1 /* SPDX-License-Identifier: LGPL-2.1+ */
10 #include <linux/magic.h>
17 #include <sys/statfs.h>
22 #include "alloc-util.h"
23 #include "blkid-util.h"
26 #include "dirent-util.h"
31 #include "locale-util.h"
33 #include "parse-util.h"
35 #include "stat-util.h"
36 #include "string-util.h"
38 #include "terminal-util.h"
39 #include "umask-util.h"
45 static char *arg_path
= NULL
;
46 static bool arg_print_path
= false;
47 static bool arg_touch_variables
= true;
48 static PagerFlags arg_pager_flags
= 0;
50 static int acquire_esp(
51 bool unprivileged_mode
,
55 sd_id128_t
*ret_uuid
) {
60 /* Find the ESP, and log about errors. Note that find_esp_and_warn() will log in all error cases on its own,
61 * except for ENOKEY (which is good, we want to show our own message in that case, suggesting use of --path=)
62 * and EACCESS (only when we request unprivileged mode; in this case we simply eat up the error here, so that
63 * --list and --status work too, without noise about this). */
65 r
= find_esp_and_warn(arg_path
, unprivileged_mode
, &np
, ret_part
, ret_pstart
, ret_psize
, ret_uuid
);
67 return log_error_errno(r
,
68 "Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.\n"
69 "Alternatively, use --path= to specify path to mount point.");
73 free_and_replace(arg_path
, np
);
75 log_debug("Using EFI System Partition at %s.", arg_path
);
80 /* search for "#### LoaderInfo: systemd-boot 218 ####" string inside the binary */
81 static int get_file_version(int fd
, char **v
) {
91 if (fstat(fd
, &st
) < 0)
92 return log_error_errno(errno
, "Failed to stat EFI binary: %m");
94 if (st
.st_size
< 27) {
99 buf
= mmap(NULL
, st
.st_size
, PROT_READ
, MAP_PRIVATE
, fd
, 0);
100 if (buf
== MAP_FAILED
)
101 return log_error_errno(errno
, "Failed to memory map EFI binary: %m");
103 s
= memmem(buf
, st
.st_size
- 8, "#### LoaderInfo: ", 17);
108 e
= memmem(s
, st
.st_size
- (s
- buf
), " ####", 5);
109 if (!e
|| e
- s
< 3) {
110 log_error("Malformed version string.");
115 x
= strndup(s
, e
- s
);
123 (void) munmap(buf
, st
.st_size
);
128 static int enumerate_binaries(const char *esp_path
, const char *path
, const char *prefix
) {
130 _cleanup_closedir_
DIR *d
= NULL
;
134 p
= strjoina(esp_path
, "/", path
);
140 return log_error_errno(errno
, "Failed to read \"%s\": %m", p
);
143 FOREACH_DIRENT(de
, d
, break) {
144 _cleanup_close_
int fd
= -1;
145 _cleanup_free_
char *v
= NULL
;
147 if (!endswith_no_case(de
->d_name
, ".efi"))
150 if (prefix
&& !startswith_no_case(de
->d_name
, prefix
))
153 fd
= openat(dirfd(d
), de
->d_name
, O_RDONLY
|O_CLOEXEC
);
155 return log_error_errno(errno
, "Failed to open \"%s/%s\" for reading: %m", p
, de
->d_name
);
157 r
= get_file_version(fd
, &v
);
161 printf(" File: %s/%s/%s (%s%s%s)\n", special_glyph(TREE_RIGHT
), path
, de
->d_name
, ansi_highlight(), v
, ansi_normal());
163 printf(" File: %s/%s/%s\n", special_glyph(TREE_RIGHT
), path
, de
->d_name
);
170 static int status_binaries(const char *esp_path
, sd_id128_t partition
) {
173 printf("Available Boot Loaders on ESP:\n");
176 printf(" ESP: Cannot find or access mount point of ESP.\n\n");
180 printf(" ESP: %s", esp_path
);
181 if (!sd_id128_is_null(partition
))
182 printf(" (/dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x)", SD_ID128_FORMAT_VAL(partition
));
185 r
= enumerate_binaries(esp_path
, "EFI/systemd", NULL
