+# }}}
+
+# grub boot {{{
+grub_setup() {
+ BOOTX64="/boot/bootx64.efi"
+ BOOTX32="/boot/bootia32.efi"
+ EFI_IMG="/boot/efi.img"
+
+ if [[ "$ARCH" == "amd64" ]] ; then
+ # important: this depends on execution of ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images
+ if ! [ -r "${CHROOT_OUTPUT}/${BOOTX64}" ] ; then
+ log "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX64}, required for Secure Boot support"
+ eerror "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX64}, required for Secure Boot support" ; eend 1
+ log "Possible reason is failure to run ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images"
+ ewarn "Possible reason is failure to run ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images"
+ bailout 50
+ fi
+
+ dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs=4M count=1 2>/dev/null || bailout 50
+ mkfs.vfat -n GRML "${CHROOT_OUTPUT}/${EFI_IMG}" >/dev/null || bailout 51
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI || bailout 52
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI/BOOT || bailout 52
+
+ if [ "${SECURE_BOOT:-}" = "disable" ] ; then
+ log "Secure Boot is disabled."
+ einfo "Secure Boot is disabled." ; eend 0
+
+ # install "$BOOTX64" as ::EFI/BOOT/bootx64.efi inside image file "$EFI_IMG":
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${CHROOT_OUTPUT}/${BOOTX64}" ::EFI/BOOT/bootx64.efi >/dev/null || bailout 53
+
+ log "Generated 64-bit EFI image $BOOTX64"
+ einfo "Generated 64-bit EFI image $BOOTX64" ; eend 0
+ else
+ case "${SECURE_BOOT}" in
+ disable*)
+ log "Secure Boot is disabled [mode: ${SECURE_BOOT}]"
+ einfo "Secure Boot is disabled [mode: ${SECURE_BOOT}]" ; eend 0
+ ;;
+ debian|ubuntu)
+ log "Secure Boot is enabled [mode: ${SECURE_BOOT}]"
+ einfo "Secure Boot is enabled [mode: ${SECURE_BOOT}]" ; eend 0
+
+ local GRUBCFG_TEMPLATE="${TEMPLATE_DIRECTORY}/secureboot/grub.cfg"
+ local GRUBCFG_TMP=$(mktemp)
+
+ if ! [ -r "${GRUBCFG_TEMPLATE}" ] ; then
+ log "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found."
+ eerror "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found." ; eend 1
+ bailout 54
+ fi
+
+ cp "${GRUBCFG_TEMPLATE}" "${GRUBCFG_TMP}"
+ adjust_boot_files "${GRUBCFG_TMP}"
+
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::boot || bailout 55
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::boot/grub || bailout 55
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${GRUBCFG_TMP}" ::boot/grub/grub.cfg || bailout 56
+
+ rm "${GRUBCFG_TMP}"
+
+ if [ -r "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed" ] ; then
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed" ::EFI/BOOT/grubx64.efi >/dev/null || bailout 57
+ else
+ log "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed' not found."
+ eerror "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed' not found." ; eend 1
+ bailout 57
+ fi
+
+ if [ -r "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed" ] ; then
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed" ::EFI/BOOT/bootx64.efi >/dev/null || bailout 58
+ else
+ log "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed' not found."
+ eerror "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed' not found." ; eend 1
+ bailout 57
+ fi
+
+ log "Generated 64-bit Secure Boot (${SECURE_BOOT}) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}"
+ einfo "Generated 64-bit Secure Boot (${SECURE_BOOT}) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}" ; eend 0
+ ;;
+ *)
+ log "Secure Boot method '${SECURE_BOOT}' is unsupported."
+ eerror "Secure Boot method '${SECURE_BOOT}' is unsupported." ; eend 1
+ bailout 59
+ ;;
+ esac
+ fi
+ fi
+
+ if [[ "$ARCH" == "i386" ]] ; then
+ if ! [ -r "${CHROOT_OUTPUT}/${BOOTX32}" ] ; then
+ log "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX32}."
+ eerror "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX32}." ; eend 1
+ log "Possible reason is failure to run ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images"
+ ewarn "Possible reason is failure to run ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images"
+ bailout 50
+ fi
+
+ dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs=4M count=1 2>/dev/null || bailout 50
+ mkfs.vfat -n GRML "${CHROOT_OUTPUT}/${EFI_IMG}" >/dev/null || bailout 51
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI || bailout 52
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI/BOOT || bailout 52
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${CHROOT_OUTPUT}/${BOOTX32}" ::EFI/BOOT/bootia32.efi >/dev/null || bailout 53
+ log "Generated 32-bit EFI image $BOOTX32"
+ einfo "Generated 32-bit EFI image $BOOTX32" ; eend 0
+ fi
+}
+# }}}
+
+# BUILD_OUTPUT - execute arch specific stuff and squashfs {{{
+[ -n "$BUILD_OUTPUT" ] || BUILD_OUTPUT="$OUTPUT/grml_cd"
+mkdir -p "$BUILD_OUTPUT" || bailout 6 "Problem with creating $BUILD_OUTPUT for stage ARCH"
+
+# prepare ISO
+if [ "$ARCH" = i386 ] || [ "$ARCH" = amd64 ] ; then
+ if [ -n "$BOOTSTRAP_ONLY" ] ; then
+ log "Skipping stage 'boot' as building with bootstrap only."
