/* SPDX-License-Identifier: LGPL-2.1+ */
-/***
- This file is part of systemd.
-
- Copyright 2013-2015 Kay Sievers
- Copyright 2013 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
-***/
#include <blkid.h>
#include <ctype.h>
#include <sys/statfs.h>
#include <unistd.h>
+#include "sd-id128.h"
+
#include "alloc-util.h"
#include "blkid-util.h"
+#include "bootspec.h"
#include "copy.h"
#include "dirent-util.h"
#include "efivars.h"
#include "stat-util.h"
#include "string-util.h"
#include "strv.h"
+#include "terminal-util.h"
#include "umask-util.h"
#include "util.h"
#include "verbs.h"
#include "virt.h"
static char *arg_path = NULL;
+static bool arg_print_path = false;
static bool arg_touch_variables = true;
-static int verify_esp(
- bool searching,
- const char *p,
+static int acquire_esp(
+ bool unprivileged_mode,
uint32_t *ret_part,
uint64_t *ret_pstart,
uint64_t *ret_psize,
sd_id128_t *ret_uuid) {
- _cleanup_blkid_free_probe_ blkid_probe b = NULL;
- _cleanup_free_ char *t = NULL;
- uint64_t pstart = 0, psize = 0;
- struct stat st, st2;
- const char *v, *t2;
- struct statfs sfs;
- sd_id128_t uuid = SD_ID128_NULL;
- uint32_t part = 0;
- bool quiet;
+ char *np;
int r;
- assert(p);
-
- /* Non-root user can run only `bootctl status`, then if error occured in the following, it does not cause any issues.
- * So, let's silence the error messages. */
- quiet = (geteuid() != 0);
-
- if (statfs(p, &sfs) < 0) {
-
- /* If we are searching for the mount point, don't generate a log message if we can't find the path */
- if (errno == ENOENT && searching)
- return -ENOENT;
-
- return log_full_errno(quiet && errno == EACCES ? LOG_DEBUG : LOG_ERR, errno,
- "Failed to check file system type of \"%s\": %m", p);
- }
-
- if (!F_TYPE_EQUAL(sfs.f_type, MSDOS_SUPER_MAGIC)) {
-
- if (searching)
- return -EADDRNOTAVAIL;
-
- log_error("File system \"%s\" is not a FAT EFI System Partition (ESP) file system.", p);
- return -ENODEV;
- }
+ /* Find the ESP, and log about errors. Note that find_esp_and_warn() will log in all error cases on its own,
+ * except for ENOKEY (which is good, we want to show our own message in that case, suggesting use of --path=)
+ * and EACCESS (only when we request unprivileged mode; in this case we simply eat up the error here, so that
+ * --list and --status work too, without noise about this). */
- if (stat(p, &st) < 0)
- return log_full_errno(quiet && errno == EACCES ? LOG_DEBUG : LOG_ERR, errno,
- "Failed to determine block device node of \"%s\": %m", p);
-
- if (major(st.st_dev) == 0) {
- log_error("Block device node of %p is invalid.", p);
- return -ENODEV;
- }
-
- t2 = strjoina(p, "/..");
- r = stat(t2, &st2);
- if (r < 0)
- return log_full_errno(quiet && errno == EACCES ? LOG_DEBUG : LOG_ERR, errno,
- "Failed to determine block device node of parent of \"%s\": %m", p);
-
- if (st.st_dev == st2.st_dev) {
- log_error("Directory \"%s\" is not the root of the EFI System Partition (ESP) file system.", p);
- return -ENODEV;
- }
-
- /* In a container we don't have access to block devices, skip this part of the verification, we trust the
- * container manager set everything up correctly on its own. Also skip the following verification for non-root user. */
- if (detect_container() > 0 || geteuid() != 0)
- goto finish;
-
- r = asprintf(&t, "/dev/block/%u:%u", major(st.st_dev), minor(st.st_dev));
- if (r < 0)
- return log_oom();
-
- errno = 0;
- b = blkid_new_probe_from_filename(t);
- if (!b)
- return log_error_errno(errno ?: ENOMEM, "Failed to open file system \"%s\": %m", p);
