X-Git-Url: https://code.delx.au/refind/blobdiff_plain/e86087ab76430dd4acf8c992aa0d9bad1c1c494b..a685467b7efc9a27ea7cf0318d35577b80c63356:/debian/postinst

diff --git a/debian/postinst b/debian/postinst
index e78bd9d..898fde3 100755
--- a/debian/postinst
+++ b/debian/postinst
@@ -4,43 +4,93 @@
 
 set -e
 
-# Remove any existing NVRAM entry for rEFInd, to avoid creating a duplicate.
-ExistingEntry=`efibootmgr | grep "rEFInd Boot Manager" | cut -c 5-8`
-if [[ -n $ExistingEntry ]] ; then
-   efibootmgr --bootnum $ExistingEntry --delete-bootnum
+if [ -f /usr/share/debconf/confmodule ] ; then
+    . /usr/share/debconf/confmodule
 fi
 
-cd /usr/share/refind
+install_to_esp() {
+    # Remove any existing NVRAM entry for rEFInd, to avoid creating a duplicate.
+    ExistingEntry=`efibootmgr | grep "rEFInd Boot Manager" | cut -c 5-8`
+    if [[ -n $ExistingEntry ]] ; then
+        efibootmgr --bootnum $ExistingEntry --delete-bootnum &> /dev/null
+    fi
 
-if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
-   IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
-else
-   IsSecureBoot="0"
-fi
-# Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
-# present, the script uses shim rather than PreLoader.
-declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
-if [[ ! -n $ShimFile ]] ; then
-   declare ShimFile=`find /boot -name PreLoader\.efi 2> /dev/null | head -n 1`
-fi
-declare SBSign=`which sbsign 2> /dev/null`
-declare OpenSSL=`which openssl 2> /dev/null`
-
-# Run the rEFInd installation script. Do so with the --shim option
-# if Secure Boot mode is suspected and if a shim program can be
-# found, or without it if not. If a shim installation is attempted
-# and the sbsign and openssl programs can be found, do the install
-# using a local signing key. Note that this option is undesirable
-# for a distribution, since it would then require the user to
-# enroll an extra MOK. I'm including it here because I'm NOT a
-# distribution maintainer, and I want to encourage users to use
-# their own local keys.
-if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
-   if [[ -n $SBSign && -n $OpenSSL ]] ; then
-      ./install.sh --shim $ShimFile --localkeys --yes
-   else
-      ./install.sh --shim $ShimFile --yes
-   fi
-else
-   ./install.sh --yes
-fi
+    cd /usr/share/refind
+
+    if [[ -f /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data ]] ; then
+        IsSecureBoot=`od -An -t u1 /sys/firmware/efi/vars/SecureBoot-8be4df61-93ca-11d2-aa0d-00e098032b8c/data | tr -d '[[:space:]]'`
+    else
+        IsSecureBoot="0"
+    fi
+    # Note: Two find operations for ShimFile favors shim over PreLoader -- if both are
+    # present, the script uses shim rather than PreLoader.
+    declare ShimFile=`find /boot -name shim\.efi -o -name shimx64\.efi -o -name PreLoader\.efi 2> /dev/null | head -n 1`
+    if [[ ! -n $ShimFile ]] ; then
+        declare ShimFile=`find /boot -name PreLoader\.efi 2> /dev/null | head -n 1`
+    fi
+    declare SBSign=`which sbsign 2> /dev/null`
+    declare OpenSSL=`which openssl 2> /dev/null`
+
+    # Run the rEFInd installation script. Do so with the --shim option
+    # if Secure Boot mode is suspected and if a shim program can be
+    # found, or without it if not. If a shim installation is attempted
+    # and the sbsign and openssl programs can be found, do the install
+    # using a local signing key. Note that this option is undesirable
+    # for a distribution, since it would then require the user to
+    # enroll an extra MOK. I'm including it here because I'm NOT a
+    # distribution maintainer, and I want to encourage users to use
+    # their own local keys.
+    if [[ $IsSecureBoot == "1" && -n $ShimFile ]] ; then
+        if [[ -n $SBSign && -n $OpenSSL ]] ; then
+            ./refind-install --shim $ShimFile --localkeys --yes
+        else
+            ./refind-install --shim $ShimFile --yes
+        fi
+    else
+        if [[ -n $SBSign && -n $OpenSSL ]] ; then
+            ./refind-install --localkeys --yes
+        else
+            ./refind-install --yes
+        fi
+    fi
+} # install_to_esp()
+
+#
+# Main part of script begins
+#
+
+case "$1" in
+    configure)
+        db_get refind/install_to_esp || true;
+        if [ x"$RET" = x"true" ]; then
+            echo "Installing rEFInd to the ESP..."
+            install_to_esp
+        else
+            echo "** Not installing rEFInd to the ESP! **"
+            echo "If you want rEFInd to control the boot process, you can do so by runing:"
+            echo ""
+            echo "dpkg-reconfigure refind"
+            echo ""
+        fi
+    ;;
+
+    reconfigure)
+        db_get refind/install_to_esp || true;
+        if [ x"$RET" = x"true" ]; then
+            echo "Installing rEFInd to the ESP..."
+            install_to_esp
+        else
+            echo "If rEFInd was previously configured to be your primary boot manager, you must"
+            echo "use efibootmgr to set the computer to boot with something else."
+        fi
+    ;;
+
+    abort-upgrade|abort-remove|abort-deconfigure)
+        exit 0
+    ;;
+
+    *)
+        echo "postinst called with unknown argument \`$1'" >&2
+        exit 0
+    ;;
+esac