# export SCRIPTS_DIRECTORY=$(pwd)/scripts
# export LIVE_CONF=$(pwd)/etc/grml/grml-live.conf
# export TEMPLATE_DIRECTORY=$(pwd)/templates
+ # ln -s ../../../grml-live-grml/templates/boot/addons templates/boot/ # optional
# ./grml-live -s sid -a amd64 -c GRMLBASE,GRML_FULL,AMD64
+grml-live (0.47.6) unstable; urgency=medium
+
+ * [642ff89] docs: update instructions for basefile creation to include
+ capabilities
+
+ -- Michael Prokop <mika@grml.org> Sat, 24 Feb 2024 10:56:00 +0100
+
+grml-live (0.47.5) unstable; urgency=medium
+
+ * Software related changes:
+ - [922087b] drop dmraid from GRML_FULL + GRML_SMALL
+ * [ee314fb] templates: drop deprecated nodmraid boot option and update
+ grml-cheatcodes.txt
+
+ -- Michael Prokop <mika@grml.org> Fri, 02 Feb 2024 16:52:57 +0100
+
+grml-live (0.47.4) unstable; urgency=medium
+
+ * [bdf9b40] grml-cheatcodes.txt: drop URL for no-longer existing live-
+ initramfs.en.7.txt
+ * [06e703a] Fix usage of FAI's shell.log vs. scripts.log
+ * Software related changes:
+ - [e0a2d0b] add xxd to GRML_SMALL + GRML_FULL
+ - [dca230e] add memtest86+ to GRML_FULL (amd64/i386 only)
+
+ -- Michael Prokop <mika@grml.org> Fri, 02 Feb 2024 16:04:31 +0100
+
+grml-live (0.47.3) unstable; urgency=medium
+
+ * Software related changes:
+ - [c30d41f] add zstd to GRML_SMALL. Thanks to Marc Haber
+
+ -- Michael Prokop <mika@grml.org> Mon, 15 Jan 2024 12:35:35 +0100
+
+grml-live (0.47.2) unstable; urgency=medium
+
+ [ Michael Prokop ]
+ * [94ef34a] templates/boot/isolinux/f10: use https and replace freenode
+ with oftc
+ * [69fe8e2] grml-docs/startpage.html: rework and update instructions
+ * [cbbab37] templates/boot/grub/%SHORT_NAME%_options.cfg: fix missing
+ quotes
+
+ [ Darshaka Pathirana ]
+ * [4e76a27] Remove Grml release name from the boot options
+
+ -- Michael Prokop <mika@grml.org> Sat, 23 Dec 2023 13:22:32 +0100
+
+grml-live (0.47.1) unstable; urgency=medium
+
+ [ Michael Prokop ]
+ * Software related changes:
+ - [892768a] ship xserver-xorg-video-intel with grml32-full
+ - [f123b91] drop thin-provisioning-tools from GRML_FULL
+
+ [ Darshaka Pathirana ]
+ * [c0460ec] Unify boot options order
+
+ -- Michael Prokop <mika@grml.org> Fri, 01 Dec 2023 12:39:26 +0100
+
+grml-live (0.47.0) unstable; urgency=medium
+
+ * [f365415] Add debootstrap to Depends
+ * [1a9a788] Rework memtest handling, incl. usage of latest available
+ memtest file
+ * [e57c3ad] templates/boot/grub/addons: use chainloader instead of
+ linuxefi
+
+ -- Michael Prokop <mika@grml.org> Thu, 19 Oct 2023 17:24:51 +0200
+
+grml-live (0.46.1) unstable; urgency=medium
+
+ * [b041d9e] grml-live-remaster: aufs got replaced by overlay.
+ Thanks to Alhyene for the patch
+ * Software related changes:
+ - [3faa4ab] add toilet to GRML_SMALL + GRML_FULL and
+ lolcat to GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Thu, 14 Sep 2023 18:24:41 +0200
+
+grml-live (0.46.0) unstable; urgency=medium
+
+ The "hello arm64 / aarch64" release
+
+ * [f0c9fee] Drop deprecated GRMLBASE/93-update-usbids (update-usbids
+ is gone)
+ * [cb68d92] GRMLBASE/91-update-pciids: also ignore exit code 1
+ * [74c4bce] Support FAI's newer scripts.log, as used with FAI
+ versions >=6.0
+ * [e530f07] Provide workaround for dhcpcd/isc-dhcp-client + cloud-init
+ for bookworm. Thanks to János Pásztor for the bug report
+ * [e1a5504] Initial arm64 / aarch64 support
+ * Software related changes:
+ - [97f7e34] install architecture specific fwupd-signed packages
+
+ -- Michael Prokop <mika@grml.org> Fri, 08 Sep 2023 18:00:52 +0200
+
+grml-live (0.45.0) unstable; urgency=medium
+
+ * [d6d5fee] Drop depends on fai-server. Thanks to András Korn
+ * [75e65f3] Deprecate FAI's make-fai-nfsroot.conf
+ * [29d5e28] Update zsh completion + ship it via Debian package
+ * [5730180] Add support for Debian/trixie (current Debian/testing)
+ Thanks to cb <christopher@bocki.com> for the PR
+ * Software related changes:
+ - [8359ac7] add lz4 to GRML_FULL. Thanks to willmcginnis
+ for the suggestion
+ - [fe23a7a] drop dstat (unmaintained upstream)
+ - [0adb425] ship fwupd with fwupd-signed + policykit-1 +
+ udisks2 for firmware updates
+
+ -- Michael Prokop <mika@grml.org> Fri, 11 Aug 2023 19:32:56 +0200
+
+grml-live (0.44.0) unstable; urgency=medium
+
+ * [7005037] grml-cheatcodes.txt: document usage of
+ bootfrom=/dev/disk/by-label* + drop deprecated tohd.
+ Thanks to Csillag Tamas
+ * [bac3076] No longer bootstrap with --no-merged-usr.
+ Thanks to Csillag Tamas for reporting
+ * [00d296a] DEBIAN_STABLE: enable non-free-firmware component
+ and use stable-backports
+ * Software related changes:
+ - [7eb1881] add f3 to GRML_FULL.
+ Thanks to Keith Irwin for the suggestion
+ - [3152440] add gdisk to GRML_SMALL
+ - [e7ada95] switch from isc-dhcp-client to dhcpcd.
+ Thanks to András Korn for the suggestion
+
+ -- Michael Prokop <mika@grml.org> Fri, 30 Jun 2023 14:25:46 +0200
+
+grml-live (0.43.2) unstable; urgency=medium
+
+ * [842c047] Increase EFI image size when using Secure Boot on amd64.
+ Thanks to János Pásztor for bugreport and initial patch
+
+ -- Michael Prokop <mika@grml.org> Thu, 23 Feb 2023 12:37:12 +0100
+
+grml-live (0.43.1) unstable; urgency=medium
+
+ * [721a473] Secure Boot: update grub and shim binaries.
+ Thanks to János Pásztor for bugreport and PR
+ * [6f345c1] Use serial console with 115200n8 by default.
+ Thanks to anarcat for bugreport
+ * [cd1b0e9] Drop deprecated /etc/inittab configuration files
+ * [f771ff8] Update debian/copyright
+ * [c7d7687] Update Vcs-git header to use github.com
+ * [dfec112] Bump Standards-Version to 4.6.2
+ * Software related changes:
+ - [b55c661] drop firmware-ath9k-htc (provided by firmware-atheros)
+
+ -- Michael Prokop <mika@grml.org> Mon, 20 Feb 2023 14:19:26 +0100
+
+grml-live (0.43.0) unstable; urgency=medium
+
+ The "Good Riddance" release
+
+ * [d1575f1] Drop /etc/grml/fai/config/files/etc/lsb-base-
+ logging.sh/GRMLBASE
+ * [a4d3b31] Ship custom tmpfiles.d configuration to avoid man-db cache
+ removal. Thanks to 2f2a and Darshaka Pathirana
+ * [87ea3f5] Support new non-free-firmware component
+ * [19b3f2b] Add non-free component to security.debian.org repository of
+ old Debian releases
+ * [1f5167a] Update examples/reprepro/conf to a more recent Debian
+ release
+ * [5a77db4] Drop support for lenny, squeeze, wheezy, jessie, stretch +
+ buster Debian releases and default to bookworm
+ * [19a0467] Drop file-rc support
+
+ -- Michael Prokop <mika@grml.org> Fri, 03 Feb 2023 17:52:32 +0100
+
+grml-live (0.42.2) unstable; urgency=medium
+
+ * [c55290b] GRMLBASE/39-modprobe: do not expect all files in
+ /etc/modprobe.d to be used
+ * [1aa1823] GRMLBASE/39-modprobe: avoid usage of
+ /lib/modprobe.d/50-nfs.conf
+ * [ed733f2] Revert "Set SHELL variable in tty1"
+ * [2013537] Revert "Run zsh when starting screen"
+
+ -- Michael Prokop <mika@grml.org> Fri, 25 Nov 2022 11:57:09 +0100
+
+grml-live (0.42.1) unstable; urgency=medium
+
+ [ Michael Prokop ]
+ * Software related changes:
+ - [797426b] add hping3 to GRML_FULL
+ - [19a81f4] add tmux to GRML_SMALL
+ - [2bb0740] re-add xfsdump to GRML_FULL
+ - [acf26ea] add espeak-ng
+ - [134a171] re-add ifenslave to GRML_SMALL and GRML_FULL
+ - [74dcb54] add mtx to GRML_FULL
+
+ [ Darshaka Pathirana ]
+ * [7422d31] Set SHELL variable in tty1
+
+ -- Michael Prokop <mika@grml.org> Fri, 11 Nov 2022 17:07:55 +0100
+
+grml-live (0.42.0) unstable; urgency=medium
+
+ The "happy carnival" release
+
+ * [c01a86b] Support Memtest86+ with UEFI
+ * [ea1e5ea] Provide workaround for kmod/initramfs-tools issue with
+ NFS/netboot. Thanks to András Korn
+
+ -- Michael Prokop <mika@grml.org> Fri, 11 Nov 2022 10:23:23 +0100
+
+grml-live (0.41.2) unstable; urgency=medium
+
+ * [bb84a88] Deploy default /etc/locale.conf, to avoid systemd-firstboot
+ prompting during bootup
+ * [6d6606f] /etc/fstab: fix note from rebuilfstab->grml-udev-
+ rebuildfstab switch. Thanks to Christoph Biedl for reporting
+ * [c137314] Drop SYSTEMD package config file, no longer relevant. Thanks
+ to András Korn for reporting
+ * [cff6607] Provide apt sources.list file to support 'bookworm' as
+ Debian suite
+ * Software related changes:
+ - [33f9c6c] drop firmware-intelwimax package from GRMLBASE
+
+ -- Michael Prokop <mika@grml.org> Mon, 07 Nov 2022 21:25:47 +0100
+
+grml-live (0.41.1) unstable; urgency=medium
+
+ [ András Korn ]
+ * [48f94bb] Add support for building grml ISOs with zfs
+
+ [ Michael Prokop ]
+ * [6d869c1] ssh.service: avoid indirection via /bin/sh + do not run test
+ mode in ExecStartPre
+ * [8d93bbb] ssh.service: fix ssh-keygen usage
+ * [541a6ce] Replace egrep usage with grep -E
+ * Software related changes:
+ - [e528680] drop xfsdump from GRML_FULL
+ - [37addd3] drop mercurial from GRML_FULL
+ - [8daed70] drop subversion from GRML_FULL
+ - [da5e5ca] drop tshark + wireshark from GRML_FULL
+ - [c22b14e] drop facter, mcollective + puppet from GRML_FULL
+ - [bb35e69] re-add firmware-ath9k-htc to GRMLBASE
+ - [309a8e7] re-add iptstate to GRML_SMALL + GRML_FULL
+ - [9c9bd3f] re-add fluxbox and drop openbox + obconf in GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Mon, 10 Oct 2022 18:53:40 +0200
+
+grml-live (0.41.0) unstable; urgency=medium
+
+ [ András Korn ]
+ * [7e7a352] Exclude /var/lib/dkms/* from squashfs
+ * [6e5c0af] Avoid build error if etc/adjtime doesn't exist in chroot
+ * [8459108] Add ZFS fai class
+ * [c289d2f] Add comment about dwarves (can be needed to build kernel
+ modules)
+
+ [ Michael Prokop ]
+ * [ad202c1] docs: document new ZFS class
+ * Software related changes:
+ - [b2ab701] switch from bsdmainutils to bsdextrautils + bsdutils in
+ GRML_SMALL + GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Wed, 17 Aug 2022 13:30:33 +0200
+
+grml-live (0.40.3) unstable; urgency=medium
+
+ * [482cb8d] GRMLBASE/50-lvm: also clear /lib/udev/rules.d/69-lvm.rules
+ * [f131526] GRMLBASE/21-usersetup: use adduser for adding user to group
+
+ -- Michael Prokop <mika@grml.org> Thu, 28 Jul 2022 10:58:44 +0200
+
+grml-live (0.40.2) unstable; urgency=medium
+
+ * [1d02eb2] Disable man-db settings to speed up package installation.
+ Thanks to Thorsten Glaser for the suggestion
+ * Software related changes:
+ - [63e3a60] add stenc to GRML_FULL
+ - [0989e6c] add mbuffer to GRML_FULL
+ - [94bec0b] add sqlite3 to GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Fri, 03 Jun 2022 14:33:53 +0200
+
+grml-live (0.40.1) unstable; urgency=medium
+
+ * Software related changes:
+ - [3edddae] move from ntp/ntpdate to ntpsec/ntpsec-ntpdate in
+ GRML_SMALL + GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Wed, 20 Apr 2022 14:48:15 +0200
+
+grml-live (0.40.0) unstable; urgency=medium
+
+ * [50d26fb] buildinfo generation: avoid error message with older
+ versions of jo
+ * [581da74] Use grubx64.efi file from grml_chroot, instead of relying on
+ host system
+ * [27016a8] Redesign RELEASE_INFO handling + fix variable replacements
+ within templates
+ * Software related changes:
+ - [47c2f47] replace fluxbox with openbox + obconf in GRML_FULL
+ - [affb053] drop bonnie++ from GRML_FULL
+ - [b5165f0] add myrescue to GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Mon, 21 Mar 2022 16:18:34 +0100
+
+grml-live (0.39.2) unstable; urgency=medium
+
+ [ Michael Prokop ]
+ * Software related changes:
+ - [46732ed] drop ifenslave from GRML_SMALL and GRML_FULL
+ - [b6bb1f8] add f2fs-tools to GRML_SMALL + GRML_FULL.
+ Thanks to Arun for the suggestion
+ - [5b2e199] drop slurm from GRML_FULL
+ - [ba06af6] replace exfat-utils with exfatprogs in GRML_FULL
+ - [9b5ecef] drop bacula-* from GRML_FULL
+ - [ebb166f] drop firmware-ath9k-htc from GRMLBASE
+ - [1c4ce53] drop iptstate from GRML_SMALL + GRML_FULL
+
+ [ Dr. András Korn ]
+ * [3b07e29] grml-live.txt: output dir mount options; manifold
+
+ -- Michael Prokop <mika@grml.org> Mon, 24 Jan 2022 17:18:31 +0100
+
+grml-live (0.39.1) unstable; urgency=medium
+
+ * [093e8a1] Update DEBIAN_STABLE's apt sources.list configuration for
+ bullseye. Thanks to d630 for the bug report
+ * [dfaf77a] GRMLBASE/15-initsetup: provide workaround for failing
+ rsyslog
+ * [48c2038] isolinux: fix toram=... variable usage within isolinux
+ configs. Thanks to Chris S for the bug report
+
+ -- Michael Prokop <mika@grml.org> Mon, 27 Sep 2021 10:54:43 +0200
+
+grml-live (0.39.0) unstable; urgency=medium
+
+ * [9453222] Provide information how ISO was generated in file
+ conf/buildinfo.json
+ * [e703806] Immediately bail out on errors when generating the ISO fails
+
+ -- Michael Prokop <mika@grml.org> Sun, 25 Jul 2021 17:25:08 +0200
+
+grml-live (0.38.5) unstable; urgency=medium
+
+ * [a4b23f1] GRMLBASE/98-clean-chroot: also nuke *.xz files
+ * [fe5a77d] No longer produce md5, sha1 + sha512 checksums, but only
+ sha256
+ * [ddbbaaa] netboot creation: no longer compress the tarball + only
+ generate sha256 checksum file
+
+ -- Michael Prokop <mika@grml.org> Tue, 13 Jul 2021 16:03:17 +0200
+
+grml-live (0.38.4) unstable; urgency=medium
+
+ * [6e42896] etc/grml/fai/config/files/etc/hosts/GRMLBASE: sync IPv6
+ entries with Debian
+ * Software related changes:
+ - [90d1996] drop rng-tools from GRMLBASE
+ - [438832c] add inxi to GRML_FULL. Thanks to Darshaka Pathirana for
+ the suggestion
+ - [f16d872] add speedtest-cli to GRML_FULL. Thanks to Darshaka
+ Pathirana for the suggestion
+
+ -- Michael Prokop <mika@grml.org> Mon, 12 Jul 2021 09:48:41 +0200
+
+grml-live (0.38.3) unstable; urgency=medium
+
+ * Software related changes:
+ - [c52cdfc] add jq to GRML_FULL
+ - [c50146e] add wireless-regdb to GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Fri, 09 Jul 2021 09:15:10 +0200
+
+grml-live (0.38.2) unstable; urgency=medium
+
+ * Software related changes:
+ - [dffbaef] add firmware-ath9k-htc to GRMLBASE
+ - [d0ce067] drop wvdial from GRML_FULL
+ - [7a47f8c] drop comgt from GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Mon, 07 Jun 2021 10:43:38 +0200
+
+grml-live (0.38.1) unstable; urgency=medium
+
+ [ Mihai Moldovan ]
+ * [fef1c19] grml-live: fix typo in (e)error command.
+
+ [ Michael Prokop ]
+
+ * Software related changes:
+ - [79d0a1c] add ntfs-3g to GRML_SMALL. Thanks to Evgeni Golov for
+ the suggestion
+ * [7e4369c] Bump Standards-Version to 4.5.1
+ * [155ca2a] Refresh lintian overrides to reflect current state
+
+ -- Michael Prokop <mika@grml.org> Fri, 07 May 2021 17:48:36 +0200
+
+grml-live (0.38.0) unstable; urgency=medium
+
+ [ Michael Prokop ]
+ * Documentation related changes:
+ - [102cd35] grml-cheatcodes.txt: document getfile.retries boot option
+ - [63954ff] grml-cheatcodes.txt: remove several unsupported boot options
+ - [acbc268] grml-cheatcodes.txt: fix URL for initramfs-tools manpage
+ * New features:
+ - [07181b4] Provide apt sources.list file to support 'bullseye' as
+ Debian suite
+ - [fada6de] Use 1m as new default squashfs block size. Thanks to
+ Mihai Moldovan <ionic@ionic.de>
+ - [8c0c9d9] GRUB templates: provide menu entry for UEFI
+ Firmware Settings
+ - [4e93b8e] GRMLBASE/01-packages: also detect and report unknown
+ package names
+ * Fixes:
+ - [fb26a16] GRMLBASE/16-depmod: no longer rely on /boot/System.map-*
+ file
+ - [89c4398] GRUB templates: do not set root/chainloader but just exit
+ for boot from next device
+
+ [ Mihai Moldovan ]
+ * [c959c14] GRUB: drop loopback usage for balder10/FreeDOS.
+ * [aa74c00] grml-live: isohybrid is the default, reflect that.
+ * [7833e77] docs/grml-live.txt: fix markdown issue, escape *.
+ * [2ae2174] grml-cheatcodes.txt: update fromiso doc.
+ * [84a0622] grml-cheatcodes.txt: reflow, no actual change.
+
+ -- Michael Prokop <mika@grml.org> Wed, 10 Mar 2021 17:30:50 +0100
+
+grml-live (0.37.2) unstable; urgency=medium
+
+ [ Michael Lass ]
+ * [ea72028] GRUB: remove erroneous quotes around kernelopts
+
+ [ Michael Prokop ]
+ * [87bef6e] initramfs-tools: use upstream's xz handling to support
+ multithreading
+
+ -- Michael Prokop <mika@grml.org> Fri, 22 Jan 2021 12:01:15 +0100
+
+grml-live (0.37.1) unstable; urgency=medium
+
+ * Fixes:
+ - [0867199] Secure Boot: update grubx64.efi.signed to fix BootHole issue
+ - [780b71c] Add bsdmainutils to DEBORPHAN whitelist
+ - [ddb26a3] Update lintian-overrides for new EFI boot files
+ * Software related changes:
+ - [771fa1a] add mmdebstrap to GRML_FULL + GRML_SMALL.
+ Thanks to Helmut Grohne for the suggestion
+
+ -- Michael Prokop <mika@grml.org> Tue, 25 Aug 2020 11:49:26 +0200
+
+grml-live (0.37.0) unstable; urgency=medium
+
+ * Fixes:
+ - [b090c76] scripts/GRMLBASE/52-mdadm: unconditionally clear
+ 64-md-raid-assembly.rules
+ - [5c3e795] Store logfiles also when FAI's dirinstall fails
+ - [67df700] GRUB: don't display BIOS only addons when running
+ in EFI mode
+ - [bf7faea] /e/n/i: move sourcing of /etc/network/interfaces.d/
+ to begin of file
+ * Features:
+ - [7430221] Support usage of boot/addons via symlink to
+ corresponding git repository
+ - [f625781] Be more verbose about boot addons installation
+ - [257dba7] Support EFI capable ipxe.efi boot addon
+ - [871fc96] Provide setup files for EFI boot in netboot package
+ * Software related changes:
+ - [f814855] SW: add grub-efi-amd64-signed + shim-signed to
+ GRML_FULL (AMD64 only)
+
+ -- Michael Prokop <mika@grml.org> Sat, 18 Jul 2020 22:02:21 +0200
+
+grml-live (0.36.0) unstable; urgency=medium
+
+ * Fixes:
+ - [8772657] Do not depend on /proc for calculating runtime
+ * Software related changes:
+ - [6542652] add tmate to GRML_SMALL + GRML_FULL
+ - [4b6fd81] add qrencode to GRML_SMALL and GRML_FULL
+ * Features:
+ - [518eb39] Refresh Secure Boot support, supporting new
+ 'debian' method. Thanks to Jordan Uggla for feedback
+
+ -- Michael Prokop <mika@grml.org> Wed, 24 Jun 2020 11:34:03 +0200
+
+grml-live (0.35.4) unstable; urgency=medium
+
+ [ Darshaka Pathirana ]
+ * [d56d6fa] Add boot option pnet (Predictable Network Interface Names)
+
+ [ Michael Prokop ]
+ * [950b6bb] Adjust layout of "Predictable Network Interface Names" boot
+ option
+
+ -- Michael Prokop <mika@grml.org> Fri, 05 Jun 2020 13:34:01 +0200
+
+grml-live (0.35.3) unstable; urgency=medium
+
+ * Software related changes:
+ - [cb7d1f2] add wireguard to GRML_FULL
+ * Fixes:
+ - [6b2e23d] GRMLBASE/98-clean-chroot: avoid warning messages
+ with resolvconf <1.80
+ - [397c7e7] Use debootstrap with --no-merged-usr by default
+ - [b4b524c] No longer refer to sources.grml.org
+
+ -- Michael Prokop <mika@grml.org> Wed, 03 Jun 2020 16:47:04 +0200
+
+grml-live (0.35.2) unstable; urgency=medium
+
+ * Software related changes:
+ - [1ec1cfe] add avahi-utils to GRML_FULL
+ * Features:
+ - [a28b1c2] etc/network/interfaces/GRMLBASE: support
+ /etc/network/interfaces.d/* in /e/n/i (for cloud-init support)
+
+ -- Michael Prokop <mika@grml.org> Thu, 28 May 2020 17:34:05 +0200
+
+grml-live (0.35.1) unstable; urgency=medium
+
+ * Fixes:
+ - [ba45725] deborphan: add workaround for transitional package dnsutils
+ - [3140b83] deborphan: drop deprecated packages
+ - [f37fcf9] Move scripts/GRMLBASE/40-deborphan towards DEBORPHAN class
+ as file 10-whitelist
+ - [87be754] DEBORPHAN/10-whitelist: highlight when dnsutils gets added
+ to whitelist
+ - [cd7c095] DEBORPHAN/10-whitelist: provide workaround for Debian bug
+ #929273
+ - [cb6179f] DEBORPHAN/10-whitelist: rework fix for broken keep file
+ handling of deborphan
+
+ * Documentation:
+ - [856efb5] docs: update ISO sizes and disk requirements, we no
+ longer provide support for file-rc
+
+ * Software related changes:
+ - [bda859c] add fdisk to GRMLBASE
+
+ -- Michael Prokop <mika@grml.org> Wed, 20 May 2020 17:13:24 +0200
+
+grml-live (0.35.0) unstable; urgency=medium
+
+ * Fixes:
+ - [e5e4578] GRMLBASE/98-clean-chroot: get rid of /wget-log* files
+ - [acf12d4] GRMLBASE/98-clean-chroot: fix resolvconf symlink
+ handling + get rid of resolvconf workarounds
+ - [ef6dc82] DEBIAN_STABLE: use buster-backports instead of
+ stretch-backports
+ - [31cd53a] scripts/GRMLBASE/50-lvm: unconditionally clear
+ 69-lvm-metad.rules file. Thanks to Dr. András Korn
+ - [2ece298] initramfs xz-compress: use default xz compression level.
+ Thanks to Dr. András Korn
+ - [e1e107a] GRMLBASE/80-initramfs: no longer set CRYPTSETUP=y
+ - [c557940] sudoers: set Defaults secure_path to have sane
+ default settings
+
+ * New features:
+ - [3fc930d] Initial cloud-init support
+
+ * Debian packaging:
+ - [914ab11] Bump Standards-Version to 4.5.0
+ - [b47433a] Bump Debian compat version to 12, using
+ debhelper-compat approach
+ - [0edda67] Execute 'wrap-and-sort -a -t -s' on debian/
+
+ * Software related changes:
+ - [422c49b] SW: add radvd
+ - [fbb0edd] SW: drop hfsprogs from GRML_FULL
+ - [95f7765] SW: add cloud-init to GRML_FULL
+
+ -- Michael Prokop <mika@grml.org> Tue, 12 May 2020 16:34:01 +0200
+
grml-live (0.34.4) unstable; urgency=medium
[ Michael Prokop ]
Section: grml
Priority: optional
Maintainer: Michael Prokop <mika@grml.org>
-Build-Depends: debhelper (>= 10)
-Build-Depends-Indep: asciidoc,
- docbook-xsl,
- xsltproc
-Standards-Version: 4.3.0
+Build-Depends:
+ debhelper-compat (= 12),
+Build-Depends-Indep:
+ asciidoc,
+ docbook-xsl,
+ xsltproc,
+Standards-Version: 4.6.2
Homepage: https://grml.org/grml-live/
-Vcs-git: git://git.grml.org/grml-live.git
+Vcs-git: https://github.com/grml/grml-live.git
Vcs-Browser: https://git.grml.org/?p=grml-live.git
Origin: Grml
Bugs: mailto:bugs@grml.org
Package: grml-live
Architecture: all
-Depends: bc,
- bzip2,
- dosfstools,
- fai-client (>= 3.4.0),
- fai-server (>= 3.4.0),
- isolinux (>= 3:6.03+dfsg-5+deb8u1~),
- memtest86+,
- mksh,
- moreutils,
- mtools,
- pciutils,
- rsync,
- squashfs-tools (>= 1:4.2-0~bpo60),
- syslinux,
- xorriso,
- ${misc:Depends}
-Recommends: grml-live-db,
- grub-pc-bin,
- imagemagick,
- ipxe,
- syslinux-utils
-Suggests: fai-doc,
- grml-live-addons
+Depends:
+ bc,
+ bzip2,
+ debootstrap,
+ dosfstools,
+ fai-client (>= 3.4.0),
+ isolinux (>= 3:6.03+dfsg-5+deb8u1~),
+ jo,
+ mksh,
+ moreutils,
+ mtools,
+ pciutils,
+ rsync,
+ squashfs-tools (>= 1:4.2-0~bpo60),
+ syslinux | syslinux-efi,
+ xorriso,
+ ${misc:Depends},
+Recommends:
+ grml-live-db,
+ grub-pc-bin,
+ imagemagick,
+ ipxe,
+ memtest86+,
+ syslinux-utils,
+Suggests:
+ fai-doc,
+ grml-live-addons,
Description: build system for creating a Grml (based) Linux live system
This package provides the build system for creating a Debian /
Grml based Linux live system (also known as live cd). It is
Package: grml-live-db
Architecture: all
-Depends: grml-live,
- libdbd-sqlite3-perl,
- libdbi-perl,
- libtimedate-perl,
- sqlite3,
- ${misc:Depends}
-Recommends: perl-doc
+Depends:
+ grml-live,
+ libdbd-sqlite3-perl,
+ libdbi-perl,
+ libtimedate-perl,
+ sqlite3,
+ ${misc:Depends},
+Recommends:
+ perl-doc,
Description: log package build information of grml-live to database
This package provides a database layer for storing build
information about grml-live builds in a sqlite3 database.