);
187 log_info("systemd-boot not installed in ESP.");
191 r
= enumerate_binaries(esp_path
, "EFI/BOOT", "boot");
193 log_info("No default/fallback boot loader installed in ESP.");
202 static int print_efi_option(uint16_t id
, bool in_order
) {
203 _cleanup_free_
char *title
= NULL
;
204 _cleanup_free_
char *path
= NULL
;
205 sd_id128_t partition
;
209 r
= efi_get_boot_option(id
, &title
, &partition
, &path
, &active
);
213 /* print only configured entries with partition information */
214 if (!path
|| sd_id128_is_null(partition
))
217 efi_tilt_backslashes(path
);
219 printf(" Title: %s%s%s\n", ansi_highlight(), strna(title
), ansi_normal());
220 printf(" ID: 0x%04X\n", id
);
221 printf(" Status: %sactive%s\n", active
? "" : "in", in_order
? ", boot-order" : "");
222 printf(" Partition: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n", SD_ID128_FORMAT_VAL(partition
));
223 printf(" File: %s%s\n", special_glyph(TREE_RIGHT
), path
);
229 static int status_variables(void) {
230 _cleanup_free_
uint16_t *options
= NULL
, *order
= NULL
;
231 int n_options
, n_order
, i
;
233 n_options
= efi_get_boot_options(&options
);
234 if (n_options
== -ENOENT
)
235 return log_error_errno(n_options
,
236 "Failed to access EFI variables, efivarfs"
237 " needs to be available at /sys/firmware/efi/efivars/.");
239 return log_error_errno(n_options
, "Failed to read EFI boot entries: %m");
241 n_order
= efi_get_boot_order(&order
);
242 if (n_order
== -ENOENT
)
244 else if (n_order
< 0)
245 return log_error_errno(n_order
, "Failed to read EFI boot order: %m");
247 /* print entries in BootOrder first */
248 printf("Boot Loaders Listed in EFI Variables:\n");
249 for (i
= 0; i
< n_order
; i
++)
250 print_efi_option(order
[i
], true);
252 /* print remaining entries */
253 for (i
= 0; i
< n_options
; i
++) {
256 for (j
= 0; j
< n_order
; j
++)
257 if (options
[i
] == order
[j
])
260 print_efi_option(options
[i
], false);
269 static int boot_entry_show(const BootEntry
*e
, bool show_as_default
) {
272 printf(" title: %s%s%s%s%s%s\n",
276 ansi_highlight_green(),
277 show_as_default
? " (default)" : "",
281 printf(" id: %s\n", e
->id
);
283 printf(" version: %s\n", e
->version
);
285 printf(" machine-id: %s\n", e
->machine_id
);
287 printf(" architecture: %s\n", e
->architecture
);
289 printf(" linux: %s\n", e
->kernel
);
290 if (!strv_isempty(e
->initrd
)) {
291 _cleanup_free_
char *t
;
293 t
= strv_join(e
->initrd
, " ");
297 printf(" initrd: %s\n", t
);
299 if (!strv_isempty(e
->options
)) {
300 _cleanup_free_
char *t
;
302 t
= strv_join(e
->options
, " ");
306 printf(" options: %s\n", t
);
309 printf(" devicetree: %s\n", e
->device_tree
);
314 static int status_entries(const char *esp_path
, sd_id128_t partition
) {
315 _cleanup_(boot_config_free
) BootConfig config
= {};
318 r
= boot_entries_load_config(esp_path
, &config
);
322 if (config
.default_entry
< 0)
323 printf("%zu entries, no entry could be determined as default.\n", config
.n_entries
);
325 printf("Default Boot Loader Entry:\n");
327 boot_entry_show(config
.entries
+ config
.default_entry
, false);
333 static int compare_product(const char *a
, const char *b
) {
342 return x
< y
? -1 : x
> y
? 1 : 0;
344 return strncmp(a
, b
, x
);
347 static int compare_version(const char *a
, const char *b
) {
351 a
+= strcspn(a
, " ");
353 b
+= strcspn(b
