* [PATCH] templates: Properly disable the os-prober by default
@ 2021-03-05 21:15 Philip Müller
2021-03-05 21:49 ` Didier Spaier
2021-03-09 16:52 ` Daniel Kiper
0 siblings, 2 replies; 4+ messages in thread
From: Philip Müller @ 2021-03-05 21:15 UTC (permalink / raw)
To: daniel.kiper
Cc: Philip Müller, grub-devel, alexander.burmashev, didier,
glaubitz, lsorense, nyanko, helmut, bernhard, alastair.cooper
- disable os-prober by default in grub-mkconfig.in by setting
GRUB_DISABLE_OS_PROBER to true
- fixes logic in 30_os-prober.in
Reason for code shuffle in grub-mkconfig.in:
The default was GRUB_DISABLE_OS_PROBER=false if you don't set
GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
to executed by the script code section, but give the option to the user to
overwrite it with false, if he wants to execute os-prober after all.
Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
it by now.
Fixes: e3464147 templates: Disable the os-prober by default
---
util/grub-mkconfig.in | 5 ++++-
util/grub.d/30_os-prober.in | 2 +-
2 files changed, 5 insertions(+), 2 deletions(-)
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index d3e879b8e..f8cbb8d7a 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
+# Disable os-prober by default due to security reasons.
+GRUB_DISABLE_OS_PROBER="true"
+
# Filesystem for the device containing our userland. Used for stuff like
# choosing Hurd filesystem module.
GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
@@ -201,6 +204,7 @@ export GRUB_DEVICE \
GRUB_DEVICE_PARTUUID \
GRUB_DEVICE_BOOT \
GRUB_DEVICE_BOOT_UUID \
+ GRUB_DISABLE_OS_PROBER \
GRUB_FS \
GRUB_FONT \
GRUB_PRELOAD_MODULES \
@@ -242,7 +246,6 @@ export GRUB_DEFAULT \
GRUB_BACKGROUND \
GRUB_THEME \
GRUB_GFXPAYLOAD_LINUX \
- GRUB_DISABLE_OS_PROBER \
GRUB_INIT_TUNE \
GRUB_SAVEDEFAULT \
GRUB_ENABLE_CRYPTODISK \
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
index 80685b15f..a258ce71d 100644
--- a/util/grub.d/30_os-prober.in
+++ b/util/grub.d/30_os-prober.in
@@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
. "$pkgdatadir/grub-mkconfig_lib"
-if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
+if [ "x${GRUB_DISABLE_OS_PROBER}" != "xfalse" ]; then
gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
exit 0
fi
--
2.30.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] templates: Properly disable the os-prober by default
2021-03-05 21:15 [PATCH] templates: Properly disable the os-prober by default Philip Müller
@ 2021-03-05 21:49 ` Didier Spaier
2021-03-09 16:52 ` Daniel Kiper
1 sibling, 0 replies; 4+ messages in thread
From: Didier Spaier @ 2021-03-05 21:49 UTC (permalink / raw)
To: Philip Müller, daniel.kiper
Cc: grub-devel, alexander.burmashev, glaubitz, lsorense, nyanko,
helmut, bernhard, alastair.cooper
Le 05/03/2021 à 22:15, Philip Müller a écrit :
> - disable os-prober by default in grub-mkconfig.in by setting
> GRUB_DISABLE_OS_PROBER to true
> - fixes logic in 30_os-prober.in
>
> Reason for code shuffle in grub-mkconfig.in:
>
> The default was GRUB_DISABLE_OS_PROBER=false if you don't set
> GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
> we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
> to executed by the script code section, but give the option to the user to
> overwrite it with false, if he wants to execute os-prober after all.
>
> Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
> it by now.
>
> Fixes: e3464147 templates: Disable the os-prober by default
> ---
> util/grub-mkconfig.in | 5 ++++-
> util/grub.d/30_os-prober.in | 2 +-
> 2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
> index d3e879b8e..f8cbb8d7a 100644
> --- a/util/grub-mkconfig.in
> +++ b/util/grub-mkconfig.in
> @@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
> GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
> GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
>
> +# Disable os-prober by default due to security reasons.
