* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
@ 2020-08-05 19:27 ` ericonr
2020-08-05 19:27 ` ericonr
` (24 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 19:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 194 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r465950009
Comment:
Why not increase `base-files` version directly?
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
2020-08-05 19:27 ` [PR REVIEW] " ericonr
@ 2020-08-05 19:27 ` ericonr
2020-08-05 19:27 ` ericonr
` (23 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 19:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 191 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r465952971
Comment:
Why not use `usr/bin/sbverify` here as well?
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
2020-08-05 19:27 ` [PR REVIEW] " ericonr
2020-08-05 19:27 ` ericonr
@ 2020-08-05 19:27 ` ericonr
2020-08-05 19:27 ` ericonr
` (22 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 19:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 290 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r465951952
Comment:
I don't like this, because the hook should only be there if dracut itself is installed. @sgn and I didn't include it in the `dracut-uefi` hook.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (2 preceding siblings ...)
2020-08-05 19:27 ` ericonr
@ 2020-08-05 19:27 ` ericonr
2020-08-05 19:27 ` ericonr
` (21 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 19:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 157 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r465953113
Comment:
Same here.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (3 preceding siblings ...)
2020-08-05 19:27 ` ericonr
@ 2020-08-05 19:27 ` ericonr
2020-08-05 20:06 ` [PR PATCH] [Updated] " ahesford
` (20 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 19:27 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 185 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r465952366
Comment:
Perhaps make this one verbose as well?
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR PATCH] [Updated] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (4 preceding siblings ...)
2020-08-05 19:27 ` ericonr
@ 2020-08-05 20:06 ` ahesford
2020-08-05 20:06 ` ahesford
` (19 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-05 20:06 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1417 bytes --]
There is an updated pull request by ahesford against master on the void-packages repository
https://github.com/ahesford/void-packages hooks
https://github.com/void-linux/void-packages/pull/24079
Improve consistency of relative paths in kernel hooks
Motivated by a breakage in the `dracut` removal hook as called from `vkpurge`, I cleaned up several packages that install kernel hooks to try to make their behavior more consistent. The XBPS trigger runs hooks from the target root directory with `ROOTDIR` set, so hooks should accommodate this if possible. `vkpurge` now changes to `/` and sets `ROOTDIR` to make sure any hooks it calls work as expected. It would be good to verify correct operation of all hooks after these changes, but `dkms` and `dracut` seem to be the most critical.
- [x] base-files
- [x] dkms
- [x] dracut
- [ ] gummiboot
- [ ] mkinitcpio
- [ ] refind
- [ ] sbsigntool
**Note 1**: `dracut` now uses `--sysroot .` to (hopefully) operate properly in a relative environment.
**Note 2**: `dkms` makes a lot of assumptions about running in the system root that are trickier to override, and the hook already made a lot of absolute path references, so I went all-in on absolute paths in the `dkms` hooks.
Affected maintainers: @Gottox @q66 @thypon @sgn
General interest: @ericonr @duncaen
A patch file from https://github.com/void-linux/void-packages/pull/24079.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-hooks-24079.patch --]
[-- Type: text/x-diff, Size: 17498 bytes --]
From e4164a9f365ec3b21b707ce80f3ef80fc2c827a8 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 1/7] base-files: improve consistency of relative paths in
kernel hooks
---
srcpkgs/base-files/files/vkpurge | 4 +++-
srcpkgs/base-files/template | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/base-files/files/vkpurge b/srcpkgs/base-files/files/vkpurge
index 92098ec736e..5519147b905 100644
--- a/srcpkgs/base-files/files/vkpurge
+++ b/srcpkgs/base-files/files/vkpurge
@@ -39,10 +39,12 @@ list_kernels() {
run_hooks() {
dir="$1"
kver="$2"
+
for d in /etc/kernel.d/"${dir}"/*; do
[ -x "$d" ] || continue
printf "Running %s kernel hook: %s...\n" "$dir" "${d##*/}"
- "$d" kernel "$kver"
+ # Hooks assume they run from the root
+ (cd / && ROOTDIR=. "$d" kernel "$kver")
done
}
diff --git a/srcpkgs/base-files/template b/srcpkgs/base-files/template
index d608bc81f57..6b503690606 100644
--- a/srcpkgs/base-files/template
+++ b/srcpkgs/base-files/template
@@ -1,7 +1,7 @@
# Template file for 'base-files'
pkgname=base-files
version=0.141
-revision=1
+revision=2
bootstrap=yes
depends="xbps-triggers"
short_desc="Void Linux base system files"
From 0b70e31d1b4c11572b61e5c2f030bf3678ec1af1 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 2/7] dkms: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dkms/files/kernel.d/dkms.postinst | 34 ++++++++++++-----------
srcpkgs/dkms/files/kernel.d/dkms.prerm | 6 ++--
srcpkgs/dkms/template | 2 +-
3 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.postinst b/srcpkgs/dkms/files/kernel.d/dkms.postinst
index 5cfc630de1c..ef2a10bac28 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.postinst
+++ b/srcpkgs/dkms/files/kernel.d/dkms.postinst
@@ -8,7 +8,7 @@ PKGNAME="$1"
VERSION="$2"
ARCH=$(uname -m)
-if [ ! -x /usr/sbin/dkms ]; then
+if [ ! -x /usr/bin/dkms ]; then
exit 0
fi
@@ -59,16 +59,16 @@ while [ $# -gt 1 ]; do
# If adding a module, depmod is necessary unless dkms runs it
do_depmod="yes"
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
if [ $(echo "$status"|grep -c ": built") -eq 0 ]; then
# Check if the module is still there.
- if [ ! -f usr/src/${module}-${modulever}/dkms.conf ]; then
+ if [ ! -f /usr/src/${module}-${modulever}/dkms.conf ]; then
echo "Skipping nonexistent DKMS module: ${module}-${modulever}."
continue
fi
# Build the module
echo -n "Building DKMS module: ${module}-${modulever}... "
- dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module was skipped or failed, go to the next module.
if [ $rval -eq 0 ]; then
@@ -80,14 +80,14 @@ while [ $# -gt 1 ]; do
echo "FAILED!"
continue
fi
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
fi
# If the module is built (either pre-built or just now), install it
if [ $(echo "$status"|grep -c ": built") -eq 1 ] &&
[ $(echo "$status"|grep -c ": installed") -eq 0 ]; then
echo -n "Installing DKMS module: ${module}-${modulever}... "
- dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module failed installation, go to the next module.
if [ $rval -eq 0 ]; then
@@ -101,16 +101,18 @@ while [ $# -gt 1 ]; do
fi
done
-if [ -n "$do_depmod" ]; then
- echo -n "Generating kernel module dependency lists... "
- depmod -a ${VERSION}
- rval=$?
- if [ $rval -eq 0 ]; then
- echo "done."
- else
- echo "FAILED!"
- exit $rval
- fi
+if [ -z "$do_depmod" ] || [ ! -x /usr/bin/depmod ]; then
+ exit 0
+fi
+
+echo -n "Generating kernel module dependency lists... "
+/usr/bin/depmod -a ${VERSION}
+rval=$?
+if [ $rval -eq 0 ]; then
+ echo "done."
+else
+ echo "FAILED!"
+ exit $rval
fi
exit 0
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.prerm b/srcpkgs/dkms/files/kernel.d/dkms.prerm
index 0307e895311..155e9734aee 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.prerm
+++ b/srcpkgs/dkms/files/kernel.d/dkms.prerm
@@ -4,14 +4,14 @@
PKGNAME="$1"
VERSION="$2"
-if [ -x /usr/sbin/dkms ]; then
+if [ -x /usr/bin/dkms ]; then
while read line; do
name=`echo "$line" | awk '{print $1}' | sed 's/,$//'`
vers=`echo "$line" | awk '{print $2}' | sed 's/,$//'`
arch=`echo "$line" | awk '{print $4}' | sed 's/:$//'`
echo "dkms: removing: $name $vers (${PKGNAME}-${VERSION}) ($arch)" >&2
- dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
-done < <(dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
+ /usr/bin/dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
+done < <(/usr/bin/dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
fi
rmdir \
diff --git a/srcpkgs/dkms/template b/srcpkgs/dkms/template
index 4365bc5a7d7..f6b5035e8a0 100644
--- a/srcpkgs/dkms/template
+++ b/srcpkgs/dkms/template
@@ -1,7 +1,7 @@
# Template file for 'dkms'
pkgname=dkms
version=2.8.3
-revision=1
+revision=2
conf_files="/etc/dkms/framework.conf"
depends="bash kmod gcc make coreutils linux-headers"
short_desc="Dynamic Kernel Modules System"
From 321c3e33d6a955e1a086c04fecce760c8a5a418f Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 3/7] dracut: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dracut/files/kernel-hook-postinst | 4 ++--
srcpkgs/dracut/files/kernel-hook-postrm | 4 +---
srcpkgs/dracut/files/kernel-uefi-hook-postinst | 5 +++--
srcpkgs/dracut/files/kernel-uefi-hook-postrm | 4 +---
srcpkgs/dracut/template | 2 +-
5 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/srcpkgs/dracut/files/kernel-hook-postinst b/srcpkgs/dracut/files/kernel-hook-postinst
index a9d265b6ed6..537af549796 100644
--- a/srcpkgs/dracut/files/kernel-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
-dracut -q --force boot/initramfs-${VERSION}.img ${VERSION}
+usr/bin/dracut -q --force --sysroot . boot/initramfs-${VERSION}.img ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-hook-postrm b/srcpkgs/dracut/files/kernel-hook-postrm
index f99458a4bfa..c338cf617a7 100644
--- a/srcpkgs/dracut/files/kernel-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f boot/initramfs-${VERSION}.img ]; then
- rm -f boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postinst b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
index d623c3f86df..f1098a48a81 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
@@ -12,12 +12,13 @@ if [ -z "${CREATE_UEFI_BUNDLES}" ]; then
exit 0
fi
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
mkdir -p ${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}
-dracut -q --force ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} ${DRACUT_OPTIONS} \
+usr/bin/dracut -q --force --sysroot . ${DRACUT_OPTIONS} \
+ ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} \
--uefi ${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postrm b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
index 8183bb26f08..63b25498789 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
@@ -11,7 +11,5 @@ VERSION="$2"
: "${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}"
-if [ -f "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi" ]; then
- rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
-fi
+rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
exit $?
diff --git a/srcpkgs/dracut/template b/srcpkgs/dracut/template
index 8fb41d17a72..232f70a0d4a 100644
--- a/srcpkgs/dracut/template
+++ b/srcpkgs/dracut/template
@@ -1,7 +1,7 @@
# Template file for 'dracut'
pkgname=dracut
version=050
-revision=5
+revision=6
build_style=configure
configure_args="--prefix=/usr --sysconfdir=/etc"
conf_files="/etc/dracut.conf"
From 386aa5db5b5dbd25f2b4694e5c3ae8cd9f712036 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 4/7] gummiboot: improve consistency of relative paths in
kernel hooks
---
.../files/kernel.d/gummiboot.post-install | 28 +++++++++----------
.../files/kernel.d/gummiboot.post-remove | 16 +++++------
srcpkgs/gummiboot/template | 2 +-
3 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
index 7f4d27e985d..2517421e3e5 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
@@ -13,33 +13,33 @@ if [ "$GUMMIBOOT_DISABLE" ]; then
exit 0
fi
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-options=$boot/loader/void-options.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+options="$boot/loader/void-options.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-mkdir -p $entries
+mkdir -p "$entries"
-cat <<-EOF > $entry
+cat <<-EOF > "$entry"
title Void Linux
version $VERSION
linux /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
EOF
-if [ -r $options ]; then
+if [ -r "$options" ]; then
# Add user provided options from /boot/loader/void-options.conf:
- printf 'options %s\n' "$(cat $options | sed '/^#/d;/^$/d')" >> $entry
+ printf 'options %s\n' "$(cat "$options" | sed '/^#/d;/^$/d')" >> "$entry"
fi
-if grep -q ^default $loader 2>/dev/null; then
+if grep -q ^default "$loader" 2>/dev/null; then
# Replace existing default entry with this entry:
- sed -i "s/default.*/default $name/" $loader
+ sed -i "s/default.*/default $name/" "$loader"
else
# Add this entry as the default:
- printf 'default %s\n' $name >>$loader
+ printf 'default %s\n' $name >>"$loader"
fi
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
index b946d62456a..a207b2d362c 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
@@ -7,15 +7,15 @@
PKGNAME="$1"
VERSION="$2"
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-rm -f $entry
+rm -f "$entry"
# No default entry if the removed entry was the default:
-sed -i "/^default $name\$/d" $loader
+[ -e "$loader" ] && sed -i "/^default $name\$/d" "$loader"
diff --git a/srcpkgs/gummiboot/template b/srcpkgs/gummiboot/template
index a824e27c021..052776fe7ff 100644
--- a/srcpkgs/gummiboot/template
+++ b/srcpkgs/gummiboot/template
@@ -1,7 +1,7 @@
# Template file for 'gummiboot'
pkgname=gummiboot
version=48.1
-revision=5
+revision=6
archs="i686* x86_64* aarch64*"
build_style=gnu-configure
conf_files="/etc/default/gummiboot"
From 2ae30447a7e4e59d0c3fda08c9a3cd593438dc8a Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 5/7] mkinitcpio: improve consistency of relative paths in
kernel hooks
---
srcpkgs/mkinitcpio/files/kernel-hook-postinst | 4 ++--
srcpkgs/mkinitcpio/files/kernel-hook-postrm | 4 +---
srcpkgs/mkinitcpio/template | 2 +-
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postinst b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
index 31fe5705812..c6f2ab81264 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postinst
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/mkinitcpio ]; then
+if [ ! -x usr/bin/mkinitcpio ]; then
exit 0
fi
-mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
+usr/bin/mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
exit $?