Source: https://github.com/grml/grml-live/
Files: *
-Copyright: 2007-2018 Michael Prokop <mika@grml.org>
+Copyright: 2007-2023 Michael Prokop <mika@grml.org>
License: GPL-2+
Files: fonts/graphicoreBitmapFont0-Light.otf
Copyright: 2007, 2008, 2009, 2010 Thorsten Glaser <tg@mirbsd.org>
License: MirOS
-Files: templates/EFI/BOOT/grubx64.efi.signed
+Files: templates/EFI/debian/BOOT/grubx64.efi.signed
+Copyright: 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc
+ 2009-2012 Intel Corporation
+Comment: see https://metadata.ftp-master.debian.org/changelogs/main/g/grub2/unstable_copyright
+License: GPL-3+
+
+Files: templates/EFI/debian/BOOT/shimx64.efi.signed
+Copyright: 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc
+ 2012 Canonical Ltd.
+Comment: see https://metadata.ftp-master.debian.org/changelogs/main/s/shim-signed/unstable_copyright
+License: BSD-2-Clause
+
+Files: templates/EFI/ubuntu/BOOT/grubx64.efi.signed
Copyright: 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009 Free Software Foundation, Inc
2012 Canonical Ltd.
-Comment: /usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/g/grub2-signed/grub-efi-amd64-signed_1.80.2+2.02~beta3-4ubuntu2.2_amd64.deb
+Comment: /usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/g/grub2-signed/grub-efi-amd64-signed_1.93+2.02-2ubuntu8_amd64.deb
License: GPL-3+
-Files: templates/EFI/BOOT/shimx64.efi.signed
+Files: templates/EFI/ubuntu/BOOT/shimx64.efi.signed
Copyright: 2012 Red Hat, Inc
2009-2012 Intel Corporation
-Comment: /usr/lib/shim/shimx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/s/shim-signed/shim-signed_1.32~17.04.1+0.9+1474479173.6c180c6-1ubuntu1_amd64.deb
+Comment: /usr/lib/shim/shimx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/s/shim-signed/shim-signed_1.34.9+13-0ubuntu2_amd64.deb
License: BSD-2-Clause
License: GPL-2+
-docs/grml-live.html
docs/grml-live-remaster.html
+docs/grml-live.html
grml-live: bugs-field-does-not-refer-to-debian-infrastructure mailto:bugs@grml.org
grml-live: executable-not-elf-or-script usr/share/grml-live/templates/windows/autostart/autorun.inf
-grml-live: extra-license-file usr/share/grml-live/templates/GRML/LICENSE.txt
-grml-live: font-in-non-font-package usr/share/grml-live/fonts/graphicoreBitmapFont0-Light.otf
-grml-live: font-outside-font-dir usr/share/grml-live/fonts/graphicoreBitmapFont0-Light.otf
grml-live: privacy-breach-generic usr/share/grml-live/templates/GRML/index.html [<link rel="home" href="http://grml.org/" title="grml.org" />] (http://grml.org/)
grml-live: script-not-executable usr/share/grml-live/scripts/bootgrub.mksh
grml-live: script-not-executable usr/share/grml-live/scripts/bootilnx.mksh
grml-live: unknown-section grml
+grml-live: uses-dpkg-database-directly etc/grml/fai/config/hooks/instsoft.GRMLBASE
grml-live: uses-dpkg-database-directly etc/grml/fai/config/scripts/GRMLBASE/98-clean-chroot
grml-live: uses-dpkg-database-directly usr/sbin/grml-live
rm_conffile /etc/grml/fai/config/files/etc/apt/grml.key/GRMLBASE 0.32.3~
-rm_conffile /etc/grml/fai/config/scripts/GRMLBASE/36-cpufrequtils 0.33.0~
+rm_conffile /etc/grml/fai/config/files/etc/inittab/GRMLBASE 0.43.0~
+rm_conffile /etc/grml/fai/config/files/etc/inittab/GRML_SMALL 0.43.0~
+rm_conffile /etc/grml/fai/config/files/etc/lsb-base-logging.sh/GRMLBASE 0.42.3~
rm_conffile /etc/grml/fai/config/files/etc/systemd/system/serial-getty@ttyS0.service.d/override.conf/GRMLBASE 0.33.2~
+rm_conffile /etc/grml/fai/config/scripts/GRMLBASE/36-cpufrequtils 0.33.0~
+rm_conffile /etc/grml/fai/config/scripts/GRMLBASE/40-deborphan 0.35.0~
+rm_conffile /etc/grml/fai/config/scripts/GRMLBASE/93-update-usbids 0.45.0~
-docs/grml-live.8
docs/grml-live-remaster.8
+docs/grml-live.8
dh_binary
override_dh_install:
- egrep -q "GRML_LIVE_VERSION=.*UNRELEASED" grml-live || \
+ grep -qE "GRML_LIVE_VERSION=.*UNRELEASED" grml-live || \
(echo "Wrong version in grml-live" && exit 2)
# build docs
cd docs && $(MAKE) && cd ../
sed -i -e "s/GRML_LIVE_VERSION='\*\*\*UNRELEASED\*\*\*'/GRML_LIVE_VERSION='$(DEB_VERSION)'/" grml-live
find . -name grml-live.8
dh_install
+ # zsh completion
+ dh_install etc/zsh/completion.d/_grml-live usr/share/zsh/vendor-completions
override_dh_fixperms:
dh_fixperms
-grml-live source: source-contains-prebuilt-windows-binary templates/EFI/BOOT/grubx64.efi.signed
-grml-live source: source-contains-prebuilt-windows-binary templates/EFI/BOOT/shimx64.efi.signed
-grml-live source: vcs-field-uses-insecure-uri vcs-git git://git.grml.org/grml-live.git
+grml-live source: source-contains-prebuilt-windows-binary templates/EFI/debian/BOOT/grubx64.efi.signed
+grml-live source: source-contains-prebuilt-windows-binary templates/EFI/debian/BOOT/shimx64.efi.signed
+grml-live source: source-contains-prebuilt-windows-binary templates/EFI/ubuntu/BOOT/grubx64.efi.signed
+grml-live source: source-contains-prebuilt-windows-binary templates/EFI/ubuntu/BOOT/shimx64.efi.signed
allows building a 32bit system on a 64bit host (though you can't build a 64bit
system on a 32bit system/kernel of course). Please notice that real
crosscompiling (like building a ppc system on x86) isn't possible due to the
-nature and the need of working in a chroot. Currently supported values: i386
-and amd64.
+nature and the need of working in a chroot. Currently supported values: i386,
+amd64 and arm64.
-b::
-c **CLASSES**::
Specify the CLASSES to be used for building the ISO via FAI. By default only
-the classes GRMLBASE, GRML_FULL and I386/AMD64 (depending on system
+the classes GRMLBASE, GRML_FULL and I386/AMD64/ARM64 (depending on system
architecture) are assumed. Additionally you can specify a class providing a
(grml-)kernel (see <<classes,the 'CLASSES' section in this document>> for
details about available classes). So instead of GRML_FULL you can also use e.g.
Specify the Debian suite you want to use for your live-system. If unset defaults
to "testing". Supported values are: stable, testing, unstable (or their
-corresponding release names like "stretch"). Please be aware that recent Debian
+corresponding release names like "bookworm"). Please be aware that recent Debian
suites might require a recent base.tgz
(${GRML_FAI_CONFIG}/config/basefiles/$CLASSNAME.tar.gz) or a recent version of
debootstrap.
The main and base class provided by grml-live is named GRMLBASE. It's strongly
recommended to **always** use the class GRMLBASE when building an ISO using
grml-live, as well as the architecture dependent class which provides the kernel
-(being 'I386' for x86_32 and 'AMD64' for x86_64) and a GRML_* class (like
-GRML_SMALL or GRML_FULL). The following files and directories are
-relevant for class GRMLBASE by default:
+(being 'I386' for x86_32, 'AMD64' for x86_64 and 'ARM64' for arm64) and a GRML_*
+class (like GRML_SMALL or GRML_FULL).
+The following files and directories are relevant for class GRMLBASE by default:
${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/
${GRML_FAI_CONFIG}/config/debconf/GRMLBASE
If you want to use your own configuration, extend an existing configuration
and/or add additional packages to your ISO just invent a new class (or extend an
-existing one). For example if you want to use your own class named "FOOBAR" just
-set CLASSES="GRMLBASE,GRML_SMALL,AMD64,FOOBAR" inside /etc/grml/grml-live.local
-or invoke grml-live using the classes option: "grml-live -c
-GRMLBASE,GRML_SMALL,AMD64,FOOBAR ...".
+existing one). For example if you want to use your own class named "FOOBAR" on
+your amd64 build, et CLASSES="GRMLBASE,GRML_SMALL,AMD64,FOOBAR" inside
+/etc/grml/grml-live.local or invoke grml-live using the classes option:
+"grml-live -c GRMLBASE,GRML_SMALL,AMD64,FOOBAR ...".
More details regarding the class concept can be found in the documentation of
FAI itself (being available at /usr/share/doc/fai-doc/).
example in ${GRML_FAI_CONFIG}/config/scripts/ so specific feature sets can be
selected. The following classes are predefined:
-* DEBORPHAN: get rid of all packages listed in output of deborphan
-
-* FILE_RC: instead of using systemd as init system use file-rc instead. file-rc
-was the init system used by Grml until and including stable release 2014.11,
-starting with beginning of 2016 Grml switched to systemd instead. If you want to
-build a live system in the old style using file-rc instead of systemd then enable
-this class. Please notice that support for file-rc is no longer being actively
-maintained (the Grml team happily accepts patches though) and file-rc (upstream
-wise) might disappear too.
+* DEBORPHAN: get rid of "autoremove" and "removed-but-not-yet-purged" packages;
+also all packages listed in output of deborphan (only if deborphan is actually
+present, note that grml-live no longer installs deborphan by default as it's not
+present since Debian/trixie!). This class is called as such for historic
+reasons, and while deborphan itself is no longer relevant nowadays, the name of
+the class was kept as such for backwards compatibility reasons. This class is
+thought to be used *before* any further `GRML*` classes, like
+`DEBORPHAN,GRMLBASE,GRML_FULL,RELEASE,...` to get proper Grml releases.
* FRESHCLAM: execute freshclam (if it's present) to update clamav definitions
(increases resulting ISO size ~70MB). By default it's skipped to avoid bigger
defining a Grml system. Important parts of the buildprocess are specified in
this class as well, so unless you have a really good reason you should always
use this class. Please be aware that using *just* the GRMLBASE class won't be
-enough, because the kernel packages (e.g. linux-image-*) are chosen in further
-GRML_* classes (to provide maximum flexibility with kernel selection). If you
-don't want to use the existing GRML_FULL or GRML_SMALL classes, define your own
-CLASS file choosing the kernel package you want to use (and don't forget to
-include your CLASS in the arguments of grml-live's -c... command line option).
+enough, because the kernel packages (e.g. linux-image-pass:[*]) are chosen in
+further GRML_pass:[*] classes (to provide maximum flexibility with kernel
+selection). If you don't want to use the existing GRML_FULL or GRML_SMALL
+classes, define your own CLASS file choosing the kernel package you want to use
+(and don't forget to include your CLASS in the arguments of grml-live's `-c...`
+command line option).
* GRML_FULL: full featured Grml, also known as the "normal", full grml as
-introduced in December 2011 (~600MB ISO size).
+introduced in December 2011 (~750 ISO size).
-* GRML_SMALL: minimum sized Grml version, known as grml-small (~300MB ISO
+* GRML_SMALL: minimum sized Grml version, known as grml-small (~360MB ISO
size).
* LATEX: LaTeX(-related) packages like auctex, texlive,...
* XORG: providing important packages for use with a base grml-featured X.org
setup
+* ZFS: package selection to add support for OpenZFS/zfsonlinux
+
[[files]]
Files
-----
grml-live on a plain Debian installation>> for details how to set up grml-live
on a plain, original Debian system.
-* enough free disk space; at least 1.5GB are required for a minimal grml-live
-run (\~850MB for the chroot [$CHROOT_OUTPUT], \~300MB for the build target
-[$BUILD_OUTPUT], \~30MB for the netboot files and \~300MB for the resulting ISO
+* enough free disk space; at least ~2GB are required for a minimal grml-live
+run (\~1GB for the chroot [$CHROOT_OUTPUT], \~400MB for the build target
+[$BUILD_OUTPUT], \~35MB for the netboot files and \~350MB for the resulting ISO
[$ISO_OUTPUT] plus some temporary files), if you plan to use GRML_FULL you
should have at least 4GB of total free disk space
* fast network access for retrieving the Debian packages used for creating the
chroot (check out "local mirror" to workaround this problem as far as possible)
+* your output directory should not be mounted with any of the "nodev", "noexec"
+or "nosuid" mount options. (/tmp typically is at least "nodev" and "nosuid" on
+most systems.)
+
For further information see next section.
[[X8]]
Of course using grml-live on a plain, original Debian installation is supported
as well. So there we go.
-What we have: plain, original Debian stretch (9.x).
+What we have: plain, original Debian bookworm (v12).
-What we want: build a Grml ISO based on Debian/stretch for the amd64 architecture
+What we want: build a Grml ISO based on Debian/bookworm for the amd64 architecture
using grml-live.
Instructions
EOF
# get keyring for apt:
- apt-get update
+ apt-get -o Acquire::AllowInsecureRepositories=true update
apt-get --allow-unauthenticated install grml-debian-keyring
# optionally(!) install basefile so we don't have to build basic
# mkdir -p /etc/grml/fai/config/basefiles/
# mv I386.tar.gz /etc/grml/fai/config/basefiles/
# mv AMD64.tar.gz /etc/grml/fai/config/basefiles/
+ # mv ARM64.tar.gz /etc/grml/fai/config/basefiles/
# install relevant tools
apt-get --no-install-recommends install grml-live
# CHROOT_INSTALL="/etc/grml/fai/chroot_install"
## adjust if necessary (defaults to ./grml/):
## OUTPUT="/srv/grml-live"
- FAI_DEBOOTSTRAP="stretch http://ftp.debian.org/debian/"
+ FAI_DEBOOTSTRAP="bookworm http://deb.debian.org/debian/"
# ARCH="amd64"
CLASSES="GRMLBASE,GRML_FULL,AMD64"
EOF
grml-live you can get commercial support via
link:http://grml-solutions.com/[Grml Solutions].
+Note that FAI doesn't abort immediately on errors that will ultimately cause
+the build to fail. Be sure to look through the logs and find the actual error;
+look for lines that start with "E: " or contain "FAILED" or "exit code 1".
+Some messages that may look like errors are actually benign; e.g.
+"/tmp/grml64/grml_chroot/var/lib/dpkg is not a mounted ramdisk" is not an error.
+
[[install-local-files]]
How do I install further files into the chroot/ISO?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[...]
APT_PROXY="http://localhost:3142/"
[...]
- FAI_DEBOOTSTRAP="stretch http://localhost:3142/ftp.debian.org/debian stretch main contrib non-free"
+ FAI_DEBOOTSTRAP="bookworm http://localhost:3142/ftp.debian.org/debian bookworm main contrib non-free"
Make sure apt-cacher-ng is running ('/etc/init.d/apt-cacher-ng restart').
That's it. All downloaded files will be cached in /var/cache/apt-cacher-ng then.
How do I revert the manifold feature from an ISO?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-The so called manifold feature Grml ISOs use by default allows one to use the same
-ISO for CD boot and USB boot. If you notice any problems when booting just
-revert the manifold feature running:
+By default, Grml ISOs use isohybrid to allow them to be booted from CDs as
+well as USB sticks. Manifold is an alternative to isohybrid.
+
+If you notice any problems
+when booting manifold-crafted media, just revert the manifold feature running:
% dd if=/dev/zero of=grml.iso bs=512 count=1 conv=notrunc
To switch from manifold to isohybrid mode (an alternative approach provided by
-syslinux) then just execute:
+syslinux, used by default for official Grml images) then just execute:
% isohybrid grml.iso
[[create-a-base-tgz]]
-How do I create a base tar.gz (I386.tar.gz or AMD64.tar.gz)
-~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+How do I create a base tar.gz (I386.tar.gz or AMD64.tar.gz or ARM64.tar.gz)
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
[[basetgz]]
First of all create the chroot using debootstrap (requires root):
BASECHROOT='/tmp/basefile' # path where the chroot gets generated
- SUITE='stretch' # using the current stable release should always work
- debootstrap --exclude=info,tasksel,tasksel-data "$SUITE" "$BASECHROOT" http://ftp.debian.org/debian
- tar -C "$BASECHROOT" --exclude='var/cache/apt/archives/*.deb' -zcf "${SUITE}".tar.gz ./
+ SUITE='bookworm' # using the current stable release should always work
+ debootstrap --exclude=info,tasksel,tasksel-data,isc-dhcp-client,isc-dhcp-common "${SUITE}" "${BASECHROOT}" http://deb.debian.org/debian
+ tar -C "$BASECHROOT" --exclude='var/cache/apt/archives/*.deb' --exclude 'var/lib/apt/lists/*_*' --xattrs --xattrs-include='*.*' --acls -zcf "${SUITE}".tar.gz ./
[TIP]
By default debootstrap builds a chroot matching the architecture of the running
host system. If you're using an amd64 system and want to build an i386 base.tgz
then invoke debootstrap using the '--arch i386' option. Disclaimer: building an
AMD64 base.tgz won't work if you are using a 32bit kernel system of course.
+Also building an ARM64 base.tgz requires an arm64 system.
Finally place the generated tarball in /etc/grml/fai/config/basefiles/ (note
that it needs to be uppercase letters matching the class names, so: e.g.
-AMD64.tar.gz for amd64 and I386.tar.gz for i386).
+AMD64.tar.gz for amd64, I386.tar.gz for i386 or ARM64.tar.gz for arm64).
Then executing grml-live should use this file as base system instead of executing
debootstrap. Check out the output for something like:
# needs to be quite high so we can override installation
# of specific packages through the IGNORE class.
MAXPACKAGES=3000
+
+# Do not check package names whether they are valid, but report failure instead.
+# FAI_DISABLE_PACKAGE_NAME_CHECK=1
locales locales/default_environment_locale select en_US.UTF-8
locales locales/locales_to_be_generated multiselect en_US.UTF-8 UTF-8
+man-db man-db/auto-update boolean false
+man-db man-db/build-database boolean false
openssh-server openssh-server/permit-root-login boolean true
passwd passwd/shadow boolean true
portmap portmap/loopback boolean false
-wvdial wvdial/wvdialconf boolean false
x11-common x11-common/xwrapper/actual_allowed_users string anybody
x11-common x11-common/xwrapper/allowed_users select Anybody
xserver-xorg shared/default-x-server select xserver-xorg
+++ /dev/null
-Explanation: this file was installed by grml-live to allow installation of systemd/udev (required for systemd-container) from backports
-Package: systemd libsystemd0 libpam-systemd libapparmor1 ifupdown systemd-sysv udev libudev1 usb-modeswitch
-Pin: release a=jessie-backports
-Pin-Priority: 997
-
-Explanation: this file was installed by grml-live to allow installation of linux-base (required for kernel packages) from backports
-Package: linux-base firmware-misc-nonfree firmware-linux-nonfree firmware-linux
-Pin: release a=jessie-backports
-Pin-Priority: 997
--- /dev/null
+# official debian repository:
+ deb http://ftp.debian.org/debian/ bookworm main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ bookworm main contrib non-free-firmware non-free
+
+# security updates:
+ deb http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free
+ deb-src http://security.debian.org/debian-security bookworm-security main contrib non-free-firmware non-free
--- /dev/null
+# official debian repository:
+ deb http://ftp.debian.org/debian/ bullseye main contrib non-free
+ deb-src http://ftp.debian.org/debian/ bullseye main contrib non-free
+
+# security updates:
+ deb http://security.debian.org/debian-security bullseye-security main contrib non-free
+ deb-src http://security.debian.org/debian-security bullseye-security main contrib non-free
+++ /dev/null
-# official debian repository:
- deb http://ftp.debian.org/debian/ buster main contrib non-free
- deb-src http://ftp.debian.org/debian/ buster main contrib non-free
-
-# security updates:
- deb http://security.debian.org/ buster/updates main contrib
- deb-src http://security.debian.org/ buster/updates main contrib
+++ /dev/null
-# official debian repository:
- deb http://ftp.debian.org/debian/ jessie main contrib non-free
- deb-src http://ftp.debian.org/debian/ jessie main contrib non-free
-
-# security updates:
- deb http://security.debian.org/ jessie/updates main contrib
- deb-src http://security.debian.org/ jessie/updates main contrib
-
-# backports:
- deb http://ftp.debian.org/debian/ jessie-backports main contrib non-free
- deb-src http://ftp.debian.org/debian/ jessie-backports main contrib non-free
+++ /dev/null
-# official debian repository:
- deb http://ftp.debian.org/debian/ lenny main contrib non-free
- deb-src http://ftp.debian.org/debian/ lenny main contrib non-free
-
-# security updates:
- deb http://security.debian.org/ lenny/updates main contrib
- deb-src http://security.debian.org/ lenny/updates main contrib
# official debian repository:
- deb http://ftp.debian.org/debian/ sid main contrib non-free
- deb-src http://ftp.debian.org/debian/ sid main contrib non-free
+ deb http://ftp.debian.org/debian/ sid main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ sid main contrib non-free-firmware non-free
+++ /dev/null
-# official debian repository:
- deb http://ftp.debian.org/debian/ squeeze main contrib non-free
- deb-src http://ftp.debian.org/debian/ squeeze main contrib non-free
-
-# security updates:
- deb http://security.debian.org/ squeeze/updates main contrib
- deb-src http://security.debian.org/ squeeze/updates main contrib
-
-# backports:
- deb http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
- deb-src http://backports.debian.org/debian-backports squeeze-backports main contrib non-free
# official debian repository:
- deb http://ftp.debian.org/debian/ stable main contrib non-free
- deb-src http://ftp.debian.org/debian/ stable main contrib non-free
+ deb http://ftp.debian.org/debian/ stable main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ stable main contrib non-free-firmware non-free
# security updates:
- deb http://security.debian.org/ stable/updates main contrib
- deb-src http://security.debian.org/ stable/updates main contrib
+ deb http://security.debian.org/debian-security stable-security main contrib non-free-firmware non-free
+ deb-src http://security.debian.org/debian-security stable-security main contrib non-free-firmware non-free
# backports:
- deb http://ftp.debian.org/debian/ buster-backports main contrib non-free
- deb-src http://ftp.debian.org/debian/ buster-backports main contrib non-free
+ deb http://ftp.debian.org/debian/ stable-backports main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ stable-backports main contrib non-free-firmware non-free
+++ /dev/null
-# official debian repository:
- deb http://ftp.debian.org/debian/ stretch main contrib non-free
- deb-src http://ftp.debian.org/debian/ stretch main contrib non-free
-
-# security updates:
- deb http://security.debian.org/ stretch/updates main contrib
- deb-src http://security.debian.org/ stretch/updates main contrib
-
-# backports:
- deb http://ftp.debian.org/debian/ stretch-backports main contrib non-free
- deb-src http://ftp.debian.org/debian/ stretch-backports main contrib non-free
# official debian repository:
- deb http://ftp.debian.org/debian/ testing main contrib non-free
- deb-src http://ftp.debian.org/debian/ testing main contrib non-free
+ deb http://ftp.debian.org/debian/ testing main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ testing main contrib non-free-firmware non-free
# security updates:
- deb http://security.debian.org/ testing-security main contrib
- deb-src http://security.debian.org/ testing-security main contrib
+ deb http://security.debian.org/ testing-security main contrib non-free-firmware non-free
+ deb-src http://security.debian.org/ testing-security main contrib non-free-firmware non-free
--- /dev/null
+# official debian repository:
+ deb http://ftp.debian.org/debian/ trixie main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ trixie main contrib non-free-firmware non-free
+
+# security updates:
+ deb http://security.debian.org/debian-security trixie-security main contrib non-free-firmware non-free
+ deb-src http://security.debian.org/debian-security trixie-security main contrib non-free-firmware non-free
# official debian repository:
- deb http://ftp.debian.org/debian/ unstable main contrib non-free
- deb-src http://ftp.debian.org/debian/ unstable main contrib non-free
+ deb http://ftp.debian.org/debian/ unstable main contrib non-free-firmware non-free
+ deb-src http://ftp.debian.org/debian/ unstable main contrib non-free-firmware non-free
--- /dev/null
+# cloud-init configuration for Grml live system.
+#
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/51-cloud-init script, using
+# ${GRML_FAI_CONFIG}/config/files/etc/cloud/cloud.cfg.d/42_grml.cfg/GRMLBASE
+
+system_info:
+ # This will affect which distro class gets used
+ distro: debian
+ # Default user name + that default users groups (if added/used)
+ default_user:
+ name: grml
+ lock_passwd: True
+ gecos: Grml
+ groups: [adm, audio, cdrom, dialout, dip, floppy, netdev, plugdev, sudo, video]
+ sudo: ["ALL=(ALL) NOPASSWD:ALL"]
+ shell: /bin/zsh
+ # Other config here will be given to the distro class and/or path classes
+ paths:
+ cloud_dir: /var/lib/cloud/
+ templates_dir: /etc/cloud/templates/
+ upstart_dir: /etc/init/
+ package_mirrors:
+ - arches: [default]
+ failsafe:
+ primary: http://deb.debian.org/debian
+ security: http://security.debian.org/
+ ssh_svcname: ssh
/dev/dvd /media/dvd auto user,noauto,exec,ro 0 0
# some other examples:
# /dev/hda1 /Grml ext3 dev,suid,user,noauto 0 2
-# //1.2.3.4/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0
+# //192.0.2.42/pub /smb/pub smbfs defaults,user,noauto,uid=grml,gid=grml 0 0
# linux:/pub /beer nfs defaults 0 0
# tmpfs /tmp tmpfs size=300M 0 0
# none /proc/bus/usb usbfs defaults,nodev,noexec,nosuid,noauto,devgid=1001,devmode=664 0 0
-# 192.168.1.101:/backups /media/nfs nfs defaults,user,wsize=8192,rsize=8192 0 0
+# 192.0.2.42:/backups /media/nfs nfs defaults,user,wsize=8192,rsize=8192 0 0
#
-# Warning! Please do *not* change any lines below because they are auto-generated by.