+ ewarn "Skipping stage 'boot' as building with bootstrap only." ; eend 0
+ else
+ # booting stuff:
+ mkdir -p "$BUILD_OUTPUT"/boot/isolinux
+ mkdir -p "$BUILD_OUTPUT"/boot/"${SHORT_NAME}"
+
+ # if we don't have an initrd we a) can't boot and b) there was an error
+ # during build, so check for the file:
+ INITRD="$(ls $CHROOT_OUTPUT/boot/initrd* 2>/dev/null| grep -v '.bak$' | sort -r | head -1)"
+ if [ -n "$INITRD" ] ; then
+ cp $INITRD "$BUILD_OUTPUT"/boot/"${SHORT_NAME}"/initrd.img
+ find $CHROOT_OUTPUT/boot/ -name initrd\*.bak -exec rm {} \;
+ else
+ log "Error: No initrd found inside $CHROOT_OUTPUT/boot/ - Exiting"
+ eerror "Error: No initrd found inside $CHROOT_OUTPUT/boot/ - Exiting" ; eend 1
+ bailout 10
+ fi
+
+ KERNEL_IMAGE="$(ls $CHROOT_OUTPUT/boot/vmlinuz* 2>/dev/null | sort -r | head -1)"
+ if [ -n "$KERNEL_IMAGE" ] ; then
+ cp "$KERNEL_IMAGE" "$BUILD_OUTPUT"/boot/"${SHORT_NAME}"/vmlinuz
+ else
+ log "Error: No kernel found inside $CHROOT_OUTPUT/boot/ - Exiting"
+ eerror "Error: No kernel found inside $CHROOT_OUTPUT/boot/ - Exiting" ; eend 1
+ bailout 11
+ fi
+
+ # we need to set "$BOOTID" before we invoke adjust_boot_files for the
+ # first time, being inside grub_setup below
+ if [ -n "$NO_BOOTID" ] ; then
+ log 'Skipping bootid feature as requested via $NO_BOOTID.'
+ einfo 'Skipping bootid feature as requested via $NO_BOOTID.'
+ else
+ [ -n "$BOOTID" ] || BOOTID="$(echo ${GRML_NAME}${VERSION} | tr -d ',./;\- ')"
+ mkdir -p "$BUILD_OUTPUT"/conf
+ einfo "Generating /conf/bootid.txt with entry ${BOOTID}."
+ log "Generating /conf/bootid.txt with entry ${BOOTID}."
+ echo "$BOOTID" > "$BUILD_OUTPUT"/conf/bootid.txt
+ eend $?
+ fi
+
+ # every recent Grml ISO ships a /conf/bootid.txt, though GRUB might find
+ # the /conf/bootid.txt of a different (Grml) ISO than the one that's
+ # supposed to be running, so within scripts/GRMLBASE/45-grub-images
+ # we generate a random filename, stored inside /boot/grub/bootfile.txt,
+ # which we place on the resulting ISO here
+ if [ -r "${CHROOT_OUTPUT}"/boot/grub/bootfile.txt ] ; then
+ mkdir -p "${BUILD_OUTPUT}"/conf
+ rm -f "${BUILD_OUTPUT}"/conf/bootfile* # ensure we don't leave any old(er) files behind
+
+ einfo "Generating "${BUILD_OUTPUT}"/conf/bootfile* files"
+ log "Generating "${BUILD_OUTPUT}"/conf/bootfile* files"
+
+ BOOT_FILE="/conf/bootfile_$(cat "${CHROOT_OUTPUT}"/boot/grub/bootfile.txt)"
+ echo "# This file is relevant for GRUB boot with the Grml ISO." > "${BUILD_OUTPUT}/${BOOT_FILE}"
+ # save information about the random filename inside /conf/bootfile.txt
+ echo "${BOOT_FILE}" > "${BUILD_OUTPUT}"/conf/bootfile.txt
+ eend $?
+ fi
+
+ grub_setup
+
+ # EFI boot files
+ if [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootx64.efi" ] ; then
+ einfo "Copying 64-bit EFI boot files into ISO path."