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postrm b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
index f099aba66ca..028fd097b87 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postrm
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f /boot/initramfs-${VERSION}.img ]; then
- rm -f /boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/mkinitcpio/template b/srcpkgs/mkinitcpio/template
index 303905d0f1f..a0f44360db4 100644
--- a/srcpkgs/mkinitcpio/template
+++ b/srcpkgs/mkinitcpio/template
@@ -1,7 +1,7 @@
# Template file for 'mkinitcpio'
pkgname=mkinitcpio
version=27
-revision=1
+revision=2
archs=noarch
build_style=gnu-makefile
depends="busybox-static bsdtar bash"
From ea584cab2ce5d2c8e8b91441dcdcaf3a4ea25a59 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 6/7] refind: improve consistency of relative paths in kernel
hooks
---
srcpkgs/refind/files/kernel.post-install | 2 +-
srcpkgs/refind/files/kernel.post-remove | 2 +-
srcpkgs/refind/template | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/srcpkgs/refind/files/kernel.post-install b/srcpkgs/refind/files/kernel.post-install
index 88b261aaacd..cc00a607665 100755
--- a/srcpkgs/refind/files/kernel.post-install
+++ b/srcpkgs/refind/files/kernel.post-install
@@ -13,7 +13,7 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
zrefind_dir="${REFIND_CONF%/*}"
mkdir -p "$zrefind_dir"
diff --git a/srcpkgs/refind/files/kernel.post-remove b/srcpkgs/refind/files/kernel.post-remove
index efb3786396c..caa91fbb9b4 100755
--- a/srcpkgs/refind/files/kernel.post-remove
+++ b/srcpkgs/refind/files/kernel.post-remove
@@ -13,7 +13,7 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
[ -f "$REFIND_CONF" ] || exit 0
diff --git a/srcpkgs/refind/template b/srcpkgs/refind/template
index 5e9865b9667..d7f8f2fba1c 100644
--- a/srcpkgs/refind/template
+++ b/srcpkgs/refind/template
@@ -1,7 +1,7 @@
# Template file for 'refind'
pkgname=refind
version=0.12.0
-revision=1
+revision=2
archs="x86_64* i686* aarch64*"
makedepends="gnu-efi-libs"
depends="bash dosfstools efibootmgr"
From 30ac0f105f9dc5da9f735a2b5015eed9686ff2c1 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 7/7] sbsigntool: improve consistency of relative paths in
kernel hooks
---
.../sbsigntool/files/kernel.d/sbsigntool.post-install | 10 +++++-----
srcpkgs/sbsigntool/template | 2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
index bc450dbc428..060f0d8e26e 100644
--- a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
@@ -37,18 +37,18 @@ if [ "x${EFI_SIGN_ENGINE}" != x ]; then
options="--engine=${EFI_SIGN_ENGINE}"
fi
-if ! sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
- "/boot/vmlinuz-${VERSION}"; then
+if ! usr/bin/sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
+ "boot/vmlinuz-${VERSION}"; then
msg "failed to sign kernel"
exit 1
fi
-if ! sbverify -c "${EFI_CERT_FILE}" "/boot/vmlinuz-${VERSION}.signed"; then
+if ! usr/bin/sbverify -c "${EFI_CERT_FILE}" "boot/vmlinuz-${VERSION}.signed"; then
msg "failed to verify the signature"
exit 1
fi
if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
- mv -f "/boot/vmlinuz-${VERSION}" "/boot/vmlinuz-${VERSION}.unsigned"
+ mv -f "boot/vmlinuz-${VERSION}" "boot/vmlinuz-${VERSION}.unsigned"
fi
-mv -f "/boot/vmlinuz-${VERSION}.signed" "/boot/vmlinuz-${VERSION}"
+mv -f "boot/vmlinuz-${VERSION}.signed" "boot/vmlinuz-${VERSION}"
diff --git a/srcpkgs/sbsigntool/template b/srcpkgs/sbsigntool/template
index 6e39cac66d9..0bee8bf00b1 100644
--- a/srcpkgs/sbsigntool/template
+++ b/srcpkgs/sbsigntool/template
@@ -1,7 +1,7 @@
# Template file for 'sbsigntool'
pkgname=sbsigntool
version=0.9.4
-revision=2
+revision=3
archs="x86_64* i686* aarch64* arm*"
wrksrc=sbsigntools-$version
build_style=gnu-configure
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (5 preceding siblings ...)
2020-08-05 20:06 ` [PR PATCH] [Updated] " ahesford
@ 2020-08-05 20:06 ` ahesford
2020-08-05 20:26 ` ericonr
` (18 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-05 20:06 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1917 bytes --]
New comment by ahesford on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669474162
Comment:
On 2020-08-05 at 15:28 (UTC -0400), Érico Nogueira Rolim wrote:
> @ericonr commented on this pull request.
>
>
>
> > version=0.141
> -revision=1
> +revision=2
>
> Why not increase `base-files` version directly?
Before the last bump there was a long history of revbumping, and a
version bump seems a bit "heavy" for a minor fix.
> > +if [ ! -x usr/bin/dracut ]; then
> exit 0
> fi
>
> I don't like this, because the hook should only be there if dracut itself is installed. @sgn and I didn't include it in the `dracut-uefi` hook.
That's not unreasonable, but there are many hooks (including in
`kernel-uefi-postinst`) that follow this pattern.
> > @@ -7,7 +7,5 @@
> PKGNAME="$1"
> VERSION="$2"
>
> -if [ -f boot/initramfs-${VERSION}.img ]; then
> - rm -f boot/initramfs-${VERSION}.img
> -fi
> +rm -f boot/initramfs-${VERSION}.img
>
> Perhaps make this one verbose as well?
I object to verbose removes even in your UEFI hook. There is no need to
clutter output with messages that an initramfs is being removed when
that's the expected action.
> > msg "failed to sign kernel"
> exit 1
> fi
>
> -if ! sbverify -c "${EFI_CERT_FILE}" "/boot/vmlinuz-${VERSION}.signed"; then
> +if ! sbverify -c "${EFI_CERT_FILE}" "boot/vmlinuz-${VERSION}.signed"; then
>
> Why not use `usr/bin/sbverify` here as well?
>
> > @@ -38,17 +38,17 @@ if [ "x${EFI_SIGN_ENGINE}" != x ]; then
> fi
>
> if ! sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
>
> Same here.
Good points, fixed.
> --
> You are receiving this because you authored the thread.
> Reply to this email directly or view it on GitHub:
> https://github.com/void-linux/void-packages/pull/24079#pullrequestreview-461955666
--
Andrew J. Hesford
ajh@sideband.org
(Personal communication)
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (6 preceding siblings ...)
2020-08-05 20:06 ` ahesford
@ 2020-08-05 20:26 ` ericonr
2020-08-06 1:09 ` [PR REVIEW] " sgn
` (17 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-05 20:26 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 727 bytes --]
New comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669485212
Comment:
> Before the last bump there was a long history of revbumping, and a version bump seems a bit "heavy" for a minor fix.
Fair.
> That's not unreasonable, but there are many hooks (including in `kernel-uefi-postinst`) that follow this pattern.
Guess I was mistaken. Ok.
> I object to verbose removes even in your UEFI hook. There is no need to clutter output with messages that an initramfs is being removed when that's the expected action.
I thought about making it verbose to at least fit some pattern. You can remove verbosity from my hook, which achieves the same thing.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (7 preceding siblings ...)
2020-08-05 20:26 ` ericonr
@ 2020-08-06 1:09 ` sgn
2020-08-06 1:12 ` sgn
` (16 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 1:09 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 170 bytes --]
New review comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r466087441
Comment:
+1, biting by this just now
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (8 preceding siblings ...)
2020-08-06 1:09 ` [PR REVIEW] " sgn
@ 2020-08-06 1:12 ` sgn
2020-08-06 1:49 ` ahesford
` (15 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 1:12 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1405 bytes --]
New review comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r466088097
Comment:
This is not correct.
It'll break if user has changed their configuration.
And this will break the path relative to <esp> mountpoint.
Maybe something like this?
```diff
diff --git a/srcpkgs/refind/files/kernel.post-install b/srcpkgs/refind/files/kernel.post-install
index 88b261aaac..70f26936c0 100755
--- a/srcpkgs/refind/files/kernel.post-install
+++ b/srcpkgs/refind/files/kernel.post-install
@@ -15,7 +15,14 @@ fi
# Default refind.conf
: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+abs_rootdir="$(cd "${ROOTDIR}" && pwd)"
+if [ "$abs_rootdir" != "/" ]; then
+ abs_rootdir="$abs_rootdir/"
+fi
+
+REFIND_CONF="${abs_rootdir}${REFIND_CONF#/}"
zrefind_dir="${REFIND_CONF%/*}"
+
mkdir -p "$zrefind_dir"
touch "$REFIND_CONF"
diff --git a/srcpkgs/refind/files/kernel.post-remove b/srcpkgs/refind/files/kernel.post-remove
index efb3786396..b50f19680b 100755
--- a/srcpkgs/refind/files/kernel.post-remove
+++ b/srcpkgs/refind/files/kernel.post-remove
@@ -13,7 +13,8 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
+REFIND_CONF="${REFIND_CONF#/}"
[ -f "$REFIND_CONF" ] || exit 0
```
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (9 preceding siblings ...)
2020-08-06 1:12 ` sgn
@ 2020-08-06 1:49 ` ahesford
2020-08-06 2:09 ` sgn
` (14 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-06 1:49 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 532 bytes --]
New review comment by ahesford on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r466098367
Comment:
The `post-install` is too complicated. What about
```
REFIND_CONF="$(readlink -m "${ROOTDIR}/${REFIND_CONF:-boot/EFI/refind/refind.conf}" 2>/dev/null)"
[ -n "${REFIND_CONF}" ] || exit 0
```
Since we already rely on `cat`, which is in `coreutils` alongside `readlink`, I don't have a problem just assuming readlink exists. We also just assume `awk` and `sed` are available anyway.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (10 preceding siblings ...)
2020-08-06 1:49 ` ahesford
@ 2020-08-06 2:09 ` sgn
2020-08-06 3:18 ` ahesford
` (13 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 2:09 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1080 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669640399
Comment:
On 2020-08-05 18:50:05-0700, "Andrew J. Hesford" <notifications@github.com> wrote:
> @ahesford commented on this pull request.
>
>
>
> > @@ -13,7 +13,7 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
> fi
>
> # Default refind.conf
> -: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
> +: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
>
> The `post-install` is too complicated. What about
> ```
> REFIND_CONF="$(readlink -m "${ROOTDIR}/${REFIND_CONF:-boot/EFI/refind/refind.conf}" 2>/dev/null)"
> [ -n "${REFIND_CONF}" ] || exit 0
> ```
> Since we already rely on `cat`, which is in `coreutils` alongside
> `readlink`, I don't have a problem just assuming readlink exists. We
> also just assume `awk` and `sed` are available anyway.
The complicated logic below it to ensure if we don't have
`boot/EFI/refind/refind.conf`, we'll create it.
So, `exit 0` isn't a right choice.
for sbsigntool, please use the commit from #23688
--
Danh
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (11 preceding siblings ...)
2020-08-06 2:09 ` sgn
@ 2020-08-06 3:18 ` ahesford
2020-08-06 3:31 ` [PR PATCH] [Updated] " ahesford
` (12 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-06 3:18 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 790 bytes --]
New comment by ahesford on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669658973
Comment:
On 2020-08-05 at 22:09 (UTC -0400), Danh Doan wrote:
>
> The complicated logic below it to ensure if we don't have
> `boot/EFI/refind/refind.conf`, we'll create it.
>
> So, `exit 0` isn't a right choice.
`readlink -m [...]` should always resolve a path because it doesn't
require any of the components to exist. In practice, `$REFIND_CONF` will
*never* be empty, but just in case something goes unexpectedly wrong
(suppose `readlink` is not found or executable, for example), we just
want to give up.
> for sbsigntool, please use the commit from #23688
I'll pull in the commit.
--
Andrew J. Hesford
ajh@sideband.org
(Personal communication)
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR PATCH] [Updated] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (12 preceding siblings ...)