-# If you want to disable rebuildfstab set CONFIG_FSTAB='no' in /etc/grml/autoconfig!
+# Warning! Please do *not* change any lines below because they are auto-generated.
+# If you want to disable rebuildfstab set CONFIG_FSTAB='no' in /etc/grml/autoconfig.
# See 'man grml-udev-rebuildfstab' for more details about the following entries.
127.0.0.1 $HOSTNAME localhost
# The following lines are desirable for IPv6 capable hosts
-# (added automatically by netbase upgrade)
-
-::1 ip6-localhost ip6-loopback $HOSTNAME
-fe00::0 ip6-localnet
-ff00::0 ip6-mcastprefix
+::1 localhost ip6-localhost ip6-loopback $HOSTNAME
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
-ff02::3 ip6-allhosts
-# This file is installed by grml-live in 10-build-initramfs.
+# This file is installed by grml-live in 80-initramfs.
# Its purpose is to use XZ compression when building initramfs.
-# this is a workaround to pass custom options to the xz compression
-xz() {
- command xz --check=crc32
-}
-
-# enable XZ compression, reducing initramfs size from ~17MB to ~12MB
-compress=xz
+# enable XZ compression, reducing initramfs size from ~50MB to ~33M
+COMPRESS=xz
--- /dev/null
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/80-initramfs script, using
+# ${GRML_FAI_CONFIG}/config/files/etc/initramfs-tools/modules/GRMLBASE
+################################################################################
+# List of modules that you want to include in your initramfs.
+# They will be loaded at boot time in the order below.
+#
+# Syntax: module_name [args ...]
+#
+# You must run update-initramfs(8) to effect this change.
+#
+# Examples:
+#
+# raid1
+# sd_mod
+
+# workaround for broken netboot images, see
+# https://bugs.debian.org/1022172 +
+# https://github.com/grml/grml/issues/192
+auth_rpcgss
+grace
+lockd
+nfs
+nfs_acl
+nfsv3
+rpcrdma
+rpcsec_gss_krb5
+sunrpc
+++ /dev/null
-# This file was deployed via grml-live's
-# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup script, using
-# ${GRML_FAI_CONFIG}/config/files/etc/inittab/GRMLBASE
-################################################################################
-# Filename: inittab
-# Purpose: init(8) configuration.
-# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
-# Bug-Reports: see http://grml.org/bugs/
-# License: This file is licensed under the GPL v2.
-################################################################################
-
-# The default runlevel.
-id:2:initdefault:
-
-# Boot-time system configuration/initialization script.
-# This is run first except when booting in emergency (-b) mode.
-si::sysinit:/etc/init.d/rcS
-
-# What to do in single-user mode.
-~~:S:respawn:/bin/zsh --login >/dev/tty1 2>&1 </dev/tty1
-
-# /etc/init.d executes the S and K scripts upon change
-# of runlevel.
-#
-# Runlevel 0 is halt.
-# Runlevel 1 is single-user.
-# Runlevels 2-5 are multi-user.
-# Runlevel 6 is reboot.
-
-l0:0:wait:/etc/init.d/grml-halt
-l1:1:wait:/etc/init.d/rc 1
-l2:2:wait:/etc/init.d/rc 2
-l3:3:wait:/etc/init.d/rc 3
-l4:4:wait:/etc/init.d/rc 4
-l5:5:wait:/etc/init.d/rc 5
-l6:6:wait:/etc/init.d/grml-reboot
-
-# What to do when CTRL-ALT-DEL is pressed.
-ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
-
-# Action on special keypress (ALT-UpArrow).
-kb::kbrequest:/bin/echo "Keyboard Request -- edit /etc/inittab to let this work."
-
-# What to do when the power fails/returns.
-pf::powerwait:/etc/init.d/powerfail start
-pn::powerfailnow:/etc/init.d/powerfail now
-po::powerokwait:/etc/init.d/powerfail stop
-
-# /sbin/getty invocations for the runlevels.
-#
-# The "id" field MUST be the same as the last
-# characters of the device (after "tty").
-#
-# Format:
-# <id>:<runlevels>:<action>:<process>
-# 4 virtual consoles with immortal shells
-# Note that on most Debian systems tty7 is used by the X Window System.
-# Use tty8 a second xserver.
-1:12345:respawn:/sbin/grml-runtty /dev/tty1 /usr/share/grml-scripts/run-welcome root
-2:2345:respawn:/sbin/grml-runtty /dev/tty2 /usr/share/grml-scripts/run-screen root
-3:2345:respawn:/sbin/grml-runtty /dev/tty3 /usr/share/grml-scripts/run-screen root
-4:2345:respawn:/sbin/grml-runtty /dev/tty4 /usr/share/grml-scripts/run-screen $USERNAME
-5:2345:respawn:/sbin/grml-runtty /dev/tty5 /bin/zsh $USERNAME
-6:2345:respawn:/sbin/grml-runtty /dev/tty6 /bin/zsh $USERNAME
-9:2345:respawn:/sbin/getty 38400 tty9
-#10:2345:respawn:/sbin/grml-runtty /dev/tty10 /usr/sbin/grml-iptstate root
-11:2345:respawn:/sbin/grml-runtty /dev/tty11 /usr/bin/htop root
-12:2345:respawn:/sbin/grml-runtty /dev/tty12 /usr/share/grml-scripts/run-multitail root
-
-################################################################################
-# Please do NOT remove the line with the marker as it is important for the
-# bootoption serial/console. line(s) will be inserted here according to the
-# provided kernel command line:
-#grmlserial# is a marker, important for the bootoption serial/console
-################################################################################
-
-# Example how to put a getty on a serial line (for a terminal)
-# T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
-# T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
-
-#-- isdnutils begin
-# Change the lines below for your local setup and uncomment them.
-# Use "init q" to reread inittab.
-# look at the vboxgetty / mgetty manpage for more information (mgetty isn't
-# standard!)
-#
-#I0:2345:respawn:/usr/sbin/vboxgetty -d /dev/ttyI0
-#I1:2345:respawn:/sbin/mgetty -D -m '"" ATZ OK AT&Eyourmsnhere OK AT&B512 OK' -s 38400 ttyI1
-#-- isdnutils end
-
-# Run X Window session from CDROM in runlevel 5
-#w5:5:wait:/bin/sleep 2
-#x5:5:wait:/etc/init.d/xsession start
-
-# Use line below to use secvpnmon. Use init q to reread inittab.
-# SVPN:2345:respawn:/usr/sbin/secvpnmon
+++ /dev/null
-# This file was deployed via grml-live's
-# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/15-initsetup script, using
-# ${GRML_FAI_CONFIG}/config/files/etc/inittab/GRML_SMALL
-################################################################################
-# Filename: inittab.small
-# Purpose: init(8) configuration for grml-small
-# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
-# Bug-Reports: see http://grml.org/bugs/
-# License: This file is licensed under the GPL v2.
-################################################################################
-
-# The default runlevel.
-id:2:initdefault:
-
-# Boot-time system configuration/initialization script.
-# This is run first except when booting in emergency (-b) mode.
-si::sysinit:/etc/init.d/rcS
-
-# What to do in single-user mode.
-~~:S:respawn:/bin/zsh --login >/dev/tty1 2>&1 </dev/tty1
-
-# /etc/init.d executes the S and K scripts upon change
-# of runlevel.
-#
-# Runlevel 0 is halt.
-# Runlevel 1 is single-user.
-# Runlevels 2-5 are multi-user.
-# Runlevel 6 is reboot.
-
-l0:0:wait:/etc/init.d/grml-halt
-l1:1:wait:/etc/init.d/rc 1
-l2:2:wait:/etc/init.d/rc 2
-l3:3:wait:/etc/init.d/rc 3
-l4:4:wait:/etc/init.d/rc 4
-l5:5:wait:/etc/init.d/rc 5
-l6:6:wait:/etc/init.d/grml-reboot
-
-# What to do when CTRL-ALT-DEL is pressed.
-ca:12345:ctrlaltdel:/sbin/shutdown -t1 -a -r now
-
-# Action on special keypress (ALT-UpArrow).
-kb::kbrequest:/bin/echo "Keyboard Request -- edit /etc/inittab to let this work."
-
-# What to do when the power fails/returns.
-pf::powerwait:/etc/init.d/powerfail start
-pn::powerfailnow:/etc/init.d/powerfail now
-po::powerokwait:/etc/init.d/powerfail stop
-
-# /sbin/getty invocations for the runlevels.
-#
-# The "id" field MUST be the same as the last
-# characters of the device (after "tty").
-#
-# Format:
-# <id>:<runlevels>:<action>:<process>
-# 4 virtual consoles with immortal shells
-# Note that on most Debian systems tty7 is used by the X Window System.
-# Use tty8 a second xserver.
-1:12345:respawn:/sbin/grml-runtty /dev/tty1 /usr/share/grml-scripts/run-welcome root
-2:2345:respawn:/sbin/grml-runtty /dev/tty2 /usr/share/grml-scripts/run-screen root
-3:2345:respawn:/sbin/grml-runtty /dev/tty3 /usr/share/grml-scripts/run-screen root
-#4:2345:respawn:/sbin/grml-runtty /dev/tty4 /usr/share/grml-scripts/run-screen $USERNAME
-#5:2345:respawn:/sbin/grml-runtty /dev/tty5 /bin/zsh $USERNAME
-#6:2345:respawn:/sbin/grml-runtty /dev/tty6 /bin/zsh $USERNAME
-#9:2345:respawn:/sbin/getty 38400 tty9
-#10:2345:respawn:/sbin/grml-runtty /dev/tty10 /usr/sbin/grml-iptstate root
-#11:2345:respawn:/sbin/grml-runtty /dev/tty11 /usr/bin/htop root
-#12:2345:respawn:/sbin/grml-runtty /dev/tty12 /usr/share/grml-scripts/run-multitail root
-
-################################################################################
-# Please do NOT remove the line with the marker as it is important for the
-# bootoption serial/console. line(s) will be inserted here according to the
-# provided kernel command line:
-#grmlserial# is a marker, important for the bootoption serial/console
-################################################################################
-
-# Example how to put a getty on a serial line (for a terminal)
-# T0:23:respawn:/sbin/getty -L ttyS0 9600 vt100
-# T1:23:respawn:/sbin/getty -L ttyS1 9600 vt100
-
-#-- isdnutils begin
-# Change the lines below for your local setup and uncomment them.
-# Use "init q" to reread inittab.
-# look at the vboxgetty / mgetty manpage for more information (mgetty isn't
-# standard!)
-#
-#I0:2345:respawn:/usr/sbin/vboxgetty -d /dev/ttyI0
-#I1:2345:respawn:/sbin/mgetty -D -m '"" ATZ OK AT&Eyourmsnhere OK AT&B512 OK' -s 38400 ttyI1
-#-- isdnutils end
-
-# Run X Window session from CDROM in runlevel 5
-#w5:5:wait:/bin/sleep 2
-#x5:5:wait:/etc/init.d/xsession start
-
-# Use line below to use secvpnmon. Use init q to reread inittab.
-# SVPN:2345:respawn:/usr/sbin/secvpnmon
--- /dev/null
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/25-locales script, using
+# ${GRML_FAI_CONFIG}/config/files/etc/locale.conf/GRMLBASE
+################################################################################
+# This file lists the locales configuration as used by e.g. systemd-firstboot
+LANG=C.UTF-8
+++ /dev/null
-# This file was deployed via grml-live's
-# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/20-sudo script, using
-# ${GRML_FAI_CONFIG}/config/files/etc/lsb-base-logging.sh/GRMLBASE
-
-# override output of the status on the left side of the terminal
-# introduced in lsb-base >= 4.1+Debian1
-log_end_msg_pre() { :; }
-log_action_msg_pre() { :; }
-
-if log_use_fancy_output; then
- __LSB_PFX="$($TPUT -S << EOGREEN
- bold
- setaf 2
-EOGREEN
- ) * $($TPUT -S << EONORMAL
- sgr0
- op
-EONORMAL
- )"
-else
- __LSB_PFX=" * "
-fi
-
-log_daemon_msg_pre() {
- printf "${__LSB_PFX}"
-}
-log_action_msg() {
- printf "${__LSB_PFX}$@."
-}
-log_action_begin_msg() {
- printf "${__LSB_PFX}$@... "
-}
# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/35-network script, using
# ${GRML_FAI_CONFIG}/config/files/etc/network/interfaces/GRMLBASE
+# interfaces(5) file used by ifup(8) and ifdown(8)
+
+# Include files from /etc/network/interfaces.d:
+source /etc/network/interfaces.d/*
+
# The loopback interface
auto lo
iface lo inet loopback
+
# WARNING: Never allow external access to the $USERNAME user!!!
$USERNAME ALL=NOPASSWD: ALL
+# Path used for every command run from sudo
+Defaults secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+
# allow editing of files with editor:
# $USERNAME ALL=NOPASSWD: sudoedit
StandardInput=tty
StandardOutput=tty
TTYPath=/dev/tty2
-Environment="SHELL=/bin/zsh"
ExecStart=
ExecStart=-/usr/share/grml-scripts/run-screen
StandardInput=tty
StandardOutput=tty
TTYPath=/dev/tty3
-Environment="SHELL=/bin/zsh"
ExecStart=
ExecStart=-/usr/share/grml-scripts/run-screen
StandardInput=tty
StandardOutput=tty
TTYPath=/dev/tty4
-Environment="SHELL=/bin/zsh"
User=$USERNAME
ExecStart=
ExecStart=-/usr/share/grml-scripts/run-screen
[Service]
EnvironmentFile=-/etc/default/ssh
-ExecStartPre=-/bin/sh -c "/usr/bin/ssh-keygen -A"
-ExecStartPre=/usr/sbin/sshd -t
+ExecStartPre=-/usr/bin/ssh-keygen -A
ExecStart=/usr/sbin/sshd -D $SSHD_OPTS
ExecReload=/usr/sbin/sshd -t
ExecReload=/bin/kill -HUP $MAINPID
--- /dev/null
+# This file was deployed via grml-live's
+# ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/85-systemd script, using
+# ${GRML_FAI_CONFIG}/config/files/etc/tmpfiles.d/man-db.conf/GRMLBASE
+
+# Override default (age set to 1w) to avoid disappearing mandb caches
+d /var/cache/man 0755 man man -
# Filename: startpage.html
# Purpose: information page on Grml
# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
-# Bug-Reports: see http://grml.org/bugs/
+# Bug-Reports: see https://grml.org/bugs/
# License: This file is licensed under the GPL v2.
################################################################################
-->
<div class="container"><div class="content">
<h1 align="center">Grml Live Linux</h1>
-<p>Grml is a Debian based Linux Live system for x86 and x86_64 systems. Its main
-purpose is providing a system for system administrators.</p>
+<p>
+Grml is a Debian based Linux Live system for system administrators and users of texttools.
+</p>
-<p>You are reading this page probably in the w3m or links browser on the console
-or in xlinks2 or Firefox/Iceweasel running under X. To switch between
-links in w3m and links press the <tab>-key. You can move the cursor via
-the cursor keys. 'B' is the key for going back one page in the browser history,
-pressing 'H' brings you to the help of w3m. Press 'Q' for exiting w3m, links
-and xlinks2.</p>
+<p>
+You are reading this page probably in the w3m or links browser on the console, or in Firefox running under X.
+Press 'Q' for exiting w3m and links.</p>
-<p><strong>Note:</strong> If you find bugs, please <a
-href="http://grml.org/bugs/">report them</a>! Thank you for helping
-us to improve Grml!</p>
-
-<h2>Overview</h2>
-
-<p>Find the package list of installed software at <a
- href="http://grml.org/files/">grml.org/files/</a>.</p>
+<p>
+<strong>Notice:</strong> if you find any bugs please <a href="https://grml.org/bugs/">report them to the Grml team</a>!
+Thank you for helping us to improve Grml!
+</p>
<h2>Quickstart</h2>
<ul>
+ <li>Find the package list of installed software at <a href="https://grml.org/files/">grml.org/files/</a>.</li>
<li>Use 'grml-tips $KEYWORD' to get hints and tips.</li>
<li>Use 'grml-x' to start the X window system.</li>
</ul>
<h2>Online resources</h2>
-<p>Subscribe to <a href="http://grml.org/mailinglist/">the Grml mailinglist</a> and join #grml on irc.freenode.net!</p>
+<p>
+Subscribe to <a href="https://grml.org/mailinglist/">the Grml mailinglist</a>, or join us on IRC in #grml on irc.oftc.net.
+</p>
<ul>
- <li><a href="http://grml.org/">grml.org</a></li>
- <li><a href="http://grml.org/news/">news @ grml.org</a></li>
- <li><a href="http://grml.org/faq/">faq @ grml.org</a></li>
- <li><a href="http://grml.org/docs/">docs @ grml.org</a></li>
- <li><a href="http://grml.org/bugs/">bugs @ grml.org</a></li>
- <li><a href="http://grml.org/zsh/">zsh @ grml.org</a></li>
- <li><a href="http://grml.org/contact/">contact the grml-team</a></li>
- <li><a href="http://www.tldp.org/">Linux Documentation Project</a></li>
+ <li><a href="https://grml.org/">grml.org</a></li>
+ <li><a href="https://wiki.grml.org/">grml-Wiki</a></li>
+ <li><a href="https://grml.org/news/">news @ grml.org</a></li>
+ <li><a href="https://grml.org/faq/">faq @ grml.org</a></li>
+ <li><a href="https://grml.org/docs/">docs @ grml.org</a></li>
+ <li><a href="https://grml.org/bugs/">bugs @ grml.org</a></li>
+ <li><a href="https://grml.org/zsh/">zsh @ grml.org</a></li>
+ <li><a href="https://grml.org/contact/">contact the grml-team</a></li>
</ul>
-<p>Press 'Q' for exiting the browsers w3m, links and xlinks2.</p>
+<p>
+Press 'Q' for exiting the browsers w3m and links.
+</p>
+
+<p>
+Enjoy Grml!
+</p>
-<p>Have fun with Grml!</p>
</div>
<div class="copyright">
-© Copyright 2004++ by the <a href="http://grml.org/team/">grml-team</a>.
+© Copyright 2004++ by the <a href="https://grml.org/team/">Grml team</a>.
</div>
<!-- Piwik -->
run/*
var/run/*
var/lock/*
+var/lib/dkms/*
# License: This file is licensed under the GPL v2 or any later version.
################################################################################
-FILE_RC=false
-if ifclass FILE_RC ; then
- FILE_RC=true
-fi
-
set -u
set -e
# anyway
$ROOTCMD /usr/lib/dpkg/methods/apt/update /var/lib/dpkg/ apt apt
- if $FILE_RC ; then
- echo "Installing file-rc as FILE_RC class is enabled."
- # newer aptitude versions won't remove essential packages using
- # 'aptitude -f -y install file-rc' anymore, therefore force it:
- $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
- fi
-
if ! $ROOTCMD test -x /usr/bin/aptitude ; then
- $ROOTCMD apt-get -y install aptitude
+ # the apt-get update might return an error if there's for example
+ # a hashsum mismatch on Debian mirror sources, we might want to continue
+ # but should warn the user
+ if ! $ROOTCMD apt-get update ; then
+ echo "Warning: there was an error executing apt-get update, continuing anyway."
+ echo "Warning: there was an error executing apt-get update, continuing anyway." >&2
+ fi
+
+ $ROOTCMD apt-get -y install aptitude
fi
# make sure we can upgrade automatically,
$ROOTCMD ln -s /bin/true /usr/sbin/grub-probe
fi
-# make sure we have file-rc available before package_config/GRML* is being executed {{{
-# the apt-get update might return an error if there's for example
-# a hashsum mismatch on Debian mirror sources, we might want to continue
-# but should warn the user
-if ! $ROOTCMD apt-get update ; then
- echo "Warning: there was an error executing apt-get update, continuing anyway."
- echo "Warning: there was an error executing apt-get update, continuing anyway." >&2
-fi
-
-if $FILE_RC ; then
- echo "Installing file-rc as FILE_RC class is enabled."
- # newer aptitude versions won't remove essential packages using
- # 'aptitude -f -y install file-rc' anymore, therefore force it via:
- $ROOTCMD aptitude -o Aptitude::ProblemResolver::Keep-All-Tier=60000 -f -y install file-rc systemd-sysv-
-fi
# }}}
# we definitely don't want to fail running fai dirinstall just
--- /dev/null
+#!/bin/bash
+# Filename: ${GRML_FAI_CONFIG}/hooks/instsoft.ZFS
+# Purpose: Build zfs modules in the chroot, then get rid of packages installed for this alone
+# Authors: (c) András Korn <korn-grml@elan.rulez.org>
+# Bug-Reports: see http://grml.org/bugs/
+# License: This file is licensed under the GPL v2, or, at your option, any later version.
+################################################################################
+
+set -u
+set -e
+
+# We don't want to install build-essential, dkms et al via package_config
+# because they will end up bloating the iso; it seems cleaner to install
+# them, build the zfs modules, then remove them.
+#
+# TODO: if https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009179 is ever
+# fixed, switch to building a zfs-modules deb and including that.
+#
+# TODO: convert this into a framework for other classes to ship dkms
+# modules: have a hook/script that installs the build-related packages,
+# another that builds whatever must be built, and a third that does the cleanup.
+#
+# TODO: support other architectures grml and grml-live supports (PRs
+# welcome, I'm sure).
+
+echo "$0: Installing latest kernel and its headers, as well as build-essential."
+# For some reason, apt's autoremove function doesn't pick up some of the
+# extra packages we install here, e.g. gcc-11, so work around that by
+# keeping track of what gets installed. This is an ugly hack and should not
+# be needed, but without it the resulting ISO is hundreds of megabytes
+# larger. I hope this kludge can go away eventually.
+extra_packages=($($ROOTCMD apt-get --assume-no --download-only --mark-auto -u install \
+ build-essential linux-image-amd64 linux-headers-amd64 \
+ | sed '0,/The following NEW packages will be installed/d;/^[^ ]/,$d'))
+$ROOTCMD apt-get --yes --mark-auto -u install build-essential linux-image-amd64 linux-headers-amd64
+
+# Remove all but the latest kernel (TODO: support passing in the desired
+# kernel version by configuration variable instead of using the latest):
+echo "$0: Removing all kernel packages except the latest one, if any."
+for kernelversion in $($ROOTCMD sh -c 'cd /boot; ls -rt vmlinuz-*' | sed 's/^vmlinuz-//;$d'); do
+ echo "$0: Removing obsolete kernel version $kernelversion"
+ $ROOTCMD apt-get --yes --purge remove "linux-.*$kernelversion.*"
+done
+
+# Earlier Debian releases have a dwarves package; newer ones have pahole.
+# This can be needed to build the zfs modules, perhaps depending on kernel
+# configuration (TODO: look into this).
+echo "$0: Installing pahole or dwarves, whichever is available."
+if $ROOTCMD apt-get --yes --mark-auto -u install pahole; then
+ pahole=pahole
+else
+ $ROOTCMD apt-get --mark-auto --yes -u install dwarves
+ pahole=dwarves
+fi
+
+echo "$0: Installing zfs-dkms itself."
+extra_packages=(${extra_packages[@]} $($ROOTCMD apt-get --assume-no --download-only --mark-auto -u install zfs-dkms | sed '0,/The following NEW packages will be installed/d;/^[^ ]/,$d'))
+$ROOTCMD apt-get --yes --mark-auto -u install zfs-dkms
+
+# Now invoke the dkms kernel postinst script for the only kernel that's left
+# -- normally the zfs-dkms postinst script should do this, but maybe it
+# didn't, and redoing it is almost free:
+kernelversion=$($ROOTCMD sh -c 'ls -1 /boot/vmlinuz-*' | sed 's@.*boot/vmlinuz-@@')
+echo "$0: Building zfs-dkms modules for kernel $kernelversion."
+$ROOTCMD /etc/kernel/postinst.d/dkms "$kernelversion"
+
+tempfile=$(mktemp)
+echo "$0: Saving built modules into a backup file (removing the dkms package will remove them, but we'll put them back)."
+$ROOTCMD tar cf - /lib/modules/$kernelversion/updates/dkms >$tempfile
+
+echo "$0: Removing packages only needed to build zfs modules."
+remove_packages=($(echo "${extra_packages[@]}" zfs-dkms '^linux-headers-.*' build-essential $pahole | tr ' ' '\n' | sort -u))
+$ROOTCMD apt-get --yes --purge --autoremove remove ${remove_packages[@]}
+echo "$0: Trying extra hard to get rid of auto-installed packages. This is a hack that is one of the ways we're trying to work around a perceived bug in apt autoremove and should be a no-op."
+$ROOTCMD apt-get --yes --purge autoremove
+
+echo "$0: Restoring backed-up kernel modules."
+$ROOTCMD tar xf - <$tempfile
+rm $tempfile
+$ROOTCMD depmod -a $kernelversion
+echo "$0: Completed successfully. Enjoy your zfs."
--- /dev/null
+PACKAGES install
+
+# NOTE: as of grml-live v0.44.0 we switched from isc-dhcp-client to dhcpcd.
+# But cloud-init has a hard dependency on isc-dhcp-client (at least as of
+# v21.4-2 and up and until incl. v23.2.1-1). To ensure that GRML_FULL also
+# works on bookworm OOTB and we can ship cloud-init, we enable the switch
+# towards dhcpcd only for Debian trixie/testing and newer. Also see
+# https://bugs.debian.org/1051421 and
+# https://github.com/grml/grml-live/issues/138
+isc-dhcp-client
+++ /dev/null
-PACKAGES install
-
-# needed for linux-image-amd64-grml
-linux-base/squeeze-backports
-initramfs-tools/squeeze-backports
--- /dev/null
+PACKAGES install
+
+# NOTE: as of grml-live v0.44.0 we switched from isc-dhcp-client to dhcpcd.
+# But cloud-init has a hard dependency on isc-dhcp-client (at least as of
+# v21.4-2 and up and until incl. v23.2.1-1). To ensure that GRML_FULL also
+# works on bookworm OOTB and we can ship cloud-init, we enable the switch
+# towards dhcpcd only for Debian trixie/testing and newer. Also see
+# https://bugs.debian.org/1051421 and
+# https://github.com/grml/grml-live/issues/138
+isc-dhcp-client
--- /dev/null
+PACKAGES install
+
+# NOTE: as of grml-live v0.44.0 we switched from isc-dhcp-client to dhcpcd.
+# But cloud-init has a hard dependency on isc-dhcp-client (at least as of
+# v21.4-2 and up and until incl. v23.2.1-1). To ensure that GRML_FULL also
+# works on bookworm OOTB and we can ship cloud-init, we enable the switch
+# towards dhcpcd only for Debian trixie/testing and newer. Also see
+# https://bugs.debian.org/1051421 and
+# https://github.com/grml/grml-live/issues/138
+dhcpcd
--- /dev/null
+PACKAGES install
+
+# NOTE: as of grml-live v0.44.0 we switched from isc-dhcp-client to dhcpcd.
+# But cloud-init has a hard dependency on isc-dhcp-client (at least as of
+# v21.4-2 and up and until incl. v23.2.1-1). To ensure that GRML_FULL also
+# works on bookworm OOTB and we can ship cloud-init, we enable the switch
+# towards dhcpcd only for Debian trixie/testing and newer. Also see
+# https://bugs.debian.org/1051421 and
+# https://github.com/grml/grml-live/issues/138
+dhcpcd
--- /dev/null
+PACKAGES install
+
+# NOTE: as of grml-live v0.44.0 we switched from isc-dhcp-client to dhcpcd.
