configs/releng/build.sh:
Copying the edk2-shell based Shell_Full.efi to the root of the iso/ efi
image as 'shellx64.efi' is automatically picked up by certain hardware
and by systemd-boot.
This makes all custom UEFI shell configuration obsolete.
configs/releng/efiboot/loader/entries/uefi-shell-*.conf:
Removing obsolete custom UEFI shell boot loader configuration.
Closes#14
configs/releng/build.sh:
Removing the efitools based PreLoader.efi and HashTool.efi, as they are
dead weight due to not allowing secure boot (FS#59487).
Future secure boot functionality (most probably based on shim) is being
discussed in FS#53864.
Closes#17
configs/releng/build.sh:
Instead of downloading UDK2018 based edk2 UEFI shell, use the Shell
binaries from the edk2-shell package.
This effectively makes the use of EFI shell v1 obsolete.
configs/releng/efiboot/loader/entries/uefi-shell-v*:
Renaming UEFI shell entries to match the packaged edk2-shell based UEFI
shell binaries.
configs/releng/build.sh:
Renaming the systemd-boot bootloader entries for UEFI shell (normal and
full version) to reflect their file names, which are derived from the
binary names in the edk2-shell package.
Copying the edk2-shell based UEFI shell binaries for normal efiboot and
.iso based "el-torito" efiboot mode.
docs/README.build:
Adding edk2-shell to the requirements in the documentation, as the
package is now used to provide UEFI shell.
The package linux-firmware has a new split package amd-ucode. Do not
build the image manually but use the package.
Signed-off-by: Christian Hesse <mail@eworm.de>
extract `uname -r` from the contents of vmlinuz-linux rather than make
assumptions about the kernel EXTRAVERSION.
This is trivially customizable by changing the chosen kernel image.
Fixes FS#59496
Signed-off-by: Eli Schwartz <eschwartz@archlinux.org>
Only avoid build i686. The syslinux config files for i686 are still
present. This implies that a i686 entry will be present but not working.
In another patch, this can be removed if desired.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>
We reached the upper limit again [#1], increasing sufficiently
to do not touch again in long time.
[#1] 526be1579e
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>
Current build leaves ~800K free of 31M in the FAT filesystem, adding 9M.
Going beyond 65535 sectors of 512-byte is a bit special,
but works for EFI. Image size is reported a zero in boot catalog,
but xorriso does a good job, and writes right value in hybrid-partition.
Tested booting in qemu in both modes (cd-rom and hybrid) and works fine.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@gmail.com>
A new option -g <keyid> is added to build.sh set the key id. If it is set, the squashfs files will be signed
by gpg and the gpg key will be added to archiso.img. In order to use this option, a gpg agent must be running.
Since build.sh is executed as root, it may be necessary to set the GNUPGHOME environment variable, for
example
$ su -c "GNUPGHOME=/home/youruser/.gnupg /path/to/build.sh -g yourkeyid"
I see cases where a stale loop device stays around and fills up my
partition as image file is still in use and does not get unlinked.
Explicitly detach loop device on umount to fix that.
Signed-off-by: Christian Hesse <mail@eworm.de>
Tested only under QEMU using OVMF SecureBoot enabled firmware plus lockdown-ms.
Both loader.efi (gummiboot) and vmlinuz.efi should be hashed before boot in secure mode.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* Remove the unattended-keyring-init patch as this was applied by upstream with pacamn 4.1
* Update our pacman.conf following the new upstream default
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* This scripts, now runs only in x86_64.
* build.sh does not require arguments to run (no more build, clean, purge).
* /usr/share split is not done anymore: there are some differences between two arches. (ISO size +60MiB)
* /usr/lib/modules split is not done anymore: this was never enabled officially in aitab.
Tested and works fine. Maybe some small cosmetic changes needed.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Simplify code path.
Previously in "dual" mode is executed when arch=i686, i686 was used as primary source.
This does not change current behaviour of building "dual" on x86_64.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
Using a separate shell script to customize live-enviroment,
makes much more readable code.
Move all thing except:
* Need network access (name resolving).
* Need access to some file outside chroot.
Signed-off-by: Gerardo Exequiel Pozzi <vmlinuz386@yahoo.com.ar>
* pacman-init already pulls in services it depends on
* the multi-user.target is the default
* do not rename the getty service so tools like systemd-delta still work
Signed-off-by: Pierre Schmitz <pierre@archlinux.de>