2020-08-06 3:18 ` ahesford
@ 2020-08-06 3:31 ` ahesford
2020-08-06 3:32 ` ahesford
` (11 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-06 3:31 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1417 bytes --]
There is an updated pull request by ahesford against master on the void-packages repository
https://github.com/ahesford/void-packages hooks
https://github.com/void-linux/void-packages/pull/24079
Improve consistency of relative paths in kernel hooks
Motivated by a breakage in the `dracut` removal hook as called from `vkpurge`, I cleaned up several packages that install kernel hooks to try to make their behavior more consistent. The XBPS trigger runs hooks from the target root directory with `ROOTDIR` set, so hooks should accommodate this if possible. `vkpurge` now changes to `/` and sets `ROOTDIR` to make sure any hooks it calls work as expected. It would be good to verify correct operation of all hooks after these changes, but `dkms` and `dracut` seem to be the most critical.
- [x] base-files
- [x] dkms
- [x] dracut
- [ ] gummiboot
- [ ] mkinitcpio
- [ ] refind
- [ ] sbsigntool
**Note 1**: `dracut` now uses `--sysroot .` to (hopefully) operate properly in a relative environment.
**Note 2**: `dkms` makes a lot of assumptions about running in the system root that are trickier to override, and the hook already made a lot of absolute path references, so I went all-in on absolute paths in the `dkms` hooks.
Affected maintainers: @Gottox @q66 @thypon @sgn
General interest: @ericonr @duncaen
A patch file from https://github.com/void-linux/void-packages/pull/24079.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-hooks-24079.patch --]
[-- Type: text/x-diff, Size: 20465 bytes --]
From 5600f36562ab91513b2e7b44093e297c6a1fad66 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 1/7] base-files: improve consistency of relative paths in
kernel hooks
---
srcpkgs/base-files/files/vkpurge | 4 +++-
srcpkgs/base-files/template | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/base-files/files/vkpurge b/srcpkgs/base-files/files/vkpurge
index 92098ec736e..5519147b905 100644
--- a/srcpkgs/base-files/files/vkpurge
+++ b/srcpkgs/base-files/files/vkpurge
@@ -39,10 +39,12 @@ list_kernels() {
run_hooks() {
dir="$1"
kver="$2"
+
for d in /etc/kernel.d/"${dir}"/*; do
[ -x "$d" ] || continue
printf "Running %s kernel hook: %s...\n" "$dir" "${d##*/}"
- "$d" kernel "$kver"
+ # Hooks assume they run from the root
+ (cd / && ROOTDIR=. "$d" kernel "$kver")
done
}
diff --git a/srcpkgs/base-files/template b/srcpkgs/base-files/template
index d608bc81f57..6b503690606 100644
--- a/srcpkgs/base-files/template
+++ b/srcpkgs/base-files/template
@@ -1,7 +1,7 @@
# Template file for 'base-files'
pkgname=base-files
version=0.141
-revision=1
+revision=2
bootstrap=yes
depends="xbps-triggers"
short_desc="Void Linux base system files"
From 95c237bb582abdf30378d96ebfd17b87fc343f95 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 2/7] dkms: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dkms/files/kernel.d/dkms.postinst | 34 ++++++++++++-----------
srcpkgs/dkms/files/kernel.d/dkms.prerm | 6 ++--
srcpkgs/dkms/template | 2 +-
3 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.postinst b/srcpkgs/dkms/files/kernel.d/dkms.postinst
index 5cfc630de1c..ef2a10bac28 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.postinst
+++ b/srcpkgs/dkms/files/kernel.d/dkms.postinst
@@ -8,7 +8,7 @@ PKGNAME="$1"
VERSION="$2"
ARCH=$(uname -m)
-if [ ! -x /usr/sbin/dkms ]; then
+if [ ! -x /usr/bin/dkms ]; then
exit 0
fi
@@ -59,16 +59,16 @@ while [ $# -gt 1 ]; do
# If adding a module, depmod is necessary unless dkms runs it
do_depmod="yes"
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
if [ $(echo "$status"|grep -c ": built") -eq 0 ]; then
# Check if the module is still there.
- if [ ! -f usr/src/${module}-${modulever}/dkms.conf ]; then
+ if [ ! -f /usr/src/${module}-${modulever}/dkms.conf ]; then
echo "Skipping nonexistent DKMS module: ${module}-${modulever}."
continue
fi
# Build the module
echo -n "Building DKMS module: ${module}-${modulever}... "
- dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module was skipped or failed, go to the next module.
if [ $rval -eq 0 ]; then
@@ -80,14 +80,14 @@ while [ $# -gt 1 ]; do
echo "FAILED!"
continue
fi
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
fi
# If the module is built (either pre-built or just now), install it
if [ $(echo "$status"|grep -c ": built") -eq 1 ] &&
[ $(echo "$status"|grep -c ": installed") -eq 0 ]; then
echo -n "Installing DKMS module: ${module}-${modulever}... "
- dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module failed installation, go to the next module.
if [ $rval -eq 0 ]; then
@@ -101,16 +101,18 @@ while [ $# -gt 1 ]; do
fi
done
-if [ -n "$do_depmod" ]; then
- echo -n "Generating kernel module dependency lists... "
- depmod -a ${VERSION}
- rval=$?
- if [ $rval -eq 0 ]; then
- echo "done."
- else
- echo "FAILED!"
- exit $rval
- fi
+if [ -z "$do_depmod" ] || [ ! -x /usr/bin/depmod ]; then
+ exit 0
+fi
+
+echo -n "Generating kernel module dependency lists... "
+/usr/bin/depmod -a ${VERSION}
+rval=$?
+if [ $rval -eq 0 ]; then
+ echo "done."
+else
+ echo "FAILED!"
+ exit $rval
fi
exit 0
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.prerm b/srcpkgs/dkms/files/kernel.d/dkms.prerm
index 0307e895311..155e9734aee 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.prerm
+++ b/srcpkgs/dkms/files/kernel.d/dkms.prerm
@@ -4,14 +4,14 @@
PKGNAME="$1"
VERSION="$2"
-if [ -x /usr/sbin/dkms ]; then
+if [ -x /usr/bin/dkms ]; then
while read line; do
name=`echo "$line" | awk '{print $1}' | sed 's/,$//'`
vers=`echo "$line" | awk '{print $2}' | sed 's/,$//'`
arch=`echo "$line" | awk '{print $4}' | sed 's/:$//'`
echo "dkms: removing: $name $vers (${PKGNAME}-${VERSION}) ($arch)" >&2
- dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
-done < <(dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
+ /usr/bin/dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
+done < <(/usr/bin/dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
fi
rmdir \
diff --git a/srcpkgs/dkms/template b/srcpkgs/dkms/template
index 4365bc5a7d7..f6b5035e8a0 100644
--- a/srcpkgs/dkms/template
+++ b/srcpkgs/dkms/template
@@ -1,7 +1,7 @@
# Template file for 'dkms'
pkgname=dkms
version=2.8.3
-revision=1
+revision=2
conf_files="/etc/dkms/framework.conf"
depends="bash kmod gcc make coreutils linux-headers"
short_desc="Dynamic Kernel Modules System"
From 490fd3d0ff0709134e758b9af4afdf7b5e9434af Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 3/7] dracut: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dracut/files/kernel-hook-postinst | 4 ++--
srcpkgs/dracut/files/kernel-hook-postrm | 4 +---
srcpkgs/dracut/files/kernel-uefi-hook-postinst | 5 +++--
srcpkgs/dracut/files/kernel-uefi-hook-postrm | 4 +---
srcpkgs/dracut/template | 2 +-
5 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/srcpkgs/dracut/files/kernel-hook-postinst b/srcpkgs/dracut/files/kernel-hook-postinst
index a9d265b6ed6..537af549796 100644
--- a/srcpkgs/dracut/files/kernel-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
-dracut -q --force boot/initramfs-${VERSION}.img ${VERSION}
+usr/bin/dracut -q --force --sysroot . boot/initramfs-${VERSION}.img ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-hook-postrm b/srcpkgs/dracut/files/kernel-hook-postrm
index f99458a4bfa..c338cf617a7 100644
--- a/srcpkgs/dracut/files/kernel-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f boot/initramfs-${VERSION}.img ]; then
- rm -f boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postinst b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
index d623c3f86df..f1098a48a81 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
@@ -12,12 +12,13 @@ if [ -z "${CREATE_UEFI_BUNDLES}" ]; then
exit 0
fi
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
mkdir -p ${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}
-dracut -q --force ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} ${DRACUT_OPTIONS} \
+usr/bin/dracut -q --force --sysroot . ${DRACUT_OPTIONS} \
+ ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} \
--uefi ${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postrm b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
index 8183bb26f08..63b25498789 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
@@ -11,7 +11,5 @@ VERSION="$2"
: "${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}"
-if [ -f "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi" ]; then
- rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
-fi
+rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
exit $?
diff --git a/srcpkgs/dracut/template b/srcpkgs/dracut/template
index 8fb41d17a72..232f70a0d4a 100644
--- a/srcpkgs/dracut/template
+++ b/srcpkgs/dracut/template
@@ -1,7 +1,7 @@
# Template file for 'dracut'
pkgname=dracut
version=050
-revision=5
+revision=6
build_style=configure
configure_args="--prefix=/usr --sysconfdir=/etc"
conf_files="/etc/dracut.conf"
From fa368c1ad2cfd2ae84a90247535d918f759b368d Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 4/7] gummiboot: improve consistency of relative paths in
kernel hooks
---
.../files/kernel.d/gummiboot.post-install | 28 +++++++++----------
.../files/kernel.d/gummiboot.post-remove | 16 +++++------
srcpkgs/gummiboot/template | 2 +-
3 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
index 7f4d27e985d..2517421e3e5 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
@@ -13,33 +13,33 @@ if [ "$GUMMIBOOT_DISABLE" ]; then
exit 0
fi
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-options=$boot/loader/void-options.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+options="$boot/loader/void-options.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-mkdir -p $entries
+mkdir -p "$entries"
-cat <<-EOF > $entry
+cat <<-EOF > "$entry"
title Void Linux
version $VERSION
linux /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
EOF
-if [ -r $options ]; then
+if [ -r "$options" ]; then
# Add user provided options from /boot/loader/void-options.conf:
- printf 'options %s\n' "$(cat $options | sed '/^#/d;/^$/d')" >> $entry
+ printf 'options %s\n' "$(cat "$options" | sed '/^#/d;/^$/d')" >> "$entry"
fi
-if grep -q ^default $loader 2>/dev/null; then
+if grep -q ^default "$loader" 2>/dev/null; then
# Replace existing default entry with this entry:
- sed -i "s/default.*/default $name/" $loader
+ sed -i "s/default.*/default $name/" "$loader"
else
# Add this entry as the default:
- printf 'default %s\n' $name >>$loader
+ printf 'default %s\n' $name >>"$loader"
fi
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
index b946d62456a..a207b2d362c 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
@@ -7,15 +7,15 @@
PKGNAME="$1"
VERSION="$2"
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-rm -f $entry
+rm -f "$entry"
# No default entry if the removed entry was the default:
-sed -i "/^default $name\$/d" $loader
+[ -e "$loader" ] && sed -i "/^default $name\$/d" "$loader"
diff --git a/srcpkgs/gummiboot/template b/srcpkgs/gummiboot/template
index a824e27c021..052776fe7ff 100644
--- a/srcpkgs/gummiboot/template
+++ b/srcpkgs/gummiboot/template
@@ -1,7 +1,7 @@
# Template file for 'gummiboot'
pkgname=gummiboot
version=48.1
-revision=5
+revision=6
archs="i686* x86_64* aarch64*"
build_style=gnu-configure
conf_files="/etc/default/gummiboot"
From ff37dc33abae07b7bf4bcfcec8dddf7ee81da0a9 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 5/7] mkinitcpio: improve consistency of relative paths in
kernel hooks
---
srcpkgs/mkinitcpio/files/kernel-hook-postinst | 4 ++--
srcpkgs/mkinitcpio/files/kernel-hook-postrm | 4 +---
srcpkgs/mkinitcpio/template | 2 +-
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postinst b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
index 31fe5705812..c6f2ab81264 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postinst
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/mkinitcpio ]; then
+if [ ! -x usr/bin/mkinitcpio ]; then
exit 0
fi
-mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
+usr/bin/mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
exit $?