+# But cloud-init has a hard dependency on isc-dhcp-client (at least as of
+# v21.4-2 and up and until incl. v23.2.1-1). To ensure that GRML_FULL also
+# works on bookworm OOTB and we can ship cloud-init, we enable the switch
+# towards dhcpcd only for Debian trixie/testing and newer. Also see
+# https://bugs.debian.org/1051421 and
+# https://github.com/grml/grml-live/issues/138
+dhcpcd
console-setup
cryptsetup-initramfs
dbus
-deborphan
dmidecode
efibootmgr
eject
+fdisk
file
gpm
-grml2usb
grml-autoconfig
grml-crypt
grml-debian-keyring
grml-scripts-core
grml-tips
grml-udev-config
-grub-efi-amd64-bin
-grub-efi-ia32-bin
-grub-pc
haveged
hdparm
hwinfo
physlock
pxelinux
resolvconf
-rng-tools
rsync
rsyslog
strace
-syslinux syslinux-common syslinux-utils
udev
usbutils
uuid-runtime
firmware-brcm80211
firmware-cavium
firmware-intel-sound
-firmware-intelwimax
firmware-iwlwifi
firmware-libertas
firmware-linux
libpam-systemd
systemd-container
-PACKAGES install FILE_RC
-libpam-systemd-
-systemd-container-
-acpid
+PACKAGES install I386
+grub-pc
+grub-efi-amd64-bin
+grub-efi-ia32-bin
+syslinux syslinux-common syslinux-utils
+grml2usb
+
+PACKAGES install AMD64
+grub-pc
+grub-efi-amd64-bin
+grub-efi-ia32-bin
+syslinux syslinux-common syslinux-utils
+grml2usb
+
+PACKAGES install ARM64
+grub-efi-arm64-bin
grml-live
grml-paste
grml-quickconfig-standard
-grml-terminalserver
# base os
apt
aptitude
binfmt-support
-bsdmainutils
+bsdextrautils
+bsdutils
dctrl-tools
devscripts
dos2unix
-dstat
findutils
htop
libnss-myhostname
lsb-release
lsof
mount
-ntp
-ntpdate
+ntpsec
+ntpsec-ntpdate
nullmailer
passwd
procps
util-linux
# basic accessibility
+alsa-utils
brltty
+espeak-ng
espeakup
-alsa-utils
-
-# broken userland debugging
-ltrace
# deploy on remote sites
openvpn
# disk subsystems support/debugging
array-info
-bonnie++
-cciss-vol-status
cryptsetup
disktype
-dmraid
dmsetup
+f3
fai-setup-storage
fio
gdisk
sdparm
sg3-utils
smartmontools
+stenc
# disk partitioning/boot
boot-info-script
gparted
-grub-pc-bin
kpartx
mbr
partclone
nano
vim
vim-gtk3
+xxd
zile
# filesystem support
dosfstools
e2fsprogs
exfat-fuse
-exfat-utils
+exfatprogs
+f2fs-tools
genisoimage
hfsutils
jfsutils
reiser4progs
reiserfsprogs
tcplay
-thin-provisioning-tools
xfsdump
xfsprogs
xmount
# generic tools
cpp
+sqlite3
whois
xorriso
crosshurd
debootstrap
kexec-tools
+mmdebstrap
rinse
# iscsi (target) support
# networking
atftp
avahi-daemon
+avahi-utils
bind9-host
bridge-utils
cdpr
cifs-utils
-comgt
+cloud-init
dnsmasq
dnsutils
ethstatus
ethtool
hostapd
+hping3
ifenslave
iftop
ifupdown
iputils-arping
iputils-ping
iputils-tracepath
-isc-dhcp-client
iw
libnss-mdns
libteam-utils
rfkill
ser2net
sipcalc
-slurm
snmp
socat
+speedtest-cli
ssh
ssmping
tcpdump
tcptraceroute
telnet
-tshark
+tmate
tsocks
uml-utilities
usb-modeswitch
vlan
-wireshark
-wvdial
+wireguard
+wireless-regdb
# network transfers
ca-certificates
# popular VCS to pull config from
git
-mercurial
-subversion
# recovery
afflib-tools
extundelete
gddrescue
gpart
+myrescue
recoverjpeg
testdisk
# restore from backup
-bacula-common
-bacula-console
-bacula-fd
-bacula-sd
borgbackup
clonezilla
dirvish
dump
duplicity
fsarchiver
+mtx
restic
# compressions for backup/restore
+lz4
lzop
zstd
buffer
coreutils
diffutils
+jq
mawk
+mbuffer
mc
patch
pv
+qrencode
screen
sed
tmux
# system info/mgmt
augeas-tools
-facter
flashrom
-mcollective
+inxi
memtester
-puppet
stressant
# virtualization support
# x86 hardware support
acpi
acpi-support
-cmospwd
-cpuid
irqbalance
lm-sensors
lshw
numactl
usbview
+# firmware updates
+fwupd
+policykit-1
+udisks2
+
# testing
bats
stress
# docs
man-db
+# special terminal output
+lolcat
+toilet
+
PACKAGES install I386
+# kernel related
linux-image-686
linux-cpupower
+# disk subsystems support/debugging, I386/AMD64 specific
+cciss-vol-status
+# x86 hardware support
+cmospwd
+cpuid
+memtest86+
+# broken userland debugging
+ltrace
+# disk partitioning/boot
+grub-pc-bin
+
+# PXE boot
+grml-terminalserver
+
+# firmware updates
+fwupd-i386-signed
+
+# X - not relevant on more recent systems, so ship on i386 only
+xserver-xorg-video-intel
PACKAGES install AMD64
+# kernel related
linux-image-amd64
linux-cpupower
+# disk subsystems support/debugging
+cciss-vol-status
+# x86 hardware support
+cmospwd
+cpuid
+memtest86+
+# broken userland debugging
+ltrace
+# disk partitioning/boot
+grub-pc-bin
+
+# PXE boot
+grml-terminalserver
+
+# EFI PXE boot support in grml-terminalserver
+grub-efi-amd64-signed
+shim-signed
+
+# firmware updates
+fwupd-amd64-signed
+
+PACKAGES install ARM64
+# kernel related
+linux-image-arm64
+linux-cpupower
+
+# firmware updates
+fwupd-arm64-signed
bash
binutils
bridge-utils
-bsdmainutils
+bsdextrautils
+bsdutils
btrfs-progs
buffer
chntpw
dctrl-tools
diffutils
disktype
-dmraid
dmsetup
dos2unix
dosfstools
e2fsprogs
ed
ethtool
+f2fs-tools
findutils
fsarchiver
gddrescue
+gdisk
grml-paste
grml-quickconfig-standard
htop
iproute2
iptstate
iputils-ping
-isc-dhcp-client
iw
jfsutils
kexec-tools
mawk
mbr
memtester
+mmdebstrap
mount
mtools
mtr-tiny
netbase
netcat-openbsd
net-tools
-ntpdate
+ntfs-3g
+ntpsec-ntpdate
nwipe
parted
partimage
procps
psmisc
qemu-guest-agent
+qrencode
rdnssd
reiserfsprogs
rfkill
tar
tcpdump
telnet
+tmate
+tmux
tree
tsocks
tzdata
whois
wipe
xfsprogs
+xxd
zip
zsh
+zstd
+
+# special terminal output
+toilet
PACKAGES install I386
linux-image-686
PACKAGES install AMD64
linux-image-amd64
+
+PACKAGES install ARM64
+linux-image-arm64
+++ /dev/null
-PACKAGES install
-
-network-manager
-
-# network-manager-openvpn
-# network-manager-pptp
-# network-manager-vpnc
PACKAGES install
-file-rc
-multitail
+zfsutils-linux
+
--- /dev/null
+#!/bin/bash
+# Filename: ${GRML_FAI_CONFIG}/config/scripts/DEBORPHAN/10-whitelist
+# Purpose: whitelist packages to keep with deborphan
+# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
+# Bug-Reports: see http://grml.org/bugs/
+# License: This file is licensed under the GPL v2 or any later version.
+################################################################################
+
+set -u
+set -e
+
+# workaround for dnsutils transitional package, we can drop this as soon as the
+# bind9-dnsutils package is available in all our supported Debian releases
+if [[ -r "${target}/usr/share/doc/dnsutils" ]] && [ -x "${target}/usr/bin/deborphan" ] ; then
+ echo "Adding dnsutils to deborphan whitelist"
+ # workaround for https://bugs.debian.org/929273 ("fseek on /var/lib/deborphan/keep: Invalid argument")
+ if ! [ -f "${target}"/var/lib/deborphan/keep ] ; then
+ printf 'dnsutils\n' > "${target}"/var/lib/deborphan/keep
+ elif grep -q '^dnsutils$' "${target}"/var/lib/deborphan/keep ; then
+ : # entry already present, avoid duplicates
+ else
+ printf 'dnsutils\n' >> "${target}"/var/lib/deborphan/keep
+ fi
+fi
+
+# workaround for bsdmainutils transitional package, we can drop this as soon as the
+# bsdextrautils + ncal packages are available in all our supported Debian releases
+if [[ -r "${target}/usr/share/doc/bsdmainutils" ]] && [ -x "${target}/usr/bin/deborphan" ] ; then
+ echo "Adding bsdmainutils to deborphan whitelist"
+ # workaround for https://bugs.debian.org/929273 ("fseek on /var/lib/deborphan/keep: Invalid argument")
+ if ! [ -f "${target}"/var/lib/deborphan/keep ] ; then
+ printf 'bsdmainutils\n' > "${target}"/var/lib/deborphan/keep
+ elif grep -q '^bsdmainutils$' "${target}"/var/lib/deborphan/keep ; then
+ : # entry already present, avoid duplicates
+ else
+ printf 'bsdmainutils\n' >> "${target}"/var/lib/deborphan/keep
+ fi
+fi
+
+## END OF FILE #################################################################
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
set -u
set -e
-if ! [ -x $target/usr/bin/deborphan ] ; then
- echo "Warning: deborphan not installed"
- exit 0
-fi
-
# remove all packages not necessary anymore:
echo "Executing apt-get -y --purge autoremove"
$ROOTCMD apt-get -y --purge autoremove
-# remove packages until deborphan does not find anymore:
-while [ "$($ROOTCMD deborphan)" != "" ] ; do
- echo "Executing deborphan"
- $ROOTCMD apt-get -y --purge remove $($ROOTCMD deborphan)
-done
-
# make sure we don't have any removed but not-yet-purged packages left,
# otherwise GRMLBASE/03-get-sources might try to download unavailable
# packages and will fail doing so
$ROOTCMD dpkg --purge $PURGE_PACKAGES
fi
+# note: deborphan is no longer available as of Debian/trixie,
+# see https://github.com/grml/grml-live/issues/144
+if [ -x "$target"/usr/bin/deborphan ] ; then
+ # remove packages until deborphan does not find anymore:
+ while [ "$($ROOTCMD deborphan)" != "" ] ; do
+ echo "Executing deborphan"
+ $ROOTCMD apt-get -y --purge remove $($ROOTCMD deborphan)
+ done
+fi
+
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
set -u
set -e
-PACKAGE_LIST=/var/log/install_packages.list
+echo -n > "${LOGDIR}"/package_errors.log # ensure we start with an empty file
-if ! [ -r "$target/${PACKAGE_LIST}" ] ; then
- echo "No $target/${PACKAGE_LIST} found, will not run package validation check."
+if ! [ -e "${LOGDIR}"/software.log ] ; then
+ echo "Warning: no ${LOGDIR}/software.log found (build/update run?), skipping check for unknown packages."
else
- printf "Validating package list: "
+ if grep -q 'These unknown packages' "${LOGDIR}"/software.log ; then
+ echo "Identified unknown packages in ${LOGDIR}/software.log"
+ grep 'These unknown packages' "${LOGDIR}"/software.log | \
+ sed 's/.*These unknown packages.*: //; s/ / not_installable\n/g' >> "${LOGDIR}/package_errors.log"
+ fi
+fi
+
+PACKAGE_LIST=/var/log/install_packages.list
+# shellcheck disable=SC2154
+if ! [ -r "${target}/${PACKAGE_LIST}" ] ; then
+ echo "No ${target}/${PACKAGE_LIST} found, will not run package validation check."
+else
+ echo "Validating package list against dpkg state..."
TMPSTDOUT=$(mktemp)
TMPSTDERR=$(mktemp)
# for packages unknown to dpkg on stderr
# NOTE: 'grep -v -- '-$' ignores packages in FAI's package list that are
# marked for removal
- $ROOTCMD dpkg --list $(grep -v '^#' $target/${PACKAGE_LIST} | grep -v -- '-$') 2>"$TMPSTDERR" | \
- grep -e '^[urph][ncufhWt]' > "$TMPSTDOUT" || true
+ # shellcheck disable=SC2046
+ ${ROOTCMD} dpkg --list $(grep -v '^#' "${target}/${PACKAGE_LIST}" | grep -v -- '-$') 2>"${TMPSTDERR}" | \
+ grep -e '^[urph][ncufhWt]' > "${TMPSTDOUT}" || true
# extract packages from stdout
- awk '/^un/ {print $2 " not_installable"}' "$TMPSTDOUT" > "$LOGDIR/package_errors.log"
+ awk '/^un/ {print $2 " not_installable"}' "${TMPSTDOUT}" >> "${LOGDIR}/package_errors.log"
# extract packages from stderr
- grep 'packages found matching' "$TMPSTDERR" | \
- sed 's/dpkg-query: [Nn]o packages found matching \(.*\)/\1 not_installable/' >> "$LOGDIR/package_errors.log"
+ grep 'packages found matching' "${TMPSTDERR}" | \
+ sed 's/dpkg-query: [Nn]o packages found matching \(.*\)/\1 not_installable/' >> "${LOGDIR}/package_errors.log"
- if [ -s "$LOGDIR/package_errors.log" ] ; then
- printf "failed (there have been errors, find them at $LOGDIR/package_errors.log)\n"
- else
- printf "done - no errors found\n"
- fi
+ rm -f "${TMPSTDOUT}" "${TMPSTDERR}"
+fi
- rm -f "$TMPSTDOUT" "$TMPSTDERR"
+if [ -s "${LOGDIR}/package_errors.log" ] ; then
+ echo "Warning: failed (there have been errors, find them at ${LOGDIR}/package_errors.log)."
+else
+ echo "Done - no errors found."
fi
## END OF FILE #################################################################
$ROOTCMD newaliases
fi
-if [ -r $target/etc/bacula/bacula-fd.conf ] ; then
- sed -i "s/$BUILD_HOSTNAME/$HOSTNAME/g" $target/etc/bacula/bacula-fd.conf
-fi
-
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
echo "Enabling user '$USERNAME' for autologin"
sed -i "s/\$USERNAME/$USERNAME/" "$target"/etc/systemd/system/getty@tty*.service.d/override.conf
- case "$(cat "${target}"/etc/debian_version)" in
- 8.*)
- echo "Debian jessie detected. Enabling workaround for unknown systemctl preset-all/set-default exit failure."
- $ROOTCMD systemctl preset-all || true
- $ROOTCMD systemctl set-default grml-boot.target || true
- ;;
- *)
- $ROOTCMD systemctl preset-all
- $ROOTCMD systemctl set-default grml-boot.target
- ;;
- esac
-}
-
-file_rc_setup() {
- if ! [ -r "${target}"/etc/runlevel.conf ] ; then
- echo 'Warning: /etc/runlevel.conf does not exist...'
- echo '... assuming we do not have file-rc, skipping 15-initsetup'
- exit 0
- fi
-
- # keep a backup of the original runlevel.conf file for reference
- if [ -r "${target}"/etc/runlevel.conf.original ] ; then
- # make sure to store old backup files if they differ as well
- if ! cmp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original >/dev/null ; then
- cp "${target}"/etc/runlevel.conf.original "${target}/etc/runlevel.conf.original.$(date +%Y%m%d_%k:%M:%S)"
- fi
- fi
-
- cp "${target}"/etc/runlevel.conf "${target}"/etc/runlevel.conf.original
-
- # provide Grml's default file-rc configuration
- fcopy -v /etc/runlevel.conf
-
- # provide Grml's inittab configuration
- fcopy -v /etc/inittab
- sed -i "s/\$USERNAME\$/${USERNAME}/" "${target}"/etc/inittab
+ # workaround for #992847 to workaround /lib/systemd -> /usr/lib/systemd transition
+ $ROOTCMD rm -f /etc/systemd/system/syslog.service
- # provide Grml's bootlocal init scripts
- fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.first
- fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.middle
- fcopy -v -mroot,root,0755 /etc/init.d/bootlocal.last
+ $ROOTCMD systemctl preset-all
+ $ROOTCMD systemctl set-default grml-boot.target
}
-if ifclass FILE_RC ; then
- file_rc_setup
-else
- systemd_setup
-fi
+systemd_setup
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
kernelversion=${kernel##$target}
kernelversion=${kernelversion##/boot/vmlinuz-}
- echo "Updating modules.dep for kernel $kernelversion"
- $ROOTCMD depmod -ae -F /boot/System.map-"$kernelversion" "$kernelversion"
+ echo "Updating modules.dep for kernel ${kernelversion}"
+ $ROOTCMD depmod -a "${kernelversion}"
done
## END OF FILE #################################################################
# by default it's set to UTC=no
if [ -n "$UTC" ] && [ "$UTC" = "yes" ] ; then
echo "UTC is set to 'yes', setting hwclock parameter UTC"
- sed -i "s/^LOCAL/UTC/" "${target}/etc/adjtime"
+ [ -e "${target}/etc/adjtime" ] && sed -i "s/^LOCAL/UTC/" "${target}/etc/adjtime"
fi
# default timezone settings
add_user_to_group() {
[ -n "$1" ] || return 1
if grep -q $1 $target/etc/group ; then
- grep "$1:x:.*$USERNAME" $target/etc/group || $ROOTCMD addgroup $USERNAME $1
+ grep "$1:x:.*$USERNAME" $target/etc/group || $ROOTCMD adduser $USERNAME $1
fi
}
# the full setup, GRMLBASE installs a minimal configuration
fcopy -v /etc/locale.gen
+# set up /etc/locale.conf, to avoid systemd-firstboot prompting for user input
+fcopy -v /etc/locale.conf
+
# get rid of locales unless using class LOCALES
set +u
if ! ifclass LOCALES ; then
find $target/etc/modprobe.d -maxdepth 1 -type f ! -name \*\.conf -exec mv {} {}.conf \;
# Install all present modprobe.d configuration files
-fcopy -v -r /etc/modprobe.d
+fcopy -v -i -r /etc/modprobe.d
+
+if [ -f "${target}/lib/modprobe.d/50-nfs.conf" ] ; then # nfs-kernel-server >=1:2.6.2-1
+ echo "Clearing /lib/modprobe.d/50-nfs.conf to avoid automatic kmod/busybox issues"
+ echo '# this file was generated by grml-live script GRMLBASE/39-modprobe' > "${target}/lib/modprobe.d/50-nfs.conf"
+fi
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
+++ /dev/null
-#!/bin/bash
-# Filename: ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/40-deborphan
-# Purpose: configure packages for deborphan (usually exception rules)
-# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
-# Bug-Reports: see http://grml.org/bugs/
-# License: This file is licensed under the GPL v2 or any later version.
-################################################################################
-
-set -u
-set -e
-
-if [ -r $target/lib/shadowfs/liblogfs.so -a -x $target/usr/bin/deborphan ] ; then
- $ROOTCMD deborphan --add-keep shadowfs || /bin/true
-fi
-
-if [ -r $target/usr/bin/bsdtar -a -x $target/usr/bin/deborphan ] ; then
- $ROOTCMD deborphan --add-keep bsdtar || /bin/true
-fi
-
-if [ -r $target/usr/bin/ewfinfo -a -x $target/usr/bin/deborphan ] ; then
- $ROOTCMD deborphan --add-keep libewf1 || /bin/true
-fi
-
-if [ -r $target/usr/lib/libstdc++-libc6.2-2.so.3 -a -x $target/usr/bin/deborphan ] ; then
- $ROOTCMD deborphan --add-keep libstdc++2.10-glibc2.2 || /bin/true
-fi
-
-## END OF FILE #################################################################
-# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
set -u
set -e
-fcopy -v /etc/lsb-base-logging.sh
fcopy -v /usr/share/initramfs-tools/scripts/init-top/grml
fcopy -v /usr/share/grml/desktop-bg.png
fcopy -v /usr/share/doc/grml-docs/startpage.html
$ROOTCMD mkdir -p /boot/grub
-$ROOTCMD grub-mkimage -d /usr/lib/grub/i386-pc \
+if ifclass ARM64 ; then
+ echo "Skipping execution of script on ARM64"
+ exit 0
+fi
+
+# generate /boot/grub/core.img
+$ROOTCMD grub-mkimage \
+ -d /usr/lib/grub/i386-pc \
-p /boot/grub \
-o /boot/grub/core.img \
biosdisk iso9660 \
declare -A ADDITIONAL_MODULES
ADDITIONAL_MODULES[i386-pc]="biosdisk"
+# arm64 doesn't provide /usr/lib/grub/i386-efi, so we don't include
+# i386-pc in $ARCHS (whereas on AMD64 we have both i386-pc + x86_64-efi)
+if ifclass ARM64 ; then
+ if [ -r "${target}"/usr/lib/grub/arm64-efi/moddep.lst ] ; then
+ ARCHS=(arm64-efi)
+ # NOTE: efi_uga (EFI Universal Graphics Adapter) is deprecated + unavailable on arm64
+ ADDITIONAL_MODULES[arm64-efi]="efi_gop" # no efi_uga available
+ else
+ echo "/usr/lib/grub/arm64-efi/moddep.lst.lst could not be found, skipping."
+ echo "NOTE: grub-efi-arm64-bin not installed?"
+ fi
+fi
+
if ifclass AMD64 ; then
if [ -r "${target}"/usr/lib/grub/x86_64-efi/moddep.lst ] ; then
ARCHS+=(x86_64-efi)
i386-pc) filename=/boot/grub/grub.img ;;
x86_64-efi) filename=/boot/bootx64.efi ;;
i386-efi) filename=/boot/bootia32.efi ;;
+ arm64-efi) filename=/boot/bootaa64.efi ;;
esac
$ROOTCMD grub-mkimage -O $arch -o "$filename" --prefix=/boot/grub/ --config="$TMP_CONFIG" \
set -u
set -e
-echo "Clearing /lib/udev/rules.d/69-lvm-metad.rules to avoid automatic LVM scanning"
-echo '# this file was generated by grml-live script GRMLBASE/50-lvm' > "${target}/lib/udev/rules.d/69-lvm-metad.rules"
+if [ -f "${target}/lib/udev/rules.d/69-lvm.rules" ] ; then # lvm2 >=2.03.15
+ echo "Clearing /lib/udev/rules.d/69-lvm.rules to avoid automatic LVM scanning"
+ echo '# this file was generated by grml-live script GRMLBASE/50-lvm' > "${target}/lib/udev/rules.d/69-lvm.rules"
+fi
+
+if [ -f "${target}/lib/udev/rules.d/69-lvm-metad.rules" ] ; then # lvm2 <= 2.03.11
+ echo "Clearing /lib/udev/rules.d/69-lvm-metad.rules to avoid automatic LVM scanning"
+ echo '# this file was generated by grml-live script GRMLBASE/50-lvm' > "${target}/lib/udev/rules.d/69-lvm-metad.rules"
+fi
## END OF FILE #################################################################
# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
--- /dev/null
+#!/bin/bash
+# Filename: ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/51-cloud-init
+# Purpose: configure cloud-init package
+# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
+# Bug-Reports: see http://grml.org/bugs/
+# License: This file is licensed under the GPL v2 or any later version.
+################################################################################
+
+set -u
+set -e
+
+# NOTE: this file is relevant only with cloud-init package installed,
+# though we install it unconditionally via GRMLBASE class to have it
+# available and configured as shipped by Grml ISOs
+fcopy -v /etc/cloud/cloud.cfg.d/42_grml.cfg
+
+## END OF FILE #################################################################
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
set -u
set -e
-if ! [ -r "${target}/lib/udev/rules.d/64-md-raid-assembly.rules" ] ; then
- echo "File /lib/udev/rules.d/64-md-raid-assembly.rules doesn't exist, skipping execution of script."
- exit 0
-fi
-
echo "Removing /lib/udev/rules.d/64-md-raid-assembly.rules to avoid automatic mdadm scanning"
echo '# this file was generated by grml-live script GRMLBASE/52-mdadm' > "${target}/lib/udev/rules.d/64-md-raid-assembly.rules"
fcopy -v /etc/initramfs-tools/hooks/000-udev-shutup
fcopy -v /etc/initramfs-tools/conf.d/xz-compress
+fcopy -v /etc/initramfs-tools/modules
if ! [ -f $target/usr/share/initramfs-tools/scripts/live ] ; then
echo "Error: live-boot/-initramfs does not seem to be present, can not create initramfs. Exiting.">&2
--- /dev/null
+#!/bin/bash
+# Filename: ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/85-systemd
+# Purpose: configure systemd and related services
+# Authors: grml-team (grml.org), (c) Michael Prokop <mika@grml.org>
+# Bug-Reports: see http://grml.org/bugs/
+# License: This file is licensed under the GPL v2 or any later version.
+################################################################################
+
+set -u
+set -e
+. "$GRML_LIVE_CONFIG"
+
+fcopy -M -i -B -v -r /etc/tmpfiles.d
+
+## END OF FILE #################################################################
+# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
set -u
bailout() {
- if [ "${1:-}" = "4" ] ; then
- echo "Warning: update-pciids returned with exit code 4." >&2
+ if [ "${1:-}" = "4" ] || [ "${1:-}" = "1" ] ; then
+ echo "Warning: update-pciids returned with exit code ${1:-}." >&2
# be verbose in logs
- echo "Warning: update-pciids returned with exit code 4."
+ echo "Warning: update-pciids returned with exit code ${1:-}."
echo "-> This indicates that networking inside the chroot did not work"
echo " while GRMLBASE/91-update-pciids was running."
echo " To address this issue you can either configure /etc/resolv.conf"
+++ /dev/null
-#!/bin/bash
-# Filename: ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/93-update-usbids
-# Purpose: update pciids
-# Authors: (c) Michael Prokop <mika@grml.org>
-# Bug-Reports: see http://grml.org/bugs/
-# License: This file is licensed under the GPL v2.
-################################################################################
-
-if ifclass NO_ONLINE ; then
- echo "Ignoring script 93-update-usbids as NO_ONLINE is set."