, " ");
356 return strverscmp(a
, b
);
359 static int version_check(int fd_from
, const char *from
, int fd_to
, const char *to
) {
360 _cleanup_free_
char *a
= NULL
, *b
= NULL
;
363 assert(fd_from
>= 0);
368 r
= get_file_version(fd_from
, &a
);
372 log_error("Source file \"%s\" does not carry version information!", from
);
376 r
= get_file_version(fd_to
, &b
);
379 if (r
== 0 || compare_product(a
, b
) != 0) {
380 log_notice("Skipping \"%s\", since it's owned by another boot loader.", to
);
384 if (compare_version(a
, b
) < 0) {
385 log_warning("Skipping \"%s\", since a newer boot loader version exists already.", to
);
392 static int copy_file_with_version_check(const char *from
, const char *to
, bool force
) {
393 _cleanup_close_
int fd_from
= -1, fd_to
= -1;
394 _cleanup_free_
char *t
= NULL
;
397 fd_from
= open(from
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
399 return log_error_errno(errno
, "Failed to open \"%s\" for reading: %m", from
);
402 fd_to
= open(to
, O_RDONLY
|O_CLOEXEC
|O_NOCTTY
);
404 if (errno
!= -ENOENT
)
405 return log_error_errno(errno
, "Failed to open \"%s\" for reading: %m", to
);
407 r
= version_check(fd_from
, from
, fd_to
, to
);
411 if (lseek(fd_from
, 0, SEEK_SET
) == (off_t
) -1)
412 return log_error_errno(errno
, "Failed to seek in \"%s\": %m", from
);
414 fd_to
= safe_close(fd_to
);
418 r
= tempfn_random(to
, NULL
, &t
);
422 RUN_WITH_UMASK(0000) {
423 fd_to
= open(t
, O_WRONLY
|O_CREAT
|O_CLOEXEC
|O_EXCL
|O_NOFOLLOW
, 0644);
425 return log_error_errno(errno
, "Failed to open \"%s\" for writing: %m", t
);
428 r
= copy_bytes(fd_from
, fd_to
, (uint64_t) -1, COPY_REFLINK
);
431 return log_error_errno(r
, "Failed to copy data from \"%s\" to \"%s\": %m", from
, t
);
434 (void) copy_times(fd_from
, fd_to
);
436 if (fsync(fd_to
) < 0) {
437 (void) unlink_noerrno(t
);
438 return log_error_errno(errno
, "Failed to copy data from \"%s\" to \"%s\": %m", from
, t
);
441 (void) fsync_directory_of_file(fd_to
);
443 if (renameat(AT_FDCWD
, t
, AT_FDCWD
, to
) < 0) {
444 (void) unlink_noerrno(t
);
445 return log_error_errno(errno
, "Failed to rename \"%s\" to \"%s\": %m", t
, to
);
448 log_info("Copied \"%s\" to \"%s\".", from
, to
);
453 static int mkdir_one(const char *prefix
, const char *suffix
) {
456 p
= strjoina(prefix
, "/", suffix
);
457 if (mkdir(p
, 0700) < 0) {
459 return log_error_errno(errno
, "Failed to create \"%s\": %m", p
);
461 log_info("Created \"%s\".", p
);
466 static const char *efi_subdirs
[] = {
475 static int create_dirs(const char *esp_path
) {
479 STRV_FOREACH(i
, efi_subdirs
) {
480 r
= mkdir_one(esp_path
, *i
);
488 static int copy_one_file(const char *esp_path
, const char *name
, bool force
) {
492 p
= strjoina(BOOTLIBDIR
"/", name
);
493 q
= strjoina(esp_path
, "/EFI/systemd/", name
);
494 r
= copy_file_with_version_check(p
, q
, force
);
496 if (startswith(name
, "systemd-boot")) {
500 /* Create the EFI default boot loader name (specified for removable devices) */
501 v
= strjoina(esp_path
, "/EFI/BOOT/BOOT",
502 name
+ STRLEN("systemd-boot"));
503 ascii_strupper(strrchr(v
, '/') + 1);
505 k
= copy_file_with_version_check(p
, v
, force
);
513 static int install_binaries(const char *esp_path
, bool force
) {
515 _cleanup_closedir_
DIR *d
= NULL
;
519 /* Don't create any of these directories when we are
520 * just updating. When we update we'll drop-in our