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postrm b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
index f099aba66ca..028fd097b87 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postrm
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f /boot/initramfs-${VERSION}.img ]; then
- rm -f /boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/mkinitcpio/template b/srcpkgs/mkinitcpio/template
index 303905d0f1f..a0f44360db4 100644
--- a/srcpkgs/mkinitcpio/template
+++ b/srcpkgs/mkinitcpio/template
@@ -1,7 +1,7 @@
# Template file for 'mkinitcpio'
pkgname=mkinitcpio
version=27
-revision=1
+revision=2
archs=noarch
build_style=gnu-makefile
depends="busybox-static bsdtar bash"
From 94d34101dd2a4d9f7b8dac5e1d293f0c9e91478b Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 6/7] refind: improve consistency of relative paths in kernel
hooks
---
srcpkgs/refind/files/kernel.post-install | 5 +++--
srcpkgs/refind/files/kernel.post-remove | 4 +++-
srcpkgs/refind/template | 2 +-
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/srcpkgs/refind/files/kernel.post-install b/srcpkgs/refind/files/kernel.post-install
index 88b261aaacd..b56fde5e13e 100755
--- a/srcpkgs/refind/files/kernel.post-install
+++ b/srcpkgs/refind/files/kernel.post-install
@@ -12,8 +12,9 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
-# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+# Expand the configuration location wrt the root; full path needs not exist
+REFIND_CONF="$(readlink -m "${ROOTDIR}/${REFIND_CONF:-boot/EFI/refind/refind.conf}" 2>/dev/null)"
+[ -n "${REFIND_CONF}" ] || exit 0
zrefind_dir="${REFIND_CONF%/*}"
mkdir -p "$zrefind_dir"
diff --git a/srcpkgs/refind/files/kernel.post-remove b/srcpkgs/refind/files/kernel.post-remove
index efb3786396c..58881766e4d 100755
--- a/srcpkgs/refind/files/kernel.post-remove
+++ b/srcpkgs/refind/files/kernel.post-remove
@@ -13,7 +13,9 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
+# Make sure paths are relative
+REFIND_CONF="${REFIND_CONF#/}"
[ -f "$REFIND_CONF" ] || exit 0
diff --git a/srcpkgs/refind/template b/srcpkgs/refind/template
index 5e9865b9667..d7f8f2fba1c 100644
--- a/srcpkgs/refind/template
+++ b/srcpkgs/refind/template
@@ -1,7 +1,7 @@
# Template file for 'refind'
pkgname=refind
version=0.12.0
-revision=1
+revision=2
archs="x86_64* i686* aarch64*"
makedepends="gnu-efi-libs"
depends="bash dosfstools efibootmgr"
From 6ff6f80cb6b56a6c42d1bd7c9893c47502038fe8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
<congdanhqx@gmail.com>
Date: Tue, 21 Jul 2020 00:03:15 +0700
Subject: [PATCH 7/7] sbsigntool: rewrite post-install kernel hook
* run the hook on target filesystem
* Use ls | awk to check ownership and permission, instead of relying on
GNU-stat.
* libify signing code, in order to support uefi bundle in the future
* Stop append signature to the efi signed by current key/cert.
While we're at it,
* add post-remove script to remove unsigned file if exist
---
.../files/kernel.d/sbsigntool.post-install | 66 +++++++++++--------
.../files/kernel.d/sbsigntool.post-remove | 13 ++++
srcpkgs/sbsigntool/template | 4 +-
3 files changed, 53 insertions(+), 30 deletions(-)
create mode 100644 srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
index bc450dbc428..70918527711 100644
--- a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
@@ -9,7 +9,35 @@ PKGNAME="$1"
VERSION="$2"
msg() {
- echo "EFI sbsign hook: $1"
+ echo "sbsigntool: $1"
+}
+
+do_sign() {
+ _kernel="$1"
+ if [ ! -f "$_kernel" ]; then
+ msg "$_kernel not found"
+ return 1
+ fi
+ # Ignore efi file signed with this key
+ if usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel" >/dev/null 2>&1; then
+ return 0
+ fi
+ if ! usr/bin/sbsign ${EFI_SIGN_ENGINE:+"--engine=$EFI_SIGN_ENGINE"} \
+ -k "$ROOTDIR/$EFI_KEY_FILE" -c "$ROOTDIR/$EFI_CERT_FILE" \
+ "$_kernel"
+ then
+ msg "failed to sign $_kernel"
+ return 1
+ fi
+ if ! usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel.signed"; then
+ msg "failed to verify the signature"
+ return 1
+ fi
+
+ if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
+ mv -f "$_kernel" "$_kernel.unsigned"
+ fi
+ mv -f "$_kernel.signed" "$_kernel"
}
. "${ROOTDIR}/etc/default/sbsigntool-kernel-hook"
@@ -17,38 +45,18 @@ if [ "x${SBSIGN_EFI_KERNEL}" != x1 ]; then
exit 0
fi
-if [ ! -f "${EFI_KEY_FILE}" ] || [ ! -f "${EFI_CERT_FILE}" ]; then
+if [ ! -f "$ROOTDIR/$EFI_KEY_FILE" ] || [ ! -f "$ROOTDIR/$EFI_CERT_FILE" ]; then
msg "key and/or certificate is not available"
exit 1
fi
-key_stat=$(stat --dereference --format="%a %u" "${EFI_KEY_FILE}")
-
-# check if go=00 owner=0
-if [ "${key_stat}" = "${key_stat%00 0}" ]; then
- msg "Please chown root:root '${EFI_KEY_FILE}'"
- msg "and chmod go-rwx '${EFI_KEY_FILE}'"
- exit 1
-fi
-
-# this part is completely untested
-options=""
-if [ "x${EFI_SIGN_ENGINE}" != x ]; then
- options="--engine=${EFI_SIGN_ENGINE}"
-fi
-
-if ! sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
- "/boot/vmlinuz-${VERSION}"; then
- msg "failed to sign kernel"
- exit 1
-fi
-
-if ! sbverify -c "${EFI_CERT_FILE}" "/boot/vmlinuz-${VERSION}.signed"; then
- msg "failed to verify the signature"
+# All POSIX comformance ls should work
+if ! ls -Ll "$ROOTDIR/$EFI_KEY_FILE" "$ROOTDIR/$EFI_CERT_FILE" |
+ awk '$1 !~ /^-...------$/ || $3 != "root" { exit 1 }'
+then
+ msg "$EFI_KEY_FILE and $EFI_CERT_FILE must be owned by root."
+ msg "and not readable by other users."
exit 1
fi
-if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
- mv -f "/boot/vmlinuz-${VERSION}" "/boot/vmlinuz-${VERSION}.unsigned"
-fi
-mv -f "/boot/vmlinuz-${VERSION}.signed" "/boot/vmlinuz-${VERSION}"
+do_sign "boot/vmlinuz-$VERSION"
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
new file mode 100644
index 00000000000..5d3f73602af
--- /dev/null
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Kernel hook for sbsigntool.
+#
+# Arguments passed to this script: $1 pkgname, $2 version.
+#
+
+PKGNAME="$1"
+VERSION="$2"
+
+if [ -f "boot/vmlinuz-$VERSION.unsigned" ]; then
+ rm -f "boot/vmlinuz-${VERSION}.unsigned"
+fi
diff --git a/srcpkgs/sbsigntool/template b/srcpkgs/sbsigntool/template
index 6e39cac66d9..6ee86139b27 100644
--- a/srcpkgs/sbsigntool/template
+++ b/srcpkgs/sbsigntool/template
@@ -1,7 +1,7 @@
# Template file for 'sbsigntool'
pkgname=sbsigntool
version=0.9.4
-revision=2
+revision=3
archs="x86_64* i686* aarch64* arm*"
wrksrc=sbsigntools-$version
build_style=gnu-configure
@@ -59,4 +59,6 @@ post_install() {
# and I'm not sure about their interaction
vinstall ${FILESDIR}/kernel.d/sbsigntool.post-install 744 \
etc/kernel.d/post-install 40-sbsigntool
+ vinstall ${FILESDIR}/kernel.d/sbsigntool.post-remove 744 \
+ etc/kernel.d/post-remove 40-sbsigntool
}
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR PATCH] [Updated] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (13 preceding siblings ...)
2020-08-06 3:31 ` [PR PATCH] [Updated] " ahesford
@ 2020-08-06 3:32 ` ahesford
2020-08-06 11:42 ` sgn
` (10 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-06 3:32 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1417 bytes --]
There is an updated pull request by ahesford against master on the void-packages repository
https://github.com/ahesford/void-packages hooks
https://github.com/void-linux/void-packages/pull/24079
Improve consistency of relative paths in kernel hooks
Motivated by a breakage in the `dracut` removal hook as called from `vkpurge`, I cleaned up several packages that install kernel hooks to try to make their behavior more consistent. The XBPS trigger runs hooks from the target root directory with `ROOTDIR` set, so hooks should accommodate this if possible. `vkpurge` now changes to `/` and sets `ROOTDIR` to make sure any hooks it calls work as expected. It would be good to verify correct operation of all hooks after these changes, but `dkms` and `dracut` seem to be the most critical.
- [x] base-files
- [x] dkms
- [x] dracut
- [ ] gummiboot
- [ ] mkinitcpio
- [ ] refind
- [ ] sbsigntool
**Note 1**: `dracut` now uses `--sysroot .` to (hopefully) operate properly in a relative environment.
**Note 2**: `dkms` makes a lot of assumptions about running in the system root that are trickier to override, and the hook already made a lot of absolute path references, so I went all-in on absolute paths in the `dkms` hooks.
Affected maintainers: @Gottox @q66 @thypon @sgn
General interest: @ericonr @duncaen
A patch file from https://github.com/void-linux/void-packages/pull/24079.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-hooks-24079.patch --]
[-- Type: text/x-diff, Size: 20481 bytes --]
From 5600f36562ab91513b2e7b44093e297c6a1fad66 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 1/7] base-files: improve consistency of relative paths in
kernel hooks
---
srcpkgs/base-files/files/vkpurge | 4 +++-
srcpkgs/base-files/template | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/base-files/files/vkpurge b/srcpkgs/base-files/files/vkpurge
index 92098ec736e..5519147b905 100644
--- a/srcpkgs/base-files/files/vkpurge
+++ b/srcpkgs/base-files/files/vkpurge
@@ -39,10 +39,12 @@ list_kernels() {
run_hooks() {
dir="$1"
kver="$2"
+
for d in /etc/kernel.d/"${dir}"/*; do
[ -x "$d" ] || continue
printf "Running %s kernel hook: %s...\n" "$dir" "${d##*/}"
- "$d" kernel "$kver"
+ # Hooks assume they run from the root
+ (cd / && ROOTDIR=. "$d" kernel "$kver")
done
}
diff --git a/srcpkgs/base-files/template b/srcpkgs/base-files/template
index d608bc81f57..6b503690606 100644
--- a/srcpkgs/base-files/template
+++ b/srcpkgs/base-files/template
@@ -1,7 +1,7 @@
# Template file for 'base-files'
pkgname=base-files
version=0.141
-revision=1
+revision=2
bootstrap=yes
depends="xbps-triggers"
short_desc="Void Linux base system files"
From 95c237bb582abdf30378d96ebfd17b87fc343f95 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 2/7] dkms: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dkms/files/kernel.d/dkms.postinst | 34 ++++++++++++-----------
srcpkgs/dkms/files/kernel.d/dkms.prerm | 6 ++--
srcpkgs/dkms/template | 2 +-
3 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.postinst b/srcpkgs/dkms/files/kernel.d/dkms.postinst
index 5cfc630de1c..ef2a10bac28 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.postinst
+++ b/srcpkgs/dkms/files/kernel.d/dkms.postinst
@@ -8,7 +8,7 @@ PKGNAME="$1"
VERSION="$2"
ARCH=$(uname -m)
-if [ ! -x /usr/sbin/dkms ]; then
+if [ ! -x /usr/bin/dkms ]; then
exit 0
fi
@@ -59,16 +59,16 @@ while [ $# -gt 1 ]; do
# If adding a module, depmod is necessary unless dkms runs it
do_depmod="yes"
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
if [ $(echo "$status"|grep -c ": built") -eq 0 ]; then
# Check if the module is still there.
- if [ ! -f usr/src/${module}-${modulever}/dkms.conf ]; then
+ if [ ! -f /usr/src/${module}-${modulever}/dkms.conf ]; then
echo "Skipping nonexistent DKMS module: ${module}-${modulever}."
continue
fi
# Build the module
echo -n "Building DKMS module: ${module}-${modulever}... "
- dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module was skipped or failed, go to the next module.
if [ $rval -eq 0 ]; then
@@ -80,14 +80,14 @@ while [ $# -gt 1 ]; do
echo "FAILED!"
continue
fi
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
fi
# If the module is built (either pre-built or just now), install it
if [ $(echo "$status"|grep -c ": built") -eq 1 ] &&
[ $(echo "$status"|grep -c ": installed") -eq 0 ]; then
echo -n "Installing DKMS module: ${module}-${modulever}... "
- dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module failed installation, go to the next module.
if [ $rval -eq 0 ]; then
@@ -101,16 +101,18 @@ while [ $# -gt 1 ]; do
fi
done
-if [ -n "$do_depmod" ]; then
- echo -n "Generating kernel module dependency lists... "
- depmod -a ${VERSION}
- rval=$?
- if [ $rval -eq 0 ]; then
- echo "done."
- else
- echo "FAILED!"
- exit $rval
- fi
+if [ -z "$do_depmod" ] || [ ! -x /usr/bin/depmod ]; then
+ exit 0
+fi
+
+echo -n "Generating kernel module dependency lists... "
+/usr/bin/depmod -a ${VERSION}
+rval=$?
+if [ $rval -eq 0 ]; then
+ echo "done."
+else
+ echo "FAILED!"