- exit 0
-fi
-
-set -u
-set -e
-
-[ -x $target/usr/bin/timeout ] && TIMEOUT="10" || TIMEOUT=""
-
-if ! [ -x "${target}/usr/sbin/update-usbids" ] && ! [ -x "${target}/usr/bin/update-usbids" ] ; then
- echo "Warning: update-usbids not installed (neither /usr/sbin/update-usbids nor /usr/bin/update-usbids exists)"
- exit 0
-fi
-
-echo "Updating USB-IDs"
-if [ -n "$TIMEOUT" ] ; then
- $ROOTCMD timeout $TIMEOUT update-usbids
-else
- $ROOTCMD update-usbids
-fi
-
-## END OF FILE #################################################################
-# vim:ft=sh expandtab ai tw=80 tabstop=4 shiftwidth=2
# remove only "temporary" or saved files in the given directories
nuke(){
- for i in $(find "$@" -name \*.gz -o -name \*.bz2 -o -name \*.0 2>/dev/null); do
+ for i in $(find "$@" -name \*.gz -o -name \*.bz2 -o -name \*.xz -o -name \*.0 2>/dev/null); do
rm -f --one-file-system "$i"
done
}
echo "Setting up resolvconf"
rm -f "${target}"/etc/resolvconf/resolv.conf.d/original
rm -f "${target}"/etc/resolv.conf
- ln -s /run/resolvconf/resolv.conf "${target}"/etc/resolv.conf
+
+ # avoid "/etc/resolvconf/update.d/libc: Warning: /etc/resolv.conf is not a
+ # symbolic link to /etc/resolvconf/run/resolv.conf" for resolvconf versions
+ # before 1.80
+ RESOLVCONF_VERSION=$($ROOTCMD dpkg-query -W -f='${Version}\n' resolvconf || true)
+ echo "-> Identified resolvconf version '${RESOLVCONF_VERSION}'"
+ if dpkg --compare-versions "${RESOLVCONF_VERSION}" lt 1.80 ; then
+ echo "-> Installing resolvconf symlink for versions <1.80"
+ ln -s /etc/resolvconf/run/resolv.conf "${target}"/etc/resolv.conf
+ else
+ echo "-> Installing resolvconf symlink for versions >=1.80"
+ ln -s /run/resolvconf/resolv.conf "${target}"/etc/resolv.conf
+ fi
+
fi
# make sure we don't leak any mdadm configurations
# Which Debian suite/release do you want to use?
# Supported values are: stable, testing, unstable (or their corresponding release
-# names like "stretch").
+# names like "bookworm").
# Unless it is set it defaults to "testing".
# SUITE="unstable"
# Notice: GRMLBASE is recommended in any case unless you *really* know what you
# are doing; make sure to also use a GRML_* class (for example GRML_SMALL
# or GRML_FULL) to get an according kernel and also select the
-# architecture (I386 for x86; AMD64 for x86_64)
+# architecture (I386 for x86; AMD64 for x86_64, ARM64 for arm64)
# CLASSES="GRMLBASE,GRML_FULL,I386"
# HTTP Proxy to use for APT
# Which Debian suite and which mirror do you want to use for debootstrapping?
# Usage: "<suite> <mirror>"
-# FAI_DEBOOTSTRAP="stretch http://ftp.debian.org/debian"
+# FAI_DEBOOTSTRAP="bookworm http://ftp.debian.org/debian"
# Do you want to use a local mirror (like NFS)?
# If so specify the directory where debian/ is available:
# ... and then set up an according class file in
# ${GRML_FAI_CONFIG}/config/files/etc/apt/sources.list.d/
# containing something like:
-# deb file:///media/mirror/debian sid main contrib non-free
+# deb file:///media/mirror/debian sid main contrib non-free-firmware non-free
# Version number of ISO:
# VERSION="0.0-1"
# boot the CD using normal el torito mode or copy it to USB device
# *without* having to run grml2usb (like: 'dd if=grml.iso of=/dev/sdX')
# - working both with the same ISO
+# Note that the manifold method is currently not be compatible with UEFI
+# setups.
# HYBRID_METHOD='disable' # do not create a hybrid ISO
-# HYBRID_METHOD='isohybrid' # use isohybrid from SYSLINUX
+# HYBRID_METHOD='isohybrid' # use isohybrid from SYSLINUX (default)
# HYBRID_METHOD='grub2' # use manifold with GRUB 2
-# HYBRID_METHOD='manifold' # use manifold with ISOLINUX (default)
-
-# By default Secure Boot is enabled using the approach from Ubuntu.
-# Currently only the Ubuntu approach is supported, which is restricted
-# to loading Linux kernels and using a minimal version of GRUB.
-# If unset defaults to "ubuntu"
-# SECURE_BOOT='disable' # do not enable Secure Boot
-# SECURE_BOOT="ubuntu" # use approach from Ubuntu
+# HYBRID_METHOD='manifold' # use manifold with ISOLINUX
+
+# Secure Boot method that should be used (amd64 only).
+# If unset defaults to "disabled" (which means no Secure Boot will be present)
+# The following approaches are supported:
+# debian: use the Debian GRUB version which requires a signed kernel,
+# this is the recommended way to use Secure Boot with Grml
+# ubuntu: use an older Ubuntu GRUB version which doesn't require a signed kernel,
+# though has a limited feature set only and requires customized GRUB
+# templates (the files shipped templates/boot/grub/ don't work as such)
+# SECURE_BOOT='disable' # do not enable Secure Boot (default)
+# SECURE_BOOT='debian' # use approach from Debian
+# SECURE_BOOT='ubuntu' # use approach from Ubuntu
# Binary that should be used for creating the squashfs file.
# Defaults to the executable matching the kernel version, falls back to mksquashfs.
# SQUASHFS_BINARY='mksquashfs'
# Options that should be used by mksquashfs during build process.
-# Defaults to '-b 256k' and the according LZMA/XZ option.
-# SQUASHFS_OPTIONS='-b 256k'
+# Defaults to '-b 1m' and the according LZMA/XZ option.
+# SQUASHFS_OPTIONS='-b 1m'
# exclude files from compressed squashfs file using the
# the mksquashfs option -ef:
flavours=(
grml grml64
- grml-medium grml64-medium
+ grml-full grml64-full
grml-small grml64-small
)
_wanted list expl 'grml flavour(s)' compadd ${expl} -- ${flavours}
local -a already static_classes
static_classes=(
- RELEASE LATEX_CLEANUP NO_ONLINE REMOVE_DOCS LOCALES
- I386 AMD64
+ DEBORPHAN FRESHCLAM
+ GRMLBASE GRML_FULL GRML_SMALL
+ LATEX LATEX_CLEANUP LOCALES NO_ONLINE RELEASE REMOVE_DOCS SOURCES XORG ZFS
+ I386 AMD64 ARM64
)
compset -P '*,'
already=(${(s<,>)IPREFIX})
local -a suites
suites=(
- stable testing unstable jessie stretch buster sid
+ stable testing unstable bookworm sid trixie
)
_wanted list expl 'Debian suite' compadd ${expl} -- ${suites}
}
#}}}
arguments=( #{{{
- '-F[force execution without prompting for yes/no]'
'-a[specifiy architecture to use]:arch(s):_grmllive_archs'
+ '-A[clean build directories before and after running]'
+ '-b[build the ISO without updating the chroot via FAI]'
+ '-B[build the ISO without touching the chroot (skips cleanup)]'
'-c[available grml-live classes]:classe(s):_grmllive_classes'
+ '-C[configuration file for grml-live]:configuration file:_files'
+ '-d[use specified date instead of build time as date of release]:date:'
+ '-D[use specified configuration directory instead of /etc/grml/fai]:directory:_path_files -/'
+ '-e[extract ISO and squashfs contents from iso_name]:ISO file:'
+ '-F[force execution without prompting for yes/no]'
'-g[grml flavour to use]:grml flavour(s):_grmllive_flavours'
'-h[display usage information]'
- '-i[iso name, ends up in $OUTPUT_DIRECTORY/grml_isos]:iso name:'
+ '-i[iso name, ends up in $OUTPUT_DIRECTORY/grml_isos (also see -o)]:ISO name:_files'
+ '-I[directory which provides files that should become part of the chroot/ISO]:directory to include:_path_files -/'
+ '-n[skip generation of ISO]'
+ '-N[bootstrap (build chroot) only, do not create files for ISO]'
'-o[output directory]:output directory:_path_files -/'
+ '-q[skip mksquashfs]'
+ '-Q[skip netboot package build]'
+ '-r[release name]:release name:'
'-s[debian suite to be used for live-system]:Debian suite:_grmllive_suites'
+ '-S[place of scripts (defaults to /usr/share/grml-live/scripts)]:script directory:_path_files -/'
'-t[template directory]:template directory:_path_files -/'
- '-u[update existing chroot if possible]'
+ '-u[update existing chroot instead of rebuilding it from scratch]'
+ '-U[arrange output to be owned by specified username]'
'-V[increase verbosity]'
+ '-w[wayback machine, build system using Debian archives from specified date]:date:'
+ '-z[use ZLIB instead of LZMA/XZ compression]'
)
#}}}
Origin: Debian
Label: Debian-All
-Suite: stable
-Codename: etch
-Version: 4.0
-Architectures: i386
-Components: main contrib non-free
-Description: Debian
-Update: debian
-# SignWith: yes
+Codename: bookworm
+Description: Debian bookworm mirror
+Architectures: amd64 source
+Components: main contrib non-free non-free-firmware
+Contents: .gz
+Update: - debian-bookworm
+Tracking: minimal
+Log: bookworm
+# SignWith: ...
-Name: debian
-Method: http://ftp.debian.org/debian/
-# Method: http://localhost/debian/
-# Fallback: http://snapshot.debian.net/archive/2007/04/02/debian/
+Name: debian-bookworm
+Method: http://deb.debian.org/debian
+Suite: bookworm
+Components: main contrib non-free non-free-firmware
+Architectures: amd64 source
+GetInRelease: no
+# VerifyRelease: 0E98404D386FA1D9
+# Fallback: http://snapshot.debian.net/archive/2023/02/02/debian/
Usage: $PN [options, see as follows]
- -a <architecture> architecture; available values: i386 and amd64
+ -a <architecture> architecture; available values: i386, amd64 + arm64
-A clean build directories before and after running
-b build the ISO without updating the chroot via FAI
-B build the ISO without touching the chroot (skips cleanup)
}
# }}}
+# store logfiles {{{
+store_logfiles() {
+ # move fai logs into grml_logs directory
+ mkdir -p "$LOG_OUTPUT"/fai/
+ cp -r "$CHROOT_OUTPUT"/var/log/fai/"$HOSTNAME"/last/* "$LOG_OUTPUT"/fai/
+ rm -rf "$CHROOT_OUTPUT"/var/log/fai
+
+ # store copy of autogenerated configuration file
+ cp ${GRML_FAI_CONFIG}/nfsroot.conf "$LOG_OUTPUT"/fai/
+
+ # copy fai package list
+ cp "$CHROOT_OUTPUT"/var/log/install_packages.list "$LOG_OUTPUT"/fai/
+ # fixup owners
+ chown root:adm "$LOG_OUTPUT"/fai/*
+ chmod 664 "$LOG_OUTPUT"/fai/*
+}
+# }}}
+
# clean exit {{{
bailout() {
rm -f /var/run/fai/fai_softupdate_is_running \
# get rid of automatically generated conffiles
rm -f ${GRML_FAI_CONFIG}/nfsroot.conf
- rm -f ${GRML_FAI_CONFIG}/make-fai-nfsroot.conf
if [ -n "$CHOWN_USER" ]; then
log "Setting ownership"
msg="Missing addon file: \"$1\""
ewarn "$msg" ; eend 1
log "copy_addon_file: $msg"
+ return 1
}
# replace placeholders in template files with actual information
exit 1
fi
+ local release_info
+ if [ -n "${RELEASE_INFO:-}" ] ; then
+ release_info="${RELEASE_INFO}"
+ else
+ ewarn "Variable RELEASE_INFO is unset, applying fallback for usage in adjust_boot_files." ; eend 1
+ release_info="$GRML_NAME $VERSION - Release Codename $RELEASENAME"
+ fi
+
+ # ensure this has a specific length
+ local fixed_release_info
+ fixed_release_info="$(cut_string 68 "$release_info")"
+ fixed_release_info="$(extend_string_end 68 "$fixed_release_info")"
+
for file in "$@" ; do
if [ -r "${file}" ] && [ -f "${file}" ] ; then
sed -i "s/%ARCH%/$ARCH/g" "${file}"
sed -i "s/%DISTRI_SPLASH%/$DISTRI_SPLASH/g" "${file}"
sed -i "s/%GRML_NAME%/$GRML_NAME/g" "${file}"
sed -i "s/%SQUASHFS_NAME%/$SQUASHFS_NAME/g" "${file}"
- sed -i "s/%RELEASE_INFO%/$RELEASE_INFO/g" "${file}"
+ sed -i "s/%RELEASE_INFO%/$fixed_release_info/g" "${file}"
sed -i "s/%SHORT_NAME%/$SHORT_NAME/g" "${file}"
sed -i "s/%VERSION%/$VERSION/g" "${file}"
if [ -n "${BOOT_FILE}" ] ; then
[ -n "$HYBRID_METHOD" ] || HYBRID_METHOD='isohybrid'
[ -n "$RELEASENAME" ] || RELEASENAME='grml-live rocks'
[ -n "$SECURE_BOOT" ] || SECURE_BOOT='disable'
+[ -n "$SQUASHFS_BINARY" ] || SQUASHFS_BINARY='mksquashfs'
[ -n "$SQUASHFS_EXCLUDES_FILE" ] || SQUASHFS_EXCLUDES_FILE="${GRML_FAI_CONFIG}/config/grml/squashfs-excludes"
[ -n "$SUITE" ] || SUITE='testing'
[ -n "$TEMPLATE_DIRECTORY" ] || TEMPLATE_DIRECTORY='/usr/share/grml-live/templates'
[ -n "$OUTPUT" ] || bailout 1 "Error: \$OUTPUT unset, please set it in $LIVE_CONF or
specify it on the command line using the -o option."
+if [[ "$(dpkg --print-architecture)" != "arm64" ]] && [[ "$ARCH" == "arm64" ]] ; then
+ eerror "Failure: trying to build for arm64, but not running on arm64."
+ eend 1
+ bailout
+fi
+
# trim characters that are known to cause problems inside $GRML_NAME;
# for example isolinux does not like '-' inside the directory name
[ -n "$GRML_NAME" ] && export SHORT_NAME="$(echo $GRML_NAME | tr -d ',./;\- ')"
[ -n "$RELEASENAME" ] && export RELEASENAME="$RELEASENAME"
# }}}
+
# ZERO_LOGFILE - check for backwards compatibility reasons {{{
# this was default behaviour until grml-live 0.9.34:
if [ -n "$ZERO_LOGFILE" ] ; then
[ -n "$ARCH" ] && echo " Architecture: $ARCH"
[ -n "$BOOT_METHOD" ] && echo " Boot method: $BOOT_METHOD"
[ -n "$HYBRID_METHOD" ] && echo " Hybrid method: $HYBRID_METHOD"
+ [ -n "$SECURE_BOOT" ] && echo " Secure Boot: $SECURE_BOOT"
[ -n "$TEMPLATE_DIRECTORY" ] && echo " Template files: $TEMPLATE_DIRECTORY"
[ -n "$CHROOT_INSTALL" ] && echo " Install files from directory to chroot: $CHROOT_INSTALL"
[ -n "$BOOTID" ] && echo " Boot identifier: $BOOTID"
fi
fi
-start_seconds=$(cut -d . -f 1 /proc/uptime)
+SECONDS=unknown
+start_seconds="$(date +%s)"
log "------------------------------------------------------------------------------"
log "Starting grml-live [${GRML_LIVE_VERSION}] run on $(date)"
log "Using local config file: $LOCAL_CONFIG"
# dump config variables into file, for script access {{{
CONFIGDUMP=$(mktemp)
-set | egrep \
+set | grep -E \
'^(GRML_NAME|RELEASENAME|DATE|VERSION|SUITE|ARCH|DISTRI_NAME|USERNAME|HOSTNAME|APT_PROXY)=' \
> ${CONFIGDUMP}
# }}}
# architecture (option), otherwise installation of kernel will fail
if echo $CLASSES | grep -qw I386 ; then
if ! [[ "$ARCH" == "i386" ]] ; then
- log "Error: You specified the I386 class but are trying to build something else (AMD64?)."
- eerror "Error: You specified the I386 class but are trying to build something else (AMD64?)."
+ log "Error: You specified the I386 class but are trying to build something else (AMD64/ARM64?)."
+ eerror "Error: You specified the I386 class but are trying to build something else (AMD64/ARM64?)."
eerror "Tip: Either invoke grml-live with '-a i386' or adjust the architecture class. Exiting."
eend 1
bailout
fi
elif echo $CLASSES | grep -qi amd64 ; then
if ! [[ "$ARCH" == "amd64" ]] ; then
- log "Error: You specified the AMD64 class but are trying to build something else (I386?)."
- eerror "Error: You specified the AMD64 class but are trying to build something else (I386?)."
+ log "Error: You specified the AMD64 class but are trying to build something else (I386/ARM64?)."
+ eerror "Error: You specified the AMD64 class but are trying to build something else (I386/ARM64?)."
eerror "Tip: Either invoke grml-live with '-a amd64' or adjust the architecture class. Exiting."
eend 1
bailout
fi
+elif echo $CLASSES | grep -qi arm64 ; then
+ if ! [[ "$ARCH" == "arm64" ]] ; then
+ log "Error: You specified the ARM64 class but are trying to build something else (I386/AMD64?)."
+ eerror "Error: You specified the ARM64 class but are trying to build something else (I386/AMD64?)."
+ eerror "Tip: Either invoke grml-live with '-a arm64' or adjust the architecture class. Exiting."
+ eend 1
+ bailout
+ fi
fi
# generate nfsroot configuration for FAI on the fly
fi
if [ -z "$FAI_DEBOOTSTRAP_OPTS" ] ; then
- FAI_DEBOOTSTRAP_OPTS="--exclude=info,tasksel,tasksel-data --include=aptitude --arch $ARCH"
-fi
-
-# create backup of old (not yet automatically generated) config file
-if [ -f "${GRML_FAI_CONFIG}/make-fai-nfsroot.conf" ] ; then
- if ! grep -q 'This is an automatically generated file by grml-live' "${GRML_FAI_CONFIG}/make-fai-nfsroot.conf" ; then
- ewarn "Found old ${GRML_FAI_CONFIG}/make-fai-nfsroot.conf - moving to ${GRML_FAI_CONFIG}/make-fai-nfsroot.conf.outdated"
- mv "${GRML_FAI_CONFIG}/make-fai-nfsroot.conf" "${GRML_FAI_CONFIG}/make-fai-nfsroot.conf.outdated"
- eend $?
- fi
+ FAI_DEBOOTSTRAP_OPTS="--exclude=info,tasksel,tasksel-data,isc-dhcp-client,isc-dhcp-common --include=aptitude --arch $ARCH"
fi
echo "# This is an automatically generated file by grml-live.
FAI_DEBOOTSTRAP=\"$FAI_DEBOOTSTRAP\"
FAI_DEBOOTSTRAP_OPTS=\"$FAI_DEBOOTSTRAP_OPTS\"
# EOF " > "${GRML_FAI_CONFIG}/nfsroot.conf"
-# support FAI <=3.4.8, versions >=4.0 use nfsroot.conf
-( cd ${GRML_FAI_CONFIG} && ln -sf nfsroot.conf make-fai-nfsroot.conf )
# }}}
# CHROOT_OUTPUT - execute FAI {{{
RC="$PIPESTATUS" # notice: bash-only
if [ "$RC" != 0 ] ; then
- log "Error: critical error while executing fai [exit code ${RC}]. Exiting."
- eerror "Error: critical error while executing fai [exit code ${RC}]. Exiting." ; eend 1
- bailout 1
+ store_logfiles # ensure to have logfiles available even if building failed
+ log "Error: critical error while executing fai [exit code ${RC}]. Exiting."
+ eerror "Error: critical error while executing fai [exit code ${RC}]. Exiting." ; eend 1
+ bailout 1
fi
# provide inform fai about the ISO we build, needs to be provided
FORCE_ISO_REBUILD=true
- # move fai logs into grml_logs directory
- mkdir -p "$LOG_OUTPUT"/fai/
- cp -r "$CHROOT_OUTPUT"/var/log/fai/"$HOSTNAME"/last/* "$LOG_OUTPUT"/fai/
- rm -rf "$CHROOT_OUTPUT"/var/log/fai
-
- # store copy of autogenerated configuration file
- cp ${GRML_FAI_CONFIG}/nfsroot.conf "$LOG_OUTPUT"/fai/
-
- # copy fai package list
- cp "$CHROOT_OUTPUT"/var/log/install_packages.list "$LOG_OUTPUT"/fai/
- # fixup owners
- chown root:adm "$LOG_OUTPUT"/fai/*
- chmod 664 "$LOG_OUTPUT"/fai/*
+ store_logfiles
umount_all
grep 'Unable to write mmap - msync (28 No space left on device)' $CHECKLOG/software.log >> $LOGFILE && ERROR=5
fi
+ # FAI versions <6.0 used to write to shell.log
if [ -r "$CHECKLOG/shell.log" ] ; then
grep 'FAILED with exit code' $CHECKLOG/shell.log >> $LOGFILE && ERROR=6
fi
+ # FAI versions >=6.0 always writes to scripts.log
+ if [ -r "$CHECKLOG/scripts.log" ] ; then
+ grep 'FAILED with exit code' $CHECKLOG/scripts.log >> $LOGFILE && ERROR=6
+ fi
+
if [ -r "$CHECKLOG/fai.log" ] ; then
grep 'updatebase.*FAILED with exit code' "$CHECKLOG/fai.log" >> "$LOGFILE" && ERROR=7
grep 'instsoft.*FAILED with exit code' "$CHECKLOG/fai.log" >> "$LOGFILE" && ERROR=8
# grub boot {{{
grub_setup() {
- BOOTX64="/boot/bootx64.efi"
- BOOTX32="/boot/bootia32.efi"
EFI_IMG="/boot/efi.img"
- if [[ "$ARCH" == "amd64" ]] ; then
+ local efi_size
+ if [[ "${SECURE_BOOT:-}" == "disable" ]] || [[ "${ARCH:-}" == "i386" ]] ; then
+ efi_size='4M'
+ else
+ # e.g. templates/EFI/debian for Secure Boot has >4MB and needs more space
+ efi_size='8M'
+ fi
+
+ if [[ "$ARCH" == "amd64" ]] || [[ "$ARCH" == "arm64" ]] ; then
+ case "$ARCH" in
+ arm64)
+ BOOTX64="/boot/bootaa64.efi"
+ ;;
+ amd64)
+ BOOTX64="/boot/bootx64.efi"
+ ;;
+ esac
+
# important: this depends on execution of ${GRML_FAI_CONFIG}/config/scripts/GRMLBASE/45-grub-images
if ! [ -r "${CHROOT_OUTPUT}/${BOOTX64}" ] ; then
log "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX64}, required for Secure Boot support"
bailout 50
fi
- dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs=4M count=1 2>/dev/null || bailout 50
+ dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs="${efi_size}" count=1 2>/dev/null || bailout 50
mkfs.vfat -n GRML "${CHROOT_OUTPUT}/${EFI_IMG}" >/dev/null || bailout 51
mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI || bailout 52
mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI/BOOT || bailout 52
log "Secure Boot is disabled."
einfo "Secure Boot is disabled." ; eend 0
- # install "$BOOTX64" as ::EFI/BOOT/bootx64.efi inside image file "$EFI_IMG":
- mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${CHROOT_OUTPUT}/${BOOTX64}" ::EFI/BOOT/bootx64.efi >/dev/null || bailout 53
+ # install "$BOOTX64" as ::EFI/BOOT/{bootx64.efi|bootaa64.efi} inside image file "$EFI_IMG":
+ case "$ARCH" in
+ arm64)
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${CHROOT_OUTPUT}/${BOOTX64}" ::EFI/BOOT/bootaa64.efi >/dev/null || bailout 53
+ ;;
+ amd64)
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${CHROOT_OUTPUT}/${BOOTX64}" ::EFI/BOOT/bootx64.efi >/dev/null || bailout 53
+ ;;
+ esac
log "Generated 64-bit EFI image $BOOTX64"
einfo "Generated 64-bit EFI image $BOOTX64" ; eend 0
else
- log "Secure Boot is enabled [mode: $SECURE_BOOT]"
- einfo "Secure Boot is enabled [mode: $SECURE_BOOT]" ; eend 0
+ case "${SECURE_BOOT}" in
+ disable*)
+ log "Secure Boot is disabled [mode: ${SECURE_BOOT}]"
+ einfo "Secure Boot is disabled [mode: ${SECURE_BOOT}]" ; eend 0
+ ;;
+ debian|ubuntu)
+ log "Secure Boot is enabled [mode: ${SECURE_BOOT}]"
+ einfo "Secure Boot is enabled [mode: ${SECURE_BOOT}]" ; eend 0
+
+ local GRUBCFG_TEMPLATE="${TEMPLATE_DIRECTORY}/secureboot/grub.cfg"
+ local GRUBCFG_TMP=$(mktemp)
+
+ if ! [ -r "${GRUBCFG_TEMPLATE}" ] ; then
+ log "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found."
+ eerror "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found." ; eend 1
+ bailout 54
+ fi
- if [ "${SECURE_BOOT}" = "ubuntu" ] ; then
- local GRUBCFG_TEMPLATE="${TEMPLATE_DIRECTORY}/secureboot/grub.cfg"
- local GRUBCFG_TMP=$(mktemp)
+ cp "${GRUBCFG_TEMPLATE}" "${GRUBCFG_TMP}"
+ adjust_boot_files "${GRUBCFG_TMP}"
- if ! [ -r "${GRUBCFG_TEMPLATE}" ] ; then
- log "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found."
- eerror "Secure Boot template for GRUB [${GRUBCFG_TEMPLATE}] not found." ; eend 1
- bailout 54
- fi
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::boot || bailout 55
+ mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::boot/grub || bailout 55
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${GRUBCFG_TMP}" ::boot/grub/grub.cfg || bailout 56
- cp "${GRUBCFG_TEMPLATE}" "${GRUBCFG_TMP}"
- adjust_boot_files "${GRUBCFG_TMP}"
+ rm "${GRUBCFG_TMP}"
- mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI/ubuntu || bailout 55
- mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${GRUBCFG_TMP}" ::EFI/ubuntu/grub.cfg || bailout 56
- rm "${GRUBCFG_TMP}"
+ if [ -r "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed" ] ; then
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed" ::EFI/BOOT/grubx64.efi >/dev/null || bailout 57
+ else
+ log "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed' not found."
+ eerror "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/grubx64.efi.signed' not found." ; eend 1
+ bailout 57
+ fi
- mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}"/EFI/BOOT/grubx64.efi.signed ::EFI/BOOT/grubx64.efi >/dev/null || bailout 57
- mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}"/EFI/BOOT/shimx64.efi.signed ::EFI/BOOT/bootx64.efi >/dev/null || bailout 58
+ if [ -r "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed" ] ; then
+ mcopy -i "${CHROOT_OUTPUT}/${EFI_IMG}" "${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed" ::EFI/BOOT/bootx64.efi >/dev/null || bailout 58
+ else
+ log "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed' not found."
+ eerror "Secure Boot GRUB binary '${TEMPLATE_DIRECTORY}/EFI/${SECURE_BOOT}/BOOT/shimx64.efi.signed' not found." ; eend 1
+ bailout 57
+ fi
- log "Generated 64-bit Secure Boot (ubuntu) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}"
- einfo "Generated 64-bit Secure Boot (ubuntu) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}" ; eend 0
- fi
+ log "Generated 64-bit Secure Boot (${SECURE_BOOT}) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}"
+ einfo "Generated 64-bit Secure Boot (${SECURE_BOOT}) EFI image ${CHROOT_OUTPUT}/${EFI_IMG}" ; eend 0
+ ;;
+ *)
+ log "Secure Boot method '${SECURE_BOOT}' is unsupported."