-
- blkid_probe_enable_superblocks(b, 1);
- blkid_probe_set_superblocks_flags(b, BLKID_SUBLKS_TYPE);
- blkid_probe_enable_partitions(b, 1);
- blkid_probe_set_partitions_flags(b, BLKID_PARTS_ENTRY_DETAILS);
-
- errno = 0;
- r = blkid_do_safeprobe(b);
- if (r == -2) {
- log_error("File system \"%s\" is ambiguous.", p);
- return -ENODEV;
- } else if (r == 1) {
- log_error("File system \"%s\" does not contain a label.", p);
- return -ENODEV;
- } else if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe file system \"%s\": %m", p);
-
- errno = 0;
- r = blkid_probe_lookup_value(b, "TYPE", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe file system type \"%s\": %m", p);
- if (!streq(v, "vfat")) {
- log_error("File system \"%s\" is not FAT.", p);
- return -ENODEV;
- }
-
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_SCHEME", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition scheme \"%s\": %m", p);
- if (!streq(v, "gpt")) {
- log_error("File system \"%s\" is not on a GPT partition table.", p);
- return -ENODEV;
- }
-
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_TYPE", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition type UUID \"%s\": %m", p);
- if (!streq(v, "c12a7328-f81f-11d2-ba4b-00a0c93ec93b")) {
- log_error("File system \"%s\" has wrong type for an EFI System Partition (ESP).", p);
- return -ENODEV;
- }
-
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_UUID", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition entry UUID \"%s\": %m", p);
- r = sd_id128_from_string(v, &uuid);
- if (r < 0) {
- log_error("Partition \"%s\" has invalid UUID \"%s\".", p, v);
- return -EIO;
- }
-
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_NUMBER", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition number \"%s\": m", p);
- r = safe_atou32(v, &part);
+ r = find_esp_and_warn(arg_path, unprivileged_mode, &np, ret_part, ret_pstart, ret_psize, ret_uuid);
+ if (r == -ENOKEY)
+ return log_error_errno(r,
+ "Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.\n"
+ "Alternatively, use --path= to specify path to mount point.");
if (r < 0)
- return log_error_errno(r, "Failed to parse PART_ENTRY_NUMBER field.");
+ return r;
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_OFFSET", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition offset \"%s\": %m", p);
- r = safe_atou64(v, &pstart);
- if (r < 0)
- return log_error_errno(r, "Failed to parse PART_ENTRY_OFFSET field.");
+ free_and_replace(arg_path, np);
- errno = 0;
- r = blkid_probe_lookup_value(b, "PART_ENTRY_SIZE", &v, NULL);
- if (r != 0)
- return log_error_errno(errno ?: EIO, "Failed to probe partition size \"%s\": %m", p);
- r = safe_atou64(v, &psize);
- if (r < 0)
- return log_error_errno(r, "Failed to parse PART_ENTRY_SIZE field.");
-
-finish:
- if (ret_part)
- *ret_part = part;
- if (ret_pstart)
- *ret_pstart = pstart;
- if (ret_psize)
- *ret_psize = psize;
- if (ret_uuid)
- *ret_uuid = uuid;
+ log_debug("Using EFI System Partition at %s.", arg_path);
return 0;
}
-static int find_esp(uint32_t *part, uint64_t *pstart, uint64_t *psize, sd_id128_t *uuid) {
- const char *path;
- int r;
-
- if (arg_path)
- return verify_esp(false, arg_path, part, pstart, psize, uuid);
-
- FOREACH_STRING(path, "/efi", "/boot", "/boot/efi") {
-
- r = verify_esp(true, path, part, pstart, psize, uuid);
- if (IN_SET(r, -ENOENT, -EADDRNOTAVAIL)) /* This one is not it */
- continue;
- if (r < 0)
- return r;
-
- arg_path = strdup(path);
- if (!arg_path)
- return log_oom();