+ exit $rval
fi
exit 0
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.prerm b/srcpkgs/dkms/files/kernel.d/dkms.prerm
index 0307e895311..155e9734aee 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.prerm
+++ b/srcpkgs/dkms/files/kernel.d/dkms.prerm
@@ -4,14 +4,14 @@
PKGNAME="$1"
VERSION="$2"
-if [ -x /usr/sbin/dkms ]; then
+if [ -x /usr/bin/dkms ]; then
while read line; do
name=`echo "$line" | awk '{print $1}' | sed 's/,$//'`
vers=`echo "$line" | awk '{print $2}' | sed 's/,$//'`
arch=`echo "$line" | awk '{print $4}' | sed 's/:$//'`
echo "dkms: removing: $name $vers (${PKGNAME}-${VERSION}) ($arch)" >&2
- dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
-done < <(dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
+ /usr/bin/dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
+done < <(/usr/bin/dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
fi
rmdir \
diff --git a/srcpkgs/dkms/template b/srcpkgs/dkms/template
index 4365bc5a7d7..f6b5035e8a0 100644
--- a/srcpkgs/dkms/template
+++ b/srcpkgs/dkms/template
@@ -1,7 +1,7 @@
# Template file for 'dkms'
pkgname=dkms
version=2.8.3
-revision=1
+revision=2
conf_files="/etc/dkms/framework.conf"
depends="bash kmod gcc make coreutils linux-headers"
short_desc="Dynamic Kernel Modules System"
From 490fd3d0ff0709134e758b9af4afdf7b5e9434af Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 3/7] dracut: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dracut/files/kernel-hook-postinst | 4 ++--
srcpkgs/dracut/files/kernel-hook-postrm | 4 +---
srcpkgs/dracut/files/kernel-uefi-hook-postinst | 5 +++--
srcpkgs/dracut/files/kernel-uefi-hook-postrm | 4 +---
srcpkgs/dracut/template | 2 +-
5 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/srcpkgs/dracut/files/kernel-hook-postinst b/srcpkgs/dracut/files/kernel-hook-postinst
index a9d265b6ed6..537af549796 100644
--- a/srcpkgs/dracut/files/kernel-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
-dracut -q --force boot/initramfs-${VERSION}.img ${VERSION}
+usr/bin/dracut -q --force --sysroot . boot/initramfs-${VERSION}.img ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-hook-postrm b/srcpkgs/dracut/files/kernel-hook-postrm
index f99458a4bfa..c338cf617a7 100644
--- a/srcpkgs/dracut/files/kernel-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f boot/initramfs-${VERSION}.img ]; then
- rm -f boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postinst b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
index d623c3f86df..f1098a48a81 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
@@ -12,12 +12,13 @@ if [ -z "${CREATE_UEFI_BUNDLES}" ]; then
exit 0
fi
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
mkdir -p ${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}
-dracut -q --force ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} ${DRACUT_OPTIONS} \
+usr/bin/dracut -q --force --sysroot . ${DRACUT_OPTIONS} \
+ ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} \
--uefi ${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postrm b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
index 8183bb26f08..63b25498789 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
@@ -11,7 +11,5 @@ VERSION="$2"
: "${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}"
-if [ -f "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi" ]; then
- rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
-fi
+rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
exit $?
diff --git a/srcpkgs/dracut/template b/srcpkgs/dracut/template
index 8fb41d17a72..232f70a0d4a 100644
--- a/srcpkgs/dracut/template
+++ b/srcpkgs/dracut/template
@@ -1,7 +1,7 @@
# Template file for 'dracut'
pkgname=dracut
version=050
-revision=5
+revision=6
build_style=configure
configure_args="--prefix=/usr --sysconfdir=/etc"
conf_files="/etc/dracut.conf"
From fa368c1ad2cfd2ae84a90247535d918f759b368d Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 4/7] gummiboot: improve consistency of relative paths in
kernel hooks
---
.../files/kernel.d/gummiboot.post-install | 28 +++++++++----------
.../files/kernel.d/gummiboot.post-remove | 16 +++++------
srcpkgs/gummiboot/template | 2 +-
3 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
index 7f4d27e985d..2517421e3e5 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
@@ -13,33 +13,33 @@ if [ "$GUMMIBOOT_DISABLE" ]; then
exit 0
fi
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-options=$boot/loader/void-options.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+options="$boot/loader/void-options.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-mkdir -p $entries
+mkdir -p "$entries"
-cat <<-EOF > $entry
+cat <<-EOF > "$entry"
title Void Linux
version $VERSION
linux /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
EOF
-if [ -r $options ]; then
+if [ -r "$options" ]; then
# Add user provided options from /boot/loader/void-options.conf:
- printf 'options %s\n' "$(cat $options | sed '/^#/d;/^$/d')" >> $entry
+ printf 'options %s\n' "$(cat "$options" | sed '/^#/d;/^$/d')" >> "$entry"
fi
-if grep -q ^default $loader 2>/dev/null; then
+if grep -q ^default "$loader" 2>/dev/null; then
# Replace existing default entry with this entry:
- sed -i "s/default.*/default $name/" $loader
+ sed -i "s/default.*/default $name/" "$loader"
else
# Add this entry as the default:
- printf 'default %s\n' $name >>$loader
+ printf 'default %s\n' $name >>"$loader"
fi
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
index b946d62456a..a207b2d362c 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
@@ -7,15 +7,15 @@
PKGNAME="$1"
VERSION="$2"
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-rm -f $entry
+rm -f "$entry"
# No default entry if the removed entry was the default:
-sed -i "/^default $name\$/d" $loader
+[ -e "$loader" ] && sed -i "/^default $name\$/d" "$loader"
diff --git a/srcpkgs/gummiboot/template b/srcpkgs/gummiboot/template
index a824e27c021..052776fe7ff 100644
--- a/srcpkgs/gummiboot/template
+++ b/srcpkgs/gummiboot/template
@@ -1,7 +1,7 @@
# Template file for 'gummiboot'
pkgname=gummiboot
version=48.1
-revision=5
+revision=6
archs="i686* x86_64* aarch64*"
build_style=gnu-configure
conf_files="/etc/default/gummiboot"
From ff37dc33abae07b7bf4bcfcec8dddf7ee81da0a9 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 5/7] mkinitcpio: improve consistency of relative paths in
kernel hooks
---
srcpkgs/mkinitcpio/files/kernel-hook-postinst | 4 ++--
srcpkgs/mkinitcpio/files/kernel-hook-postrm | 4 +---
srcpkgs/mkinitcpio/template | 2 +-
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postinst b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
index 31fe5705812..c6f2ab81264 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postinst
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/mkinitcpio ]; then
+if [ ! -x usr/bin/mkinitcpio ]; then
exit 0
fi
-mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
+usr/bin/mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
exit $?
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postrm b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
index f099aba66ca..028fd097b87 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postrm
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f /boot/initramfs-${VERSION}.img ]; then
- rm -f /boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/mkinitcpio/template b/srcpkgs/mkinitcpio/template
index 303905d0f1f..a0f44360db4 100644
--- a/srcpkgs/mkinitcpio/template
+++ b/srcpkgs/mkinitcpio/template
@@ -1,7 +1,7 @@
# Template file for 'mkinitcpio'
pkgname=mkinitcpio
version=27
-revision=1
+revision=2
archs=noarch
build_style=gnu-makefile
depends="busybox-static bsdtar bash"
From 94d34101dd2a4d9f7b8dac5e1d293f0c9e91478b Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 6/7] refind: improve consistency of relative paths in kernel
hooks
---
srcpkgs/refind/files/kernel.post-install | 5 +++--
srcpkgs/refind/files/kernel.post-remove | 4 +++-
srcpkgs/refind/template | 2 +-
3 files changed, 7 insertions(+), 4 deletions(-)
diff --git a/srcpkgs/refind/files/kernel.post-install b/srcpkgs/refind/files/kernel.post-install
index 88b261aaacd..b56fde5e13e 100755
--- a/srcpkgs/refind/files/kernel.post-install
+++ b/srcpkgs/refind/files/kernel.post-install
@@ -12,8 +12,9 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
-# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+# Expand the configuration location wrt the root; full path needs not exist
+REFIND_CONF="$(readlink -m "${ROOTDIR}/${REFIND_CONF:-boot/EFI/refind/refind.conf}" 2>/dev/null)"
+[ -n "${REFIND_CONF}" ] || exit 0
zrefind_dir="${REFIND_CONF%/*}"
mkdir -p "$zrefind_dir"
diff --git a/srcpkgs/refind/files/kernel.post-remove b/srcpkgs/refind/files/kernel.post-remove
index efb3786396c..58881766e4d 100755
--- a/srcpkgs/refind/files/kernel.post-remove
+++ b/srcpkgs/refind/files/kernel.post-remove
@@ -13,7 +13,9 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
+# Make sure paths are relative
+REFIND_CONF="${REFIND_CONF#/}"
[ -f "$REFIND_CONF" ] || exit 0
diff --git a/srcpkgs/refind/template b/srcpkgs/refind/template
index 5e9865b9667..d7f8f2fba1c 100644
--- a/srcpkgs/refind/template
+++ b/srcpkgs/refind/template
@@ -1,7 +1,7 @@
# Template file for 'refind'
pkgname=refind
version=0.12.0
-revision=1
+revision=2
archs="x86_64* i686* aarch64*"
makedepends="gnu-efi-libs"
depends="bash dosfstools efibootmgr"
From ec2aaca61353eabeeb4eb36e031649345c1a2e72 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
<congdanhqx@gmail.com>
Date: Tue, 21 Jul 2020 00:03:15 +0700
Subject: [PATCH 7/7] sbsigntool: rewrite post-install kernel hook
* run the hook on target filesystem
* Use ls | awk to check ownership and permission, instead of relying on
GNU-stat.
* libify signing code, in order to support uefi bundle in the future
* Stop append signature to the efi signed by current key/cert.
While we're at it,
* add post-remove script to remove unsigned file if exist
Closes #23688.
---
.../files/kernel.d/sbsigntool.post-install | 66 +++++++++++--------
.../files/kernel.d/sbsigntool.post-remove | 13 ++++
srcpkgs/sbsigntool/template | 4 +-
3 files changed, 53 insertions(+), 30 deletions(-)
create mode 100644 srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
index bc450dbc428..70918527711 100644
--- a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
@@ -9,7 +9,35 @@ PKGNAME="$1"
VERSION="$2"
msg() {
- echo "EFI sbsign hook: $1"
+ echo "sbsigntool: $1"
+}
+
+do_sign() {
+ _kernel="$1"
+ if [ ! -f "$_kernel" ]; then
+ msg "$_kernel not found"
+ return 1
+ fi
+ # Ignore efi file signed with this key
+ if usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel" >/dev/null 2>&1; then
+ return 0
+ fi
+ if ! usr/bin/sbsign ${EFI_SIGN_ENGINE:+"--engine=$EFI_SIGN_ENGINE"} \
+ -k "$ROOTDIR/$EFI_KEY_FILE" -c "$ROOTDIR/$EFI_CERT_FILE" \
+ "$_kernel"
+ then
+ msg "failed to sign $_kernel"
+ return 1
+ fi
+ if ! usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel.signed"; then
+ msg "failed to verify the signature"
+ return 1
+ fi
+
+ if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
+ mv -f "$_kernel" "$_kernel.unsigned"
+ fi
+ mv -f "$_kernel.signed" "$_kernel"
}
. "${ROOTDIR}/etc/default/sbsigntool-kernel-hook"
@@ -17,38 +45,18 @@ if [ "x${SBSIGN_EFI_KERNEL}" != x1 ]; then
exit 0
fi
-if [ ! -f "${EFI_KEY_FILE}" ] || [ ! -f "${EFI_CERT_FILE}" ]; then
+if [ ! -f "$ROOTDIR/$EFI_KEY_FILE" ] || [ ! -f "$ROOTDIR/$EFI_CERT_FILE" ]; then
msg "key and/or certificate is not available"
exit 1
fi
-key_stat=$(stat --dereference --format="%a %u" "${EFI_KEY_FILE}")
-
-# check if go=00 owner=0
-if [ "${key_stat}" = "${key_stat%00 0}" ]; then
- msg "Please chown root:root '${EFI_KEY_FILE}'"
- msg "and chmod go-rwx '${EFI_KEY_FILE}'"
- exit 1
-fi
-
-# this part is completely untested
-options=""
-if [ "x${EFI_SIGN_ENGINE}" != x ]; then
- options="--engine=${EFI_SIGN_ENGINE}"
-fi
-
-if ! sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
- "/boot/vmlinuz-${VERSION}"; then
- msg "failed to sign kernel"
- exit 1
-fi
-
-if ! sbverify -c "${EFI_CERT_FILE}" "/boot/vmlinuz-${VERSION}.signed"; then
- msg "failed to verify the signature"
+# All POSIX comformance ls should work
+if ! ls -Ll "$ROOTDIR/$EFI_KEY_FILE" "$ROOTDIR/$EFI_CERT_FILE" |
+ awk '$1 !~ /^-...------$/ || $3 != "root" { exit 1 }'
+then
+ msg "$EFI_KEY_FILE and $EFI_CERT_FILE must be owned by root."
