Skip to content

Commit f526821

Browse files
committed
revert(51c1d56, grub2): re-enable os-prober by default
This reverts commit 51c1d56. The change broke the build with the following error during %prep: /builddir/build/SOURCES/0382-Set-correctly-the-memory-attributes-for-the-kernel-P.patch error: patch failed: docs/grub.texi:1552 error: docs/grub.texi: patch does not apply Applying: Revert "templates: Fix user-facing typo with an incorrect use of "it's"" Applying: Rework linux command Applying: Rework linux16 command Applying: re-write .gitignore Applying: IBM client architecture (CAS) reboot support Applying: for ppc, reset console display attr when clear screen Applying: Disable GRUB video support for IBM power machines Applying: Move bash completion script (#922997) Applying: Allow "fallback" to include entries by title, not just number. Applying: Make "exit" take a return code. Applying: Make efi machines load an env block from a variable Applying: Migrate PPC from Yaboot to Grub2 Applying: Add fw_path variable (revised) Applying: Pass "\x[[:hex:]][[:hex:]]" straight through unmolested. Applying: blscfg: add blscfg module to parse Boot Loader Specification snippets Applying: Add devicetree loading Applying: Enable pager by default. (#985860) Applying: Don't say "GNU/Linux" in generated menus. Applying: Add .eh_frame to list of relocations stripped Applying: Don't require a password to boot entries generated by grub-mkconfig. Applying: use fw_path prefix when fallback searching for grub config Applying: Try mac/guid/etc before grub.cfg on tftp config files. Applying: Generate OS and CLASS in 10_linux from /etc/os-release Applying: Try $prefix if $fw_path doesn't work. Applying: Make grub2-mkconfig construct titles that look like the ones we want elsewhere. Applying: Add friendly grub2 password config tool (#985962) Applying: tcp: add window scaling support Applying: efinet and bootp: add support for dhcpv6 Applying: bootp: New net_bootp6 command Applying: Add grub-get-kernel-settings and use it in 10_linux Applying: Make grub_fatal() also backtrace. Applying: Make our info pages say "grub2" where appropriate. Patch failed at 0032 Make our info pages say "grub2" where appropriate. hint: Use 'git am --show-current-patch=diff' to see the failed patch hint: When you have resolved this problem, run "git am --continue". hint: If you prefer to skip this patch, run "git am --skip" instead. hint: To restore the original branch and stop patching, run "git am --abort". hint: Disable this message with "git config set advice.mergeConflict false" error: Bad exit status from /var/tmp/rpm-tmp.7SswhI (%prep) RPM build errors: %changelog not in descending chronological order Bad exit status from /var/tmp/rpm-tmp.7SswhI (%prep) Child return code was: 1 Fixes: AB#20278
1 parent 99fe90a commit f526821

6 files changed

Lines changed: 146 additions & 35 deletions

File tree

base/comps/grub2/grub2.comp.toml

Lines changed: 0 additions & 33 deletions
Original file line numberDiff line numberDiff line change
@@ -16,36 +16,3 @@ type = "file-search-replace"
1616
file = "grub.macros"
1717
regex = '%global with_xen_pvh_arch 1'
1818
replacement = '%global with_xen_pvh_arch 0'
19-
20-
# Drop the two Fedora revert patches that re-enable the os-prober-by-default
21-
# behavior in grub-mkconfig. os-prober has been disabled by default for security
22-
# reason in grub2 (2.06+), and previous versions of Azure Linux have
23-
# historically followed suite.
24-
#
25-
# `patch-remove` can't be used: grub2.spec pulls its patch list from
26-
# `grub.patches` via `%include %{SOURCE11}`, and azldev only scans inline
27-
# `PatchN:` / `%patchlist` tags. Edit `grub.patches` and delete the files
28-
# directly instead.
29-
[[components.grub2.overlays]]
30-
description = "Drop Fedora os-prober revert (properly disable) from grub.patches"
31-
type = "file-search-replace"
32-
file = "grub.patches"
33-
regex = 'Patch0002: 0002-Revert-templates-Properly-disable-the-os-prober-by-d\.patch\n'
34-
replacement = ""
35-
36-
[[components.grub2.overlays]]
37-
description = "Drop Fedora os-prober revert (disable by default) from grub.patches"
38-
type = "file-search-replace"
39-
file = "grub.patches"
40-
regex = 'Patch0003: 0003-Revert-templates-Disable-the-os-prober-by-default\.patch\n'
41-
replacement = ""
42-
43-
[[components.grub2.overlays]]
44-
description = "Remove Fedora os-prober revert patch file (properly disable)"
45-
type = "file-remove"
46-
file = "0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch"
47-
48-
[[components.grub2.overlays]]
49-
description = "Remove Fedora os-prober revert patch file (disable by default)"
50-
type = "file-remove"
51-
file = "0003-Revert-templates-Disable-the-os-prober-by-default.patch"

