X-Git-Url: http://git.grml.org/?p=grml2usb.git;a=blobdiff_plain;f=grml2usb;h=1c2ed5b1f5f6a91299a2c683e0650867a2cc3c87;hp=b7f1207d7aa9dd52dd30331efddb59cee6cc1074;hb=e4f812a475e35ce5510b5692ed69b888f80dd537;hpb=f434e19e7be373a15faa990d34e85253ef7168c3 diff --git a/grml2usb b/grml2usb index b7f1207..1c2ed5b 100755 --- a/grml2usb +++ b/grml2usb @@ -42,7 +42,7 @@ GRML_FLAVOURS = set() # which flavours are being installed? GRML_DEFAULT = None UUID = None SYSLINUX_LIBS = "/usr/lib/syslinux/" -GPT_HEADER = "\x55\xaa\x45\x46\x49\x20\x50\x41\x52\x54" # original GPT header +GPT_HEADER = b"\x55\xaa\x45\x46\x49\x20\x50\x41\x52\x54" # original GPT header GRUB_INSTALL = None RE_PARTITION = re.compile(r'([a-z/]*?)(\d+)$') @@ -67,6 +67,7 @@ def grub_option(option, opt, value, opt_parser): setattr(opt_parser.values, option.dest, True) setattr(opt_parser.values, 'syslinux', False) + # cmdline parsing USAGE = "Usage: %prog [options] <[ISO[s] | /lib/live/mount/medium]> \n\ \n\ @@ -103,14 +104,20 @@ parser.add_option("--quiet", dest="quiet", action="store_true", help="do not output anything but just errors on console") parser.add_option("--remove-bootoption", dest="removeoption", action="append", help="regex for removing existing bootoptions") +parser.add_option("--rw-blockdev", dest="rwblockdev", action="store_true", + help="enforce read-write mode on involved block devices") parser.add_option("--skip-addons", dest="skipaddons", action="store_true", help="do not install /boot/addons/ files") +parser.add_option("--skip-bootflag", dest="skipbootflag", action="store_true", + help="do not try to check whether the destination has the bootflag set") parser.add_option("--skip-grub-config", dest="skipgrubconfig", action="store_true", help="skip generation of grub configuration files") parser.add_option("--skip-mbr", dest="skipmbr", action="store_true", help="do not install a master boot record (MBR) on the device") parser.add_option("--skip-syslinux-config", dest="skipsyslinuxconfig", action="store_true", help="skip generation of syslinux configuration files") +parser.add_option("--skip-usb-check", dest="skipusbcheck", action="store_true", + help="skip check to verify whether given device is removable") parser.add_option("--syslinux", dest="syslinux", action="callback", default=True, callback=syslinux_warning, help="install syslinux bootloader (deprecated as it's the default)") @@ -130,18 +137,22 @@ if not os.path.isdir(GRML2USB_BASE): GRML2USB_BASE = os.path.dirname(os.path.realpath(__file__)) +class HodorException(Exception): + """Throw exception if the exact error is not known and not fatal. + + @Exception: message""" + + class CriticalException(Exception): """Throw critical exception if the exact error is not known but fatal. @Exception: message""" - pass class VerifyException(Exception): """Throw critical exception if there is an fatal error when verifying something. @Exception: message""" - pass # The following two functions help to operate on strings as @@ -235,7 +246,7 @@ def unregister_mountpoint(target): def get_function_name(obj): - """Helper function for use in execute() to retrive name of a function + """Helper function for use in execute() to retrieve name of a function @obj: the function object """ @@ -244,6 +255,17 @@ def get_function_name(obj): return obj.__module__ + '.' + obj.