+ msg "and not readable by other users."
exit 1
fi
-if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
- mv -f "/boot/vmlinuz-${VERSION}" "/boot/vmlinuz-${VERSION}.unsigned"
-fi
-mv -f "/boot/vmlinuz-${VERSION}.signed" "/boot/vmlinuz-${VERSION}"
+do_sign "boot/vmlinuz-$VERSION"
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
new file mode 100644
index 00000000000..5d3f73602af
--- /dev/null
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Kernel hook for sbsigntool.
+#
+# Arguments passed to this script: $1 pkgname, $2 version.
+#
+
+PKGNAME="$1"
+VERSION="$2"
+
+if [ -f "boot/vmlinuz-$VERSION.unsigned" ]; then
+ rm -f "boot/vmlinuz-${VERSION}.unsigned"
+fi
diff --git a/srcpkgs/sbsigntool/template b/srcpkgs/sbsigntool/template
index 6e39cac66d9..6ee86139b27 100644
--- a/srcpkgs/sbsigntool/template
+++ b/srcpkgs/sbsigntool/template
@@ -1,7 +1,7 @@
# Template file for 'sbsigntool'
pkgname=sbsigntool
version=0.9.4
-revision=2
+revision=3
archs="x86_64* i686* aarch64* arm*"
wrksrc=sbsigntools-$version
build_style=gnu-configure
@@ -59,4 +59,6 @@ post_install() {
# and I'm not sure about their interaction
vinstall ${FILESDIR}/kernel.d/sbsigntool.post-install 744 \
etc/kernel.d/post-install 40-sbsigntool
+ vinstall ${FILESDIR}/kernel.d/sbsigntool.post-remove 744 \
+ etc/kernel.d/post-remove 40-sbsigntool
}
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (14 preceding siblings ...)
2020-08-06 3:32 ` ahesford
@ 2020-08-06 11:42 ` sgn
2020-08-06 11:52 ` sgn
` (9 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 11:42 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 599 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669877565
Comment:
> `readlink -m [...]` should always resolve a path because it doesn't require any of the components to exist. In practice, `$REFIND_CONF` will *never* be empty, but just in case something goes unexpectedly wrong (suppose `readlink` is not found or executable, for example), we just want to give up.
Yeah, I think in practice, `$REFIND_CONF` will never be empty. We can just clean up the montrosity below it. I'll look if I can come up with something simple.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (15 preceding siblings ...)
2020-08-06 11:42 ` sgn
@ 2020-08-06 11:52 ` sgn
2020-08-06 12:05 ` sgn
` (8 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 11:52 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 756 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669877565
Comment:
> `readlink -m [...]` should always resolve a path because it doesn't require any of the components to exist. In practice, `$REFIND_CONF` will *never* be empty, but just in case something goes unexpectedly wrong (suppose `readlink` is not found or executable, for example), we just want to give up.
Yeah, I think in practice, `$REFIND_CONF` will never be empty. We can just clean up the montrosity below it. I'll look if I can come up with something simple.
---
Screw it, `refind-install` only supports `refind.conf` in `\EFI\BOOT\refind.conf` and `\EFI\refind\refind.conf`.
I'll take assumption from there.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (16 preceding siblings ...)
2020-08-06 11:52 ` sgn
@ 2020-08-06 12:05 ` sgn
2020-08-06 12:10 ` sgn
` (7 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 12:05 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1360 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669887298
Comment:
Simplified refind, no complicated logic, what do you think?
```sh
#!/bin/sh
#
# Kernel hook for refind.
#
# Arguments passed to this script: $1 pkgname, $2 version.
#
PKGNAME="$1"
VERSION="$2"
. "${ROOTDIR}/etc/default/refind-kernel-hook.conf"
if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
# Default refind.conf
: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
REFIND_CONF=${REFIND_CONF#/}
[ -n "${REFIND_CONF}" ] || exit 0
# refind-install only supports those two paths
refind_dir=
case "$REFIND_CONF" in
*/EFI/[Bb][Oo][Oo][Tt]/refind.conf)
refind_dir="/EFI/BOOT" ;;
*/EFI/refind/refind.conf)
refind_dir="/EFI/refind" ;;
*)
echo >&2 "unsupported \$REFIND_CONF: $REFIND_CONF"
exit 1 ;;
esac
tmpfile=$(mktemp /tmp/refind.XXXXXXX)
zversion=$(echo "$VERSION" | sed 's/[.]/[.]/g')
(
# Clean itself if this is force reconfigure
sed "/^menuentry \"Void Linux $zversion\" [{]\$/,/[}]/d" <"$REFIND_CONF"
cat <<EOF
menuentry "Void Linux $VERSION" {
icon $refind_dir/icons/os_void.png
volume "Void Linux"
loader /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
options "$OPTIONS"
}
EOF
) >"$tmpfile"
mv "$tmpfile" "$REFIND_CONF"
exit 0
```
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (17 preceding siblings ...)
2020-08-06 12:05 ` sgn
@ 2020-08-06 12:10 ` sgn
2020-08-06 12:14 ` sgn
` (6 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 12:10 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1522 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669887298
Comment:
Simplified refind, no complicated logic, what do you think?
For your convenience, that patch can be taken from here: https://github.com/void-linux/void-packages/pull/23688/commits/eeeaea4d37068c199a822e2b62b6ce67de8e1fdd
```sh
#!/bin/sh
#
# Kernel hook for refind.
#
# Arguments passed to this script: $1 pkgname, $2 version.
#
PKGNAME="$1"
VERSION="$2"
. "${ROOTDIR}/etc/default/refind-kernel-hook.conf"
if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
# Default refind.conf
: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
REFIND_CONF=${REFIND_CONF#/}
[ -n "${REFIND_CONF}" ] || exit 0
# refind-install only supports those two paths
refind_dir=
case "$REFIND_CONF" in
*/EFI/[Bb][Oo][Oo][Tt]/refind.conf)
refind_dir="/EFI/BOOT" ;;
*/EFI/refind/refind.conf)
refind_dir="/EFI/refind" ;;
*)
echo >&2 "unsupported \$REFIND_CONF: $REFIND_CONF"
exit 1 ;;
esac
tmpfile=$(mktemp /tmp/refind.XXXXXXX)
zversion=$(echo "$VERSION" | sed 's/[.]/[.]/g')
(
# Clean itself if this is force reconfigure
sed "/^menuentry \"Void Linux $zversion\" [{]\$/,/[}]/d" <"$REFIND_CONF"
cat <<EOF
menuentry "Void Linux $VERSION" {
icon $refind_dir/icons/os_void.png
volume "Void Linux"
loader /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
options "$OPTIONS"
}
EOF
) >"$tmpfile"
mv "$tmpfile" "$REFIND_CONF"
exit 0
```
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (18 preceding siblings ...)
2020-08-06 12:10 ` sgn
@ 2020-08-06 12:14 ` sgn
2020-08-06 12:41 ` sgn
` (5 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 12:14 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1584 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669887298
Comment:
Simplified refind, no complicated logic, what do you think?
For your convenience, that patch can be taken from here: https://github.com/void-linux/void-packages/pull/23688/commits/6fac00c4dadc63454ebb09a424478aec703e86d0
```sh
#!/bin/sh
#
# Kernel hook for refind.
#
# Arguments passed to this script: $1 pkgname, $2 version.
#
PKGNAME="$1"
VERSION="$2"
. "${ROOTDIR}/etc/default/refind-kernel-hook.conf"
if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
# Default refind.conf
: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
REFIND_CONF=${REFIND_CONF#/}
[ -n "${REFIND_CONF}" ] || exit 0
# refind-install only supports those two paths
refind_dir=
case "$REFIND_CONF" in
*/EFI/[Bb][Oo][Oo][Tt]/refind.conf)
refind_dir="/EFI/BOOT" ;;
*/EFI/refind/refind.conf)
refind_dir="/EFI/refind" ;;
*)
echo >&2 "unsupported \$REFIND_CONF: $REFIND_CONF"
exit 1 ;;
esac
tmpfile=$(mktemp /tmp/refind.XXXXXXX)
zversion=$(echo "$VERSION" | sed 's/[.]/[.]/g')
(
cat <<EOF
menuentry "Void Linux $VERSION" {
icon $refind_dir/icons/os_void.png
volume "Void Linux"
loader /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
options "$OPTIONS"
}
EOF
# Clean itself if this is force reconfigure
sed "/^menuentry \"Void Linux $zversion\" [{]\$/,/[}]/d" <"$REFIND_CONF"
) >"$tmpfile"
mv "$tmpfile" "$REFIND_CONF"
exit 0
```
---
EDIT: `cat` first, `sed` later, keep old conf layout.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (19 preceding siblings ...)
2020-08-06 12:14 ` sgn
@ 2020-08-06 12:41 ` sgn
2020-08-07 2:43 ` [PR PATCH] [Updated] " ahesford
` (4 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-06 12:41 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1584 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-669887298
Comment:
Simplified refind, no complicated logic, what do you think?
For your convenience, that patch can be taken from here: https://github.com/void-linux/void-packages/pull/23688/commits/53bdcc8d3e0f41f29ed5dccaa0496ed1052bd7de
```sh
#!/bin/sh
#
# Kernel hook for refind.
#
# Arguments passed to this script: $1 pkgname, $2 version.
#
PKGNAME="$1"
VERSION="$2"
. "${ROOTDIR}/etc/default/refind-kernel-hook.conf"
if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
# Default refind.conf
: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
REFIND_CONF=${REFIND_CONF#/}
[ -n "${REFIND_CONF}" ] || exit 0
# refind-install only supports those two paths
refind_dir=
case "$REFIND_CONF" in
*/EFI/[Bb][Oo][Oo][Tt]/refind.conf)
refind_dir="/EFI/BOOT" ;;
*/EFI/refind/refind.conf)
refind_dir="/EFI/refind" ;;
*)
echo >&2 "unsupported \$REFIND_CONF: $REFIND_CONF"
exit 1 ;;
esac
tmpfile=$(mktemp /tmp/refind.XXXXXXX)
zversion=$(echo "$VERSION" | sed 's/[.]/[.]/g')
(
cat <<EOF
menuentry "Void Linux $VERSION" {
icon $refind_dir/icons/os_void.png
volume "Void Linux"
loader /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
options "$OPTIONS"
}
EOF
# Clean itself if this is force reconfigure
sed "/^menuentry \"Void Linux $zversion\" [{]\$/,/[}]/d" <"$REFIND_CONF"
) >"$tmpfile"
mv "$tmpfile" "$REFIND_CONF"
exit 0
```
---
EDIT: `cat` first, `sed` later, keep old conf layout.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR PATCH] [Updated] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (20 preceding siblings ...)
2020-08-06 12:41 ` sgn
@ 2020-08-07 2:43 ` ahesford
2020-08-07 2:45 ` ahesford
` (3 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-07 2:43 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1417 bytes --]
There is an updated pull request by ahesford against master on the void-packages repository
https://github.com/ahesford/void-packages hooks
https://github.com/void-linux/void-packages/pull/24079
Improve consistency of relative paths in kernel hooks
Motivated by a breakage in the `dracut` removal hook as called from `vkpurge`, I cleaned up several packages that install kernel hooks to try to make their behavior more consistent. The XBPS trigger runs hooks from the target root directory with `ROOTDIR` set, so hooks should accommodate this if possible. `vkpurge` now changes to `/` and sets `ROOTDIR` to make sure any hooks it calls work as expected. It would be good to verify correct operation of all hooks after these changes, but `dkms` and `dracut` seem to be the most critical.
- [x] base-files
- [x] dkms
- [x] dracut
- [ ] gummiboot
- [ ] mkinitcpio
- [ ] refind
- [x] sbsigntool
**Note 1**: `dracut` now uses `--sysroot .` to (hopefully) operate properly in a relative environment.
**Note 2**: `dkms` makes a lot of assumptions about running in the system root that are trickier to override, and the hook already made a lot of absolute path references, so I went all-in on absolute paths in the `dkms` hooks.
