All of lore.kernel.org
 help / color / mirror / Atom feed
From: Daniel Kiper <daniel.kiper@oracle.com>
To: "Philip Müller" <philm@manjaro.org>
Cc: grub-devel@gnu.org, alexander.burmashev@oracle.com,
	didier@slint.fr, glaubitz@physik.fu-berlin.de,
	lsorense@csclub.uwaterloo.ca, nyanko@10x.moe, helmut@manjaro.org,
	bernhard@manjaro.org, alastair.cooper@outlook.com
Subject: Re: [PATCH] templates: Properly disable the os-prober by default
Date: Wed, 10 Mar 2021 13:05:36 +0100	[thread overview]
Message-ID: <20210310120536.irmw7qckzi3lof5y@tomti.i.net-space.pl> (raw)
In-Reply-To: <20210309211014.37879-1-philm@manjaro.org>

On Tue, Mar 09, 2021 at 10:10:14PM +0100, Philip Müller wrote:
>  - disable os-prober by default in grub-mkconfig.in by setting
>  GRUB_DISABLE_OS_PROBER to true
>  - fixes logic in 30_os-prober.in
>  - update grub_warn() lines
>
> Reason for code shuffle in grub-mkconfig.in:
>
> The default was GRUB_DISABLE_OS_PROBER=false if you don't set
> GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
> we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
> to code section, which is executed by the script. However we stil give
> the option to the user to overwrite it with false, if he wants to execute
> os-prober after all.
>
> Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
> it by now.
>
> Fixes: e3464147  templates: Disable the os-prober by default
>
> Signed-off-by: Philip Müller <philm@manjaro.org>

Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>

Daniel

> ---
>  util/grub-mkconfig.in       | 5 ++++-
>  util/grub.d/30_os-prober.in | 2 +-
>  2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
> index d3e879b8e..f8cbb8d7a 100644
> --- a/util/grub-mkconfig.in
> +++ b/util/grub-mkconfig.in
> @@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
>  GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
>  GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
>
> +# Disable os-prober by default due to security reasons.
> +GRUB_DISABLE_OS_PROBER="true"
> +
>  # Filesystem for the device containing our userland.  Used for stuff like
>  # choosing Hurd filesystem module.
>  GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
> @@ -201,6 +204,7 @@ export GRUB_DEVICE \
>    GRUB_DEVICE_PARTUUID \
>    GRUB_DEVICE_BOOT \
>    GRUB_DEVICE_BOOT_UUID \
> +  GRUB_DISABLE_OS_PROBER \
>    GRUB_FS \
>    GRUB_FONT \
>    GRUB_PRELOAD_MODULES \
> @@ -242,7 +246,6 @@ export GRUB_DEFAULT \
>    GRUB_BACKGROUND \
>    GRUB_THEME \
>    GRUB_GFXPAYLOAD_LINUX \
> -  GRUB_DISABLE_OS_PROBER \
>    GRUB_INIT_TUNE \
>    GRUB_SAVEDEFAULT \
>    GRUB_ENABLE_CRYPTODISK \
> diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
> index 80685b15f..a258ce71d 100644
> --- a/util/grub.d/30_os-prober.in
> +++ b/util/grub.d/30_os-prober.in
> @@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
>
>  . "$pkgdatadir/grub-mkconfig_lib"
>
> -if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
> +if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
>    gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
>    exit 0
>  fi
>
> @@ -36,12 +36,11 @@ if ! command -v os-prober > /dev/null ||
>    exit 0
>  fi
>
> +grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
>  OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
>  if [ -z "${OSPROBED}" ] ; then
>    # empty os-prober output, nothing doing
>    exit 0
> -else
> -  grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
>  fi
>
>  osx_entry() {
> --
> 2.30.1


       reply	other threads:[~2021-03-10 12:11 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <20210309211014.37879-1-philm@manjaro.org>
2021-03-10 12:05 ` Daniel Kiper [this message]
2021-03-05 21:15 [PATCH] templates: Properly disable the os-prober by default Philip Müller
2021-03-05 21:49 ` Didier Spaier
2021-03-09 16:52 ` Daniel Kiper

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210310120536.irmw7qckzi3lof5y@tomti.i.net-space.pl \
    --to=daniel.kiper@oracle.com \
    --cc=alastair.cooper@outlook.com \
    --cc=alexander.burmashev@oracle.com \
    --cc=bernhard@manjaro.org \
    --cc=didier@slint.fr \
    --cc=glaubitz@physik.fu-berlin.de \
    --cc=grub-devel@gnu.org \
    --cc=helmut@manjaro.org \
    --cc=lsorense@csclub.uwaterloo.ca \
    --cc=nyanko@10x.moe \
    --cc=philm@manjaro.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.