+ eerror "Secure Boot method '${SECURE_BOOT}' is unsupported." ; eend 1
+ bailout 59
+ ;;
+ esac
fi
fi
if [[ "$ARCH" == "i386" ]] ; then
+ BOOTX32="/boot/bootia32.efi"
if ! [ -r "${CHROOT_OUTPUT}/${BOOTX32}" ] ; then
log "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX32}."
eerror "Can not access GRUB efi image ${CHROOT_OUTPUT}/${BOOTX32}." ; eend 1
bailout 50
fi
- dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs=4M count=1 2>/dev/null || bailout 50
+ dd if=/dev/zero of="${CHROOT_OUTPUT}/${EFI_IMG}" bs="${efi_size}" count=1 2>/dev/null || bailout 50
mkfs.vfat -n GRML "${CHROOT_OUTPUT}/${EFI_IMG}" >/dev/null || bailout 51
mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI || bailout 52
mmd -i "${CHROOT_OUTPUT}/${EFI_IMG}" ::EFI/BOOT || bailout 52
mkdir -p "$BUILD_OUTPUT" || bailout 6 "Problem with creating $BUILD_OUTPUT for stage ARCH"
# prepare ISO
-if [ "$ARCH" = i386 ] || [ "$ARCH" = amd64 ] ; then
+if [ "$ARCH" = i386 ] || [ "$ARCH" = amd64 ] || [ "$ARCH" = arm64 ] ; then
if [ -n "$BOOTSTRAP_ONLY" ] ; then
log "Skipping stage 'boot' as building with bootstrap only."
ewarn "Skipping stage 'boot' as building with bootstrap only." ; eend 0
mkdir -p "$BUILD_OUTPUT"/boot/isolinux
mkdir -p "$BUILD_OUTPUT"/boot/"${SHORT_NAME}"
+ # this is a variable we're using for adjusting boot templates, not only in
+ # adjust_boot_files though, so set here
+ RELEASE_INFO="$GRML_NAME $VERSION - Release Codename $RELEASENAME"
+
# if we don't have an initrd we a) can't boot and b) there was an error
# during build, so check for the file:
INITRD="$(ls $CHROOT_OUTPUT/boot/initrd* 2>/dev/null| grep -v '.bak$' | sort -r | head -1)"
grub_setup
# EFI boot files
- if [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootx64.efi" ] ; then
- einfo "Copying 64-bit EFI boot files into ISO path."
- log "Copying 64-bit EFI boot files into ISO path."
+ if [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootaa64.efi" ] ; then
+ einfo "Copying 64-bit EFI boot files (arm64) into ISO path."
+ log "Copying 64-bit EFI boot files (arm64) into ISO path."
+ RC=$0
+ cp "${CHROOT_OUTPUT}/boot/efi.img" "${BUILD_OUTPUT}/boot/" || RC=$?
+ mkdir -p "${BUILD_OUTPUT}/EFI/BOOT/" || RC=$?
+ cp "${CHROOT_OUTPUT}/boot/bootaa64.efi" "${BUILD_OUTPUT}/EFI/BOOT/bootaa64.efi" || RC=$?
+ eend $?
+ elif [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootx64.efi" ] ; then
+ einfo "Copying 64-bit EFI boot files (amd64) into ISO path."
+ log "Copying 64-bit EFI boot files (amd64) into ISO path."
RC=$0
cp "${CHROOT_OUTPUT}/boot/efi.img" "${BUILD_OUTPUT}/boot/" || RC=$?
mkdir -p "${BUILD_OUTPUT}/EFI/BOOT/" || RC=$?
eend $?
elif [ -r "${CHROOT_OUTPUT}/boot/efi.img" -a -r "${CHROOT_OUTPUT}/boot/bootia32.efi" ] ; then
einfo "Copying 32-bit EFI boot files into ISO path."
- log "Copying 32-bit EFI boot files into ISO path."
+ log "Copying 32-bit EFI boot files into ISO path."
RC=$0
cp "${CHROOT_OUTPUT}/boot/efi.img" "${BUILD_OUTPUT}/boot/" || RC=$?
mkdir -p "${BUILD_OUTPUT}/EFI/BOOT/" || RC=$?
log "Skipping installation of boot addons as requested via \$NO_ADDONS."
einfo "Skipping installation of boot addons as requested via \$NO_ADDONS."; eend 0
else
- if ! [ -d "$TEMPLATE_DIRECTORY"/boot/addons ] ; then
+ if ! [ -r "$TEMPLATE_DIRECTORY"/boot/addons ] ; then
log "Boot addons not found, skipping therefore. (Consider installing package grml-live-addons)"
ewarn "Boot addons not found, skipping therefore. (Consider installing package grml-live-addons)" ; eend 0
else
+ log "Installing boot addons."
+ einfo "Installing boot addons."
+
# copy addons from system packages or grml-live-addons
copy_addon_file ipxe.lkrn /usr/lib/ipxe addons
+ copy_addon_file ipxe.efi /usr/lib/ipxe addons
copy_addon_file pci.ids /usr/share/misc addons
- copy_addon_file memtest86+.bin /boot addons
+
+ # memtest86+ >=6.00-1
+ if [[ "$ARCH" == "amd64" ]] ; then
+ copy_addon_file memtest86+x64.efi /boot addons
+ elif [[ "$ARCH" == "i386" ]] ; then
+ copy_addon_file memtest86+ia32.efi /boot addons
+ fi
+
+ # provide memtest86+ >=6.00-1 files as "memtest" file
+ # for BIOS boot in isolinux/syslinux
+ if ! [ -r "${BUILD_OUTPUT}/boot/addons/memtest" ] ; then
+ if [[ "$ARCH" == "amd64" ]] ; then
+ copy_addon_file memtest86+x64.bin /boot addons &&
+ # make memtest filename FAT16/8.3 compatible
+ mv "${BUILD_OUTPUT}/boot/addons/memtest86+x64.bin" \
+ "${BUILD_OUTPUT}/boot/addons/memtest"
+ elif [[ "$ARCH" == "i386" ]] ; then
+ copy_addon_file memtest86+ia32.bin /boot addons &&
+ # make memtest filename FAT16/8.3 compatible
+ mv "${BUILD_OUTPUT}/boot/addons/memtest86+ia32.bin" \
+ "${BUILD_OUTPUT}/boot/addons/memtest"
+ fi
+ fi
+
+ # fallback: if we still don't have /boot/addons/memtest available, we
+ # might have an older memtest86+ version (<=5.01-3.1) which ships
+ # file "memtest86+.bin" instead
+ if ! [ -r "${BUILD_OUTPUT}/boot/addons/memtest" ] ; then
+ copy_addon_file memtest86+.bin /boot addons &&
+ # make memtest filename FAT16/8.3 compatible
+ mv "${BUILD_OUTPUT}/boot/addons/memtest86+.bin" \
+ "${BUILD_OUTPUT}/boot/addons/memtest"
+ fi
# since syslinux(-common) v3:6.03~pre1+dfsg-4 the files are in a
# different directory :(
copy_addon_file memdisk /usr/lib/syslinux addons
- # make memtest filename FAT16/8.3 compatible
- mv "${BUILD_OUTPUT}/boot/addons/memtest86+.bin" \
- "${BUILD_OUTPUT}/boot/addons/memtest"
-
# copy only files so we can handle bsd4grml on its own
for file in ${TEMPLATE_DIRECTORY}/boot/addons/* ; do
test -f $file && cp $file "$BUILD_OUTPUT"/boot/addons/
done
+ eend 0
+
if [ -n "$NO_ADDONS_BSD4GRML" ] ; then
log "Skipping installation of bsd4grml as requested via \$NO_ADDONS_BSD4GRML."
einfo "Skipping installation of bsd4grml as requested via \$NO_ADDONS_BSD4GRML."; eend 0
fi
echo "source /boot/grub/footer.cfg" >> "${BUILD_OUTPUT}"/boot/grub/loopback.cfg
- # copy grub files from target
- mkdir -p "${BUILD_OUTPUT}"/boot/grub/i386-pc/
- cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.mod "${BUILD_OUTPUT}"/boot/grub/i386-pc/
- cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.o "${BUILD_OUTPUT}"/boot/grub/i386-pc/
- cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.lst "${BUILD_OUTPUT}"/boot/grub/i386-pc/
- cp -a "${CHROOT_OUTPUT}"/usr/share/grub/ascii.pf2 "${BUILD_OUTPUT}"/boot/grub/
- cp -a "${CHROOT_OUTPUT}"/boot/grub/core.img "${BUILD_OUTPUT}"/boot/grub/
- cp -a "${CHROOT_OUTPUT}"/boot/grub/grub.img "${BUILD_OUTPUT}"/boot/grub/
-
- # copy modules for UEFI grub, 64-bit
- mkdir -p "${BUILD_OUTPUT}"/boot/grub/x86_64-efi/
- cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi/*.{mod,lst} "${BUILD_OUTPUT}"/boot/grub/x86_64-efi/
+ # copy modules for GRUB
+ if [ "${ARCH}" = "arm64" ] ; then
+ mkdir -p "${BUILD_OUTPUT}"/boot/grub/arm64-efi/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/arm64-efi/*.mod "${BUILD_OUTPUT}"/boot/grub/arm64-efi/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/arm64-efi/*.lst "${BUILD_OUTPUT}"/boot/grub/arm64-efi/
+ # NOTE: usage of /boot/grub/core.img + /boot/grub/grub.img unclear yet
+ elif [ "${ARCH}" = "amd64" ] || [ "${ARCH}" = "i386" ] ; then
+ # grub-pc-bin
+ mkdir -p "${BUILD_OUTPUT}"/boot/grub/i386-pc/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.mod "${BUILD_OUTPUT}"/boot/grub/i386-pc/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.o "${BUILD_OUTPUT}"/boot/grub/i386-pc/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/*-pc/*.lst "${BUILD_OUTPUT}"/boot/grub/i386-pc/
+
+ # grub-efi-amd64-bin
+ mkdir -p "${BUILD_OUTPUT}"/boot/grub/x86_64-efi/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi/*.{mod,lst} "${BUILD_OUTPUT}"/boot/grub/x86_64-efi/
+
+ # grub-efi-ia32-bin
+ mkdir -p "${BUILD_OUTPUT}"/boot/grub/i386-efi/
+ cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/i386-efi/*.{mod,lst} "${BUILD_OUTPUT}"/boot/grub/i386-efi/
+
+ cp -a "${CHROOT_OUTPUT}"/boot/grub/core.img "${BUILD_OUTPUT}"/boot/grub/
+ cp -a "${CHROOT_OUTPUT}"/boot/grub/grub.img "${BUILD_OUTPUT}"/boot/grub/
+ fi
- # copy modules for UEFI grub, 32-bit
- mkdir -p "${BUILD_OUTPUT}"/boot/grub/i386-efi/
- cp -a "${CHROOT_OUTPUT}"/usr/lib/grub/i386-efi/*.{mod,lst} "${BUILD_OUTPUT}"/boot/grub/i386-efi/
+ # arch independent files
+ cp -a "${CHROOT_OUTPUT}"/usr/share/grub/ascii.pf2 "${BUILD_OUTPUT}"/boot/grub/
+ cp -a "${CHROOT_OUTPUT}"/usr/share/grub/unicode.pf2 "${BUILD_OUTPUT}"/boot/grub/ # clarify
if ! [ -d "${TEMPLATE_DIRECTORY}"/GRML ] ; then
log "Error: ${TEMPLATE_DIRECTORY}/GRML does not exist. Exiting."
mkdir -p "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/
cp -a ${TEMPLATE_DIRECTORY}/GRML/* "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/
- # adjust boot splash information:
- RELEASE_INFO="$GRML_NAME $VERSION - Release Codename $RELEASENAME"
- RELEASE_INFO="$(cut_string 68 "$RELEASE_INFO")"
- RELEASE_INFO="$(extend_string_end 68 "$RELEASE_INFO")"
-
if [ -r "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/grml-version ] ; then
- sed -i "s/%RELEASE_INFO%/$GRML_NAME $VERSION - $RELEASENAME/" "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/grml-version
- sed -i "s/%DATE%/$DATE/" "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/grml-version
+ sed -i "s/%RELEASE_INFO%/$RELEASE_INFO/" "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/grml-version
+ sed -i "s/%DATE%/$DATE/" "$BUILD_OUTPUT"/GRML/"${GRML_NAME}"/grml-version
fi
# make sure the squashfs filename is set accordingly:
SQUASHFS_NAME="$GRML_NAME.squashfs"
+ # adjust bootsplash accordingly but make sure the string has the according length
+ fixed_squashfs_name="$(cut_string 20 "$SQUASHFS_NAME")"
+ fixed_squashfs_name="$(extend_string_end 20 "$fixed_squashfs_name")"
+ for file in f4 f5 ; do
+ if [ -r "${BUILD_OUTPUT}/boot/isolinux/${file}" ] ; then
+ sed -i "s/%SQUASHFS_NAME%/${fixed_squashfs_name}/" "${BUILD_OUTPUT}/boot/isolinux/${file}"
+ sed -i "s/%SQUASHFS_NAME%/${fixed_squashfs_name}/" "${BUILD_OUTPUT}/boot/isolinux/${file}"
+ fi
+ done
# adjust all variables in the templates with the according distribution information
adjust_boot_files "${BUILD_OUTPUT}"/boot/isolinux/*.cfg \
"${BUILD_OUTPUT}"/boot/isolinux/*.msg \
- "${BUILD_OUTPUT}"/boot/grub/* \
- "${BUILD_OUTPUT}"/boot/ubuntu/*
+ "${BUILD_OUTPUT}"/boot/grub/*
for param in ARCH DATE DISTRI_INFO DISTRI_NAME DISTRI_SPLASH GRML_NAME SQUASHFS_NAME \
RELEASE_INFO SHORT_NAME VERSION ; do
done
done
- # adjust bootsplash accordingly but make sure the string has the according length
- SQUASHFS_NAME="$(cut_string 20 "$SQUASHFS_NAME")"
- SQUASHFS_NAME="$(extend_string_end 20 "$SQUASHFS_NAME")"
- for file in f4 f5 ; do
- if [ -r "${BUILD_OUTPUT}/boot/isolinux/${file}" ] ; then
- sed -i "s/%SQUASHFS_NAME%/$SQUASHFS_NAME/" "${BUILD_OUTPUT}/boot/isolinux/${file}"
- sed -i "s/%SQUASHFS_NAME%/$SQUASHFS_NAME/" "${BUILD_OUTPUT}/boot/isolinux/${file}"
- fi
- done
-
# generate addon list
rm -f "${BUILD_OUTPUT}/${ADDONS_LIST_FILE}"
for name in "${BUILD_OUTPUT}"/boot/isolinux/addon_*.cfg ; do
fi
if [ -e "$BUILD_OUTPUT"/boot/addons/bsd4grml/boot.6 ]; then
- sed -i "s/%RELEASE_INFO%/$GRML_NAME $VERSION - $RELEASENAME/" "$BUILD_OUTPUT"/boot/addons/bsd4grml/boot.6
+ sed -i "s/%RELEASE_INFO%/$RELEASE_INFO/" "$BUILD_OUTPUT"/boot/addons/bsd4grml/boot.6
fi
DPKG_LIST="/var/log/fai/$HOSTNAME/last/dpkg.list" # the dpkg --list output of the chroot
# make sure we don't leave (even an empty) base.tgz:
[ -f "$CHROOT_OUTPUT/base.tgz" ] && rm -f "$CHROOT_OUTPUT/base.tgz"
- # if unconfigured default to squashfs-tools' mksquashfs binary
- if [ -z "$SQUASHFS_BINARY" ] ; then
- SQUASHFS_BINARY='mksquashfs'
- fi
-
if which "$SQUASHFS_BINARY" >/dev/null 2>&1 ; then
log "Using mksquashfs binary ${SQUASHFS_BINARY}"
einfo "Using mksquashfs binary ${SQUASHFS_BINARY}" ; eend 0
# use sane defaults if $SQUASHFS_OPTIONS isn't set
if [ -z "$SQUASHFS_OPTIONS" ] ; then
- # use blocksize 256k as this gives best result with regards to time + compression
- SQUASHFS_OPTIONS="-b 256k"
+ # use block size 1m as this gives good result with regards to time + compression
+ SQUASHFS_OPTIONS="-b 1m"
# set lzma/xz compression by default, unless -z option has been specified on command line
if [ -z "$SQUASHFS_ZLIB" ] ; then
fi
# }}}
+# information how the ISO was generated {{{
+# shellcheck disable=SC2034
+generate_build_info() {
+ jo -p \
+ boot_method="${BOOT_METHOD}" \
+ bootstrap_only="${BOOTSTRAP_ONLY}" \
+ build_date="${DATE}" \
+ build_dirty="${BUILD_DIRTY}" \
+ build_only="${BUILD_ONLY}" \
+ chroot_install="${CHROOT_INSTALL}" \
+ classes="${CLASSES}" \
+ clean_artifacts="${CLEAN_ARTIFACTS}" \
+ default_bootoptions="${DEFAULT_BOOTOPTIONS}" \
+ distri_info="${DISTRI_INFO}" \
+ distri_name="${DISTRI_NAME}" \
+ extract_iso_name="${EXTRACT_ISO_NAME}" \
+ fai_cmdline="BUILD_ONLY=${BUILD_ONLY} BOOTSTRAP_ONLY=${BOOTSTRAP_ONLY} GRML_LIVE_CONFIG=${CONFIGDUMP} WAYBACK_DATE=${WAYBACK_DATE} fai ${VERBOSE} -C ${GRML_FAI_CONFIG} -s file:///${GRML_FAI_CONFIG}/config -c${CLASSES} -u ${HOSTNAME} ${FAI_ACTION} ${CHROOT_OUTPUT} ${FAI_ARGS}" \
+ fai_version="$(fai --help 2>/dev/null | head -1 | awk '{print $2}' | sed 's/\.$//' || true)" \
+ grml_architecture="${ARCH}" \
+ grml_bootid="${BOOTID}" \
+ grml_build_output="${BUILD_OUTPUT}" \
+ grml_chroot_output="${CHROOT_OUTPUT}" \
+ grml_debian_version="${SUITE}" \
+ grml_iso_name="${ISO_NAME}" \
+ grml_iso_output="${ISO_OUTPUT}" \
+ grml_live_cmdline="${CMDLINE}" \
+ grml_live_config_file="${LIVE_CONF}" \
+ grml_live_scripts_directory="${SCRIPTS_DIRECTORY}" \
+ grml_live_template_directory="${TEMPLATE_DIRECTORY}" \
+ grml_live_version="${GRML_LIVE_VERSION}" \
+ grml_local_config="${LOCAL_CONFIG}" \
+ grml_name="${GRML_NAME}" \
+ grml_short_name="${SHORT_NAME}" \
+ grml_username="${USERNAME}" \
+ grml_version="${VERSION}" \
+ host_architecture="$(dpkg --print-architecture || true)" \
+ host_debian_version="$(cat /etc/debian_version 2>/dev/null || true)" \
+ host_kernel_version="$(uname -a)" \
+ hybrid_method="${HYBRID_METHOD}" \
+ mkisofs_cmdline="${MKISOFS} -V ${GRML_NAME} ${VERSION} -publisher 'grml-live | grml.org' -l -r -J ${BOOT_ARGS} ${EFI_ARGS} -no-pad -o ${ISO_OUTPUT}/${ISO_NAME}" \
+ mkisofs_version="$(${MKISOFS} --version 2>/dev/null | head -1 || true)" \
+ mksquashfs_cmdline="${SQUASHFS_BINARY} ${CHROOT_OUTPUT}/ ${BUILD_OUTPUT}/live/${GRML_NAME}/${GRML_NAME}.squashfs -noappend ${SQUASHFS_OPTIONS}" \
+ mksquashfs_version="$(${SQUASHFS_BINARY} -version | head -1 || true)" \
+ output_owner="${CHOWN_USER}" \
+ release_info="${RELEASE_INFO}" \
+ release_name="${RELEASENAME}" \
+ secure_boot="${SECURE_BOOT}" \
+ skip_mkisofs="${SKIP_MKISOFS}" \
+ skip_mksquashfs_="${SKIP_MKSQUASHFS}" \
+ skip_netboot="${SKIP_NETBOOT}" \
+ squashfs_name="${SQUASHFS_NAME}" \
+ template_directory="${TEMPLATE_DIRECTORY}" \
+ timestamp="$(TZ=UTC date +%s)" \
+ update_only="${UPDATE}" \
+ wayback_date="${WAYBACK_DATE}" \
+ --
+}
+# }}}
+
# ISO_OUTPUT - mkisofs {{{
[ -n "$ISO_OUTPUT" ] || ISO_OUTPUT="$OUTPUT/grml_isos"
[ -n "$ISO_NAME" ] || ISO_NAME="${GRML_NAME}_${VERSION}.iso"
echo 1 16 | mksh "${SCRIPTS_DIRECTORY}/bootgrub.mksh" -B 11 | \
dd of=boot/grub/toriboot.bin conv=notrunc 2>/dev/null
fi
+
+ log "Generating build information in conf/buildinfo.json"
+ einfo "Generating build information in conf/buildinfo.json"
+ mkdir -p conf/
+ generate_build_info > conf/buildinfo.json
+ eend $?
+
log "$MKISOFS -V '${GRML_NAME} ${VERSION}' -publisher 'grml-live | grml.org' -l -r -J $BOOT_ARGS $EFI_ARGS -no-pad -o ${ISO_OUTPUT}/${ISO_NAME} ."
+ einfo "Generating ISO file..."
$MKISOFS -V "${GRML_NAME} ${VERSION}" -publisher 'grml-live | grml.org' \
-l -r -J $BOOT_ARGS $EFI_ARGS -no-pad \
-o "${ISO_OUTPUT}/${ISO_NAME}" . ; RC=$?
+ eend $RC
+
+ # do not continue on errors, otherwise we might generate/overwrite the ISO with dd if=... stuff
+ if [ "$RC" != 0 ] ; then
+ log "Error: critical error while generating ISO [exit code ${RC}]. Exiting."
+ eerror "Error: critical error while generating ISO [exit code ${RC}]. Exiting." ; eend 1
+ bailout $RC
+ fi
+
# both of these need core.img there, so it’s easier to write it here
if [ "$BOOT_METHOD" = "grub2" ] || [ "$HYBRID_METHOD" = "grub2" ]; then
# must be <= 30720 bytes
[ "$RC" = 0 ] && \
(
if cd $ISO_OUTPUT ; then
- md5sum ${ISO_NAME} > ${ISO_NAME}.md5 && \
- touch -r ${ISO_NAME} ${ISO_NAME}.md5
- sha1sum ${ISO_NAME} > ${ISO_NAME}.sha1 && \
- touch -r ${ISO_NAME} ${ISO_NAME}.sha1
sha256sum ${ISO_NAME} > ${ISO_NAME}.sha256 && \
touch -r ${ISO_NAME} ${ISO_NAME}.sha256
- sha512sum ${ISO_NAME} > ${ISO_NAME}.sha512 && \
- touch -r ${ISO_NAME} ${ISO_NAME}.sha512
fi
)
;;
# netboot package {{{
create_netbootpackage() {
- local OUTPUT_FILE="${NETBOOT}/grml_netboot_package_${GRML_NAME}_${VERSION}.tar.bz2"
+ local OUTPUT_FILE="${NETBOOT}/grml_netboot_package_${GRML_NAME}_${VERSION}.tar"
if [ -f "${OUTPUT_FILE}" -a -z "$UPDATE" -a -z "$BUILD_ONLY" -a -z "$BUILD_DIRTY" ] ; then
log "Skipping stage 'netboot' as $OUTPUT_FILE exists already."
eoutdent
fi
- if tar -C "$OUTPUTDIR" -jcf "${OUTPUT_FILE}" "grml_netboot_package_${GRML_NAME}_${VERSION}" ; then
+ # don't include shim + grubnetx64 + grub files in i386 netboot packages,
+ # as those don't make much sense there
+ if [ "$ARCH" = amd64 ] ; then
+ if ! [ -r "${BUILD_OUTPUT}/boot/grub/netboot.cfg" ] ; then
+ log "File ${BUILD_OUTPUT}/boot/grub/netboot.cfg not found."
+ ewarn "File ${BUILD_OUTPUT}/boot/grub/netboot.cfg not found."
+ eindent
+ log "Hint: Are you using custom templates which do not provide grub.cfg?"
+ ewarn "Hint: Are you using custom templates which do not provide grub.cfg?" ; eend 0
+ eoutdent
+ else
+ cp "${BUILD_OUTPUT}/boot/grub/netboot.cfg" "${WORKING_DIR}/grub.cfg"
+ adjust_boot_files "${WORKING_DIR}/grub.cfg"
+
+ if [ -r "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi.signed ] ; then
+ log "Installing ${CHROOT_OUTPUT}/usr/lib/shim/shimx64.efi.signed as shim.efi in netboot package"
+ cp "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi.signed "${WORKING_DIR}"/shim.efi
+ elif [ -r "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi ] ; then
+ log "Installing ${CHROOT_OUTPUT}/usr/lib/shim/shimx64.efi as shim.efi in netboot package"
+ cp "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi "${WORKING_DIR}"/shim.efi
+ else
+ log "No shimx64.efi for usage with PXE boot found (shim-signed not present?)"
+ ewarn "No shimx64.efi for usage with PXE boot found (shim-signed not present?)" ; eend 0
+ fi
+
+ if [ -r "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed ] ; then
+ log "Installing /usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed as grubx64.efi in netboot package"
+ cp "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed "${WORKING_DIR}"/grubx64.efi
+ elif [ -r "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi ] ; then
+ log "Installing /usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi as grubx64.efi in netboot package"
+ cp "${CHROOT_OUTPUT}"/usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi "${WORKING_DIR}"/grubx64.efi
+ else
+ log "No grubnetx64.efi for usage with PXE boot found (grub-efi-amd64-signed not present?)"
+ ewarn "No grubnetx64.efi for usage with PXE boot found (grub-efi-amd64-signed not present?)." ; eend 0
+ fi
+
+ if [ -r "${CHROOT_OUTPUT}"/usr/share/grub/unicode.pf2 ] ; then
+ log "Installing ${CHROOT_OUTPUT}/usr/share/grub/unicode.pf2 as grub/fonts/unicode.pf2 in netboot package"
+ mkdir -p "${WORKING_DIR}"/grub/fonts/
+ cp "${CHROOT_OUTPUT}"/usr/share/grub/unicode.pf2 "${WORKING_DIR}"/grub/fonts/
+ else
+ log "No unicode.pf2 for usage with PXE boot found (grub-common not present?)"