-
- log_info("Using EFI System Partition at %s.", path);
- return 0;
- }
-
- log_error("Couldn't find EFI system partition. It is recommended to mount it to /boot. Alternatively, use --path= to specify path to mount point.");
- return -ENOENT;
-}
-
/* search for "#### LoaderInfo: systemd-boot 218 ####" string inside the binary */
static int get_file_version(int fd, char **v) {
struct stat st;
return 0;
}
+static int status_entries(const char *esp_path, sd_id128_t partition) {
+ int r;
+
+ _cleanup_(boot_config_free) BootConfig config = {};
+
+ printf("Default Boot Entry:\n");
+
+ r = boot_entries_load_config(esp_path, &config);
+ if (r < 0)
+ return log_error_errno(r, "Failed to load bootspec config from \"%s/loader\": %m",
+ esp_path);
+
+ if (config.default_entry < 0)
+ printf("%zu entries, no entry suitable as default\n", config.n_entries);
+ else {
+ const BootEntry *e = &config.entries[config.default_entry];
+
+ printf(" title: %s\n", boot_entry_title(e));
+ if (e->version)
+ printf(" version: %s\n", e->version);
+ if (e->kernel)
+ printf(" linux: %s\n", e->kernel);
+ if (!strv_isempty(e->initrd)) {
+ _cleanup_free_ char *t;
+
+ t = strv_join(e->initrd, " ");
+ if (!t)
+ return log_oom();
+
+ printf(" initrd: %s\n", t);
+ }
+ if (!strv_isempty(e->options)) {
+ _cleanup_free_ char *t;
+
+ t = strv_join(e->options, " ");
+ if (!t)
+ return log_oom();
+
+ printf(" options: %s\n", t);
+ }
+ if (e->device_tree)
+ printf(" devicetree: %s\n", e->device_tree);
+ puts("");
+ }
+
+ return 0;
+}
+
static int compare_product(const char *a, const char *b) {
size_t x, y;
return r;
if (lseek(fd_from, 0, SEEK_SET) == (off_t) -1)
- return log_error_errno(errno, "Failed to seek in \%s\": %m", from);
+ return log_error_errno(errno, "Failed to seek in \"%s\": %m", from);
fd_to = safe_close(fd_to);
}
(void) copy_times(fd_from, fd_to);
- r = fsync(fd_to);
- if (r < 0) {
+ if (fsync(fd_to) < 0) {
(void) unlink_noerrno(t);
return log_error_errno(errno, "Failed to copy data from \"%s\" to \"%s\": %m", from, t);
}
- r = renameat(AT_FDCWD, t, AT_FDCWD, to);
- if (r < 0) {
+ (void) fsync_directory_of_file(fd_to);
+
+ if (renameat(AT_FDCWD, t, AT_FDCWD, to) < 0) {
(void) unlink_noerrno(t);
return log_error_errno(errno, "Failed to rename \"%s\" to \"%s\": %m", t, to);
}
char *v;
/* Create the EFI default boot loader name (specified for removable devices) */
- v = strjoina(esp_path, "/EFI/BOOT/BOOT", name + strlen("systemd-boot"));
+ v = strjoina(esp_path, "/EFI/BOOT/BOOT",
+ name + STRLEN("systemd-boot"));
ascii_strupper(strrchr(v, '/') + 1);
k = copy_file_with_version_check(p, v, force);
}
fprintf(f, "#timeout 3\n");
+ fprintf(f, "#console-mode keep\n");
fprintf(f, "default %s-*\n", sd_id128_to_string(machine_id, machine_string));
r = fflush_sync_and_check(f);
}
static int help(int argc, char *argv[], void *userdata) {
+ _cleanup_free_ char *link = NULL;
+ int r;
+
+ r = terminal_urlify_man("bootctl", "1", &link);
+ if (r < 0)
+ return log_oom();
- printf("%s [COMMAND] [OPTIONS...]\n"
- "\n"
+ printf("%s [COMMAND] [OPTIONS...]\n\n"
"Install, update or remove the systemd-boot EFI boot manager.\n\n"
" -h --help Show this help\n"
" --version Print version\n"
" --path=PATH Path to the EFI System Partition (ESP)\n"
+ " -p --print-path Print path to the EFI partition\n"
" --no-variables Don't touch EFI variables\n"
- "\n"
- "Commands:\n"
+ "\nCommands:\n"
" status Show status of installed systemd-boot and EFI variables\n"
+ " list List boot entries\n"
" install Install systemd-boot to the ESP and EFI variables\n"