521 * files (unless there are newer ones already), but we
522 * won't create the directories for them in the first
524 r
= create_dirs(esp_path
);
529 d
= opendir(BOOTLIBDIR
);
531 return log_error_errno(errno
, "Failed to open \""BOOTLIBDIR
"\": %m
");
533 FOREACH_DIRENT(de, d, break) {
536 if (!endswith_no_case(de->d_name, ".efi
"))
539 k = copy_one_file(esp_path, de->d_name, force);
547 static bool same_entry(uint16_t id, const sd_id128_t uuid, const char *path) {
548 _cleanup_free_ char *opath = NULL;
552 r = efi_get_boot_option(id, NULL, &ouuid, &opath, NULL);
555 if (!sd_id128_equal(uuid, ouuid))
557 if (!streq_ptr(path, opath))
563 static int find_slot(sd_id128_t uuid, const char *path, uint16_t *id) {
564 _cleanup_free_ uint16_t *options = NULL;
567 n = efi_get_boot_options(&options);
571 /* find already existing systemd-boot entry */
572 for (i = 0; i < n; i++)
573 if (same_entry(options[i], uuid, path)) {
578 /* find free slot in the sorted BootXXXX variable list */
579 for (i = 0; i < n; i++)
580 if (i != options[i]) {
585 /* use the next one */
592 static int insert_into_order(uint16_t slot, bool first) {
593 _cleanup_free_ uint16_t *order = NULL;
597 n = efi_get_boot_order(&order);
599 /* no entry, add us */
600 return efi_set_boot_order(&slot, 1);
602 /* are we the first and only one? */
603 if (n == 1 && order[0] == slot)
606 /* are we already in the boot order? */
607 for (i = 0; i < n; i++) {
608 if (order[i] != slot)
611 /* we do not require to be the first one, all is fine */
615 /* move us to the first slot */
616 memmove(order + 1, order, i * sizeof(uint16_t));
618 return efi_set_boot_order(order, n);
622 t = realloc(order, (n + 1) * sizeof(uint16_t));
627 /* add us to the top or end of the list */
629 memmove(order + 1, order, n * sizeof(uint16_t));
634 return efi_set_boot_order(order, n + 1);
637 static int remove_from_order(uint16_t slot) {
638 _cleanup_free_ uint16_t *order = NULL;
641 n = efi_get_boot_order(&order);
645 for (i = 0; i < n; i++) {
646 if (order[i] != slot)
650 memmove(order + i, order + i+1, (n - i) * sizeof(uint16_t));
651 return efi_set_boot_order(order, n - 1);
657 static int install_variables(const char *esp_path,
658 uint32_t part, uint64_t pstart, uint64_t psize,
659 sd_id128_t uuid, const char *path,
665 if (!is_efi_boot()) {
666 log_warning("Not booted with EFI
, skipping EFI variable setup
.");
670 p = strjoina(esp_path, path);
671 if (access(p, F_OK) < 0) {
675 return log_error_errno(errno, "Cannot access
\"%s
\": %m
", p);
678 r = find_slot(uuid, path, &slot);
680 return log_error_errno(r,
682 "Failed to access EFI variables
. Is the
\"efivarfs
\" filesystem mounted
?" :
683 "Failed to determine current boot order
: %m
");
685 if (first || r == 0) {
686 r = efi_add_boot_option(slot, "Linux Boot Manager
",
690 return log_error_errno(r, "Failed to create EFI Boot variable entry
: %m
");
692 log_info("Created EFI boot entry
\"Linux Boot Manager
\".");
695 return insert_into_order(slot, first);
698 static int remove_boot_efi(const char *esp_path) {
700 _cleanup_closedir_ DIR *d = NULL;
704 p = strjoina(esp_path, "/EFI
/BOOT
");
710 return log_error_errno(errno, "Failed to open directory
\"%s
\": %m
", p);
713 FOREACH_DIRENT(de, d, break) {
714 _cleanup_close_ int fd = -1;
715 _cleanup_free_ char *v = NULL;