locks/grub2.lock

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,5 +2,6 @@
22
version = 1
33
import-commit = '354c77b195316a4aa09979793a73ea4485217769'
44
upstream-commit = '354c77b195316a4aa09979793a73ea4485217769'
5-
input-fingerprint = 'sha256:e457a7afd4e6150cf6133f8a1b739ade7d97eb714e39af09abd248c4bad5c2af'
5+
manual-bump = 1
6+
input-fingerprint = 'sha256:218bb17939644ac159ceee0573390edcbf722424a674b8a95182f580bc99dbbb'
67
resolution-input-hash = 'sha256:466421704711c4fd3c71f0b2ed715a0e61d49e3e26f3a2637fee755795849c8e'
Lines changed: 71 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2+
From: Javier Martinez Canillas <javierm@redhat.com>
3+
Date: Fri, 11 Jun 2021 12:10:54 +0200
4+
Subject: [PATCH] Revert "templates: Properly disable the os-prober by default"
5+
6+
This reverts commit 54e0a1bbf1e9106901a557195bb35e5e20fb3925.
7+
---
8+
util/grub-mkconfig.in | 5 +----
9+
util/grub.d/30_os-prober.in | 8 ++++----
10+
2 files changed, 5 insertions(+), 8 deletions(-)
11+
12+
diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
13+
index 32c480daeb2..7516a015be0 100644
14+
--- a/util/grub-mkconfig.in
15+
+++ b/util/grub-mkconfig.in
16+
@@ -140,9 +140,6 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device ${GRUB_DEVICE} --target=partuuid 2
17+
GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
18+
GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} --target=fs_uuid 2> /dev/null`" || true
19+
20+
-# Disable os-prober by default due to security reasons.
21+
-GRUB_DISABLE_OS_PROBER="true"
22+
-
23+
# Filesystem for the device containing our userland. Used for stuff like
24+
# choosing Hurd filesystem module.
25+
GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || echo unknown`"
26+
@@ -204,7 +201,6 @@ export GRUB_DEVICE \
27+
GRUB_DEVICE_PARTUUID \
28+
GRUB_DEVICE_BOOT \
29+
GRUB_DEVICE_BOOT_UUID \
30+
- GRUB_DISABLE_OS_PROBER \
31+
GRUB_FS \
32+
GRUB_FONT \
33+
GRUB_PRELOAD_MODULES \
34+
@@ -250,6 +246,7 @@ export GRUB_DEFAULT \
35+
GRUB_BACKGROUND \
36+
GRUB_THEME \
37+
GRUB_GFXPAYLOAD_LINUX \
38+
+ GRUB_DISABLE_OS_PROBER \
39+
GRUB_INIT_TUNE \
40+
GRUB_SAVEDEFAULT \
41+
GRUB_ENABLE_CRYPTODISK \
42+
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
43+
index 376ca47efe4..30f27f15b83 100644
44+
--- a/util/grub.d/30_os-prober.in
45+
+++ b/util/grub.d/30_os-prober.in
46+
@@ -26,8 +26,8 @@ export TEXTDOMAINDIR="@localedir@"
47+
48+
. "$pkgdatadir/grub-mkconfig_lib"
49+
50+
-if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
51+
- grub_warn "$(gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.")"
52+
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
53+
+ gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
54+
exit 0
55+
fi
56+
57+
@@ -36,12 +36,12 @@ if ! command -v os-prober > /dev/null || ! command -v linux-boot-prober > /dev/n
58+
exit 0
59+
fi
60+
61+
-grub_warn "$(gettext_printf "os-prober will be executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
62+
-
63+
OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
64+
if [ -z "${OSPROBED}" ] ; then
65+
# empty os-prober output, nothing doing
66+
exit 0
67+
+else
68+
+ grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
69+
fi
70+
71+
osx_entry() {
Lines changed: 70 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,70 @@
1+
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
2+
From: Javier Martinez Canillas <javierm@redhat.com>
3+
Date: Fri, 11 Jun 2021 12:10:58 +0200
4+
Subject: [PATCH] Revert "templates: Disable the os-prober by default"
5+
6+
This reverts commit e346414725a70e5c74ee87ca14e580c66f517666.
7+
---
8+
docs/grub.texi | 18 ++++++++----------
9+
util/grub.d/30_os-prober.in | 5 +----
10+
2 files changed, 9 insertions(+), 14 deletions(-)
11+
12+
diff --git a/docs/grub.texi b/docs/grub.texi
13+
index a225f9a88d2..974bc0ddb07 100644
14+