Affected maintainers: @Gottox @q66 @thypon @sgn
General interest: @ericonr @duncaen
A patch file from https://github.com/void-linux/void-packages/pull/24079.patch is attached
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #2: github-pr-hooks-24079.patch --]
[-- Type: text/x-diff, Size: 20790 bytes --]
From 5600f36562ab91513b2e7b44093e297c6a1fad66 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 1/7] base-files: improve consistency of relative paths in
kernel hooks
---
srcpkgs/base-files/files/vkpurge | 4 +++-
srcpkgs/base-files/template | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/srcpkgs/base-files/files/vkpurge b/srcpkgs/base-files/files/vkpurge
index 92098ec736e..5519147b905 100644
--- a/srcpkgs/base-files/files/vkpurge
+++ b/srcpkgs/base-files/files/vkpurge
@@ -39,10 +39,12 @@ list_kernels() {
run_hooks() {
dir="$1"
kver="$2"
+
for d in /etc/kernel.d/"${dir}"/*; do
[ -x "$d" ] || continue
printf "Running %s kernel hook: %s...\n" "$dir" "${d##*/}"
- "$d" kernel "$kver"
+ # Hooks assume they run from the root
+ (cd / && ROOTDIR=. "$d" kernel "$kver")
done
}
diff --git a/srcpkgs/base-files/template b/srcpkgs/base-files/template
index d608bc81f57..6b503690606 100644
--- a/srcpkgs/base-files/template
+++ b/srcpkgs/base-files/template
@@ -1,7 +1,7 @@
# Template file for 'base-files'
pkgname=base-files
version=0.141
-revision=1
+revision=2
bootstrap=yes
depends="xbps-triggers"
short_desc="Void Linux base system files"
From 95c237bb582abdf30378d96ebfd17b87fc343f95 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 2/7] dkms: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dkms/files/kernel.d/dkms.postinst | 34 ++++++++++++-----------
srcpkgs/dkms/files/kernel.d/dkms.prerm | 6 ++--
srcpkgs/dkms/template | 2 +-
3 files changed, 22 insertions(+), 20 deletions(-)
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.postinst b/srcpkgs/dkms/files/kernel.d/dkms.postinst
index 5cfc630de1c..ef2a10bac28 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.postinst
+++ b/srcpkgs/dkms/files/kernel.d/dkms.postinst
@@ -8,7 +8,7 @@ PKGNAME="$1"
VERSION="$2"
ARCH=$(uname -m)
-if [ ! -x /usr/sbin/dkms ]; then
+if [ ! -x /usr/bin/dkms ]; then
exit 0
fi
@@ -59,16 +59,16 @@ while [ $# -gt 1 ]; do
# If adding a module, depmod is necessary unless dkms runs it
do_depmod="yes"
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
if [ $(echo "$status"|grep -c ": built") -eq 0 ]; then
# Check if the module is still there.
- if [ ! -f usr/src/${module}-${modulever}/dkms.conf ]; then
+ if [ ! -f /usr/src/${module}-${modulever}/dkms.conf ]; then
echo "Skipping nonexistent DKMS module: ${module}-${modulever}."
continue
fi
# Build the module
echo -n "Building DKMS module: ${module}-${modulever}... "
- dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms build -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module was skipped or failed, go to the next module.
if [ $rval -eq 0 ]; then
@@ -80,14 +80,14 @@ while [ $# -gt 1 ]; do
echo "FAILED!"
continue
fi
- status=$(dkms status -m ${module} -v ${modulever} -k ${VERSION})
+ status=$(/usr/bin/dkms status -m ${module} -v ${modulever} -k ${VERSION})
fi
# If the module is built (either pre-built or just now), install it
if [ $(echo "$status"|grep -c ": built") -eq 1 ] &&
[ $(echo "$status"|grep -c ": installed") -eq 0 ]; then
echo -n "Installing DKMS module: ${module}-${modulever}... "
- dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
+ /usr/bin/dkms install -q -m ${module} -v ${modulever} -k ${VERSION} -a ${ARCH}
rval=$?
# If the module failed installation, go to the next module.
if [ $rval -eq 0 ]; then
@@ -101,16 +101,18 @@ while [ $# -gt 1 ]; do
fi
done
-if [ -n "$do_depmod" ]; then
- echo -n "Generating kernel module dependency lists... "
- depmod -a ${VERSION}
- rval=$?
- if [ $rval -eq 0 ]; then
- echo "done."
- else
- echo "FAILED!"
- exit $rval
- fi
+if [ -z "$do_depmod" ] || [ ! -x /usr/bin/depmod ]; then
+ exit 0
+fi
+
+echo -n "Generating kernel module dependency lists... "
+/usr/bin/depmod -a ${VERSION}
+rval=$?
+if [ $rval -eq 0 ]; then
+ echo "done."
+else
+ echo "FAILED!"
+ exit $rval
fi
exit 0
diff --git a/srcpkgs/dkms/files/kernel.d/dkms.prerm b/srcpkgs/dkms/files/kernel.d/dkms.prerm
index 0307e895311..155e9734aee 100644
--- a/srcpkgs/dkms/files/kernel.d/dkms.prerm
+++ b/srcpkgs/dkms/files/kernel.d/dkms.prerm
@@ -4,14 +4,14 @@
PKGNAME="$1"
VERSION="$2"
-if [ -x /usr/sbin/dkms ]; then
+if [ -x /usr/bin/dkms ]; then
while read line; do
name=`echo "$line" | awk '{print $1}' | sed 's/,$//'`
vers=`echo "$line" | awk '{print $2}' | sed 's/,$//'`
arch=`echo "$line" | awk '{print $4}' | sed 's/:$//'`
echo "dkms: removing: $name $vers (${PKGNAME}-${VERSION}) ($arch)" >&2
- dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
-done < <(dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
+ /usr/bin/dkms remove -q -m $name -v $vers -k ${VERSION} -a $arch
+done < <(/usr/bin/dkms status -k ${VERSION} 2>/dev/null | grep ": installed")
fi
rmdir \
diff --git a/srcpkgs/dkms/template b/srcpkgs/dkms/template
index 4365bc5a7d7..f6b5035e8a0 100644
--- a/srcpkgs/dkms/template
+++ b/srcpkgs/dkms/template
@@ -1,7 +1,7 @@
# Template file for 'dkms'
pkgname=dkms
version=2.8.3
-revision=1
+revision=2
conf_files="/etc/dkms/framework.conf"
depends="bash kmod gcc make coreutils linux-headers"
short_desc="Dynamic Kernel Modules System"
From 490fd3d0ff0709134e758b9af4afdf7b5e9434af Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 3/7] dracut: improve consistency of relative paths in kernel
hooks
---
srcpkgs/dracut/files/kernel-hook-postinst | 4 ++--
srcpkgs/dracut/files/kernel-hook-postrm | 4 +---
srcpkgs/dracut/files/kernel-uefi-hook-postinst | 5 +++--
srcpkgs/dracut/files/kernel-uefi-hook-postrm | 4 +---
srcpkgs/dracut/template | 2 +-
5 files changed, 8 insertions(+), 11 deletions(-)
diff --git a/srcpkgs/dracut/files/kernel-hook-postinst b/srcpkgs/dracut/files/kernel-hook-postinst
index a9d265b6ed6..537af549796 100644
--- a/srcpkgs/dracut/files/kernel-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
-dracut -q --force boot/initramfs-${VERSION}.img ${VERSION}
+usr/bin/dracut -q --force --sysroot . boot/initramfs-${VERSION}.img ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-hook-postrm b/srcpkgs/dracut/files/kernel-hook-postrm
index f99458a4bfa..c338cf617a7 100644
--- a/srcpkgs/dracut/files/kernel-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f boot/initramfs-${VERSION}.img ]; then
- rm -f boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postinst b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
index d623c3f86df..f1098a48a81 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postinst
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postinst
@@ -12,12 +12,13 @@ if [ -z "${CREATE_UEFI_BUNDLES}" ]; then
exit 0
fi
-if [ ! -x bin/dracut ]; then
+if [ ! -x usr/bin/dracut ]; then
exit 0
fi
mkdir -p ${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}
-dracut -q --force ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} ${DRACUT_OPTIONS} \
+usr/bin/dracut -q --force --sysroot . ${DRACUT_OPTIONS} \
+ ${KERNEL_CMDLINE:+--kernel-cmdline="${KERNEL_CMDLINE}"} \
--uefi ${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi ${VERSION}
exit $?
diff --git a/srcpkgs/dracut/files/kernel-uefi-hook-postrm b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
index 8183bb26f08..63b25498789 100644
--- a/srcpkgs/dracut/files/kernel-uefi-hook-postrm
+++ b/srcpkgs/dracut/files/kernel-uefi-hook-postrm
@@ -11,7 +11,5 @@ VERSION="$2"
: "${UEFI_BUNDLE_DIR:=boot/efi/EFI/void}"
-if [ -f "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi" ]; then
- rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
-fi
+rm -fv "${UEFI_BUNDLE_DIR}/linux-${VERSION}.efi"
exit $?
diff --git a/srcpkgs/dracut/template b/srcpkgs/dracut/template
index 8fb41d17a72..232f70a0d4a 100644
--- a/srcpkgs/dracut/template
+++ b/srcpkgs/dracut/template
@@ -1,7 +1,7 @@
# Template file for 'dracut'
pkgname=dracut
version=050
-revision=5
+revision=6
build_style=configure
configure_args="--prefix=/usr --sysconfdir=/etc"
conf_files="/etc/dracut.conf"
From fa368c1ad2cfd2ae84a90247535d918f759b368d Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:08 -0400
Subject: [PATCH 4/7] gummiboot: improve consistency of relative paths in
kernel hooks
---
.../files/kernel.d/gummiboot.post-install | 28 +++++++++----------
.../files/kernel.d/gummiboot.post-remove | 16 +++++------
srcpkgs/gummiboot/template | 2 +-
3 files changed, 23 insertions(+), 23 deletions(-)
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
index 7f4d27e985d..2517421e3e5 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-install
@@ -13,33 +13,33 @@ if [ "$GUMMIBOOT_DISABLE" ]; then
exit 0
fi
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-options=$boot/loader/void-options.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+options="$boot/loader/void-options.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-mkdir -p $entries
+mkdir -p "$entries"
-cat <<-EOF > $entry
+cat <<-EOF > "$entry"
title Void Linux
version $VERSION
linux /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
EOF
-if [ -r $options ]; then
+if [ -r "$options" ]; then
# Add user provided options from /boot/loader/void-options.conf:
- printf 'options %s\n' "$(cat $options | sed '/^#/d;/^$/d')" >> $entry
+ printf 'options %s\n' "$(cat "$options" | sed '/^#/d;/^$/d')" >> "$entry"
fi
-if grep -q ^default $loader 2>/dev/null; then
+if grep -q ^default "$loader" 2>/dev/null; then
# Replace existing default entry with this entry:
- sed -i "s/default.*/default $name/" $loader
+ sed -i "s/default.*/default $name/" "$loader"
else
# Add this entry as the default:
- printf 'default %s\n' $name >>$loader
+ printf 'default %s\n' $name >>"$loader"
fi
diff --git a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
index b946d62456a..a207b2d362c 100644
--- a/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
+++ b/srcpkgs/gummiboot/files/kernel.d/gummiboot.post-remove
@@ -7,15 +7,15 @@
PKGNAME="$1"
VERSION="$2"
-boot=$ROOTDIR/boot
-entries=$boot/loader/entries
-name=void-$VERSION
-entry=$entries/$name.conf
-loader=$boot/loader/loader.conf
+boot="$ROOTDIR/boot"
+entries="$boot/loader/entries"
+name="void-$VERSION"
+entry="$entries/$name.conf"
+loader="$boot/loader/loader.conf"
-[ -d $boot ] || exit 0
+[ -d "$boot" ] || exit 0
-rm -f $entry
+rm -f "$entry"
# No default entry if the removed entry was the default:
-sed -i "/^default $name\$/d" $loader
+[ -e "$loader" ] && sed -i "/^default $name\$/d" "$loader"
diff --git a/srcpkgs/gummiboot/template b/srcpkgs/gummiboot/template
index a824e27c021..052776fe7ff 100644
--- a/srcpkgs/gummiboot/template
+++ b/srcpkgs/gummiboot/template
@@ -1,7 +1,7 @@
# Template file for 'gummiboot'
pkgname=gummiboot
version=48.1
-revision=5
+revision=6
archs="i686* x86_64* aarch64*"
build_style=gnu-configure
conf_files="/etc/default/gummiboot"
From ff37dc33abae07b7bf4bcfcec8dddf7ee81da0a9 Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 5/7] mkinitcpio: improve consistency of relative paths in
kernel hooks
---
srcpkgs/mkinitcpio/files/kernel-hook-postinst | 4 ++--
srcpkgs/mkinitcpio/files/kernel-hook-postrm | 4 +---
srcpkgs/mkinitcpio/template | 2 +-
3 files changed, 4 insertions(+), 6 deletions(-)
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postinst b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
index 31fe5705812..c6f2ab81264 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postinst
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postinst
@@ -7,9 +7,9 @@
PKGNAME="$1"
VERSION="$2"
-if [ ! -x bin/mkinitcpio ]; then
+if [ ! -x usr/bin/mkinitcpio ]; then
exit 0
fi
-mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
+usr/bin/mkinitcpio -g boot/initramfs-${VERSION}.img -k ${VERSION}
exit $?
diff --git a/srcpkgs/mkinitcpio/files/kernel-hook-postrm b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
index f099aba66ca..028fd097b87 100644
--- a/srcpkgs/mkinitcpio/files/kernel-hook-postrm
+++ b/srcpkgs/mkinitcpio/files/kernel-hook-postrm
@@ -7,7 +7,5 @@
PKGNAME="$1"
VERSION="$2"
-if [ -f /boot/initramfs-${VERSION}.img ]; then
- rm -f /boot/initramfs-${VERSION}.img
-fi
+rm -f boot/initramfs-${VERSION}.img
exit $?