> +GRUB_DISABLE_OS_PROBER="true"
> +
> # Filesystem for the device containing our userland. Used for stuff like
> # choosing Hurd filesystem module.
> GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
> @@ -201,6 +204,7 @@ export GRUB_DEVICE \
> GRUB_DEVICE_PARTUUID \
> GRUB_DEVICE_BOOT \
> GRUB_DEVICE_BOOT_UUID \
> + GRUB_DISABLE_OS_PROBER \
> GRUB_FS \
> GRUB_FONT \
> GRUB_PRELOAD_MODULES \
> @@ -242,7 +246,6 @@ export GRUB_DEFAULT \
> GRUB_BACKGROUND \
> GRUB_THEME \
> GRUB_GFXPAYLOAD_LINUX \
> - GRUB_DISABLE_OS_PROBER \
> GRUB_INIT_TUNE \
> GRUB_SAVEDEFAULT \
> GRUB_ENABLE_CRYPTODISK \
> diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
> index 80685b15f..a258ce71d 100644
> --- a/util/grub.d/30_os-prober.in
> +++ b/util/grub.d/30_os-prober.in
> @@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
>
> . "$pkgdatadir/grub-mkconfig_lib"
>
> -if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
> +if [ "x${GRUB_DISABLE_OS_PROBER}" != "xfalse" ]; then
> gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
> exit 0
> fi
Just tested against git master, works as expected.
Thanks!
Best regards,
Didier
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] templates: Properly disable the os-prober by default
2021-03-05 21:15 [PATCH] templates: Properly disable the os-prober by default Philip Müller
2021-03-05 21:49 ` Didier Spaier
@ 2021-03-09 16:52 ` Daniel Kiper
1 sibling, 0 replies; 4+ messages in thread
From: Daniel Kiper @ 2021-03-09 16:52 UTC (permalink / raw)
To: Philip Müller
Cc: daniel.kiper, grub-devel, alexander.burmashev, didier, glaubitz,
lsorense, nyanko, helmut, bernhard, alastair.cooper
On Fri, Mar 05, 2021 at 10:15:36PM +0100, Philip Müller wrote:
> - disable os-prober by default in grub-mkconfig.in by setting
> GRUB_DISABLE_OS_PROBER to true
> - fixes logic in 30_os-prober.in
>
> Reason for code shuffle in grub-mkconfig.in:
>
> The default was GRUB_DISABLE_OS_PROBER=false if you don't set
> GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
> we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
> to executed by the script code section, but give the option to the user to
s/to executed/to be executed/?
> overwrite it with false, if he wants to execute os-prober after all.
>
> Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
> it by now.
>
> Fixes: e3464147 templates: Disable the os-prober by default
Could you add "Signed-off-by: Philip Müller <philm@manjaro.org>" here?
> ---
> util/grub-mkconfig.in | 5 ++++-
> util/grub.d/30_os-prober.in | 2 +-
> 2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
> index d3e879b8e..f8cbb8d7a 100644
> --- a/util/grub-mkconfig.in
> +++ b/util/grub-mkconfig.in
> @@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
> GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
> GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
>
> +# Disable os-prober by default due to security reasons.
> +GRUB_DISABLE_OS_PROBER="true"
> +
> # Filesystem for the device containing our userland. Used for stuff like
> # choosing Hurd filesystem module.
> GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
> @@ -201,6 +204,7 @@ export GRUB_DEVICE \
> GRUB_DEVICE_PARTUUID \
> GRUB_DEVICE_BOOT \
> GRUB_DEVICE_BOOT_UUID \
> + GRUB_DISABLE_OS_PROBER \
> GRUB_FS \
> GRUB_FONT \
> GRUB_PRELOAD_MODULES \
> @@ -242,7 +246,6 @@ export GRUB_DEFAULT \
> GRUB_BACKGROUND \
> GRUB_THEME \
> GRUB_GFXPAYLOAD_LINUX \
> - GRUB_DISABLE_OS_PROBER \
> GRUB_INIT_TUNE \
> GRUB_SAVEDEFAULT \
> GRUB_ENABLE_CRYPTODISK \
> diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
> index 80685b15f..a258ce71d 100644
> --- a/util/grub.d/30_os-prober.in
> +++ b/util/grub.d/30_os-prober.in
> @@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
>
> . "$pkgdatadir/grub-mkconfig_lib"
>
> -if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
> +if [ "x${GRUB_DISABLE_OS_PROBER}" != "xfalse" ]; then
This "if" should be reverted to original form, i.e.,
if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
Additionally, may I ask you to prepare second patch which moves
grub_warn "$(gettext_printf "os-prober was executed...
before line
OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
and changes grub_warn() to
grub_warn "$(gettext_printf "os-prober will be executed...
