proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-05-15 18:36:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

uefi: Handle /boot properly (Closes: #627)

Browse Source 
/boot is a special cased directory when using ProtectSystem=full

Due to this, it's marked read only even if it's listed in ReadWritePaths.

Allow folks to use this for their ESP, but they need to create /boot/EFI
in advance of starting fwupd.
This commit is contained in:
Mario Limonciello 2018-08-09 09:19:03 -05:00 committed by Mario Limonciello
parent 55c424a7be
commit 9bdbbc5ca8
2 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
data/meson.build
View File

@ -40,7 +40,7 @@ if get_option('systemd')
rw_directories += join_paths (localstatedir, 'lib', 'fwupd') rw_directories += join_paths (localstatedir, 'lib', 'fwupd')
rw_directories += join_paths (default_sysconfdir, 'fwupd', 'remotes.d') rw_directories += join_paths (default_sysconfdir, 'fwupd', 'remotes.d')
if get_option('plugin_uefi') if get_option('plugin_uefi')
rw_directories += ['-/boot/efi', '-/boot', '-/efi'] rw_directories += ['-/boot/efi', '-/efi', '-/boot/EFI']
endif endif
dynamic_options = [] dynamic_options = []

13
plugins/uefi/fu-uefi-common.c
View File

@ -283,7 +283,18 @@ fu_uefi_check_esp_path (const gchar *path, GError **error)
"%s was not mounted", path); "%s was not mounted", path);
return FALSE; return FALSE;
} }
if (g_unix_mount_is_readonly (mount)) { /* /boot is a special case because systemd sandboxing marks
* it read-only, but we need to write to /boot/EFI
*/
if (g_strcmp0 (path, "/boot") == 0) {
if (!g_file_test ("/boot/EFI", G_FILE_TEST_IS_DIR)) {
g_set_error (error,
FWUPD_ERROR,
FWUPD_ERROR_NOT_SUPPORTED,
"%s/EFI does not exist", path);
return FALSE;
}
} else if (g_unix_mount_is_readonly (mount)) {
g_set_error (error, g_set_error (error,
FWUPD_ERROR, FWUPD_ERROR,
FWUPD_ERROR_NOT_SUPPORTED, FWUPD_ERROR_NOT_SUPPORTED,