diff --git a/srcpkgs/mkinitcpio/template b/srcpkgs/mkinitcpio/template
index 303905d0f1f..a0f44360db4 100644
--- a/srcpkgs/mkinitcpio/template
+++ b/srcpkgs/mkinitcpio/template
@@ -1,7 +1,7 @@
# Template file for 'mkinitcpio'
pkgname=mkinitcpio
version=27
-revision=1
+revision=2
archs=noarch
build_style=gnu-makefile
depends="busybox-static bsdtar bash"
From 16c2057a4bf699602153bfd25aa27511e632256e Mon Sep 17 00:00:00 2001
From: "Andrew J. Hesford" <ajh@sideband.org>
Date: Wed, 5 Aug 2020 12:13:09 -0400
Subject: [PATCH 6/7] refind: improve consistency of relative paths in kernel
hooks
---
srcpkgs/refind/files/kernel.post-install | 10 +++-------
srcpkgs/refind/files/kernel.post-remove | 4 +++-
srcpkgs/refind/template | 2 +-
3 files changed, 7 insertions(+), 9 deletions(-)
diff --git a/srcpkgs/refind/files/kernel.post-install b/srcpkgs/refind/files/kernel.post-install
index 88b261aaacd..fd18f9c45ff 100755
--- a/srcpkgs/refind/files/kernel.post-install
+++ b/srcpkgs/refind/files/kernel.post-install
@@ -12,22 +12,18 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
exit 0;
fi
-# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: ${REFIND_CONF:=boot/EFI/refind/refind.conf}
+REFIND_CONF="${REFIND_CONF#/}"
-zrefind_dir="${REFIND_CONF%/*}"
-mkdir -p "$zrefind_dir"
+mkdir -p "${REFIND_CONF%/*}"
touch "$REFIND_CONF"
tmpfile=$(mktemp /tmp/refind.XXXXXXX)
-zefi_mountpoint=$(df -P "$REFIND_CONF" | awk 'NR==2{print $6}')
-zicon="${zrefind_dir#$zefi_mountpoint}/icons/os_void.png"
zversion=$(echo "$VERSION" | sed 's/[.]/[.]/g')
zentry=$(cat <<EOF
menuentry "Void Linux $VERSION" {
- icon $zicon
volume "Void Linux"
loader /vmlinuz-$VERSION
initrd /initramfs-$VERSION.img
diff --git a/srcpkgs/refind/files/kernel.post-remove b/srcpkgs/refind/files/kernel.post-remove
index efb3786396c..58881766e4d 100755
--- a/srcpkgs/refind/files/kernel.post-remove
+++ b/srcpkgs/refind/files/kernel.post-remove
@@ -13,7 +13,9 @@ if [ "z$UPDATE_REFIND_CONF" != "z1" ]; then
fi
# Default refind.conf
-: "${REFIND_CONF:=/boot/EFI/refind/refind.conf}"
+: "${REFIND_CONF:=boot/EFI/refind/refind.conf}"
+# Make sure paths are relative
+REFIND_CONF="${REFIND_CONF#/}"
[ -f "$REFIND_CONF" ] || exit 0
diff --git a/srcpkgs/refind/template b/srcpkgs/refind/template
index 5e9865b9667..d7f8f2fba1c 100644
--- a/srcpkgs/refind/template
+++ b/srcpkgs/refind/template
@@ -1,7 +1,7 @@
# Template file for 'refind'
pkgname=refind
version=0.12.0
-revision=1
+revision=2
archs="x86_64* i686* aarch64*"
makedepends="gnu-efi-libs"
depends="bash dosfstools efibootmgr"
From 307578870b871b9d3deef5923dd34755beb1202d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=C4=90o=C3=A0n=20Tr=E1=BA=A7n=20C=C3=B4ng=20Danh?=
<congdanhqx@gmail.com>
Date: Tue, 21 Jul 2020 00:03:15 +0700
Subject: [PATCH 7/7] sbsigntool: rewrite post-install kernel hook
* run the hook on target filesystem
* Use ls | awk to check ownership and permission, instead of relying on
GNU-stat.
* libify signing code, in order to support uefi bundle in the future
* Stop append signature to the efi signed by current key/cert.
While we're at it,
* add post-remove script to remove unsigned file if exist
Closes #23688.
---
.../files/kernel.d/sbsigntool.post-install | 66 +++++++++++--------
.../files/kernel.d/sbsigntool.post-remove | 13 ++++
srcpkgs/sbsigntool/template | 4 +-
3 files changed, 53 insertions(+), 30 deletions(-)
create mode 100644 srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
index bc450dbc428..70918527711 100644
--- a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-install
@@ -9,7 +9,35 @@ PKGNAME="$1"
VERSION="$2"
msg() {
- echo "EFI sbsign hook: $1"
+ echo "sbsigntool: $1"
+}
+
+do_sign() {
+ _kernel="$1"
+ if [ ! -f "$_kernel" ]; then
+ msg "$_kernel not found"
+ return 1
+ fi
+ # Ignore efi file signed with this key
+ if usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel" >/dev/null 2>&1; then
+ return 0
+ fi
+ if ! usr/bin/sbsign ${EFI_SIGN_ENGINE:+"--engine=$EFI_SIGN_ENGINE"} \
+ -k "$ROOTDIR/$EFI_KEY_FILE" -c "$ROOTDIR/$EFI_CERT_FILE" \
+ "$_kernel"
+ then
+ msg "failed to sign $_kernel"
+ return 1
+ fi
+ if ! usr/bin/sbverify -c "$ROOTDIR/$EFI_CERT_FILE" "$_kernel.signed"; then
+ msg "failed to verify the signature"
+ return 1
+ fi
+
+ if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
+ mv -f "$_kernel" "$_kernel.unsigned"
+ fi
+ mv -f "$_kernel.signed" "$_kernel"
}
. "${ROOTDIR}/etc/default/sbsigntool-kernel-hook"
@@ -17,38 +45,18 @@ if [ "x${SBSIGN_EFI_KERNEL}" != x1 ]; then
exit 0
fi
-if [ ! -f "${EFI_KEY_FILE}" ] || [ ! -f "${EFI_CERT_FILE}" ]; then
+if [ ! -f "$ROOTDIR/$EFI_KEY_FILE" ] || [ ! -f "$ROOTDIR/$EFI_CERT_FILE" ]; then
msg "key and/or certificate is not available"
exit 1
fi
-key_stat=$(stat --dereference --format="%a %u" "${EFI_KEY_FILE}")
-
-# check if go=00 owner=0
-if [ "${key_stat}" = "${key_stat%00 0}" ]; then
- msg "Please chown root:root '${EFI_KEY_FILE}'"
- msg "and chmod go-rwx '${EFI_KEY_FILE}'"
- exit 1
-fi
-
-# this part is completely untested
-options=""
-if [ "x${EFI_SIGN_ENGINE}" != x ]; then
- options="--engine=${EFI_SIGN_ENGINE}"
-fi
-
-if ! sbsign $options -k "${EFI_KEY_FILE}" -c "${EFI_CERT_FILE}" \
- "/boot/vmlinuz-${VERSION}"; then
- msg "failed to sign kernel"
- exit 1
-fi
-
-if ! sbverify -c "${EFI_CERT_FILE}" "/boot/vmlinuz-${VERSION}.signed"; then
- msg "failed to verify the signature"
+# All POSIX comformance ls should work
+if ! ls -Ll "$ROOTDIR/$EFI_KEY_FILE" "$ROOTDIR/$EFI_CERT_FILE" |
+ awk '$1 !~ /^-...------$/ || $3 != "root" { exit 1 }'
+then
+ msg "$EFI_KEY_FILE and $EFI_CERT_FILE must be owned by root."
+ msg "and not readable by other users."
exit 1
fi
-if [ "x${EFI_KEEP_UNSIGNED}" = "x1" ]; then
- mv -f "/boot/vmlinuz-${VERSION}" "/boot/vmlinuz-${VERSION}.unsigned"
-fi
-mv -f "/boot/vmlinuz-${VERSION}.signed" "/boot/vmlinuz-${VERSION}"
+do_sign "boot/vmlinuz-$VERSION"
diff --git a/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
new file mode 100644
index 00000000000..5d3f73602af
--- /dev/null
+++ b/srcpkgs/sbsigntool/files/kernel.d/sbsigntool.post-remove
@@ -0,0 +1,13 @@
+#!/bin/sh
+#
+# Kernel hook for sbsigntool.
+#
+# Arguments passed to this script: $1 pkgname, $2 version.
+#
+
+PKGNAME="$1"
+VERSION="$2"
+
+if [ -f "boot/vmlinuz-$VERSION.unsigned" ]; then
+ rm -f "boot/vmlinuz-${VERSION}.unsigned"
+fi
diff --git a/srcpkgs/sbsigntool/template b/srcpkgs/sbsigntool/template
index 6e39cac66d9..6ee86139b27 100644
--- a/srcpkgs/sbsigntool/template
+++ b/srcpkgs/sbsigntool/template
@@ -1,7 +1,7 @@
# Template file for 'sbsigntool'
pkgname=sbsigntool
version=0.9.4
-revision=2
+revision=3
archs="x86_64* i686* aarch64* arm*"
wrksrc=sbsigntools-$version
build_style=gnu-configure
@@ -59,4 +59,6 @@ post_install() {
# and I'm not sure about their interaction
vinstall ${FILESDIR}/kernel.d/sbsigntool.post-install 744 \
etc/kernel.d/post-install 40-sbsigntool
+ vinstall ${FILESDIR}/kernel.d/sbsigntool.post-remove 744 \
+ etc/kernel.d/post-remove 40-sbsigntool
}
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (21 preceding siblings ...)
2020-08-07 2:43 ` [PR PATCH] [Updated] " ahesford
@ 2020-08-07 2:45 ` ahesford
2020-08-07 5:49 ` [PR REVIEW] " ericonr
` (2 subsequent siblings)
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-07 2:45 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 470 bytes --]
New comment by ahesford on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-670290502
Comment:
Given that [rEFInd documentation](https://rodsbooks.com/refind/configfile.html#stanzas) itself says not to create manual boot stanzas unless you really need to, I dropped the icon reference in the rEFInd post-install hook. There is no need to jump through hoops to fine-tune a configuration that isn't even recommended upstream.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR REVIEW] Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (22 preceding siblings ...)
2020-08-07 2:45 ` ahesford
@ 2020-08-07 5:49 ` ericonr
2020-08-07 11:12 ` sgn
2020-08-07 13:05 ` [PR PATCH] [Closed]: " ahesford
25 siblings, 0 replies; 27+ messages in thread
From: ericonr @ 2020-08-07 5:49 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 205 bytes --]
New review comment by ericonr on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#discussion_r466834237
Comment:
You can remove the verbosity from this one, if you'd like.
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (23 preceding siblings ...)
2020-08-07 5:49 ` [PR REVIEW] " ericonr
@ 2020-08-07 11:12 ` sgn
2020-08-07 13:05 ` [PR PATCH] [Closed]: " ahesford
25 siblings, 0 replies; 27+ messages in thread
From: sgn @ 2020-08-07 11:12 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 735 bytes --]
New comment by sgn on void-packages repository
https://github.com/void-linux/void-packages/pull/24079#issuecomment-670465666
Comment:
> Given that [rEFInd documentation](https://rodsbooks.com/refind/configfile.html#stanzas) itself says not to create manual boot stanzas unless you really need to, I dropped the icon reference in the rEFInd post-install hook. There is no need to jump through hoops to fine-tune a configuration that isn't even recommended upstream.
Honestly, I couldn't remember the reason I need to write that hook,
my computer couldn't be bring up at that time for some reason.
I keep the simple version of the hook for myself for a while until someone on reddit asked for it.
Let's go with it.
:shrug:
^ permalink raw reply [flat|nested] 27+ messages in thread
* Re: [PR PATCH] [Closed]: Improve consistency of relative paths in kernel hooks
2020-08-05 16:34 [PR PATCH] Improve consistency of relative paths in kernel hooks ahesford
` (24 preceding siblings ...)
2020-08-07 11:12 ` sgn
@ 2020-08-07 13:05 ` ahesford
25 siblings, 0 replies; 27+ messages in thread
From: ahesford @ 2020-08-07 13:05 UTC (permalink / raw)
To: ml
[-- Attachment #1: Type: text/plain, Size: 1261 bytes --]
There's a closed pull request on the void-packages repository
Improve consistency of relative paths in kernel hooks
https://github.com/void-linux/void-packages/pull/24079
Description:
Motivated by a breakage in the `dracut` removal hook as called from `vkpurge`, I cleaned up several packages that install kernel hooks to try to make their behavior more consistent. The XBPS trigger runs hooks from the target root directory with `ROOTDIR` set, so hooks should accommodate this if possible. `vkpurge` now changes to `/` and sets `ROOTDIR` to make sure any hooks it calls work as expected. It would be good to verify correct operation of all hooks after these changes, but `dkms` and `dracut` seem to be the most critical.
- [x] base-files
- [x] dkms
- [x] dracut
- [ ] gummiboot
- [ ] mkinitcpio
- [x] refind
- [x] sbsigntool
**Note 1**: `dracut` now uses `--sysroot .` to (hopefully) operate properly in a relative environment.
**Note 2**: `dkms` makes a lot of assumptions about running in the system root that are trickier to override, and the hook already made a lot of absolute path references, so I went all-in on absolute paths in the `dkms` hooks.
Affected maintainers: @Gottox @q66 @thypon @sgn
General interest: @ericonr @duncaen
^ permalink raw reply [flat|nested] 27+ messages in thread