--- a/docs/grub.texi
15+
+++ b/docs/grub.texi
16+
@@ -1552,13 +1552,10 @@ boot sequence. If you have problems, set this option to @samp{text} and
17+
GRUB will tell Linux to boot in normal text mode.
18+
19+
@item GRUB_DISABLE_OS_PROBER
20+
-The @command{grub-mkconfig} has a feature to use the external
21+
-@command{os-prober} program to discover other operating systems installed on
22+
-the same machine and generate appropriate menu entries for them. It is disabled
23+
-by default since automatic and silent execution of @command{os-prober}, and
24+
-creating boot entries based on that data, is a potential attack vector. Set
25+
-this option to @samp{false} to enable this feature in the
26+
-@command{grub-mkconfig} command.
27+
+Normally, @command{grub-mkconfig} will try to use the external
28+
+@command{os-prober} program, if installed, to discover other operating
29+
+systems installed on the same system and generate appropriate menu entries
30+
+for them. Set this option to @samp{true} to disable this.
31+
32+
@item GRUB_OS_PROBER_SKIP_LIST
33+
List of space-separated FS UUIDs of filesystems to be ignored from os-prober
34+
@@ -1889,9 +1886,10 @@ than zero; otherwise 0.
35+
@section Multi-boot manual config
36+
37+
Currently autogenerating config files for multi-boot environments depends on
38+
-os-prober and has several shortcomings. Due to that it is disabled by default.
39+
-It is advised to use the power of GRUB syntax and do it yourself. A possible
40+
-configuration is detailed here, feel free to adjust to your needs.
41+
+os-prober and has several shortcomings. While fixing it is scheduled for the
42+
+next release, meanwhile you can make use of the power of GRUB syntax and do it
43+
+yourself. A possible configuration is detailed here, feel free to adjust to your
44+
+needs.
45+
46+
First create a separate GRUB partition, big enough to hold GRUB. Some of the
47+
following entries show how to load OS installer images from this same partition,
48+
diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
49+
index 30f27f15b83..f300e46fc6a 100644
50+
--- a/util/grub.d/30_os-prober.in
51+
+++ b/util/grub.d/30_os-prober.in
52+
@@ -26,8 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
53+
54+
. "$pkgdatadir/grub-mkconfig_lib"
55+
56+
-if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
57+
- gettext_printf "os-prober will not be executed to detect other bootable partitions.\nSystems on them will not be added to the GRUB boot configuration.\nCheck GRUB_DISABLE_OS_PROBER documentation entry.\n"
58+
+if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then
59+
exit 0
60+
fi
61+
62+
@@ -40,8 +39,6 @@ OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"
63+
if [ -z "${OSPROBED}" ] ; then
64+
# empty os-prober output, nothing doing
65+
exit 0
66+
-else
67+
- grub_warn "$(gettext_printf "os-prober was executed to detect other bootable partitions.\nIt's output will be used to detect bootable binaries on them and create new boot entries.")"
68+
fi
69+
70+
osx_entry() {

specs/g/grub2/grub.patches

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
Patch0001: 0001-Revert-templates-Fix-user-facing-typo-with-an-incorr.patch
2+
Patch0002: 0002-Revert-templates-Properly-disable-the-os-prober-by-d.patch
3+
Patch0003: 0003-Revert-templates-Disable-the-os-prober-by-default.patch
24
Patch0004: 0004-Rework-linux-command.patch
35
Patch0005: 0005-Rework-linux16-command.patch
46
Patch0006: 0006-re-write-.gitignore.patch

specs/g/grub2/grub2.spec

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@
2020
Name: grub2
2121
Epoch: 1
2222
Version: 2.12
23-
Release: 43%{?dist}
23+
Release: 44%{?dist}
2424
Summary: Bootloader with support for Linux, Multiboot and more
2525
License: GPL-3.0-or-later
2626
URL: http://www.gnu.org/software/grub/

0 commit comments

Comments
 (0)