[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v4 4/4] Add (multiple) -k, --pubkey=FILE support to installation
From: |
Jon McCune |
Subject: |
[PATCH v4 4/4] Add (multiple) -k, --pubkey=FILE support to installation commands. |
Date: |
Tue, 24 Sep 2013 19:00:32 -0700 |
Passes along one or more public keys to the grub-mkimage invocation.
Impacts grub-install, grub-mkrescue, grub-mkstandalone, grub-mknetdir.
Tested with 'make check' to the best of my ability. Failures (both
before and after the changes proposed in this patch set, i.e.,
unchanged by this patch set):
gettext_strings_test, fddboot_test, grub_func_test
This also introduces a quote () utility function to quote arbitrary
argument strings in a way that is POSIX compatible. Such strings
require 'eval' to be parsed properly. Quote function and help with
appropriate use of eval thanks to dalias (the author of:
http://www.etalabs.net/sh_tricks.html )
Signed-off-by: Jon McCune <address@hidden>
---
util/grub-install.in | 8 ++++----
util/grub-install_header | 17 +++++++++++++++++
util/grub-mknetdir.in | 2 +-
util/grub-mkrescue.in | 12 ++++++------
util/grub-mkstandalone.in | 2 +-
5 files changed, 29 insertions(+), 12 deletions(-)
diff --git a/util/grub-install.in b/util/grub-install.in
index 1816bb1..25a903f 100644
--- a/util/grub-install.in
+++ b/util/grub-install.in
@@ -651,9 +651,9 @@ case "${grub_modinfo_target_cpu}-${grub_modinfo_platform}"
in
esac
if [ x"$config_opt_file" = x ]; then
- "$grub_mkimage" -d "${source_directory}" -O "${mkimage_target}"
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/core.${imgext}"
--prefix="${prefix_drive}${relative_grubdir}" $grub_decompression_module
$modules || exit 1
+ eval "$(quote "$grub_mkimage") $pubkey_file_args -d $(quote
"${source_directory}") -O $(quote "${mkimage_target}") $(quote
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/core.${imgext}")
$(quote --prefix="${prefix_drive}${relative_grubdir}")
$grub_decompression_module $modules" || exit 1
else
- "$grub_mkimage" -c "${config_opt_file}" -d "${source_directory}" -O
"${mkimage_target}"
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/core.${imgext}"
--prefix="${prefix_drive}${relative_grubdir}" $grub_decompression_module
$modules || exit 1
+ eval "$(quote "$grub_mkimage") -c $(quote "${config_opt_file}")
$pubkey_file_args -d $(quote "${source_directory}") -O $(quote
"${mkimage_target}") $(quote
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/core.${imgext}")
$(quote --prefix="${prefix_drive}${relative_grubdir}")
$grub_decompression_module $modules" || exit 1
fi
# Backward-compatibility kludges
@@ -664,9 +664,9 @@ elif [
"${grub_modinfo_target_cpu}-${grub_modinfo_platform}" = "i386-ieee1275" ]
elif [ "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" = "i386-efi" ] ||
[ "${grub_modinfo_target_cpu}-${grub_modinfo_platform}" = "x86_64-efi" ]; then
if [ x"$config_opt_file" = x ]; then
- "$grub_mkimage" -d "${source_directory}" -O "${mkimage_target}"
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/grub.efi"
--prefix="" $grub_decompression_module $modules || exit 1
+ eval "$(quote "$grub_mkimage") $pubkey_file_args -d $(quote
"${source_directory}") -O $(quote "${mkimage_target}") $(quote
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/grub.efi")
$(quote --prefix="") $grub_decompression_module $modules" || exit 1
else
- "$grub_mkimage" -c "${config_opt_file}" -d "${source_directory}" -O
"${mkimage_target}"
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/grub.efi"
--prefix="" $grub_decompression_module $modules || exit 1
+ eval "$(quote "$grub_mkimage") -c $(quote "${config_opt_file}")
$pubkey_file_args -d $(quote "${source_directory}") -O $(quote
"${mkimage_target}") $(quote
--output="${grubdir}/${grub_modinfo_target_cpu}-$grub_modinfo_platform/grub.efi")
$(quote --prefix="") $grub_decompression_module $modules" || exit 1
fi
fi
diff --git a/util/grub-install_header b/util/grub-install_header
index cf7fa9d..87550f6 100644
--- a/util/grub-install_header
+++ b/util/grub-install_header
@@ -44,6 +44,11 @@ handler.lst video.lst crypto.lst terminal.lst"
grub_mkimage="${bindir}/@grub_mkimage@"
+# Thanks to http://www.etalabs.net/sh_tricks.html
+quote () {
+ printf %s\\n "$1" | sed "s/'/'\\\\''/g;1s/^/'/;\$s/\$/'/"
+}
+
grub_compress_file () {
if [ "$compressor" != "" ] ; then
"$compressor" $compressor_opts "$1" > "$2"
@@ -156,6 +161,7 @@ grub_print_install_files_help () {
dir_msg="$(gettext_printf "use images and modules under DIR
[default=%s/<platform>]" "${libdir}/@PACKAGE@")"
print_option_help "-d, --directory=$(gettext "DIR")" "$dir_msg"
