Make the grub-switch-to-blscfg and 10_linux scripts more robust

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>

0201-grub-switch-to-blscfg-Use-install-to-copy-GRUB-binar.patch

@@ -0,0 +1,46 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Thu, 16 Apr 2020 18:53:03 +0200
+Subject: [PATCH] grub-switch-to-blscfg: Use install to copy GRUB binary,
+ modules and config
+
+By default the cp command truncates the destination before copying from the
+source, so if interrupted it can lead to a file that's half written.
+
+This behavior can be modified using the --remove-destination option, but is
+usually a better choice to use the install tool for this. So let's do that.
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub-switch-to-blscfg.in | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/util/grub-switch-to-blscfg.in b/util/grub-switch-to-blscfg.in
+index 4bbed8e4fe9..3333a620c28 100644
+--- a/util/grub-switch-to-blscfg.in
++++ b/util/grub-switch-to-blscfg.in
+@@ -273,7 +273,7 @@ copy_bls() {
+ if test -f /run/ostree-booted && test -d /sys/firmware/efi/efivars && \
+    ! ${grub_editenv} - list | grep -q blsdir; then
+     grub_binary="$(find /usr/lib/ostree-boot/efi/EFI/${EFIDIR}/ -name grub*.efi)"
+-    cp ${grub_binary} ${grubdir} || exit 1
++    install -m 700 ${grub_binary} ${grubdir} || exit 1
+     # Create a hidden file to indicate that grub2 now has BLS support.
+     touch /boot/grub2/.grub2-blscfg-supported
+ fi
+@@ -307,13 +307,13 @@ if [ "${GENERATE}" -eq 1 ] ; then
+ 
+     if [ -n "${mod_dir}" ]; then
+ 	for mod in blscfg increment; do
+-	    cp ${prefix}/lib/grub/${mod_dir}/${mod}.mod ${grubdir}/$mod_dir/ || exit 1
++	    install -m 700 ${prefix}/lib/grub/${mod_dir}/${mod}.mod ${grubdir}/$mod_dir/ || exit 1
+ 	done
+     fi
+ 
+     cp -af "${GRUB_CONFIG_FILE}" "${GRUB_CONFIG_FILE}${backupsuffix}"
+     if ! grub2-mkconfig -o "${GRUB_CONFIG_FILE}" ; then
+-        cp -af "${GRUB_CONFIG_FILE}${backupsuffix}" "${GRUB_CONFIG_FILE}"
++        install -m 700 "${GRUB_CONFIG_FILE}${backupsuffix}" "${GRUB_CONFIG_FILE}"
+         sed -i"${backupsuffix}" \
+             -e 's,^GRUB_ENABLE_BLSCFG=.*,GRUB_ENABLE_BLSCFG=false,' \
+             "${etcdefaultgrub}"

0202-10_linux.in-Enable-BLS-configuration-if-new-kernel-p.patch

@@ -0,0 +1,39 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Javier Martinez Canillas <javierm@redhat.com>
+Date: Thu, 16 Apr 2020 21:11:04 +0200
+Subject: [PATCH] 10_linux.in: Enable BLS configuration if new-kernel-pkg isn't
+ present
+
+Currently if the the GRUB_ENABLE_BLSCFG option in /etc/default/grub hasn't
+been set, the 10_linux script will generate a GRUB configuration that does
+not include the blscfg command to populate the menu entries from BLS files.
+
+But on kernel install the /usr/lib/kernel/install.d/20-grub.install script
+will only add menuentry commands to the GRUB config file if the old grubby
+tool and new-kernel-pkg script are installed.
+
+So a configuration with the GRUB_ENABLE_BLSCFG option will lead to a setup
+where new kernel entries are not added. Make a BLS config the default if
+that option wasn't set and the new-kernel-pkg script is not present.
+
+Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
+---
+ util/grub.d/10_linux.in | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/util/grub.d/10_linux.in b/util/grub.d/10_linux.in
+index d5319300e04..b99eaa8f203 100644
+--- a/util/grub.d/10_linux.in
++++ b/util/grub.d/10_linux.in
+@@ -96,6 +96,11 @@ cat <<EOF
+ EOF
+ }
+ 
++# Make BLS the default if GRUB_ENABLE_BLSCFG was not set and grubby is not installed.
++if [ -z "${GRUB_ENABLE_BLSCFG}" ] && [ -z "$(which new-kernel-pkg 2> /dev/null)" ]; then
++	  GRUB_ENABLE_BLSCFG="true"
++fi
++
+ if [ "x${GRUB_ENABLE_BLSCFG}" = "xtrue" ]; then
+   if [ x$dirname = x/ ]; then
+     if [ -z "${prepare_root_cache}" ]; then

grub.patches

@@ -198,3 +198,5 @@ Patch0197: 0197-blscfg-Always-use-the-root-variable-to-search-for-BL.patch
 Patch0198: 0198-blscfg-return-NULL-instead-of-a-zero-length-array-in.patch
 Patch0199: 0199-grub-switch-to-blscfg-Update-grub2-binary-in-ESP-for.patch
 Patch0200: 0200-grub-switch-to-blscfg-Only-mark-GRUB-as-BLS-supporte.patch
+Patch0201: 0201-grub-switch-to-blscfg-Use-install-to-copy-GRUB-binar.patch
+Patch0202: 0202-10_linux.in-Enable-BLS-configuration-if-new-kernel-p.patch

grub2.spec

@@ -7,7 +7,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.02
-Release:	107%{?dist}
+Release:	108%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@@ -518,6 +518,9 @@ rm -r /boot/grub2.tmp/ || :
 %endif
 
 %changelog
+* Thu Apr 16 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.02-108
+- Make the grub-switch-to-blscfg and 10_linux scripts more robust
+
 * Thu Apr 02 2020 Javier Martinez Canillas <javierm@redhat.com> - 2.02-107
 - grub-switch-to-blscfg: Update grub2 binary in ESP for OSTree systems
   Related: rhbz#1751272