[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Reproducible grub-install
From: |
Daniel Kiper |
Subject: |
Re: Reproducible grub-install |
Date: |
Wed, 23 Oct 2019 11:09:07 +0200 |
User-agent: |
NeoMutt/20170113 (1.7.2) |
On Mon, Oct 21, 2019 at 04:30:21PM +0200, Miguel Arruga Vivas wrote:
> Hi, everybody!
>
> After taking a deeper look into our (guix's) grub installation
> procedure, I have the thought that it could be a neat idea to make the
> boot directory an actual derivation instead something of the global
> status.
I do not understand what you mean by "make the boot directory an actual
derivation instead something of the global status". Could you elaborate
more about that?
> From what I currently understand:
>
> - boot.img/core.img and load.cfg: The written images must be replaced
> on each installation. This is one task performed by grub-install.
Yep.
> - /boot/grub/*: The contents of these folders should be reproducible,
> such as the modules or the localization binaries, as currently
> grub.cfg is. This is the other task performed by grub-install.
I am not sure why grub.cfg have to be reproducible. OK, to some extent
it has but...
>
> - /boot/grub/grubenv: IIUC, this file must be writable by grub. This
> should not be on the store, and not sharing the path may be the
> main problem right now to implement this.
I do not understand this.
> AFAIK, the grubenv problem requires a modification of the grub code if
> we try to use a different path for this kind-of-modifiable file, so this
> would require modify grub to being able to lookup for that file
> somewhere else. This way the global state can be made explicit.
What do you mean by "This way the global state can be made explicit."?
> The image installation into the device is a separate issue from the
> binaries installation, that could be separated into two separate
> binaries, or two steps/flags for grub-install, one for binaries
> installation into ${boot-directory}/grub and the other one for load.cfg
> generation and core/boot.img installation.
Why do you need to separate this thing into two steps?
> To everyone: Are you aware of any other way to achieve this? What do
> you think?
>
> To grub-devel: I'd be able to send patches for the latter if you think
Patches are always welcome...
> it is a good idea without help, but I guess that the first kind of
> modification would need some and deeper study of grub code.
>
Yep...
Daniel