print_option_help "--grub-mkimage=$(gettext "FILE")" "$(gettext "use FILE
as grub-mkimage")"
+ print_option_help "-k, --pubkey=$(gettext "FILE")" "$(gettext "embed FILE
as public key for signature checking")"
print_option_help "-v, --version" "$(gettext "print the version
information and exit")"
}
@@ -168,6 +174,7 @@ grub_decompression_module=""
compressor=""
compressor_opts=""
source_directory=""
+pubkey_file_args=""
argument () {
opt=$1
@@ -245,6 +252,16 @@ grub_process_install_options () {
grub_mkimage=`argument $option "$@"`;
grub_process_install_options_consumed=2 ;;
--grub-mkimage=*)
grub_mkimage=`echo "$option" | sed
's/--grub-mkimage=//'`;grub_process_install_options_consumed=1 ;;
+ --pubkey | -k)
+ new_pubkey_file=`argument $option "$@"`
+ new_pubkey_file_quoted=`quote "$new_pubkey_file"`
+ pubkey_file_args="$pubkey_file_args --pubkey $new_pubkey_file_quoted"
+ grub_process_install_options_consumed=2;;
+ --pubkey=*)
+ new_pubkey_file=`printf "%s" "$option" | sed 's/--pubkey=//'`
+ new_pubkey_file_quoted=`quote "$new_pubkey_file"`
+ pubkey_file_args="$pubkey_file_args --pubkey $new_pubkey_file_quoted"
+ grub_process_install_options_consumed=1;;
--modules)
modules=`argument $option "$@"`;
grub_process_install_options_consumed=2;;
--modules=*)
diff --git a/util/grub-mknetdir.in b/util/grub-mknetdir.in
index b7b59da..a573449 100644
--- a/util/grub-mknetdir.in
+++ b/util/grub-mknetdir.in
@@ -146,7 +146,7 @@ process_input_dir ()
source ${subdir}/grub.cfg
EOF
- "$grub_mkimage" ${config_opt} -d "${input_dir}" -O ${mkimage_target}
"--output=${grubdir}/core.$ext" "--prefix=$prefix" $modules
$grub_decompression_module $netmodules tftp || exit 1
+ eval "$(quote "$grub_mkimage") ${config_opt} -d $(quote "${input_dir}") -O
${mkimage_target} $(quote "--output=${grubdir}/core.$ext") $(quote
"--prefix=$prefix") $modules $grub_decompression_module $netmodules tftp" ||
exit 1
# TRANSLATORS: First %s is replaced by platform name. Second one by
filename.
gettext_printf "Netboot directory for %s created. Configure your DHCP
server to point to %s\n" "${platform}" "${subdir}/${platform}/core.$ext"
}
diff --git a/util/grub-mkrescue.in b/util/grub-mkrescue.in
index 0adde3b..18be94c 100644
--- a/util/grub-mkrescue.in
+++ b/util/grub-mkrescue.in
@@ -209,8 +209,8 @@ EOF
echo "insmod $i"
done ; ) > "${load_cfg}"
- "$grub_mkimage" -O ${platform} -d "${source_directory}" -c "${load_cfg}"
-o "$3" \
- $grub_decompression_module search iso9660 $4
+ eval "$(quote "$grub_mkimage") $pubkey_file_args -O ${platform} -d $(quote
"${source_directory}") -c $(quote "${load_cfg}") -o $(quote "$3") \
+ $grub_decompression_module search iso9660 $4"
rm -rf "${load_cfg}"
}
@@ -224,8 +224,8 @@ make_image_fwdisk ()
gettext_printf "Enabling %s support ...\n" "$2"
- "$grub_mkimage" -O ${platform} -d "${source_directory}" -p '()/boot/grub'
-o "$3" \
- $grub_decompression_module iso9660 $4
+ eval "$(quote "$grub_mkimage") $pubkey_file_args -O ${platform} -d $(quote
"${source_directory}") -p '()/boot/grub' -o $(quote "$3") \
+ $grub_decompression_module iso9660 $4"
}
if [ "${source_directory}" = "" ] ; then
@@ -335,8 +335,8 @@ if test -e "${pc_dir}" ; then
echo "insmod $i"
done ;) > "${load_cfg}"
- "$grub_mkimage" -O i386-pc -d "${pc_dir}/" -o "${core_img}" -c "$load_cfg"
--prefix=/boot/grub \
- $grub_decompression_module iso9660 biosdisk
+ eval "$(quote "$grub_mkimage") $pubkey_file_args -O i386-pc -d $(quote
"${pc_dir}/") -o $(quote "${core_img}") -c $(quote "$load_cfg")
--prefix=/boot/grub \
+ $grub_decompression_module iso9660 biosdisk"
cat "${pc_dir}/cdboot.img" "${core_img}" >
"${iso9660_dir}/boot/grub/i386-pc/eltorito.img"
grub_mkisofs_arguments="${grub_mkisofs_arguments} -b
boot/grub/i386-pc/eltorito.img -no-emul-boot -boot-load-size 4 -boot-info-table"
diff --git a/util/grub-mkstandalone.in b/util/grub-mkstandalone.in
index b692c48..6e62a3f 100644
--- a/util/grub-mkstandalone.in
+++ b/util/grub-mkstandalone.in
@@ -124,7 +124,7 @@ memdisk_img=`mktemp "${TMPDIR:-/tmp}/tmp.XXXXXXXXXX"` ||
exit 1
(cd "${memdisk_dir}"; tar -cf - * $source) > "${memdisk_img}"
rm -rf "${memdisk_dir}"
-"$grub_mkimage" -O "${format}" -C "$compression" -d "${source_directory}" -m
"${memdisk_img}" -o "$output_image" --prefix='(memdisk)/boot/grub' memdisk tar
$grub_decompression_module $modules
+eval "$(quote "$grub_mkimage") -O $(quote "${format}") -C $(quote
"$compression") -d $(quote "${source_directory}") -m $(quote "${memdisk_img}")
-o $(quote "$output_image") --prefix='(memdisk)/boot/grub' memdisk tar
$grub_decompression_module $modules"
rm -rf "${memdisk_img}"
exit 0
--
1.8.4