Reproducible grub-install

grub-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Reproducible grub-install

From:	Miguel Arruga Vivas
Subject:	Reproducible grub-install
Date:	Mon, 21 Oct 2019 16:30:21 +0200

Hi, everybody!

After taking a deeper look into our (guix's) grub installation
procedure, I have the thought that it could be a neat idea to make the
boot directory an actual derivation instead something of the global
status.

From what I currently understand:

  - boot.img/core.img and load.cfg: The written images must be replaced
    on each installation.  This is one task performed by grub-install.

  - /boot/grub/*: The contents of these folders should be reproducible,
    such as the modules or the localization binaries, as currently
    grub.cfg is.  This is the other task performed by grub-install.

  - /boot/grub/grubenv: IIUC, this file must be writable by grub.  This
    should not be on the store, and not sharing the path may be the
    main problem right now to implement this.

AFAIK, the grubenv problem requires a modification of the grub code if
we try to use a different path for this kind-of-modifiable file, so this
would require modify grub to being able to lookup for that file
somewhere else.  This way the global state can be made explicit.

The image installation into the device is a separate issue from the
binaries installation, that could be separated into two separate
binaries, or two steps/flags for grub-install, one for binaries
installation into ${boot-directory}/grub and the other one for load.cfg
generation and core/boot.img installation.

To everyone: Are you aware of any other way to achieve this?  What do
you think?

To grub-devel: I'd be able to send patches for the latter if you think
it is a good idea without help, but I guess that the first kind of
modification would need some and deeper study of grub code.

To guix-devel: Even though the procedure I have in mind needs
changes in grub, there are alternative ways to achieve this with the
current tools, as copying the files and using the installation as an
"implicit" guix-challenge, but they are not as neat an clean as the
split between reproducible binaries installation and global state,
which includes the disk preparation for the load of the bootloader.

Happy hacking to all!
Miguel

[Prev in Thread]

Current Thread

[Next in Thread]

Reproducible grub-install, Miguel Arruga Vivas <=
- Re: Reproducible grub-install, Daniel Kiper, 2019/10/23
  - Granularity of grub-install (was Re: Reproducibility of grub-install), Miguel Arruga Vivas, 2019/10/28
    - [PATCH] install: Free allocated path for grub.efi., Miguel Arruga Vivas, 2019/10/28
    - [PATCH 2/2] install: Add only-platform-installation option., Miguel Arruga Vivas, 2019/10/28

Prev by Date: Re: [PATCH v2] Add GRUB_DISABLE_UUID
Next by Date: Re: [PATCH v2 2/3] Set net_<interface>_client{id,uuid} variables from DHCP options
Previous by thread: [PATCH] Update to minilzo-2.08
Next by thread: Re: Reproducible grub-install
Index(es):
- Date
- Thread