__name__ +def set_rw(device): + if not options.rwblockdev: + return + + logging.debug("executing: blockdev --setrw %s", device) + proc = subprocess.Popen(["blockdev", "--setrw", device]) + proc.wait() + if proc.returncode != 0: + raise Exception("error executing blockdev on %s" % device) + + def execute(f, *exec_arguments): """Wrapper for executing a command. Either really executes the command (default) or when using --dry-run commandline option @@ -287,8 +309,7 @@ def get_defaults_file(iso_mount, flavour, name): """ bootloader_dirs = ['/boot/isolinux/', '/boot/syslinux/'] for directory in bootloader_dirs: - for name in name, \ - "%s_%s" % (get_flavour_filename(flavour), name): + for name in name, "%s_%s" % (get_flavour_filename(flavour), name): if os.path.isfile(iso_mount + directory + name): return (directory, name) return ('', '') @@ -337,9 +358,33 @@ def check_uid_root(): raise CriticalException("please run this script with uid 0 (root).") +# for usage inside check_boot_flag +def get_partition_for_path(path): + import parted + + boot_dev, x = get_device_from_partition(path) + + d = parted.getDevice(boot_dev) + disk = parted.Disk(d) + return disk.getPartitionByPath(path) + + def check_boot_flag(device): boot_dev, x = get_device_from_partition(device) + try: + import parted + part = get_partition_for_path(device) + if part is None: + raise HodorException("parted could not find partition") + if part.getFlag(parted.PARTITION_BOOT): + logging.debug("bootflag is enabled on %s" % device) + return + except HodorException as e: + logging.info("%s, falling back to old bootflag detection", e) + except ImportError as e: + logging.debug("could not import parted, falling back to old bootflag detection") + with open(boot_dev, 'r') as image: data = image.read(520) bootcode = data[440:] @@ -347,12 +392,12 @@ def check_boot_flag(device): if gpt_data == GPT_HEADER: logging.info("GPT detected, skipping bootflag check") - elif bootcode[6] == '\x80': + elif bootcode[6] == b"\x80": logging.debug("bootflag is enabled") else: logging.debug("bootflag is NOT enabled") raise VerifyException("Device %s does not have the bootflag set. " - "Please enable it to be able to boot." % boot_dev) + "Please enable it to be able to boot." % device) def mkfs_fat16(device): @@ -458,40 +503,43 @@ def install_grub(device): device_mountpoint = tempfile.mkdtemp(prefix="grml2usb") register_tmpfile(device_mountpoint) try: - try: - mount(device, device_mountpoint, "") + # If using --grub-mbr then make sure we install grub in MBR instead of PBR + if options.grubmbr: + logging.debug("Using option --grub-mbr ...") + grub_device, x = get_device_from_partition(device) + else: + grub_device = device - # If using --grub-mbr then make sure we install grub in MBR instead of PBR - if options.grubmbr: - logging.debug("Using option --grub-mbr ...") - grub_device, x = get_device_from_partition(device) - else: - grub_device = device - - logging.info("Installing grub as bootloader") - for opt in ["", "--force"]: - logging.debug("grub-install --recheck %s --no-floppy --root-directory=%s %s", - opt, device_mountpoint, grub_device) - proc = subprocess.Popen([GRUB_INSTALL, "--recheck", opt, "--no-floppy", - "--root-directory=%s" % device_mountpoint, grub_device], - stdout=file(os.devnull, "r+")) - proc.wait() - if proc.returncode == 0: - break - - if proc.returncode != 0: - # raise Exception("error executing grub-install") - logging.critical("Fatal: error executing grub-install " - + "(please check the grml2usb FAQ or drop the --grub option)") - logging.critical("Note: if using grub2 consider using " - + "the --grub-mbr option as grub considers PBR problematic.") - cleanup() - sys.exit(1) - except CriticalException as error: - logging.critical("Fatal: %s", error) + set_rw(device) + mount(device, device_mountpoint, "") + + logging.info("Installing grub as bootloader") + for opt in ["--", "--force"]: + set_rw(device) + set_rw(grub_device) + logging.debug("%s --recheck --no-floppy --target=i386-pc --root-directory=%s %s %s", + GRUB_INSTALL, device_mountpoint, opt, grub_device) + proc = subprocess.Popen([GRUB_INSTALL, "--recheck", + "--no-floppy", "--target=i386-pc", + "--root-directory=%s" % device_mountpoint, + opt, grub_device], + stdout=open(os.devnull, "r+")) + proc.wait() + if proc.returncode == 0: + break + + if proc.returncode != 0: + # raise Exception("error executing grub-install") + logging.critical("Fatal: error executing grub-install " + + "(please check the grml2usb FAQ or drop the --grub option)") + logging.critical("Note: if using grub2 consider using " + + "the --grub-mbr option as grub considers PBR problematic.") cleanup() sys.exit(1) - + except CriticalException as error: + logging.critical("Fatal: %s", error) + cleanup() + sys.exit(1) finally: unmount(device_mountpoint, "") os.rmdir(device_mountpoint) @@ -507,6 +555,8 @@ def install_syslinux(device): logging.info("Would install syslinux as bootloader on %s", device) return 0 + set_rw(device) + # syslinux -d boot/isolinux /dev/sdb1 logging.info("Installing syslinux as bootloader") logging.debug("syslinux -d boot/syslinux %s", device) @@ -582,7 +632,7 @@ def install_mbr(mbrtemplate, device, partition, ismirbsdmbr=True): logging.debug("executing: dd if='%s' of='%s' bs=512 count=1", device, tmpf.name) proc = subprocess.Popen(["dd", "if=%s" % device, "of=%s" % tmpf.name, "bs=512", "count=1"], - stderr=file(os.devnull, "r+")) + stderr=open(os.devnull, "r+")) proc.wait() if proc.returncode != 0: raise Exception("error executing dd (first run)") @@ -590,7 +640,7 @@ def install_mbr(mbrtemplate, device, partition, ismirbsdmbr=True): logging.debug("executing: dd if=%s of=%s bs=%s count=1 conv=notrunc", mbrtemplate, tmpf.name, nmbrbytes) proc = subprocess.Popen(["dd", "if=%s" % mbrtemplate, "of=%s" % tmpf.name, "bs=%s" % nmbrbytes, - "count=1", "conv=notrunc"], stderr=file(os.devnull, "r+")) + "count=1", "conv=notrunc"], stderr=open(os.devnull, "r+")) proc.wait() if proc.returncode != 0: raise Exception("error executing dd (second run)") @@ -601,30 +651,38 @@ def install_mbr(mbrtemplate, device, partition, ismirbsdmbr=True): if partition is not None: if ismirbsdmbr: - mbrcode = mbrcode[0:439] + chr(partition) + \ - mbrcode[440:510] + "\x55\xAA" + mbrcode = mbrcode[0:439] + chr(partition).encode('latin-1') + \ + mbrcode[440:510] + b"\x55\xAA" else: - actives = ["\x00", "\x00", "\x00", "\x00"] - actives[partition] = "\x80" + actives = [b"\x00", b"\x00", b"\x00", b"\x00"] + actives[partition] = b"\x80" mbrcode = mbrcode[0:446] + actives[0] + \ mbrcode[447:462] + actives[1] + \ mbrcode[463:478] + actives[2] + \ mbrcode[479:494] + actives[3] + \ - mbrcode[495:510] + "\x55\xAA" + mbrcode[495:510] + b"\x55\xAA" tmpf.file.seek(0) tmpf.file.truncate() tmpf.file.write(mbrcode) tmpf.file.close() + set_rw(device) + logging.debug("executing: dd if='%s' of='%s' bs=512 count=1 conv=notrunc", tmpf.name, device) proc = subprocess.Popen(["dd", "if=%s" % tmpf.name, "of=%s" % device, "bs=512", "count=1", - "conv=notrunc"], stderr=file(os.devnull, "r+")) + "conv=notrunc"], stderr=open(os.devnull, "r+")) proc.wait() if proc.returncode != 0: raise Exception("error executing dd (third run)") del tmpf + # make sure we sync filesystems before returning + proc = subprocess.Popen(["sync"]) + proc.wait() + + set_rw(device) + def is_writeable(device): """Check if the device is writeable for the current user @@ -633,7 +691,6 @@ def is_writeable(device): if not device: return False - #raise Exception("no device