Commit graph

14 commits

Author SHA1 Message Date
Javier Martinez Canillas
d8bbf039e9
20-grub-install: Restore default SELinux security contexts for BLS files
The BLS files are copied from /lib/modules/$(uname -r)/bls.conf and this
file has a SELinux label of "system_u:object_r:modules_object_t" like all
the other files that are installed by the kernel package.

But the files in the /boot directory are expected to have a SELinux label
of "system_u:object_r:boot_t". For all the other files that are copied to
/boot by the kernel-install script, the SELinux security contexts are
restored to the default but that was missing for the BLS files.

Resolves: rhbz#1726020

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2019-07-18 14:43:42 +02:00
30b139ceba
Do not remove boot loader configuration for other boot loaders 2019-04-16 18:16:25 +02:00
Peter Jones
c9b8b10a61
20-grub-install: Replace, rather than overwrite, the existing kernel.
In rhbz#1638405, we worked around the issue of an existing initramfs
being in the way by removing it if it's older than the kernel we're in
the process of installing.

But it was buggy and only worked with some filesystem layouts and paths, and
also possibly had some issues with file creation times causing the shell -ot
comparison to fail in some cases.

This patch changes it to remove the existing kernel (as well as other
related files) in the case that it's going to do the copy, and also fixes the
path issues.

Resolves: rhbz#1642402
Related: rhbz#1638405

Signed-off-by: Peter Jones <pjones@redhat.com>
Tested-by: Prarit Bhargava <prarit@redhat.com>
2019-02-26 08:33:50 +01:00
Javier Martinez Canillas
ff9dc1ed7d
Don't unconditionally set default entry when installing debug kernels
If a debug kernel package is installed, the default entry should only
be set when DEFAULTDEBUG=yes is set in /etc/sysconfig/kernel.

Resolves: rhbz#1636346

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-10-26 14:25:04 +02:00
Javier Martinez Canillas
efb46dff18
20-grub.install: use ~debug instead of -debug as suffix to sort correctly
For the debug BLS entries a -debug suffix was added so they are sorted after
the kernel entries, but that only works with version sort and not rpm sort.

So instead use ~debug prefix so rpm sort algorithm could sort it correctly.

Related: rhbz#1638103

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-10-23 12:23:25 +02:00
Peter Jones
67aea4f8a5
kernel-install: Remove existing initramfs if it's older than the kernel
Currently we fail to install a new kernel with "make install" on the second
try, because dracut won't over-write the initramfs without --force.  In this
patch, 20-grub.install will remove an existing initramfs if it's newer than the
kernel we're installing.

Resolves: rhbz#1638405
Signed-off-by: Peter Jones <pjones@redhat.com>
2018-10-23 12:23:25 +02:00
Peter Jones
66078fcba2
Update the saved entry correctly after a kernel install.
Resolves: rhbz#1638117

Signed-off-by: Peter Jones <pjones@redhat.com>
2018-10-23 12:23:25 +02:00
Javier Martinez Canillas
91f9e5a07c Use /boot/loader/entries as BLS dir also on EFI systems
For EFI systems, the BLS fragments were stored in the EFI System Partition
(ESP) while in non-EFI systems it was stored in /boot.

For consistency, it's better to always store the BLS fragments in the same
path regardless of the firmware interface used.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-07-11 15:40:00 -04:00
Javier Martinez Canillas
db5dccf332 Make 20-grub.install to exit if there is no machine ID set
The kernel-install plugins are called with an environment variable named
$KERNEL_INSTALL_MACHINE_ID, which is set to the machine ID read from the
/etc/machine-id file. If the file doesn't exist or is empty, the variable
is empty and $BOOT_DIR_ABS is set to a temporary directory that's removed
after all the plugins exit.

So if $KERNEL_INSTALL_MACHINE_ID is not set, just exit the script since
installing a kernel BootLoaderSpec fragment won't be possible anyways.

Resolves: rhbz#1576573

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-07-11 15:40:00 -04:00
Javier Martinez Canillas
64420615c2 More fixes for BLS
Add some fixes for BLS parsing logic and also make 20-grub.install script
to query the relative path of the kernel and initramfs images, so BLS can
also work when /boot is not a mount point or is a btrfs subvolume.

Also pull some build fixes.

Resolves: rhbz#1588184

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-07-11 15:40:00 -04:00
Javier Martinez Canillas
dc178ac546 Two more fixes for BLS support
- Use version field to sort BLS entries if id field isn't defined
 - Add version field to BLS fragments generated by 20-grub.install

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-05-11 10:13:07 -04:00
Javier Martinez Canillas
ed50db379d Make 20-grub.install to generate debug BLS when MAKEDEBUG is set
If MAKEDEBUG=yes in /etc/sysconfig/kernel, then a debug menu entry should
be created. So for BLS, a debug configuration file has to be created that
contains debug kernel command line parameters.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-04-11 10:11:27 -04:00
Peter Jones
78e1a10ec4 Add grub2-switch-to-blscfg
Fix for BLS paths on BIOS / non-UEFI (javierm)

Signed-off-by: Peter Jones <pjones@redhat.com>
2018-04-03 13:41:24 -04:00
Javier Martinez Canillas
61faef65b2 Add kernel-install scripts
Install a 20-grubby.install and 90-loaderentry.install kernel-install
scripts in /etc/kernel/install.d so these have higher precedence than
the ones installed in /usr/lib/kernel/install.d by the systemd pkg.

If GRUB 2 pkg isn't installed, then the systemd scripts are executed
on kernel installation and removal.

Signed-off-by: Javier Martinez Canillas <javierm@redhat.com>
2018-03-14 17:09:34 -04:00