717 if (!endswith_no_case(de->d_name, ".efi
"))
720 if (!startswith_no_case(de->d_name, "boot
"))
723 fd = openat(dirfd(d), de->d_name, O_RDONLY|O_CLOEXEC);
725 return log_error_errno(errno, "Failed to open
\"%s
/%s
\" for reading
: %m
", p, de->d_name);
727 r = get_file_version(fd, &v);
730 if (r > 0 && startswith(v, "systemd
-boot
")) {
731 r = unlinkat(dirfd(d), de->d_name, 0);
733 return log_error_errno(errno, "Failed to remove
\"%s
/%s
\": %m
", p, de->d_name);
735 log_info("Removed
\"%s
/%s
\".", p, de->d_name);
744 static int rmdir_one(const char *prefix, const char *suffix) {
747 p = strjoina(prefix, "/", suffix);
749 if (!IN_SET(errno, ENOENT, ENOTEMPTY))
750 return log_error_errno(errno, "Failed to remove
\"%s
\": %m
", p);
752 log_info("Removed
\"%s
\".", p);
757 static int remove_binaries(const char *esp_path) {
762 p = strjoina(esp_path, "/EFI
/systemd
");
763 r = rm_rf(p, REMOVE_ROOT|REMOVE_PHYSICAL);
765 q = remove_boot_efi(esp_path);
769 for (i = ELEMENTSOF(efi_subdirs)-1; i > 0; i--) {
770 q = rmdir_one(esp_path, efi_subdirs[i-1]);
778 static int remove_variables(sd_id128_t uuid, const char *path, bool in_order) {
785 r = find_slot(uuid, path, &slot);
789 r = efi_remove_boot_option(slot);
794 return remove_from_order(slot);
799 static int install_loader_config(const char *esp_path) {
801 char machine_string[SD_ID128_STRING_MAX];
802 _cleanup_(unlink_and_freep) char *t = NULL;
803 _cleanup_fclose_ FILE *f = NULL;
804 sd_id128_t machine_id;
808 r = sd_id128_get_machine(&machine_id);
810 return log_error_errno(r, "Failed to get machine id
: %m
");
812 p = strjoina(esp_path, "/loader
/loader
.conf
");
814 if (access(p, F_OK) >= 0) /* Silently skip creation if the file already exists (early check) */
817 fd = open_tmpfile_linkable(p, O_WRONLY|O_CLOEXEC, &t);
819 return log_error_errno(fd, "Failed to open
\"%s
\" for writing
: %m
", p);
821 f = fdopen(fd, "we
");
827 fprintf(f, "#timeout 3\n"
828 "#console-mode keep\n"
829 "default %s-*\n", sd_id128_to_string(machine_id, machine_string));
831 r = fflush_sync_and_check(f);
833 return log_error_errno(r, "Failed to write \"%s\": %m", p);
835 r = link_tmpfile(fd, t, p);
837 return 0; /* Silently skip creation if the file exists now (recheck) */
839 return log_error_errno(r, "Failed to move \"%s\" into place: %m", p);
846 static int help(int argc, char *argv[], void *userdata) {
847 _cleanup_free_ char *link = NULL;
850 r = terminal_urlify_man("bootctl", "1", &link);
854 printf("%s [COMMAND] [OPTIONS...]\n\n"
855 "Install, update or remove the systemd-boot EFI boot manager.\n\n"
856 " -h --help Show this help\n"
857 " --version Print version\n"
858 " --path=PATH Path to the EFI System Partition (ESP)\n"
859 " -p --print-path Print path to the EFI partition\n"
860 " --no-variables Don't touch EFI variables\n"
861 " --no-pager Do not pipe output into a pager\n"
862 "\nBoot Loader Commands:\n"
863 " status Show status of installed systemd-boot and EFI variables\n"
864 " install Install systemd-boot to the ESP and EFI variables\n"
865 " update Update systemd-boot in the ESP and EFI variables\n"
866 " remove Remove systemd-boot from the ESP and EFI variables\n"
867 "\nBoot Loader Entries Commands:\n"
868 " list List boot loader entries\n"
869 " set-default ID Set default boot loader entry\n"
870 " set-oneshot ID Set default boot loader entry, for next boot only\n"
