* add some spaces for separation, increasing readability
* do not use the non-existent variable x as replacement, but an actual
empty string ""
* don't use the "truth-y action" at end to make awk print the line ($0)
but explicitly print $0 after the gsub, makes it easier to get for
people with not much awk background
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
if we fallback to /proc/cmdline, it can include the booted initrd.
to avoid loader entries with initrd 'options' lines, we have to parse
them out.
Signed-off-by: Oguz Bektas <o.bektas@proxmox.com>
Previously, mentioning "virtual package" in the package long
description was enough to supress the "empty-binary-package" linitian
tag[0]. That changed, so let's use "metapackage", which is suggested
as one of the replacement options.
[0]: https://lintian.debian.org/tags/empty-binary-package.html
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
As explained in [0], we can add a hook script that will be called after
update-initramfs did its job (and thus, a new initrd has been created).
We can use this to automatically sync the ESPs using 'pve-efiboot-tool
refresh', if update-initramfs was called manually (on kernel upgrade we
already have a hook that does this).
[0]: https://kernel-team.pages.debian.net/kernel-handbook/ch-update-hooks.html
Signed-off-by: Stefan Reiter <s.reiter@proxmox.com>
As all operations are done on a single or no version, thus "kernel"
fits minimally better, IMO. But just accept both, for convenience
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
default to "Proxmox Virtual Environment", and if the
proxmox-mailgateway package is installed (we simply check the docs
path) use "Proxmox Mailgateway" instead
Signed-off-by: Thomas Lamprecht <t.lamprecht@proxmox.com>
namely, the current/latest and previous one, for which we also keep the
last kernel installed and synced.
the pipe to 'head' has the added bonus of guarding against 'grep'
returnin non-zero and triggering 'set -e'
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
especially after modifying the manually selected kernels list, we don't
want this to be skipped.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to list custom and automatically selected kernel versions that are synced to configured ESPs
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
with 'kernels <add|remove>' command in pve-efiboot-tool to add/remove
kernels to/from manual kernel list, and honor it when generating lists
of kernels to not autoremove/sync to ESPs
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
by re-executing the whole 'pve-efiboot-tool init' command inside a new mount namespace
Co-Developed-By: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to avoid affecting the running system negatively, e.g. because the
target paths for mounting the ESPs have been modified via symlinks or
similar attacks.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
to re-execute the currently running script in an unshared mount name
space.
Co-Developed-By: Thomas Lamprecht <t.lamprecht@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
from global scope to where it is actually used, otherwise this gets
called/printed too often/early.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
with (sh) pveesptool to format, initialize and refresh synced ESPs, as
well as the hooks previously shipped via proxmox-ve.
pveesptool based on a never-released version written in perl by Stoiko
Ivanov.
Co-Developed-By: Stoiko Ivanov <s.ivanov@proxmox.com>
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
read a list of vfat UUIDs from /etc/kernel/pve-efiboot-uuids instead of
taking all blockdevices with vfat and the proper partition type
Otherwise all guests having an ESP would get it mounted and potentially
modified
