code.delx.au - refind/blob - debian/postinst

   1 #!/bin/bash
   2 # Post-installation script (run on USER'S system after installing the
   3 # main rEFInd package)
   4
   5 set -e
   6
   7 if [ -f /usr/share/debconf/confmodule ] ; then
   8     . /usr/share/debconf/confmodule
   9 fi
  10
  11 install_to_esp() {
  12     # Remove any existing NVRAM entry for rEFInd, to avoid creating a duplicate.
  13     ExistingEntry=`efibootmgr | grep "rEFInd Boot Manager" | cut -c 5-8`
  14     if [[ -n $ExistingEntry ]] ; then
  15         efibootmgr --bootnum $ExistingEntry --delete-bootnum &> /dev/null
  16     fi
  17
  18     cd /usr/share/refind
  19
  20     if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
  21         IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
  22     else
  23         IsSecureBoot="0"
  24     fi
  25     # Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
  26     # present, the script uses shim rather than PreLoader.
  27     declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
  28     if [[ ! -n $ShimFile ]] ; then
  29         declare ShimFile=`find /boot -name PreLoader\.efi 2> /dev/null | head -n 1`
  30     fi
  31     declare SBSign=`which sbsign 2> /dev/null`
  32     declare OpenSSL=`which openssl 2> /dev/null`
  33
  34     # Run the rEFInd installation script. Do so with the --shim option
  35     # if Secure Boot mode is suspected and if a shim program can be
  36     # found, or without it if not. If a shim installation is attempted
  37     # and the sbsign and openssl programs can be found, do the install
  38     # using a local signing key. Note that this option is undesirable
  39     # for a distribution, since it would then require the user to
  40     # enroll an extra MOK. I'm including it here because I'm NOT a
  41     # distribution maintainer, and I want to encourage users to use
  42     # their own local keys.
  43     if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
  44         if [[ -n $SBSign && -n $OpenSSL ]] ; then
  45             ./refind-install --shim $ShimFile --localkeys --yes > /dev/null
  46         else
  47             ./refind-install --shim $ShimFile --yes > /dev/null
  48         fi
  49     else
  50         if [[ -n $SBSign && -n $OpenSSL ]] ; then
  51             ./refind-install --localkeys --yes > /dev/null
  52         else
  53             ./refind-install --yes > /dev/null
  54         fi
  55     fi
  56 } # install_to_esp()
  57
  58 #
  59 # Main part of script begins
  60 #
  61
  62 case "$1" in
  63     configure)
  64         db_get refind/install_to_esp || true;
  65         if [ x"$RET" = x"true" ]; then
  66             echo "Installing rEFInd to the ESP..."
  67             install_to_esp
  68         else
  69             echo "** Not installing rEFInd to the ESP! **"
  70             echo "If you want rEFInd to control the boot process, you can do so by runing:"
  71             echo ""
  72             echo "dpkg-reconfigure refind"
  73             echo ""
  74         fi
  75     ;;
  76
  77     reconfigure)
  78         db_get refind/install_to_esp || true;
  79         if [ x"$RET" = x"true" ]; then
  80             echo "Installing rEFInd to the ESP..."
  81             install_to_esp
  82         else
  83             echo "If rEFInd was previously configured to be your primary boot manager, you must"
  84             echo "use efibootmgr to set the computer to boot with something else."
  85         fi
  86     ;;
  87
  88     abort-upgrade|abort-remove|abort-deconfigure)
  89         exit 0
  90     ;;
  91
  92     *)
  93         echo "postinst called with unknown argument \`$1'" >&2
  94         exit 0
  95     ;;
  96 esac
  97
  98 #DEBHELPER#