Daniel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] templates: Properly disable the os-prober by default
[not found] <20210309211014.37879-1-philm@manjaro.org>
@ 2021-03-10 12:05 ` Daniel Kiper
0 siblings, 0 replies; 4+ messages in thread
From: Daniel Kiper @ 2021-03-10 12:05 UTC (permalink / raw)
To: Philip Müller
Cc: grub-devel, alexander.burmashev, didier, glaubitz, lsorense,
nyanko, helmut, bernhard, alastair.cooper
On Tue, Mar 09, 2021 at 10:10:14PM +0100, Philip Müller wrote:
> - disable os-prober by default in grub-mkconfig.in by setting
> GRUB_DISABLE_OS_PROBER to true
> - fixes logic in 30_os-prober.in
> - update grub_warn() lines
>
> Reason for code shuffle in grub-mkconfig.in:
>
> The default was GRUB_DISABLE_OS_PROBER=false if you don't set
> GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
> we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
> to code section, which is executed by the script. However we stil give
> the option to the user to overwrite it with false, if he wants to execute
> os-prober after all.
>
> Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
> it by now.
>
> Fixes: e3464147 templates: Disable the os-prober by default
>
> Signed-off-by: Philip Müller <philm@manjaro.org>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Daniel
> ---
> util/grub-mkconfig.in | 5 ++++-
> util/grub.d/30_os-prober.in | 2 +-
> 2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
> index d3e879b8e..f8cbb8d7a 100644
> --- a/util/grub-mkconfig.in
> +++ b/util/grub-mkconfig.in
> @@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
> GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
> GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
>
> +# Disable os-prober by default due to security reasons.
> +GRUB_DISABLE_OS_PROBER="true"
> +
> # Filesystem for the device containing our userland. Used for stuff like
> # choosing Hurd filesystem module.
> GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
> @@ -201,6 +204,7 @@ export GRUB_DEVICE \
> GRUB_DEVICE_PARTUUID \
> GRUB_DEVICE_BOOT \
> GRUB_DEVICE_BOOT_UUID \
> + GRUB_DISABLE_OS_PROBER \
> GRUB_FS \
> GRUB_FONT \
> GRUB_PRELOAD_MODULES \
> @@ -242,7 +246,6 @@ export GRUB_DEFAULT \
> GRUB_BACKGROUND \
> GRUB_THEME \
> GRUB_GFXPAYLOAD_LINUX \
> - GRUB_DISABLE_OS_PROBER \
> GRUB_INIT_TUNE \
> GRUB_SAVEDEFAULT \
> GRUB_ENABLE_CRYPTODISK \
> diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
> index 80685b15f..a258ce71d 100644
> --- a/util/grub.d/30_os-prober.in
> +++ b/util/grub.d/30_os-prober.in
> @@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
>
> . "$pkgdatadir/grub-mkconfig_lib"
>
> -if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
> +if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
> gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
> exit 0
> fi
>
> @@ -36,12 +36,11 @@ if ! command -v os-prober > /dev/null ||
> exit 0
> fi
>
> +grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
> OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
> if [ -z "${OSPROBED}" ] ; then
> # empty os-prober output, nothing doing
> exit 0
> -else
> - grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
> fi
>
> osx_entry() {
> --
> 2.30.1
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2021-03-10 12:11 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-03-05 21:15 [PATCH] templates: Properly disable the os-prober by default Philip Müller
2021-03-05 21:49 ` Didier Spaier
2021-03-09 16:52 ` Daniel Kiper
[not found] <20210309211014.37879-1-philm@manjaro.org>
2021-03-10 12:05 ` Daniel Kiper
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.