" update Update systemd-boot in the ESP and EFI variables\n"
- " remove Remove systemd-boot from the ESP and EFI variables\n",
- program_invocation_short_name);
+ " remove Remove systemd-boot from the ESP and EFI variables\n"
+ "\nSee the %s for details.\n"
+ , program_invocation_short_name
+ , link
+ );
return 0;
}
{ "help", no_argument, NULL, 'h' },
{ "version", no_argument, NULL, ARG_VERSION },
{ "path", required_argument, NULL, ARG_PATH },
+ { "print-path", no_argument, NULL, 'p' },
{ "no-variables", no_argument, NULL, ARG_NO_VARIABLES },
{ NULL, 0, NULL, 0 }
};
assert(argc >= 0);
assert(argv);
- while ((c = getopt_long(argc, argv, "h", options, NULL)) >= 0)
+ while ((c = getopt_long(argc, argv, "hp", options, NULL)) >= 0)
switch (c) {
case 'h':
return log_oom();
break;
+ case 'p':
+ arg_print_path = true;
+ break;
+
case ARG_NO_VARIABLES:
arg_touch_variables = false;
break;
log_warning_errno(r, "Failed to read EFI variable %s: %m", name);
}
-static int must_be_root(void) {
+static int verb_status(int argc, char *argv[], void *userdata) {
- if (geteuid() == 0)
- return 0;
+ sd_id128_t uuid = SD_ID128_NULL;
+ int r, k;
- log_error("Need to be root.");
- return -EPERM;
-}
+ r = acquire_esp(geteuid() != 0, NULL, NULL, NULL, &uuid);
-static int verb_status(int argc, char *argv[], void *userdata) {
+ if (arg_print_path) {
+ if (r == -EACCES) /* If we couldn't acquire the ESP path, log about access errors (which is the only
+ * error the find_esp_and_warn() won't log on its own) */
+ return log_error_errno(r, "Failed to determine ESP: %m");
+ if (r < 0)
+ return r;
- sd_id128_t uuid = SD_ID128_NULL;
- int r, r2;
+ puts(arg_path);
+ return 0;
+ }
- r2 = find_esp(NULL, NULL, NULL, &uuid);
+ r = 0; /* If we couldn't determine the path, then don't consider that a problem from here on, just show what we
+ * can show */
if (is_efi_boot()) {
- _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL;
+ _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL;
sd_id128_t loader_part_uuid = SD_ID128_NULL;
read_loader_efi_var("LoaderFirmwareType", &fw_type);
read_loader_efi_var("LoaderFirmwareInfo", &fw_info);
read_loader_efi_var("LoaderInfo", &loader);
+ read_loader_efi_var("StubInfo", &stub);
read_loader_efi_var("LoaderImageIdentifier", &loader_path);
if (loader_path)
efi_tilt_backslashes(loader_path);
- r = efi_loader_get_device_part_uuid(&loader_part_uuid);
- if (r < 0 && r != -ENOENT)
- r2 = log_warning_errno(r, "Failed to read EFI variable LoaderDevicePartUUID: %m");
+ k = efi_loader_get_device_part_uuid(&loader_part_uuid);
+ if (k < 0 && k != -ENOENT)
+ r = log_warning_errno(k, "Failed to read EFI variable LoaderDevicePartUUID: %m");
printf("System:\n");
printf(" Firmware: %s (%s)\n", strna(fw_type), strna(fw_info));
-
- r = is_efi_secure_boot();
- if (r < 0)
- r2 = log_warning_errno(r, "Failed to query secure boot status: %m");
- else
- printf(" Secure Boot: %sd\n", enable_disable(r));
-
- r = is_efi_secure_boot_setup_mode();
- if (r < 0)
- r2 = log_warning_errno(r, "Failed to query secure boot mode: %m");
- else
- printf(" Setup Mode: %s\n", r ? "setup" : "user");
+ printf(" Secure Boot: %sd\n", enable_disable(is_efi_secure_boot()));
+ printf(" Setup Mode: %s\n", is_efi_secure_boot_setup_mode() ? "setup" : "user");
printf("\n");
printf("Current Loader:\n");
printf(" Product: %s\n", strna(loader));
+ if (stub)
+ printf(" Stub: %s\n", stub);
if (!sd_id128_is_null(loader_part_uuid))
printf(" ESP: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