for checking write permissions") if not os.path.exists(device): return False @@ -651,10 +708,10 @@ def mount(source, target, mount_options): # note: options.dryrun does not work here, as we have to # locate files and identify the grml flavour - for x in file('/proc/mounts').readlines(): + for x in open('/proc/mounts', 'r').readlines(): if x.startswith(source): - raise CriticalException("Error executing mount: %s already mounted - " % source - + "please unmount before invoking grml2usb") + raise CriticalException("Error executing mount: %s already mounted - " % source + + "please unmount before invoking grml2usb") if os.path.isdir(source): logging.debug("Source %s is not a device, therefore not mounting.", source) @@ -973,6 +1030,9 @@ def copy_addons(iso_mount, target): # ipxe.lkrn handle_addon_copy('ipxe.lkrn', addons, iso_mount) + # netboot.xyz + handle_addon_copy('netboot.xyz.lkrn', addons, iso_mount) + def build_loopbackcfg(target): """Generate GRUB's loopback.cfg based on existing config files. @@ -1060,6 +1120,7 @@ def copy_bootloader_files(iso_mount, target, grml_flavour): if efi_img: mkdir(target + '/boot/') exec_rsync(efi_img, target + '/boot/efi.img') + handle_secure_boot(target, efi_img) for ffile in ['f%d' % number for number in range(1, 11)]: search_and_copy(ffile, iso_mount, syslinux_target + ffile) @@ -1082,9 +1143,9 @@ def copy_bootloader_files(iso_mount, target, grml_flavour): logging.warning("Warning: Grml releases older than 2011.12 support only one flavour in grub.") for expr in name, 'distri.cfg', \ - defaults_file, 'grml.png', 'hd.cfg', 'isolinux.cfg', 'isolinux.bin', \ - 'isoprompt.cfg', 'options.cfg', \ - 'prompt.cfg', 'vesamenu.cfg', 'grml.png', '*.c32': + defaults_file, 'grml.png', 'hd.cfg', 'isolinux.cfg', 'isolinux.bin', \ + 'isoprompt.cfg', 'options.cfg', \ + 'prompt.cfg', 'vesamenu.cfg', 'grml.png', '*.c32': glob_and_copy(iso_mount + source_dir + expr, syslinux_target) for filename in glob.glob1(syslinux_target, "*.c32"): @@ -1098,7 +1159,7 @@ def copy_bootloader_files(iso_mount, target, grml_flavour): # copy all grub files from ISO glob_and_copy(iso_mount + '/boot/grub/*', grub_target) - # finally (after all GRUB files have been been installed) build static loopback.cfg + # finally (after all GRUB files have been installed) build static loopback.cfg build_loopbackcfg(target) @@ -1144,9 +1205,7 @@ def get_device_from_partition(partition): device = partition partition_number = None if partition[-1].isdigit() and not RE_LOOP_DEVICE.match(partition): - m = RE_P_PARTITION.match(partition) - if not m: - m = RE_PARTITION.match(partition) + m = RE_P_PARTITION.match(partition) or RE_PARTITION.match(partition) if m: device = m.group(1) partition_number = int(m.group(2)) - 1 @@ -1172,12 +1231,10 @@ def identify_grml_flavour(mountpath): logging.critical("Error: could not find grml-version file.") logging.critical("Looks like your system is running from RAM but required files are not available.") logging.critical("Please either boot without toram=... or use boot option toram instead of toram=...") - cleanup() - sys.exit(1) else: logging.critical("Error: could not find grml-version file.") - cleanup() - sys.exit(1) + cleanup() + sys.exit(1) flavours = [] logging.debug("version_files = %s", version_files) @@ -1187,10 +1244,6 @@ def identify_grml_flavour(mountpath): tmpfile = open(version_file, 'r') for line in tmpfile.readlines(): flavours.append(get_flavour(line)) - except TypeError as e: - raise - except Exception as e: - raise finally: if tmpfile: tmpfile.close() @@ -1224,6 +1277,7 @@ def handle_grub_config(grml_flavour, device, target): logging.debug("Updating