+ log "Copying 64-bit EFI boot files into ISO path."
+ RC=$0
+ cp "${CHROOT_OUTPUT}/boot/efi.img" "${BUILD_OUTPUT}/boot/" || RC=$?
+ mkdir -p "${BUILD_OUTPUT}/EFI/BOOT/" || RC=$?
+ cp "${CHROOT_OUTPUT}/boot/bootx64.efi" "${BUILD_OUTPUT}/EFI/BOOT/bootx64.efi" || RC=$?
+ eend $?
+ elif [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootia32.efi" ] ; then
+ einfo "Copying 32-bit EFI boot files into ISO path."
+ log "Copying 32-bit EFI boot files into ISO path."
+ RC=$0
+ cp "${CHROOT_OUTPUT}/boot/efi.img" "${BUILD_OUTPUT}/boot/" || RC=$?
+ mkdir -p "${BUILD_OUTPUT}/EFI/BOOT/" || RC=$?
+ cp "${CHROOT_OUTPUT}/boot/bootia32.efi" "${BUILD_OUTPUT}/EFI/BOOT/bootia32.efi" || RC=$?
+ eend $?
+ else
+ ewarn "No EFI boot files found, skipping." ; eend 0
+ fi
+
+ [ -n "$TEMPLATE_DIRECTORY" ] || TEMPLATE_DIRECTORY='/usr/share/grml-live/templates'
+ if ! [ -d "${TEMPLATE_DIRECTORY}"/boot ] ; then
+ log "Error: ${TEMPLATE_DIRECTORY}/boot does not exist. Exiting."
+ eerror "Error: ${TEMPLATE_DIRECTORY}/boot does not exist. Exiting." ; eend 1
+ bailout 8
+ fi
+
+ # copy _required_ isolinux files
+ if [ -d "${CHROOT_OUTPUT}/usr/lib/ISOLINUX" ] ; then
+ copy_addon_file isolinux.bin /usr/lib/ISOLINUX isolinux
+ for file in ${CHROOT_OUTPUT}/usr/lib/syslinux/modules/bios/*.c32 ; do
+ copy_addon_file "$(basename "$file")" /usr/lib/syslinux/modules/bios/ isolinux
+ done
+ else # syslinux versions <= 3:4.05+dfsg-6+deb8u1
+ copy_addon_file isolinux.bin /usr/lib/syslinux isolinux
+ copy_addon_file ifcpu64.c32 /usr/lib/syslinux isolinux
+ copy_addon_file vesamenu.c32 /usr/lib/syslinux isolinux
+ fi
+
+ # *always* copy files to output directory so the variables
+ # get adjusted according to the build.
+ cp ${TEMPLATE_DIRECTORY}/boot/isolinux/* "$BUILD_OUTPUT"/boot/isolinux/
+
+ mkdir -p "${BUILD_OUTPUT}/boot/grub"
+ cp -a ${TEMPLATE_DIRECTORY}/boot/grub/* "$BUILD_OUTPUT"/boot/grub/
+
+ if [ -n "$NO_ADDONS" ] ; then
+ rm -f "$BUILD_OUTPUT"/boot/grub/addons.cfg
+ log "Skipping installation of boot addons as requested via \$NO_ADDONS."
+ einfo "Skipping installation of boot addons as requested via \$NO_ADDONS."; eend 0
+ else
+ if ! [ -r "$TEMPLATE_DIRECTORY"/boot/addons ] ; then
+ log "Boot addons not found, skipping therefore. (Consider installing package grml-live-addons)"
+ ewarn "Boot addons not found, skipping therefore. (Consider installing package grml-live-addons)" ; eend 0
+ else
+ log "Installing boot addons."
+ einfo "Installing boot addons."
+
+ # copy addons from system packages or grml-live-addons
+ copy_addon_file ipxe.lkrn /usr/lib/ipxe addons
+ copy_addon_file ipxe.efi /usr/lib/ipxe addons
+ copy_addon_file pci.ids /usr/share/misc addons
+ copy_addon_file memtest86+.bin /boot addons
+
+ # since syslinux(-common) v3:6.03~pre1+dfsg-4 the files are in a
+ # different directory :(
+ if [ -d "${CHROOT_OUTPUT}/usr/lib/syslinux/modules/bios/" ] ; then
+ syslinux_modules_dir=/usr/lib/syslinux/modules/bios/
+ else
+ syslinux_modules_dir=/usr/lib/syslinux
+ fi
+ for file in chain.c32 hdt.c32 mboot.c32 menu.c32; do
+ copy_addon_file "${file}" "${syslinux_modules_dir}" addons
+ done