Always remove /boot/grub/device.map to avoid leaking host data

[grml-debootstrap.git] / chroot-script

diff --git a/chroot-script b/chroot-script
index e189e47..0e31f70 100755 (executable)
--- a/chroot-script
+++ b/chroot-script
@@ -78,7 +78,7 @@ chrootmirror() {
   fi
 
   if [ -z "$COMPONENTS" ] ; then
-    COMPONENTS='main contrib non-free'
+    COMPONENTS='main'
   fi
   echo "Using repository components $COMPONENTS"
 
@@ -351,7 +351,11 @@ kernel() {
   KVER=$(get_kernel_version)
   if [ -n "$KVER" ] ; then
      # note: install busybox to be able to debug initramfs
-     KERNELPACKAGES="linux-image-$KVER linux-headers-$KVER busybox firmware-linux-free firmware-linux"
+     KERNELPACKAGES="linux-image-$KVER linux-headers-$KVER busybox firmware-linux-free"
+     # only add firmware-linux if we have non-free as a component
+     if expr "$COMPONENTS" : '.*non-free' >/dev/null ; then
+       KERNELPACKAGES="$KERNELPACKAGES firmware-linux"
+     fi
      DEBIAN_FRONTEND=$DEBIAN_FRONTEND $APTINSTALL $KERNELPACKAGES
   else
      echo "Warning: Could not find a kernel for your system. Your system won't be able to boot itself!"
@@ -581,11 +585,13 @@ grub_install() {
         echo "Installing grub on ${GRUB}:"
         grub-install --no-floppy "$GRUB"
      done
+     rm -f /boot/grub/device.map
   else
      echo "Installing grub on ${GRUB}:"
      case "$RELEASE" in
        lenny|squeeze|wheezy)
          grub-install --no-floppy "$(readlink -f "${GRUB}")"
+         rm -f /boot/grub/device.map
          ;;
        *)
          echo "(hd0) ${GRUB}" > /boot/grub/device.map