+ ewarn "No unicode.pf2 for usage with PXE boot found (grub-common not present?)" ; eend 0
+ fi
+ fi
+ fi
+
+ if tar -C "$OUTPUTDIR" -cf "${OUTPUT_FILE}" "grml_netboot_package_${GRML_NAME}_${VERSION}" ; then
(
cd $(dirname "${OUTPUT_FILE}")
- sha1sum $(basename "${OUTPUT_FILE}") > "${OUTPUT_FILE}.sha1"
sha256sum $(basename "${OUTPUT_FILE}") > "${OUTPUT_FILE}.sha256"
- sha512sum $(basename "${OUTPUT_FILE}") > "${OUTPUT_FILE}.sha512"
)
einfo "Generated netboot package ${OUTPUT_FILE}" ; eend 0
rm -rf "${OUTPUTDIR}"
# }}}
# finalize {{{
-[ -n "$start_seconds" ] && SECONDS="$[$(cut -d . -f 1 /proc/uptime)-$start_seconds]" || SECONDS="unknown"
+if [ -n "${start_seconds}" ] ; then
+ end_seconds="$(date +%s)"
+ SECONDS="$(( end_seconds - start_seconds ))"
+fi
log "Successfully finished execution of $PN [$(date) - running ${SECONDS} seconds]"
dpkg_to_db # make sure we catch the last log line as well, therefore execute between log + einfo
exit 1
fi
-mkdir -p /remaster/chroot /remaster/tmp /remaster/cdrom
-mount -t tmpfs tmpfs /remaster/tmp
+mkdir -p /remaster/chroot /remaster/tmp /remaster/cdrom /remaster/work
+
echo "#:# edit the following two lines to change the boot message" >/remaster/msg
echo "#:#" >>/remaster/msg
if [ -r ${LIVE_PATH_BOOT}/isolinux/boot.msg ] ; then
mount -t squashfs "$SQUASHFS_FILE" /remaster/cdrom -o ro,loop
fi
-if ! grep -q "aufs /remaster/chroot" /proc/mounts ; then
- mount -t aufs aufs /remaster/chroot -o br:/remaster/tmp=rw:/remaster/cdrom=rr
+if ! grep -q "overlay /remaster/chroot" /proc/mounts ; then
+ mount -t overlay overlay -o lowerdir=/remaster/cdrom,upperdir=/remaster/tmp,workdir=/remaster/work /remaster/chroot
fi
for i in run dev dev/pts proc root sys tmp; do
--- /dev/null
+# debian approach:
+shimx64.efi.signed = /usr/lib/shim/shimx64.efi.signed from https://deb.debian.org/debian/pool/main/s/shim-signed/shim-signed_1.38+15.4-7_amd64.deb
+grubx64.efi.signed = /usr/lib/grub/x86_64-efi-signed/gcdx64.efi.signed from https://deb.debian.org/debian/pool/main/g/grub-efi-amd64-signed/grub-efi-amd64-signed_1+2.06+7_amd64.deb
+# NOTE:
+# shimx64.efi.signed ends up as /EFI/BOOT/bootx64.efi inside [grml_cd]/boot/efi.img, and
+# grubx64.efi.signed ends up as /EFI/BOOT/grubx64.efi inside [grml_cd]/boot/efi.img, whereas
+# [grml_cd]/boot/efi.img is used as `boot/efi.img` inside `xorriso -as mkisofs [...] -e boot/efi.img -no-emul-boot [...]` ISO generation [inside grml_cd directory]
# ubuntu approach:
shimx64.efi.signed = /usr/lib/shim/shimx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/s/shim-signed/shim-signed_1.34.9+13-0ubuntu2_amd64.deb
-grubx64.efi.signed = /usr/lib/grub/x86_64-efi-signed/grubx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/g/grub2-signed/grub-efi-amd64-signed_1.93+2.02-2ubuntu8_amd64.deb
+grubx64.efi.signed = /usr/lib/grub/x86_64-efi-signed/gcdx64.efi.signed from http://de.archive.ubuntu.com/ubuntu/pool/main/g/grub2-signed/grub-efi-amd64-signed_1.93+2.02-2ubuntu8_amd64.deb
# NOTE:
# shimx64.efi.signed ends up as /EFI/BOOT/bootx64.efi inside [grml_cd]/boot/efi.img, and
# grubx64.efi.signed ends up as /EFI/BOOT/grubx64.efi inside [grml_cd]/boot/efi.img, whereas
==================================================================
-The grml software collection and all included programs that are
-authored by the grml-team, are subject to the terms and conditions
+The Grml software collection and all included programs that are
+authored by the Grml team, are subject to the terms and conditions
of the GNU GENERAL PUBLIC LICENSE Version 2 or any later version,
as quoted herein.
third-party programs included on this CD. Check
/usr/share/doc/*/copyright* and other supplied license files
of each software package carefully for more information.
-
-Information regarding the sources of this ISO can be found at
-http://sources.grml.org/
==================================================================
GNU GENERAL PUBLIC LICENSE
These options work from the isolinux bootprompt of Grml based (live) systems.
(Do NOT use them as 'grml $OPTION', use them as '$OPTION'!):
-grml Use default settings (same as just pressing return)
-grml2ram Copy Grml's squashfs file to RAM and
- run from there (compare with 'grml toram')
-memtest Run Memtest86+ instead of Linux
-fb1280x1024 Use fixed framebuffer graphics (1)
-fb1024x768 Use fixed framebuffer graphics (2) [notice: Grml's default]
-fb800x600 Use fixed framebuffer graphics (3)
-nofb Disable framebuffer
-floppy Boot from floppydisk
-hd / hd1 / hd2 / hd3 Boot from (local) primary / secondary /... harddisk
-debug Get shells during process of booting for debugging
-forensic Do not touch any harddisks during hardware recognition
-serial Activate ttyS0 and start a getty
-grub Boot Grub bootloader (special all-in-one-image)
-dos Boot FreeDOS
-hdt Boot Hardware Detection Tool (from syslinux project)
+grml Use default settings (same as just pressing return)
+grml2ram Copy Grml's squashfs file to RAM and
+ run from there (compare with 'grml toram')
+memtest Run Memtest86+ instead of Linux
+fb1280x1024 Use fixed framebuffer graphics (1)
+fb1024x768 Use fixed framebuffer graphics (2) [notice: Grml's default]
+fb800x600 Use fixed framebuffer graphics (3)
+nofb Disable framebuffer
+floppy Boot from floppydisk
+hd / hd1 / hd2 / hd3 Boot from (local) primary / secondary /... harddisk
+debug Get shells during process of booting for debugging
+forensic Do not touch any harddisks during hardware recognition
+serial Activate ttyS0 and start a getty
+grub Boot Grub bootloader (special all-in-one-image)
+dos Boot FreeDOS
+hdt Boot Hardware Detection Tool (from syslinux project)
Further documentation regarding the boot process can be found at:
-* http://git.grml.org/?p=live-initramfs-grml.git;a=blob_plain;f=manpages/live-initramfs.en.7.txt;hb=HEAD
* https://manpages.debian.org/live-boot-doc/live-boot.7.en.html
-* https://manpages.debian.org/initramfs-tools-core/initramfs-tools.8.en.html
+* https://manpages.debian.org/initramfs-tools-core/initramfs-tools.7.en.html
* https://www.kernel.org/doc/html/latest/admin-guide/kernel-parameters.html
The following boot options can be combined.
Regional settings:
------------------
-grml lang=at|de|cn|da|es|fr|it Specify language ($LANG, $LC_ALL, $LANGUAGE - utf8) + keyboard
-grml lang=nl|pl|ru|sk|tr|tw|us Specify language ($LANG, $LC_ALL, $LANGUAGE - utf8) + keyboard
-grml utc Hardware Clock is set to Coordinated Universal Time (UTC)
-grml localtime Hardware Clock is set to local time (LOCAL), this is the default
-grml tz=Europe/Vienna Use specified timezone for TZ, defaults to TZ=UTC
-grml keyboard=us Use different keyboard layout
+grml lang=at|de|cn|da|es|fr|it Specify language ($LANG, $LC_ALL, $LANGUAGE - utf8) + keyboard
+grml lang=nl|pl|ru|sk|tr|tw|us Specify language ($LANG, $LC_ALL, $LANGUAGE - utf8) + keyboard
+grml utc Hardware Clock is set to Coordinated Universal Time (UTC)
+grml localtime Hardware Clock is set to local time (LOCAL), this is the default
+grml tz=Europe/Vienna Use specified timezone for TZ, defaults to TZ=UTC
+grml keyboard=us Use different keyboard layout
Configuration settings:
-----------------------
-grml myconfig=/dev/fd0 Set the DCS dir (debs, config, scripts) to the root of this device
- DCS dir defaults to the live image or a device labeled GRMLCFG
- If a file /config.tbz exists, it is extracted from there.
- /dev/fd0 for floppy disk
- /dev/sda1 for USB-stick/first SCSI-device
-grml autoconfig=SOMELABEL Set the DCS dir to the root of the device labeled with SOMELABEL.
- If undefined search for a device labeled with GRMLCFG.
-grml netconfig=server/config.tbz Download file and extract configuration archive
-grml netscript=server/file Download and execute file
-grml partconf=/dev/sda2 Copy files specified in /etc/grml/partconf from /dev/sda2
- to booting grml system
-grml file=foobar.tbz Use specified file as name for configuration archive
- instead of the default one (config.tbz)
-grml extract=/etc Extract only /etc from configuration archive,
- use it in combination with myconfig or netconfig
-grml persistence Enable persistency feature, more details available at
- http://wiki.grml.org/doku.php?id=persistency
-grml hostname=... Set hostname to given argument
-grml hostname Set a random hostname
- [Note: only available with releases newer than 2010.04]
-grml nonetworking Do not create/overwrite /etc/network/interface during startup
-grml distri=... Set distribution name to given argument. If a jpg file named like the
- given distri name can be found in directory desktop on the ISO
- (/cdrom/desktop/"$DISTRI") it will be taken as wallpaper for grml
-grml debnet Search through local partitions for file /etc/network/interfaces,
- copy /etc/network to local system and restart networking then
-grml dns=8.8.8.8,8.8.4.4 Set DNS resolvers during boot and for live system.
-grml ip=... Standard Linux kernel ip= boot option. Arguments:
- clientip:nfsserverip:gwip:netmask:hostname:device:autoconf
- Valid values for autoconf: off, on, dhcp, bootp, rarp, both.
- Almost everything is optional. Most common form: ip=dhcp
-grml mypath=... Add specified option into $PATH of Zsh
- For example when using "grml mypath=/foobar" then /foobar
- will be added to the end of $PATH inside Zsh
-grml debs Install all Debian packages from the "debs" directory of your DCS
- directory (see myconfig=, typically the root of your ISO image).
-grml debs=path-name-wildcard Install Debian packages from DCS directory (see myconfig=,
- typically the root of your ISO image). If path does not contain a
- "/" the package(s) will be installed from directory "debs" of the
- DCS directory instead. The "path-name-wildcard" can contain
- wildcards (e.g. debs=rat* will install a packages starting with "rat"
- from directory debs/).
-grml scripts=path-name Execute script (defaulting to grml.sh) inside DCS dir. Path names
- allowed. If path-name points to a directory, all scripts found in
- the directory are executed.
-grml config=path-name Unpack archive that path-name points to
-grml noautoconfig Disable searching for device labeled GRMLCFG
-grml nobeep Disable welcome chime, sounded before grml-quickconfig starts.
+grml myconfig=/dev/fd0 Set the DCS dir (debs, config, scripts) to the root of this device
+ DCS dir defaults to the live image or a device labeled GRMLCFG
+ If a file /config.tbz exists, it is extracted from there.
+ /dev/fd0 for floppy disk
+ /dev/sda1 for USB-stick/first SCSI-device
+grml autoconfig=SOMELABEL Set the DCS dir to the root of the device labeled with SOMELABEL.
+ If undefined search for a device labeled with GRMLCFG.
+grml netconfig=server/config.tbz Download file and extract configuration archive
+grml netscript=server/file Download and execute file
+grml partconf=/dev/sda2 Copy files specified in /etc/grml/partconf from /dev/sda2
+ to booting grml system
+grml file=foobar.tbz Use specified file as name for configuration archive
+ instead of the default one (config.tbz)
+grml extract=/etc Extract only /etc from configuration archive,
+ use it in combination with myconfig or netconfig
+grml persistence Enable persistency feature, more details available at
+ http://wiki.grml.org/doku.php?id=persistency
+grml hostname=... Set hostname to given argument
+grml hostname Set a random hostname
+ [Note: only available with releases newer than 2010.04]
+grml nonetworking Do not create/overwrite /etc/network/interface during startup
+grml distri=... Set distribution name to given argument. If a jpg file named like the
+ given distri name can be found in directory desktop on the ISO
+ (/cdrom/desktop/"$DISTRI") it will be taken as wallpaper for grml
+grml debnet Search through local partitions for file /etc/network/interfaces,
+ copy /etc/network to local system and restart networking then
+grml dns=8.8.8.8,8.8.4.4 Set DNS resolvers during boot and for live system.
+grml ip=... Standard Linux kernel ip= boot option. Arguments:
+ clientip:nfsserverip:gwip:netmask:hostname:device:autoconf
+ Valid values for autoconf: off, on, dhcp, bootp, rarp, both.
+ Almost everything is optional. Most common form: ip=dhcp
+grml mypath=... Add specified option into $PATH of Zsh
+ For example when using "grml mypath=/foobar" then /foobar
+ will be added to the end of $PATH inside Zsh
+grml debs Install all Debian packages from the "debs" directory of your DCS
+ directory (see myconfig=, typically the root of your ISO image).
+grml debs=path-name-wildcard Install Debian packages from DCS directory (see myconfig=,
+ typically the root of your ISO image). If path does not contain a
+ "/" the package(s) will be installed from directory "debs" of the
+ DCS directory instead. The "path-name-wildcard" can contain
+ wildcards (e.g. debs=rat* will install a packages starting with "rat"
+ from directory debs/).
+grml scripts=path-name Execute script (defaulting to grml.sh) inside DCS dir. Path names
+ allowed. If path-name points to a directory, all scripts found in
+ the directory are executed.
+grml config=path-name Unpack archive that path-name points to
+grml noautoconfig Disable searching for device labeled GRMLCFG
+grml nobeep Disable welcome chime, sounded before grml-quickconfig starts.
Notice: Take a look at http://grml.org/config/ and 'man 1 grml-autoconfig'
for more information regarding the configuration framework of Grml.
Booting related options:
------------------------
-grml toram Copy the whole CD/medium to RAM and run from there
-grml toram=filename.squashfs Copy the specified file to RAM and run from there
- Usage example: grml toram=grml-medium.squashfs
- Notice: grml2ram is an alias for this option which
- corresponds with the grml flavour settings by default
-grml tohd=/dev/sda1 Copy Grml's squashfs file to harddisk partition for later
- use via "grml bootfrom=/dev/sda1"
-grml bootfrom=/dev/sda1 Use the squashfs file from directory 'live' of the specified device
- Setup can be done booting 'grml tohd=/dev/sda1' or
- running 'rsync -a --progress /run/live/medium/live /media/sda1/'
-grml bootfrom=removable Restrict search for the live media to removable type only.
-grml bootfrom=removable-usb Restrict search for the live media to usb mass storage only.
-grml isofrom=/dev/sda1/grml.iso Use specified ISO image for booting
- Useful when booting as a rescue system from harddisk - just boot
- the according grml kernel and initrd using the bootoptions
- "boot=live isofrom=/dev/sda1/grml.iso"
- Notice: "fromiso" does the same as "isofrom", it's just there
- to prevent any typing errors
-grml findiso=/grml_2010.12.iso Look for the specified ISO file on all disks where it usually
- looks for the .squashfs file (so you don't have to know the device name
- as in isofrom=....).
-grml fetch=$IP/filename.squashfs Download a squashfs image from a given url, copying to ram and booting it.
- [Note: releases before 2011.05 didn't support DNS but IP only.]
-grml live-media-path=/live/grml... Sets the path to the live filesystem on the medium
- By default, it is set to /live/$GRML_FLAVOUR/ (where $GRML_FLAVOUR
- is corresponding to grml64-full, grml32-full, grml64-small,...
- [Note: this option is mandatory since release 2011.12]
-grml module=grml Instead of using the default "$name.module" another file can
- be specified without the extension ".module"; it should be placed
- on "/live" directory of the live medium
- Useful for Multiboot USB pen, see
- http://wiki.grml.org/doku.php?id=tips#multiboot_usb_pen
-grml bootid=mybootid Use specified argument as identifier for the ISO.
- mybootid is specified in /conf/bootid.txt on the ISO.
- [Note: only available since release 2010.04]
-grml ignore_bootid Disable bootid verification.
- [Note: only available since release 2010.04]
+grml toram Copy the whole CD/medium to RAM and run from there
+grml toram=filename.squashfs Copy the specified file to RAM and run from there
+ Usage example: grml toram=grml-medium.squashfs
+ Notice: grml2ram is an alias for this option which
+ corresponds with the grml flavour settings by default
+grml bootfrom=/dev/sda1 Use the squashfs file from directory 'live' of the specified device
+ Setup can be done by executing:
+ rsync -a --progress /run/live/medium/live /media/sda1/
+ NOTE: you can can also use bootfrom=/dev/disk/by-label/yourlabel
+ (adjust yourlabel as needed), which should prevent choosing the
+ wrong block device (e.g. if more than one disk is present).
+grml bootfrom=removable Restrict search for the live media to removable type only.
+grml bootfrom=removable-usb Restrict search for the live media to usb mass storage only.
+grml isofrom=[fs:][/device]/grml.iso Use specified ISO image for booting.
+ Useful when booting as a rescue system from a different device.
+ If you want to load the image from a device different from the root device
+ specified through the bootloader, prefix its device path to the path, like
+ in "/dev/sda1/grml.iso".
+ Internally, the initrd will mount the given device, automatically detecting
+ the file system.
+ If needed, prefix the file system separated with a colon character to
+ override the automatic detection, like in "reiserfs:/dev/sda1/grml.iso".
+ As an example, boot the according grml kernel and initrd using the
+ bootoptions "boot=live isofrom=btrfs:/dev/vda40/path/to/grml.iso"
+ NOTE: "fromiso" does the same as "isofrom", it's just there
+ to prevent any typing errors
+ NOTE: you can can also use isofrom=/dev/disk/by-label/yourlabel
+ (adjust yourlabel as needed), which should prevent choosing the
+ wrong block device (e.g. if more than one disk is present).
+grml findiso=/grml_2010.12.iso Look for the specified ISO file on all disks where it usually
+ looks for the .squashfs file (so you don't have to know the device name
+ as in isofrom=....).
+grml fetch=$IP/filename.squashfs Download a squashfs image from a given url, copying to ram and booting it.
+ [Note: releases before 2011.05 didn't support DNS but IP only.]
+grml live-media-path=/live/grml... Sets the path to the live filesystem on the medium
+ By default, it is set to /live/$GRML_FLAVOUR/ (where $GRML_FLAVOUR
+ is corresponding to grml64-full, grml32-full, grml64-small,...
+ [Note: this option is mandatory since release 2011.12]
+grml module=grml Instead of using the default "$name.module" another file can
+ be specified without the extension ".module"; it should be placed
+ on "/live" directory of the live medium
+ Useful for Multiboot USB pen, see
+ http://wiki.grml.org/doku.php?id=tips#multiboot_usb_pen
+grml bootid=mybootid Use specified argument as identifier for the ISO.
+ mybootid is specified in /conf/bootid.txt on the ISO.
+ [Note: only available since release 2010.04]
+grml ignore_bootid Disable bootid verification.
+ [Note: only available since release 2010.04]
Debugging related settings:
---------------------------
-grml debug Get shells during process of booting, using GNU screen, be verbose
-grml debug=1 Get shells during process of booting, using GNU screen, be verbose and
- display shell code being executed in initramfs.
-grml debug=noscreen Get shells during process of booting, verbose, but without using GNU screen
-grml nocolor Disable colorized output while booting
- Also set SYSTEMD_COLORS=0 to disable colors in systemd output
-grml log Log error messages while booting to /tmp/grml.log.`date +%Y%m%d`"
- and /var/log/boot
-grml testcd Check CD data integrity and md5sums
+grml debug Get shells during process of booting, using GNU screen, be verbose
+grml debug=1 Get shells during process of booting, using GNU screen, be verbose and
+ display shell code being executed in initramfs.
+grml debug=noscreen Get shells during process of booting, verbose, but without using GNU screen
+grml nocolor Disable colorized output while booting
+ Also set SYSTEMD_COLORS=0 to disable colors in systemd output
+grml log Log error messages while booting to /tmp/grml.log.`date +%Y%m%d`"
+ and /var/log/boot
+grml testcd Check CD data integrity and md5sums
Security / login related settings:
----------------------------------
-grml ssh=password Set password for root & grml user and start ssh-server
-grml passwd=... Set password for root & grml user
-grml encpasswd=.... Set specified hash as password for root & grml user, use e.g.
- 'mkpasswd -H md5' to generate such a hash (available in Grml >=2013.09)
+grml ssh=password Set password for root & grml user and start ssh-server
+grml passwd=... Set password for root & grml user
+grml encpasswd=.... Set specified hash as password for root & grml user, use e.g.
+ 'mkpasswd -H md5' to generate such a hash (available in Grml >=2013.09)
Service related settings:
-------------------------
-grml startup=script Start $script instead of grml-quickconfig on startup
-grml nosyslog Do not start syslog daemon
-grml nogpm Disable GPM daemon
-grml noconsolefont Disable setting of console font (using consolechars)
-grml noblank Disable console blanking
-grml noquick Disable grml-quickconfig startup script
-grml wondershaper=eth0,1000,500 Set up basic traffic shaping
-grml services={postfix,mysql,...} Start service(s) which have an init-script (/etc/init.d/)
-grml welcome Welcome message via soundoutput
-grml noeject Do NOT eject CD after halt/reboot
-grml noprompt Do NOT prompt to remove the CD when halting/rebooting the system
-grml distcc=$NETWORK,$INTERFACE Activate distcc-daemon to listen on specified network
- and interface, usage example:
- distcc=192.168.0.1/24,eth0
-grml gcc=3.4 gpp=3.4 Link /usr/bin/gcc, /usr/bin/cpp and /usr/bin/c++ to specified version
-grml startx{=windowmanager} Start X window system automatically
- Default window manager (if not provided): wm-ng (wrapper around fluxbox)
-grml nostartx If using startx as default bootoption the nostartx *disables* automatic
- startup of X again. (This bootoption is relevant for grml based derivatives
- which decide to enable startx by default only, plain grml does not use
- automatic startup of X by default.)
-grml vnc=password Start VNC server with startup of X.org and sets the password to the specified
- one. To automatically start the VNC server use the startx bootoption.
- [Note: Grml 2011.12+ doesn't include a VNC server.]
-grml vnc_connect=host[:port] Connect to a listening VNC client ("vncviewer -listen" reverse connection).
- Can be used to connect from devices behind firewalls as connection is
- initiated from the VNC server instead of the VNC client. Has to be
- combined with the vnc bootoption.
- [Note: Grml 2011.12+ doesn't include a VNC client.]
+grml startup=script Start $script instead of grml-quickconfig on startup
+grml nosyslog Do not start syslog daemon
+grml nogpm Disable GPM daemon
+grml noconsolefont Disable setting of console font (using consolechars)
+grml noblank Disable console blanking
+grml noquick Disable grml-quickconfig startup script
+grml wondershaper=eth0,1000,500 Set up basic traffic shaping
+grml services={postfix,mysql,...} Start service(s) which have an init-script (/etc/init.d/)
+grml welcome Welcome message via soundoutput
+grml noeject Do NOT eject CD after halt/reboot
+grml noprompt Do NOT prompt to remove the CD when halting/rebooting the system
+grml startx{=windowmanager} Start X window system automatically
+ Default window manager (if not provided): wm-ng (wrapper around fluxbox)
+grml nostartx If using startx as default bootoption the nostartx *disables* automatic
+ startup of X again. (This bootoption is relevant for grml based derivatives
+ which decide to enable startx by default only, plain grml does not use
+ automatic startup of X by default.)
+grml vnc=password Start VNC server with startup of X.org and sets the password to the specified
+ one. To automatically start the VNC server use the startx bootoption.
+ [Note: Grml 2011.12+ doesn't include a VNC server.]
+grml vnc_connect=host[:port] Connect to a listening VNC client ("vncviewer -listen" reverse connection).
+ Can be used to connect from devices behind firewalls as connection is
+ initiated from the VNC server instead of the VNC client. Has to be
+ combined with the vnc bootoption.
+ [Note: Grml 2011.12+ doesn't include a VNC client.]
+grml getfile.retries=$NUM Retry the download of the files specified in the netconfig=... +
+ netscript=... options up to $NUM times
+
Accessibility related settings:
-------------------------------
-grml brltty=type,port,table Parameters for Braille device (e.g.: brltty=al,/dev/ttyS0,text.de.tbl)
- See http://mielke.cc/brltty/guidelines.html for documentation.
+grml brltty=type,port,table Parameters for Braille device (e.g.: brltty=al,/dev/ttyS0,text.de.tbl)
+ See http://mielke.cc/brltty/guidelines.html for documentation.
Hardware related settings:
--------------------------
-grml swap Activate present/detected swap partitions
-grml noswraid Disable scanning for software raid arrays (creates /etc/mdadm/mdadm.conf)
-grml swraid Enable automatic assembling of software raid arrays
-grml nodmraid Do not enable present dmraid devices.
-grml dmraid=on Automatically enable any present dmraid devices.
-grml dmraid=off Actively try to stop any present dmraid devices.
-grml nolvm Disable scanning for Logical Volumes (LVM)
-grml lvm Automatically activate Logival Volumes (LVM) during boot
-grml read-only Make sure all harddisk devices (/dev/hd* /dev/sd*) are forced to read-only mode
-grml ethdevice=... Use specified network device for network boot instead of default (eth0)
-grml ethdevice-timeout=... Use specified network configuration timeout instead of default (15sec)
-grml xmodule=ati|fbdev|i810|mga Use specified X.org-Module (1)
-grml xmodule=nv|radeon|savage|s3 Use specified X.org-Module (2)
-grml xmodule=radeon|svga|i810 Use specified X.org-Module (3)
-grml no{acpi,agp,cpu,dhcp} Skip parts of HW-detection (1)
-grml no{dma,fstab,modem} Skip parts of HW-detection (2)
-grml no{pcmcia,scsi,swap,usb} Skip parts of HW-detection (3)
-grml blacklist=modulename[,module2] Completely disable loading of specified module(s) via
- blacklisting through udev's /etc/modprobe.d/grml
-grml fwtimeout=50 Set firmware timeout via /sys/class/firmware/timeout to specified value
-grml nosound Mute sound devices (notice: this does not deactivate loading of sound drivers!)
-grml vol=number Set mixer volumes to level $number
-grml micvol=number Set mixer volume of microphone to level $number (default: 0)
-grml pnpbios=off No PnP Bios initialization
-grml acpi=off Disable ACPI Bios completely
-grml nofirewire Disable initialization of firewire devices in booting sequence
-grml pci=irqmask=0x0e98 Try this, if PS/2 mouse doesn't work *)
-grml pci=bios Workaround for bad PCI controllers
-grml ide2=0x180 nopcmcia Boot from PCMCIA-CD-ROM (some notebooks)
-grml mem=128M Specify Memory size in MByte
-grml libata.force=[ID:]VAL Force configurations for libata.
- Usage example: grml libata.force=1:pio4
- to force pio4 mode on device "ata1:00:"
-grml libata.dma=0 Disable DMA on PATA and SATA devices
-grml libata.ignore_hpa=1 Disable host protected area (which should enable the whole disk)
-grml vga=normal No-framebuffer mode (does not influence X)
-grml vga=ask Display menu for framebuffer mode
-grml radeon.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Radeon driver.
-grml i915.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Intel driver.
-grml nouveau.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Nouveau driver.
-grml cirrus.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Cirrus driver.
-grml mgag200.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for MGAG200 driver.