grub configuration") grub_target = target + '/boot/grub/' + secureboot_target = target + '/EFI/ubuntu/' bootid_re = re.compile("bootid=[\w_-]+") live_media_path_re = re.compile("live-media-path=[\w_/-]+") @@ -1238,7 +1292,7 @@ def handle_grub_config(grml_flavour, device, target): remove_regexes.append(re.compile(regex)) shortname = get_shortname(grml_flavour) - for filename in glob.glob(grub_target + '*.cfg'): + for filename in glob.glob(grub_target + '*.cfg') + glob.glob(secureboot_target + '*.cfg'): for line in fileinput.input(filename, inplace=1): line = line.rstrip("\r\n") if option_re.search(line): @@ -1254,7 +1308,7 @@ def handle_grub_config(grml_flavour, device, target): def initial_syslinux_config(target): - """Generates intial syslinux configuration + """Generates initial syslinux configuration @target path of syslinux's configuration files""" @@ -1275,7 +1329,7 @@ def initial_syslinux_config(target): def add_entry_if_not_present(filename, entry): """Write entry into filename if entry is not already in the file - @filanme: name of the file + @filename: name of the file @entry: data to write to the file """ data = open(filename, "a+") @@ -1458,6 +1512,51 @@ def handle_syslinux_config(grml_flavour, target): add_syslinux_entry("%s/additional.cfg" % syslinux_target, flavour_filename) +def handle_secure_boot(target, efi_img): + """Provide secure boot support by extracting files from /boot/efi.img + + @target: path where grml's main files should be copied to + @efi_img: path to the efi.img file that includes the files for secure boot + """ + + mkdir(target + '/efi/boot/') + efi_mountpoint = tempfile.mkdtemp(prefix="grml2usb", dir=os.path.abspath(options.tmpdir)) + logging.debug("efi_mountpoint = %s" % efi_mountpoint) + register_tmpfile(efi_mountpoint) + + try: + logging.debug("mount(%s, %s, ['-o', 'ro', '-t', 'vfat']" % (efi_img, efi_mountpoint)) + mount(efi_img, efi_mountpoint, ['-o', 'ro', '-t', 'vfat']) + except CriticalException as error: + logging.critical("Fatal: %s", error) + sys.exit(1) + + ubuntu_cfg = search_file('grub.cfg', efi_mountpoint + '/EFI/ubuntu') + logging.debug("ubuntu_cfg = %s" % ubuntu_cfg) + if not ubuntu_cfg: + logging.info("No /EFI/ubuntu/grub.cfg found inside EFI image, looks like Secure Boot support is missing.") + else: + mkdir(target + '/efi/ubuntu') + logging.debug("exec_rsync(%s, %s + '/efi/ubuntu/grub.cfg')" % (ubuntu_cfg, target)) + exec_rsync(ubuntu_cfg, target + '/efi/ubuntu/grub.cfg') + + logging.debug("exec_rsync(%s + '/EFI/BOOT/grubx64.efi', %s + '/efi/boot/grubx64.efi')'" % (efi_mountpoint, target)) + exec_rsync(efi_mountpoint + '/EFI/BOOT/grubx64.efi', target + '/efi/boot/grubx64.efi') + + # NOTE - we're overwriting /efi/boot/bootx64.efi from copy_bootloader_files here + logging.debug("exec_rsync(%s + '/EFI/BOOT/bootx64.efi', %s + '/efi/boot/bootx64.efi')'" % (efi_mountpoint, target)) + exec_rsync(efi_mountpoint + '/EFI/BOOT/bootx64.efi', target + '/efi/boot/bootx64.efi') + + try: + unmount(efi_mountpoint, "") + logging.debug('Unmounted %s' % efi_mountpoint) + os.rmdir(efi_mountpoint) + logging.debug('Removed directory %s' % efi_mountpoint) + except StandardError: + logging.critical('RuntimeError while umount %s' % efi_mountpoint) + sys.exit(1) + + def handle_bootloader_config(grml_flavour, device, target): """Main handler for generating bootloader's configuration @@ -1542,10 +1641,11 @@ def install_grml(mountpoint, device): remove_device_mountpoint = True try: check_for_fat(device) - check_boot_flag(device) + if not options.skipbootflag: + check_boot_flag(device) + + set_rw(device) mount(device, device_mountpoint, ['-o', 'utf8,iocharset=iso8859-1']) - except VerifyException as error: - raise except CriticalException as error: mount(device, device_mountpoint, "") try: @@ -1598,6 +1698,7 @@ def handle_mbr(device): if options.syslinuxmbr: mbrcode = "" mbr_locations = ('/usr/lib/syslinux/mbr.bin', + '/usr/lib/syslinux/bios/mbr.bin', '/usr/share/syslinux/mbr.bin') for mbrpath in mbr_locations: if os.path.isfile(mbrpath): @@ -1615,10 +1716,7 @@ def handle_mbr(device): try: install_mbr(mbrcode, mbr_device, partition_number, True) - except IOError as error: - logging.critical("Execution failed: %s", error) - sys.exit(1) - except Exception as error: + except (IOError, Exception) as error: logging.critical("Execution failed: %s", error) sys.exit(1) @@ -1658,12 +1756,14 @@ def handle_vfat(device): logging.critical("Execution failed: %s", error) sys.exit(1) + if options.skipusbcheck: + logging.info("Not checking for removable USB device as requested via option --skip-usb-check.") + return + if not os.path.isdir(device) and not check_for_usbdevice(device) and not options.force: print("Warning: the specified device %s does not look like a removable usb device." % device) f = raw_input("Do you really want to continue? y/N ") - if f == "y" or f == "Y": - pass - else: + if f.lower() != "y": sys.exit(1) @@ -1679,9 +1779,7 @@ def handle_compat_warning(device): print("want to use grml2usb /path/to/iso /dev/... instead.") print("Please check out the grml2usb manpage for details.") f = raw_input("Do you really want to continue? y/N ") - if f == "y" or f == "Y": - pass - else: + if f.lower() != "y": sys.exit(1) @@ -1716,27 +1814,31 @@ def handle_bootloader(device): def check_options(opts): - """Check compability of provided user opts + """Check compatibility of provided user opts @opts option dict from OptionParser """ if opts.grubmbr and not opts.grub: raise CriticalException("--grub-mbr requires --grub option.") + if opts.copyonly and opts.grub: + raise CriticalException("Cannot use --copy-only and --grub at the same time.") + def check_programs(): """check if all needed programs are installed""" if options.grub: + global GRUB_INSTALL GRUB_INSTALL = which("grub-install") or which("grub2-install") if not GRUB_INSTALL: - logging.critical("Fatal: grub-install not available (please install the " - + "grub package or drop the --grub option)") + logging.critical("Fatal: grub-install not available (please install the " + + "grub package or drop the --grub option)") sys.exit(1) if options.syslinux: if not which("syslinux"): - logging.critical("Fatal: syslinux not available (please install the " - + "syslinux package or use the --grub option)") + logging.critical("Fatal: syslinux not available (please install the " + + "syslinux package or use the --grub option)") sys.exit(1) if not which("rsync"): @@ -1790,8 +1892,7 @@ def main(): if not os.path.isdir(device): if device[-1:].isdigit(): if int(device[-1:]) > 4 or device[-2:].isdigit(): - logging.critical("Fatal: installation on partition number >4 not supported. (BIOS won't support it.)") - sys.exit(1) + logging.warn("Warning: installing on partition number >4, booting *might* fail depending on your system.") # provide upgrade path handle_compat_warning(device) @@ -1833,5 +1934,5 @@ if __name__ == "__main__": logging.info("Received KeyboardInterrupt") cleanup() -## END OF FILE ################################################################# +# END OF FILE ################################################################## # vim:foldmethod=indent expandtab ai ft=python tw=120 fileencoding=utf-8