From: Michael Prokop Date: Fri, 17 Jul 2020 22:19:12 +0000 (+0200) Subject: Provide setup files for EFI boot in netboot package X-Git-Tag: v0.37.0~3 X-Git-Url: http://git.grml.org/?p=grml-live.git;a=commitdiff_plain;h=871fc96fc9b63665884b1e1429826d89a210200a Provide setup files for EFI boot in netboot package The shim + grubnetx64 files need to be available via tftp, using for example a dhcpd configuration which includes: | # UEFI boot with DHCPv4 | option architecture-type code 93 = unsigned integer 16; | | subnet 10.42.42.0 netmask 255.255.255.0 { | next-server 10.42.42.2; | range 10.42.42.100 10.42.42.200; | | class "pxeclients" { | match if substring (option vendor-class-identifier, 0 ,9) = "PXEClient"; | if option architecture-type = 00:07 { | filename "shim.efi"; | } else { | filename "pxelinux.0"; | } | } | } ... or a dnsmasq configuration which includes: | domain-needed | bogus-priv | expand-hosts | domain=foobar.example.org | dhcp-range=10.42.42.100,10.42.42.200,6h | dhcp-option=1,255.255.255.0 # subnet mask | dhcp-option=3,10.42.42.1 # default gateway | dhcp-option=6,10.42.42.2 # domain name server | dhcp-option=28,10.42.42.255 # broadcast address | dhcp-option=42,10.42.1.3 # timeserver preference | dhcp-option=252,"\n" # proxy config | dhcp-match=BIOS,option:client-arch,0 | dhcp-boot=tag:BIOS,pxelinux.0 | dhcp-match=UEFI,option:client-arch,7 | dhcp-match=UEFI,option:client-arch,9 | dhcp-boot=tag:UEFI,shim.efi | dhcp-leasefile=/var/lib/misc/dnsmasq.leases | dhcp-authoritative or quoting from https://wiki.ubuntu.com/UEFI/SecureBoot/PXE-IPv6: | dhcp-boot=pxelinux.0 | dhcp-match=set:efi-x86_64,option:client-arch,7 | dhcp-boot=tag:efi-x86_64,bootx64.efi Then EFI boot via PXE with GRUB is supposed to work fine, while pxelinux provides PXE boot for BIOS based systems. This is related to the EFI boot support within grml-terminalserver, see commit 3154dc (`Support UEFI PXE boot with DHCPv4`). This work was funded by Grml-Forensic. --- diff --git a/grml-live b/grml-live index a93e038..e0d55f4 100755 --- a/grml-live +++ b/grml-live @@ -1666,6 +1666,53 @@ create_netbootpackage() { eoutdent fi + # don't include shim + grubnetx64 + grub files in i386 netboot packages, + # as those don't make much sense there + if [ "$ARCH" = amd64 ] ; then + if ! [ -r "${BUILD_OUTPUT}/boot/grub/netboot.cfg" ] ; then + log "File ${BUILD_OUTPUT}/boot/grub/netboot.cfg not found." + ewarn "File ${BUILD_OUTPUT}/boot/grub/netboot.cfg not found." + eindent + log "Hint: Are you using custom templates which do not provide grub.cfg?" + ewarn "Hint: Are you using custom templates which do not provide grub.cfg?" ; eend 0 + eoutdent + else + cp "${BUILD_OUTPUT}/boot/grub/netboot.cfg" "${WORKING_DIR}/grub.cfg" + adjust_boot_files "${WORKING_DIR}/grub.cfg" + + if [ -r "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi.signed ] ; then + log "Installing ${CHROOT_OUTPUT}/usr/lib/shim/shimx64.efi.signed as shim.efi in netboot package" + cp "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi.signed "${WORKING_DIR}"/shim.efi + elif [ -r "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi ] ; then + log "Installing ${CHROOT_OUTPUT}/usr/lib/shim/shimx64.efi as shim.efi in netboot package" + cp "${CHROOT_OUTPUT}"/usr/lib/shim/shimx64.efi "${WORKING_DIR}"/shim.efi + else + log "No shimx64.efi for usage with PXE boot found (shim-signed not present?)" + ewarn "No shimx64.efi for usage with PXE boot found (shim-signed not present?)" ; eend 0 + fi + + if [ -r /usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed ] ; then + log "Installing /usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed as grubx64.efi in netboot package" + cp /usr/lib/grub/x86_64-efi-signed/grubnetx64.efi.signed "${WORKING_DIR}"/grubx64.efi + elif [ -r /usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi ] ; then + log "Installing /usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi as grubx64.efi in netboot package" + cp /usr/lib/grub/x86_64-efi/monolithic/grubnetx64.efi "${WORKING_DIR}"/grubx64.efi + else + log "No grubnetx64.efi for usage with PXE boot found (grub-efi-amd64-signed not present?)" + ewarn "No grubnetx64.efi for usage with PXE boot found (grub-efi-amd64-signed not present?)." ; eend 0 + fi + + if [ -r "${CHROOT_OUTPUT}"/usr/share/grub/unicode.pf2 ] ; then + log "Installing ${CHROOT_OUTPUT}/usr/share/grub/unicode.pf2 as grub/fonts/unicode.pf2 in netboot package" + mkdir -p "${WORKING_DIR}"/grub/fonts/ + cp "${CHROOT_OUTPUT}"/usr/share/grub/unicode.pf2 "${WORKING_DIR}"/grub/fonts/ + else + log "No unicode.pf2 for usage with PXE boot found (grub-common not present?)" + ewarn "No unicode.pf2 for usage with PXE boot found (grub-common not present?)" ; eend 0 + fi + fi + fi + if tar -C "$OUTPUTDIR" -jcf "${OUTPUT_FILE}" "grml_netboot_package_${GRML_NAME}_${VERSION}" ; then ( cd $(dirname "${OUTPUT_FILE}") diff --git a/templates/boot/grub/netboot.cfg b/templates/boot/grub/netboot.cfg new file mode 100644 index 0000000..66375dd --- /dev/null +++ b/templates/boot/grub/netboot.cfg @@ -0,0 +1,27 @@ +# GRUB PXE configuration file + +# adjust according to your needs +#set timeout=300 + +insmod png +set gfxmode=auto +insmod gfxterm +terminal_output gfxterm + +loadfont unicode + +set menu_color_normal=white/black +set menu_color_highlight=black/yellow + +menuentry "%GRML_NAME% Standard (%VERSION%, %ARCH%)" { + set gfxpayload=keep + echo 'Loading kernel...' + linux vmlinuz root=/dev/nfs rw nfsroot=192.168.0.1:/live/image boot=live live-media-path=/live/%GRML_NAME%/ bootid=%BOOTID% apm=power-off nomce net.ifnames=0 noprompt noeject + echo 'Loading initrd...' + initrd initrd.img +} + +menuentry "Boot OS of first partition on first disk" { + set root=(hd0,1) + chainloader +1 +}