871 "\nSee the %s for details.\n"
872 , program_invocation_short_name
878 static int parse_argv(int argc, char *argv[]) {
886 static const struct option options[] = {
887 { "help", no_argument, NULL, 'h' },
888 { "version", no_argument, NULL, ARG_VERSION },
889 { "path", required_argument, NULL, ARG_PATH },
890 { "print-path", no_argument, NULL, 'p' },
891 { "no-variables", no_argument, NULL, ARG_NO_VARIABLES },
892 { "no-pager", no_argument, NULL, ARG_NO_PAGER },
901 while ((c = getopt_long(argc, argv, "hp", options, NULL)) >= 0)
912 r = free_and_strdup(&arg_path, optarg);
918 arg_print_path = true;
921 case ARG_NO_VARIABLES:
922 arg_touch_variables = false;
926 arg_pager_flags |= PAGER_DISABLE;
933 assert_not_reached("Unknown option");
939 static void read_loader_efi_var(const char *name, char **var) {
942 r = efi_get_variable_string(EFI_VENDOR_LOADER, name, var);
943 if (r < 0 && r != -ENOENT)
944 log_warning_errno(r, "Failed to read EFI variable %s: %m", name);
947 static int verb_status(int argc, char *argv[], void *userdata) {
949 sd_id128_t uuid = SD_ID128_NULL;
952 r = acquire_esp(geteuid() != 0, NULL, NULL, NULL, &uuid);
954 if (arg_print_path) {
955 if (r == -EACCES) /* If we couldn't acquire the ESP path, log about access errors (which is the only
956 * error the
find_esp_and_warn() won
't log on its own) */
957 return log_error_errno(r, "Failed to determine ESP: %m");
965 r = 0; /* If we couldn't determine the path
, then don
't consider that a problem from here on, just show what we
968 (void) pager_open(arg_pager_flags);
971 static const struct {
975 { EFI_LOADER_FEATURE_BOOT_COUNTING, "Boot counting" },
976 { EFI_LOADER_FEATURE_CONFIG_TIMEOUT, "Menu timeout control" },
977 { EFI_LOADER_FEATURE_CONFIG_TIMEOUT_ONE_SHOT, "One-shot menu timeout control" },
978 { EFI_LOADER_FEATURE_ENTRY_DEFAULT, "Default entry control" },
979 { EFI_LOADER_FEATURE_ENTRY_ONESHOT, "One-shot entry control" },
982 _cleanup_free_ char *fw_type = NULL, *fw_info = NULL, *loader = NULL, *loader_path = NULL, *stub = NULL;
983 sd_id128_t loader_part_uuid = SD_ID128_NULL;
984 uint64_t loader_features = 0;
987 read_loader_efi_var("LoaderFirmwareType", &fw_type);
988 read_loader_efi_var("LoaderFirmwareInfo", &fw_info);
989 read_loader_efi_var("LoaderInfo", &loader);
990 read_loader_efi_var("StubInfo", &stub);
991 read_loader_efi_var("LoaderImageIdentifier", &loader_path);
992 (void) efi_loader_get_features(&loader_features);
995 efi_tilt_backslashes(loader_path);
997 k = efi_loader_get_device_part_uuid(&loader_part_uuid);
998 if (k < 0 && k != -ENOENT)
999 r = log_warning_errno(k, "Failed to read EFI variable LoaderDevicePartUUID: %m");
1001 printf("System:\n");
1002 printf(" Firmware: %s%s (%s)%s\n", ansi_highlight(), strna(fw_type), strna(fw_info), ansi_normal());
1003 printf(" Secure Boot: %sd\n", enable_disable(is_efi_secure_boot()));
1004 printf(" Setup Mode: %s\n", is_efi_secure_boot_setup_mode() ? "setup" : "user");
1007 printf("Current Boot Loader:\n");
1008 printf(" Product: %s%s%s\n", ansi_highlight(), strna(loader), ansi_normal());
1010 for (i = 0; i < ELEMENTSOF(flags); i++) {
1013 printf(" Features: ");
1017 if (FLAGS_SET(loader_features, flags[i].flag))
1018 printf("%s%s%s %s\n", ansi_highlight_green(), special_glyph(CHECK_MARK), ansi_normal(), flags[i].name);