+grml swap Activate present/detected swap partitions
+grml noswraid Disable scanning for software raid arrays (creates /etc/mdadm/mdadm.conf)
+grml swraid Enable automatic assembling of software raid arrays
+grml nodmraid Do not enable present dmraid devices (deprecated as of releases in 2024)
+grml dmraid=on Automatically enable any present dmraid devices (deprecated as of releases in 2024)
+grml dmraid=off Actively try to stop any present dmraid devices (deprecated as of releases in 2024)
+grml nolvm Disable scanning for Logical Volumes (LVM)
+grml lvm Automatically activate Logival Volumes (LVM) during boot
+grml read-only Make sure all harddisk devices (/dev/hd* /dev/sd*) are forced to read-only mode
+grml ethdevice=... Use specified network device for network boot instead of default (eth0)
+grml ethdevice-timeout=... Use specified network configuration timeout instead of default (15sec)
+grml xmodule=ati|fbdev|i810|mga Use specified X.org-Module (1)
+grml xmodule=nv|radeon|savage|s3 Use specified X.org-Module (2)
+grml xmodule=radeon|svga|i810 Use specified X.org-Module (3)
+grml no{acpi,cpu,dhcp,fstab,swap} Skip parts of HW-detection
+grml blacklist=modulename[,module2] Completely disable loading of specified module(s) via
+ blacklisting through udev's /etc/modprobe.d/grml
+grml nosound Mute sound devices (notice: this does not deactivate loading of sound drivers!)
+grml vol=number Set mixer volumes to level $number
+grml micvol=number Set mixer volume of microphone to level $number (default: 0)
+grml acpi=off Disable ACPI Bios completely
+grml pci=irqmask=0x0e98 Try this, if PS/2 mouse doesn't work *)
+grml pci=bios Workaround for bad PCI controllers
+grml libata.force=[ID:]VAL Force configurations for libata.
+ Usage example: grml libata.force=1:pio4
+ to force pio4 mode on device "ata1:00:"
+grml libata.dma=0 Disable DMA on PATA and SATA devices
+grml libata.ignore_hpa=1 Disable host protected area (which should enable the whole disk)
+grml vga=normal No-framebuffer mode (does not influence X)
+grml vga=ask Display menu for framebuffer mode
+grml radeon.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Radeon driver.
+grml i915.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Intel driver.
+grml nouveau.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Nouveau driver.
+grml cirrus.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for Cirrus driver.
+grml mgag200.modeset=0 nomodeset Disable Kernel Mode Setting (KMS) for MGAG200 driver.
Installation related settings:
------------------------------
Install plain Debian via debian2hd bootoption (which runs grml-debootstrap in non-interactive mode):
-debian2hd <options> ... whereas valid options for debian2hd are:
+debian2hd <options> ... whereas valid options for debian2hd are:
target= target partition/directory of the new Debian system, e.g.: target=/dev/sda1
grub= where to install grub to, e.g.: grub=/dev/sda
grml noagp noapic acpi=off nodma
to skip some critical parts of the autodetection system.
-*) Some boards (especially those with E-ISA slots) apparently don't pass
-the proper memory size to the linux-kernel. It may cause the message
-"Panic: cannot mount root file system" and the system hangs. Use "grml
-mem=128M" to solve that problem if your system has 128MByte memory for
-example (caution: you MUST use a capital "M" here).
-
*) The "myconfig=/dev/partition" option allows you to reconfigure the
system after autoconfiguration by running a bourne shell script called
"grml.sh" and/or extracting configuration files from a file named
menuentry "%GRML_NAME% - release %VERSION% (default)" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" ${kernelopts} nomce net.ifnames=0
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
submenu "%GRML_NAME% - advanced options ->" --class=submenu {
-menuentry "%GRML_NAME% - enable persistency mode" {
+menuentry "Enable Predictable Network Interface Names" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" persistence
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce "${loopback}" ${kernelopts}
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - copy Grml to RAM" {
+menuentry "Enable SSH (with random password)" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" toram=%GRML_NAME%.squashfs
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} ssh
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - copy whole medium to RAM" {
+menuentry "Load Grml to RAM" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" toram
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} toram=%GRML_NAME%.squashfs
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - start X by default" {
+menuentry "Load whole medium to RAM" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" startx
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} toram
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - disable framebuffer" {
- set gfxpayload=text
+menuentry "Forensic Mode" {
+ set gfxpayload=keep
+ echo 'Loading kernel...'
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} read-only nofstab noraid nolvm noautoconfig noswap raid=noautodetect
+ echo 'Loading initrd...'
+ initrd /boot/%SHORT_NAME%/initrd.img
+}
+
+menuentry "Persistency Mode" {
+ set gfxpayload=keep
+ echo 'Loading kernel...'
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} persistence
+ echo 'Loading initrd...'
+ initrd /boot/%SHORT_NAME%/initrd.img
+}
+
+menuentry "Load German Keyboard Layout" {
+ set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" video=ofonly radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} lang=de
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - disable Kernel Mode-Setting" {
+menuentry "Graphical Mode" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} startx
+ echo 'Loading initrd...'
+ initrd /boot/%SHORT_NAME%/initrd.img
+}
+
+menuentry "Disable Framebuffer" {
+ set gfxpayload=text
+ echo 'Loading kernel...'
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} video=ofonly radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - forensic mode" {
+menuentry "Disable Video Kernel Mode Setting" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" read-only nofstab noraid nodmraid nolvm noautoconfig noswap raid=noautodetect
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - debug mode" {
+menuentry "Debug Mode" {
set gfxpayload=keep
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" initcall verbose debug=vc systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} initcall verbose debug=vc systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
-menuentry "%GRML_NAME% - serial mode" {
+menuentry "Serial Console" {
set gfxpayload=text
echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" "${kernelopts}" video=vesafb:off console=tty1 console=ttyS0,9600n8
+ linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 "${loopback}" ${kernelopts} video=vesafb:off console=tty1 console=ttyS0,115200n8
echo 'Loading initrd...'
initrd /boot/%SHORT_NAME%/initrd.img
}
submenu "Addons ->" --class=submenu {
-menuentry "Memory test (memtest86+)" {
- insmod linux16
- linux16 /boot/addons/memtest
-}
-menuentry "iPXE - boot via network/PXE" {
- insmod linux16
- linux16 /boot/addons/ipxe.lkrn
-}
+# EFI:
+if [ "${grub_platform}" == "efi" ] ; then
+ # arm64 doesn't provide the cpuid command, and we also
+ # don't have any memtest* efi files available, so only
+ # run on architectures other than arm64 (amd64 + i386)
+ if [ "${grub_cpu}" != "arm64" ] ; then
+ # try to detect amd64 by checking whether CPU supports 64-bit (long) mode
+ if cpuid -l ; then
+ if test -e /boot/addons/memtest86+x64.efi ; then
+ menuentry "Memory test (memtest86+x64.efi)" {
+ chainloader /boot/addons/memtest86+x64.efi
+ }
+ fi
+ else # assume i386
+ if test -e /boot/addons/memtest86+ia32.efi ; then
+ menuentry "Memory test (memtest86+ia32.efi)" {
+ chainloader /boot/addons/memtest86+ia32.efi
+ }
+ fi
+ fi
+ fi
+fi
-menuentry "Netboot.xyz" {
- insmod linux16
- linux16 /boot/addons/netboot.xyz.lkrn
-}
+# BIOS/non-EFI:
+if [ "${grub_platform}" != "efi" ] ; then
+ # try to detect amd64 by checking whether CPU supports 64-bit (long) mode
+ if cpuid -l ; then
+ if test -e /boot/addons/memtest86+x64.bin ; then
+ menuentry "Memory test (memtest86+x64.bin)" {
+ insmod linux16
+ linux16 /boot/addons/memtest86+x64.bin
+ }
+ elif test -e /boot/addons/memtest ; then # fallback to old memtest
+ menuentry "Memory test (memtest86+)" {
+ insmod linux16
+ linux16 /boot/addons/memtest
+ }
+ fi
+ else # assume i386
+ if test -e /boot/addons/memtest86+ia32.bin ; then
+ menuentry "Memory test (memtest86+ia32.bin)" {
+ insmod linux16
+ linux16 /boot/addons/memtest86+ia32.bin
+ }
+ elif test -e /boot/addons/memtest ; then # fallback to old memtest
+ menuentry "Memory test (memtest86+)" {
+ insmod linux16
+ linux16 /boot/addons/memtest
+ }
+ fi
+ fi
+fi
-menuentry "GRUB - all in one image" {
- insmod linux16
- linux16 /boot/addons/memdisk
- initrd16 /boot/addons/allinone.img
+menuentry "iPXE - boot via network/PXE" {
+ if [ "${grub_platform}" == "efi" ] ; then
+ chainloader /boot/addons/ipxe.efi
+ else
+ insmod linux16
+ linux16 /boot/addons/ipxe.lkrn
+ fi
}
-menuentry "FreeDOS" {
- insmod linux16
- linux16 /boot/addons/memdisk
- loopback balder /boot/addons/balder10.imz
- initrd16 (balder)+2880
+menuentry "Netboot.xyz" {
+ if [ "${grub_platform}" == "efi" ] ; then
+ chainloader /boot/addons/netboot.xyz.efi
+ else
+ insmod linux16
+ linux16 /boot/addons/netboot.xyz.lkrn
+ fi
}
-if [ ${iso_path} ] ; then
- # assume loopback.cfg boot
- menuentry "MirOS bsd4grml (via loopback)" {
- multiboot /boot/addons/bsd4grml/ldbsd.com
- module /boot/addons/bsd4grml/bsd.rd bsd
- module /boot/addons/bsd4grml/loopback.0 boot.cfg
- module /boot/addons/bsd4grml/loopback.1 boot.1
- module /boot/addons/bsd4grml/loopback.2 boot.2
- module /boot/addons/bsd4grml/loopback.3 boot.3
- module /boot/addons/bsd4grml/loopback.4 boot.4
- module /boot/addons/bsd4grml/loopback.5 boot.5
- module /boot/addons/bsd4grml/loopback.6 boot.6
+if [ "${grub_platform}" != "efi" ] ; then
+ menuentry "Netboot.xyz" {
+ insmod linux16
+ linux16 /boot/addons/netboot.xyz.lkrn
}
-else
- # assume grub.cfg boot
- menuentry "MirOS bsd4grml (regular method)" {
- multiboot /boot/addons/bsd4grml/ldbsd.com
+
+ menuentry "GRUB - all in one image" {
+ insmod linux16
+ linux16 /boot/addons/memdisk
+ initrd16 /boot/addons/allinone.img
}
- menuentry "MirOS bsd4grml (fallback method)" {
- multiboot /boot/addons/bsd4grml/ldbsd.com
- module /boot/addons/bsd4grml/bsd.rd bsd.rd
- module /boot/addons/bsd4grml/boot.1 boot.1
- module /boot/addons/bsd4grml/boot.2 boot.2
- module /boot/addons/bsd4grml/boot.3 boot.3
- module /boot/addons/bsd4grml/boot.4 boot.4
- module /boot/addons/bsd4grml/boot.5 boot.5
- module /boot/addons/bsd4grml/boot.6 boot.6
- module /boot/addons/bsd4grml/boot.cfg boot.cfg
- module /boot/grub/grub.img grub.img
+ menuentry "FreeDOS" {
+ insmod linux16
+ linux16 /boot/addons/memdisk
+ initrd16 /boot/addons/balder10.imz
}
-fi
+ if [ ${iso_path} ] ; then
+ # assume loopback.cfg boot
+ menuentry "MirOS bsd4grml (via loopback)" {
+ multiboot /boot/addons/bsd4grml/ldbsd.com
+ module /boot/addons/bsd4grml/bsd.rd bsd
+ module /boot/addons/bsd4grml/loopback.0 boot.cfg
+ module /boot/addons/bsd4grml/loopback.1 boot.1
+ module /boot/addons/bsd4grml/loopback.2 boot.2
+ module /boot/addons/bsd4grml/loopback.3 boot.3
+ module /boot/addons/bsd4grml/loopback.4 boot.4
+ module /boot/addons/bsd4grml/loopback.5 boot.5
+ module /boot/addons/bsd4grml/loopback.6 boot.6
+ }
+ else
+ # assume grub.cfg boot
+ menuentry "MirOS bsd4grml (regular method)" {
+ multiboot /boot/addons/bsd4grml/ldbsd.com
+ }
+
+ menuentry "MirOS bsd4grml (fallback method)" {
+ multiboot /boot/addons/bsd4grml/ldbsd.com
+ module /boot/addons/bsd4grml/bsd.rd bsd.rd
+ module /boot/addons/bsd4grml/boot.1 boot.1
+ module /boot/addons/bsd4grml/boot.2 boot.2
+ module /boot/addons/bsd4grml/boot.3 boot.3
+ module /boot/addons/bsd4grml/boot.4 boot.4
+ module /boot/addons/bsd4grml/boot.5 boot.5
+ module /boot/addons/bsd4grml/boot.6 boot.6
+ module /boot/addons/bsd4grml/boot.cfg boot.cfg
+ module /boot/grub/grub.img grub.img
+ }
+ fi # iso_path
+fi # efi mode
+}
+
+if [ "${grub_platform}" == "efi" ] ; then
+menuentry "UEFI Firmware Settings" {
+ fwsetup
}
+fi # efi mode
-menuentry "Boot OS of first partition on first disk" {
- set root=(hd0,1)
- chainloader +1
+menuentry "Boot from next device" {
+ exit
}
--- /dev/null
+# This is the theme to be used in Secure Boot mode
+
+title-text: ""
+title-color: "#FFFFFF"
+desktop-image: "black.png"
+message-color: "#FFFFFF"
+
++ image {
+ file = "grml-logo.png"
+ left = 45%
+ top = 2%
+}
++ boot_menu {
+ left = 15%
+ width = 70%
+ top = 16%
+ height = 36%
+ item_color = "#FFFFFF"
+ selected_item_color = "orange"
+ item_spacing = 4
+ item_height = 12
+ border_color = "#FFFFFF"
+}
+
+
+# Show an informational message.
++ vbox {
+ top = 55%
+ left = 20%
+ + label {text = "Running in Secure Boot mode" color = "white" align = "left"}
+ + label {text = ""}
+ + label {text = "Press ENTER to boot or E to edit menu entry " color = "white"}
+ + label {text = "Press C to enter the Grub commandline" color = "white"}
+}
+
++ progress_bar {
+ id = "__timeout__"
+ top = 75%
+ left = 20%
+ text_color = "#FFFFFF"
+ fg_color = "orange"
+ bg_color = #66B
+ border_color = #006
+ text = "@TIMEOUT_NOTIFICATION_LONG@"
+}
+# This is the default GRUB theme of Grml
+
title-text: ""
title-color: "#FFFFFF"
desktop-image: "black.png"
-message-color: "#FFFFFF"
+message-color: "#FFFFFF"
+ image {
file = "grml-logo.png"
top = 2%
}
+ boot_menu {
- left = 15%
- width = 70%
- top = 16%
- height = 36%
- item_color = "#FFFFFF"
- selected_item_color = "orange"
- item_spacing = 4
- item_height = 12
- border_color = "#FFFFFF"
-
+ left = 15%
+ width = 70%
+ top = 16%
+ height = 36%
+ item_color = "#FFFFFF"
+ selected_item_color = "orange"
+ item_spacing = 4
+ item_height = 12
+ border_color = "#FFFFFF"
}
# Show an informational message.
+ vbox {
- top = 55%
- left = 20%
- + label {text = "Press ENTER to boot or E to edit menu entry " color = "white" align = "left"}
- + label {text = "Press C to enter the Grub commandline" color = "white"}
+ top = 55%
+ left = 20%
+ + label {text = "Press ENTER to boot or E to edit menu entry " color = "white" align = "left"}
+ + label {text = "Press C to enter the Grub commandline" color = "white"}
}
-+ progress_bar
-{
++ progress_bar {
id = "__timeout__"
top = 75%
left = 20%
bg_color = #66B
border_color = #006
text = "@TIMEOUT_NOTIFICATION_LONG@"
-
}
+++ /dev/null
-# this is a simple test to identify whether it looks like the Secure Boot enabled/signed
-# GRUB is running or if it's a full featured GRUB version, the former doesn't
-# fail with invalid usage, while the later will fail with "error: device name required."
-if probe ; then
- echo "It looks like Secure Boot is enabled."
- set grml_secureboot=true
- export grml_secureboot
-else
- echo "It looks like Secure Boot is NOT enabled."
- set grml_secureboot=false
- export grml_secureboot
-fi
terminal_output gfxterm
fi
-if [ -f /boot/grub/grml-theme/theme.txt ] ; then
+if [ "${grml_secureboot}" = "true" ] ; then
+ if [ -f /boot/grub/grml-theme/sb-theme.txt ] ; then
+ set theme=/boot/grub/grml-theme/sb-theme.txt
+ export theme
+ else
+ set menu_color_normal=white/black
+ set menu_color_highlight=black/orange
+ export menu_color_normal
+ export menu_color_highlight
+ fi
+elif [ -f /boot/grub/grml-theme/theme.txt ] ; then
set theme=/boot/grub/grml-theme/theme.txt
export theme
else
--- /dev/null
+# GRUB PXE configuration file
+
+# adjust according to your needs
+#set timeout=300
+
+insmod png
+set gfxmode=auto
+insmod gfxterm
+terminal_output gfxterm
+
+loadfont unicode
+
+set menu_color_normal=white/black
+set menu_color_highlight=black/yellow
+
+menuentry "%GRML_NAME% Standard (%VERSION%, %ARCH%)" {
+ set gfxpayload=keep
+ echo 'Loading kernel...'
+ linux vmlinuz root=/dev/nfs rw nfsroot=192.168.0.1:/live/image boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 noprompt noeject
+ echo 'Loading initrd...'
+ initrd initrd.img
+}
+
+if [ "${grub_platform}" == "efi" ] ; then
+menuentry "UEFI Firmware Settings" {
+ fwsetup
+}
+fi # efi mode
+
+menuentry "Boot from next device" {
+ exit
+}
profit from your experience!
Contact us:
- Web: http://grml.org/contact/
- IRC: #grml on irc.freenode.org
+ Web: https://grml.org/contact/
+ IRC: #grml on irc.oftc.net
Mail: contact (at) grml.org
- Bugs: http://grml.org/bugs/
+ Bugs: https://grml.org/bugs/
See the FAQ for more information:
- \ f0fhttp://grml.org/faq/\ f70
+ \ f0fhttps://grml.org/faq/\ f70
Thank you for helping us to improve Grml!
\ f1f
# generic ones
-label debug
- menu label %GRML_NAME% - ^Debug Mode
+label pnet
+ menu label Enable Predictable ^Network Interface Names
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 verbose debug=vc initcall nomce net.ifnames=0 systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce
text help
- Boot Grml in debug mode, which
- activates debug shells during
- bootup sequence.
+ Boot Grml with Predictable Network
+ Interface Names.
endtext
-label nofb
- menu label %GRML_NAME% - Dis^able Framebuffer
+label ssh
+ menu label Enable ^SSH (with random password)
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=normal radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset nomce net.ifnames=0
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 ssh
text help
- Boot Grml without framebuffer.
+ Boot Grml and automatically start
+ SSH Server. The password for user
+ 'grml' and 'root' will be set to
+ a random password, unless you add
+ an option to the ssh argument in
+ the command line (for example:
+ ssh=secret).
endtext
-label nokms
- menu label %GRML_NAME% - Disable ^Kernel Mode-Setting
+label grml2ram
+ menu label Load Grml to ^RAM
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset nomce net.ifnames=0 vga=791
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 toram=%SQUASHFS_NAME%
text help
- Boot Grml without KMS (Kernel
- Mode Setting).
+ Load Grml into RAM.
+ This allows you to remove the Grml
+ media after Grml finished booting.
+
+ Note: you should have enough RAM
+ (>= size of ISO * 1.2) to be able
+ to use this option.
endtext
-label ssh
- menu label %GRML_NAME% - Enable ^SSH (with random password)
+label grmlmedium2ram
+ menu label Load ^whole medium to RAM
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 ssh
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 toram
text help
- Boot Grml and automatically start
- SSH Server. The password for user
- 'grml' and 'root' will be set to
- a random password, unless you add
- an option to the ssh argument in
- the command line (for example:
- ssh=secret).
+ Load whole medium into RAM.
+ This allows you to remove the Grml
+ media after Grml has finished booting,
+ and also to access the rest of the
+ media.
+
+ Note: you should have enough RAM
+ (>= size of ISO * 1.2) to be able
+ to use this option.
endtext
label forensic
- menu label %GRML_NAME% - F^orensic Mode
+ menu label F^orensic Mode
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 vga=791 nofstab noraid nodmraid nolvm noautoconfig noswap raid=noautodetect read-only
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 vga=791 nofstab noraid nolvm noautoconfig noswap raid=noautodetect read-only
text help
Boot Grml in forensic mode. This
mode.
endtext
+label persistence
+ menu label ^Persistency mode
+ kernel /boot/%SHORT_NAME%/vmlinuz
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 persistence
+
+ text help
+ Boot Grml and enable persistency
+ feature to store system and
+ settings on an external device
+ with label persistence.
+ endtext
+
label lang-de
- menu label %GRML_NAME% - ^German Settings
+ menu label Load ^German Keyboard Layout
kernel /boot/%SHORT_NAME%/vmlinuz
append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 lang=de
text help
- Boot Grml with german settings.
+ Boot Grml with German keyboard layout.
endtext
label %GRML_NAME%x
- menu label %GRML_NAME% - Graphical ^Mode
+ menu label Graphical ^Mode
kernel /boot/%SHORT_NAME%/vmlinuz
append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 startx
grml-x to start X Window System.
endtext
-label grml2ram
- menu label %GRML_NAME% - Load to ^RAM
+label nofb
+ menu label Dis^able Framebuffer
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 toram=%SQUASHFS_NAME%
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=normal radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset nomce net.ifnames=0
text help
- Load Grml into the memory (RAM).
- This allows you to remove the Grml
- media after Grml finished booting.
+ Boot Grml without framebuffer.
+ endtext
- Note: you should have enough RAM
- (>= size of ISO * 1.2) to be able
- to use this option.
+label nokms
+ menu label Disable Video ^Kernel Mode Setting
+ kernel /boot/%SHORT_NAME%/vmlinuz
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off radeon.modeset=0 i915.modeset=0 nouveau.modeset=0 cirrus.modeset=0 mgag200.modeset=0 nomodeset nomce net.ifnames=0 vga=791
+
+ text help
+ Boot Grml without Kernel Mode Setting
+ for various video drivers.
endtext
-label persistence
- menu label %GRML_NAME% - ^Persistency mode
+label debug
+ menu label ^Debug Mode
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 nomce net.ifnames=0 persistence
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=791 verbose debug=vc initcall nomce net.ifnames=0 systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
text help
- Boot Grml and enable persistency
- feature to store system and
- settings on an external device
- with label persistence.
+ Boot Grml in debug mode, which
+ activates debug shells during
+ bootup sequence.
endtext
label serial
- menu label %GRML_NAME% - Serial ^Console
+ menu label Serial ^Console
kernel /boot/%SHORT_NAME%/vmlinuz
- append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=normal video=vesafb:off nomce net.ifnames=0 console=tty1 console=ttyS0,9600n8
+ append initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off vga=normal video=vesafb:off nomce net.ifnames=0 console=tty1 console=ttyS0,115200n8
text help
label serial
menu hide
kernel /boot/%SHORT_NAME%/vmlinuz
-append apm=power-off vga=normal video=vesafb:off initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 console=tty1 console=ttyS0,9600n8
+append apm=power-off vga=normal video=vesafb:off initrd=/boot/%SHORT_NAME%/initrd.img boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% nomce net.ifnames=0 console=tty1 console=ttyS0,115200n8
label userdef
menu hide
# ontimeout chain.c32 hd0 0
# use this to control the bootup via a serial port:
-# serial 0 9600
+# serial 0 115200
# following is a placeholder just in case you want to patch your own startup
# options right into the Grml ISO. Feel free to use a hex editor like dhex to
+# Secure Boot support
+# We are supposed to end up in this file only when running with enabled Secure Boot
+
set grml_orig_prefix=$prefix
export grml_orig_prefix
set grml_orig_root=$root
search.file %BOOT_FILE% root
set prefix=($root)/boot/grub/
-source ($root)/boot/grub/grmlenv.cfg
-if [ "$grml_secureboot" = false ] ; then
- configfile /boot/grub/grub.cfg
- # if that fails we need to fallback, but how?
+# this is a simple test to identify whether GRUB is running in Secure Boot mode
+# or not; "wrmsr" is in the list of disabled_mods of GRUB and is supposed to be
+# invoked with two arguments (and if not fails with exit code 18), but when
+# running under Secure Boot it fails with: "error: Secure Boot forbits loading
+# module from [...]/boot/grub/x86_64-efi/wrmsr.mod" + returns with exit code 30
+wrmsr
+if [ $? = 30 ] ; then
+ echo "It looks like Secure Boot is enabled."
+ set grml_secureboot=true
+ export grml_secureboot
else
- if [ "$grml_orig_prefix" != "" ] ; then
- set prefix=$grml_orig_prefix
- fi
-
- # this is basically a copy of templates/boot/grub/header.cfg but to avoid
- # failures due to Secure Boot restrictions and sourcing addons.cfg via
- # /boot/grub/loopback.cfg (and then showing entries that are at the wrong
- # position as well as don't work at all) we have to specify the appropriate
- # config here
- set timeout=20
- if loadfont /boot/grub/ascii.pf2 ; then
- set gfxmode=auto
- insmod efi_gop
- insmod efi_uga
- insmod gfxterm
- insmod png
- terminal_output gfxterm
- fi
-
- if [ -f /boot/grub/%GRML_NAME%-theme/theme.txt ] ; then
- set theme=/boot/grub/%GRML_NAME%-theme/theme.txt
- export theme
- elif [ -f /boot/grub/grml-theme/theme.txt ] ; then
- set theme=/boot/grub/grml-theme/theme.txt
- export theme
- else
- set menu_color_normal=white/black
- set menu_color_highlight=black/light-gray
- set color_normal=white/black
- fi
-
- menuentry "Boot %GRML_NAME% in normal mode (release %VERSION%, Secure Boot enabled)" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
-
- menuentry "Boot %GRML_NAME% - enable persistency" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 persistence
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
-
- menuentry "Boot %GRML_NAME% - copy %GRML_NAME% to RAM" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 toram=%GRML_NAME%.squashfs
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
+ echo "It looks like Secure Boot is NOT enabled."
+ set grml_secureboot=false
+ export grml_secureboot
+fi
- menuentry "Boot %GRML_NAME% - copy whole medium to RAM" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 toram
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
+if [ -e /boot/grub/grub.cfg ] ; then
+ configfile /boot/grub/grub.cfg
+else
+ echo "ERROR: It looks like SecureBoot is enabled but reading GRUB configuration failed.
- menuentry "Boot %GRML_NAME% - disable framebuffer/kernel mode setting" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 video=vesafb:off cirrus.modeset=0 i915.modeset=0 mgag200.modeset=0 nomodeset nouveau.modeset=0 radeon.modeset=0
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
+Please execute the following commands and provide the output to the Grml team:
- menuentry "Boot %GRML_NAME% - enable forensic mode" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 read-only nofstab noraid nodmraid nolvm noautoconfig noswap raid=noautodetect
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
+echo \$prefix
+echo \$root
+echo \$grml_orig_prefix
+echo \$grml_orig_root
+search.file /boot/grub/grub.cfg
- menuentry "Boot %GRML_NAME% - enable serial console" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 video=vesafb:off console=tty1 console=ttyS0,9600n8
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
+Hint: Create a screenshot or a picture with your digital camera or mobile phone."
- menuentry "Boot %GRML_NAME% - debug mode" {
- set gfxpayload=keep
- echo 'Loading kernel...'
- linux /boot/%SHORT_NAME%/vmlinuz apm=power-off boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% "${loopback}" "${kernelopts}" nomce net.ifnames=0 initcall verbose debug=vc systemd.log_level=debug systemd.log_target=kmsg log_buf_len=1M
- echo 'Loading initrd...'
- initrd /boot/%SHORT_NAME%/initrd.img
- }
fi