SD_ID128_FORMAT_VAL(loader_part_uuid));
} else
printf("System:\n Not booted with EFI\n\n");
- r = status_binaries(arg_path, uuid);
- if (r < 0)
- r2 = r;
+ if (arg_path) {
+ k = status_binaries(arg_path, uuid);
+ if (k < 0)
+ r = k;
+ }
if (is_efi_boot()) {
- r = status_variables();
- if (r < 0)
- r2 = r;
+ k = status_variables();
+ if (k < 0)
+ r = k;
+ }
+
+ if (arg_path) {
+ k = status_entries(arg_path, uuid);
+ if (k < 0)
+ r = k;
+ }
+
+ return r;
+}
+
+static int verb_list(int argc, char *argv[], void *userdata) {
+ _cleanup_(boot_config_free) BootConfig config = {};
+ sd_id128_t uuid = SD_ID128_NULL;
+ unsigned n;
+ int r;
+
+ /* If we lack privileges we invoke find_esp_and_warn() in "unprivileged mode" here, which does two things: turn
+ * off logging about access errors and turn off potentially privileged device probing. Here we're interested in
+ * the latter but not the former, hence request the mode, and log about EACCES. */
+
+ r = acquire_esp(geteuid() != 0, NULL, NULL, NULL, &uuid);
+ if (r == -EACCES) /* We really need the ESP path for this call, hence also log about access errors */
+ return log_error_errno(r, "Failed to determine ESP: %m");
+ if (r < 0)
+ return r;
+
+ r = boot_entries_load_config(arg_path, &config);
+ if (r < 0)
+ return log_error_errno(r, "Failed to load bootspec config from \"%s/loader\": %m",
+ arg_path);
+
+ printf("Available boot entries:\n");
+
+ for (n = 0; n < config.n_entries; n++) {
+ const BootEntry *e = &config.entries[n];
+
+ printf(" title: %s%s%s%s%s%s\n",
+ ansi_highlight(),
+ boot_entry_title(e),
+ ansi_normal(),
+ ansi_highlight_green(),
+ n == (unsigned) config.default_entry ? " (default)" : "",
+ ansi_normal());
+ if (e->version)
+ printf(" version: %s\n", e->version);
+ if (e->machine_id)
+ printf(" machine-id: %s\n", e->machine_id);
+ if (e->architecture)
+ printf(" architecture: %s\n", e->architecture);
+ if (e->kernel)
+ printf(" linux: %s\n", e->kernel);
+ if (!strv_isempty(e->initrd)) {
+ _cleanup_free_ char *t;
+
+ t = strv_join(e->initrd, " ");
+ if (!t)
+ return log_oom();
+
+ printf(" initrd: %s\n", t);
+ }
+ if (!strv_isempty(e->options)) {
+ _cleanup_free_ char *t;
+
+ t = strv_join(e->options, " ");
+ if (!t)
+ return log_oom();
+
+ printf(" options: %s\n", t);
+ }
+ if (e->device_tree)
+ printf(" devicetree: %s\n", e->device_tree);
+
+ puts("");
}
- return r2;
+ return 0;
}
static int verb_install(int argc, char *argv[], void *userdata) {
bool install;
int r;
- r = must_be_root();
- if (r < 0)
- return r;
-
- r = find_esp(&part, &pstart, &psize, &uuid);
+ r = acquire_esp(false, &part, &pstart, &psize, &uuid);
if (r < 0)
return r;
sd_id128_t uuid = SD_ID128_NULL;
int r;
- r = must_be_root();
- if (r < 0)
- return r;
-
- r = find_esp(NULL, NULL, NULL, &uuid);
+ r = acquire_esp(false, NULL, NULL, NULL, &uuid);
if (r < 0)
return r;
static int bootctl_main(int argc, char *argv[]) {
static const Verb verbs[] = {
- { "help", VERB_ANY, VERB_ANY, 0, help },
- { "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
- { "install", VERB_ANY, 1, 0, verb_install },
- { "update", VERB_ANY, 1, 0, verb_install },
- { "remove", VERB_ANY, 1, 0, verb_remove },
+ { "help", VERB_ANY, VERB_ANY, 0, help },
+ { "status", VERB_ANY, 1, VERB_DEFAULT, verb_status },
+ { "list", VERB_ANY, 1, 0, verb_list },
+ { "install", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
+ { "update", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_install },
+ { "remove", VERB_ANY, 1, VERB_MUST_BE_ROOT, verb_remove },
{}
};