PreLoader.
+ declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
+ if [[ ! -n $ShimFile ]] ; then
+ declare ShimFile=`find /boot -name PreLoader\.efi 2> /dev/null | head -n 1`
+ fi
+ declare SBSign=`which sbsign 2> /dev/null`
+ declare OpenSSL=`which openssl 2> /dev/null`
+
+ # Run the rEFInd installation script. Do so with the --shim option
+ # if Secure Boot mode is suspected and if a shim program can be
+ # found, or without it if not. If a shim installation is attempted
+ # and the sbsign and openssl programs can be found, do the install
+ # using a local signing key. Note that this option is undesirable
+ # for a distribution, since it would then require the user to
+ # enroll an extra MOK. I'm including it here because I'm NOT a
+ # distribution maintainer, and I want to encourage users to use
+ # their own local keys.
+ if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
+ if [[ -n $SBSign && -n $OpenSSL ]] ; then
+ ./refind-install --shim $ShimFile --localkeys --yes
+ else
+ ./refind-install --shim $ShimFile --yes
+ fi
+ else
+ if [[ -n $SBSign && -n $OpenSSL ]] ; then
+ ./refind-install --localkeys --yes
+ else
+ ./refind-install --yes
+ fi
+ fi
+} # install_to_esp()
+
+#
+# Main part of script begins
+#
+
+case "$1" in
+ configure)
+ db_get refind/install_to_esp || true;
+ if [ x"$RET" = x"true" ]; then
+ echo "Installing rEFInd to the ESP..."
+ install_to_esp
+ else
+ echo "** Not installing rEFInd to the ESP! **"
+ echo "If you want rEFInd to control the boot process, you can do so by runing:"
+ echo ""
+ echo "dpkg-reconfigure refind"
+ echo ""
+ fi
+ ;;
+
+ reconfigure)
+ db_get refind/install_to_esp || true;
+ if [ x"$RET" = x"true" ]; then
+ echo "Installing rEFInd to the ESP..."
+ install_to_esp
+ else
+ echo "If rEFInd was previously configured to be your primary boot manager, you must"
+ echo "use efibootmgr to set the computer to boot with something else."
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ exit 0
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 0
+ ;;
+esac
--- /dev/null
+Template: refind/install_to_esp
+Type: boolean
+Default: true
+_Description: Automatically install rEFInd to the ESP?
+ It is necessary to install rEFInd to the EFI System Partition (ESP) for
+ it to control the boot process.
+ .
+ Not installing the new rEFInd binary on the ESP may leave the system in an
+ unbootable state. Alternatives to automatically installing rEFInd include
+ running /usr/sbin/refind-install by hand or installing the rEFInd binaries
+ manually by copying them from subdirectories of /usr/share/refind-{version}.
# Sign a single binary. Requires parameters:
# $1 = source file
# $2 = destination file
-# Also assumes that the SBSign, PESign, UseSBSign, UsePESign, and various key variables are set
-# appropriately.
+# Also assumes that the SBSign and various key variables are set appropriately.
# Aborts script on error
SignOneBinary() {
- $SBSign --key "$PrivateKey" --cert "$CertKey" --output "$2" "$1"
- if [[ $? != 0 ]] ; then
+ $SBSign --key "$PrivateKey" --cert "$CertKey" --output "$2" "$1" 2>&1 >/dev/null | \
+ grep -v "data remaining.*gaps between PE/COFF sections"
+ if [[ "${PIPESTATUS[0]}" != 0 ]] ; then
echo "Problem signing the binary $1! Aborting!"
exit 1
fi