1020 printf("%s%s%s %s\n", ansi_highlight_red(), special_glyph(CROSS_MARK), ansi_normal(), flags[i].name);
1024 printf(" Stub: %s\n", stub);
1025 if (!sd_id128_is_null(loader_part_uuid))
1026 printf(" ESP: /dev/disk/by-partuuid/%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x\n",
1027 SD_ID128_FORMAT_VAL(loader_part_uuid));
1029 printf(" ESP: n/a\n");
1030 printf(" File: %s%s\n", special_glyph(TREE_RIGHT), strna(loader_path));
1033 printf("System:\n Not booted with EFI\n\n");
1036 k = status_binaries(arg_path, uuid);
1041 if (is_efi_boot()) {
1042 k = status_variables();
1048 k = status_entries(arg_path, uuid);
1056 static int verb_list(int argc, char *argv[], void *userdata) {
1057 _cleanup_(boot_config_free) BootConfig config = {};
1058 _cleanup_free_ char **found_by_loader = NULL;
1059 sd_id128_t uuid = SD_ID128_NULL;
1062 /* If we lack privileges we invoke find_esp_and_warn() in "unprivileged mode" here, which does two things: turn
1063 * off logging about access errors and turn off potentially privileged device probing. Here we're interested in
1064 * the latter but
not the former
, hence request the mode
, and log about EACCES
. */
1066 r
= acquire_esp(geteuid() != 0, NULL
, NULL
, NULL
, &uuid
);
1067 if (r
== -EACCES
) /* We really need the ESP path for this call, hence also log about access errors */
1068 return log_error_errno(r
, "Failed to determine ESP: %m");
1072 r
= boot_entries_load_config(arg_path
, &config
);
1076 r
= efi_loader_get_entries(&found_by_loader
);
1077 if (r
< 0 && !IN_SET(r
, -ENOENT
, -EOPNOTSUPP
))
1078 log_debug_errno(r
, "Failed to acquire boot loader discovered entries: %m");
1080 if (config
.n_entries
== 0)
1081 log_info("No boot loader entries found.");
1085 (void) pager_open(arg_pager_flags
);
1087 printf("Boot Loader Entries:\n");
1089 for (n
= 0; n
< config
.n_entries
; n
++) {
1090 r
= boot_entry_show(config
.entries
+ n
, n
== (size_t) config
.default_entry
);
1096 strv_remove(found_by_loader
, config
.entries
[n
].id
);
1100 if (!strv_isempty(found_by_loader
)) {
1103 printf("Automatic/Other Entries Found by Boot Loader:\n\n");
1105 STRV_FOREACH(i
, found_by_loader
)
1112 static int sync_esp(void) {
1113 _cleanup_close_
int fd
= -1;
1118 fd
= open(arg_path
, O_CLOEXEC
|O_DIRECTORY
|O_RDONLY
);
1120 return log_error_errno(errno
, "Couldn't open ESP '%s' for synchronization: %m", arg_path
);
1123 return log_error_errno(errno
, "Failed to synchronize the ESP '%s': %m", arg_path
);
1128 static int verb_install(int argc
, char *argv
[], void *userdata
) {
1130 sd_id128_t uuid
= SD_ID128_NULL
;
1131 uint64_t pstart
= 0, psize
= 0;
1136 r
= acquire_esp(false, &part
, &pstart
, &psize
, &uuid
);
1140 install
= streq(argv
[0], "install");
1142 RUN_WITH_UMASK(0002) {
1143 r
= install_binaries(arg_path
, install
);
1148 r
= install_loader_config(arg_path
);
1156 if (arg_touch_variables
)
1157 r
= install_variables(arg_path
,
1158 part
, pstart
, psize
, uuid
,
1159 "/EFI/systemd/systemd-boot" EFI_MACHINE_TYPE_NAME
".efi",
1165 static int verb_remove(int argc
, char *argv
[], void *userdata
) {
1166 sd_id128_t uuid
= SD_ID128_NULL
;
1169 r
= acquire_esp(false, NULL
, NULL
, NULL
, &uuid
);
1173 r
= remove_binaries(arg_path
);
1177 if (arg_touch_variables
) {
1180 q
= remove_variables(uuid
, "/EFI/systemd/systemd-boot" EFI_MACHINE_TYPE_NAME
".efi", true);
1181 if (q
< 0 && r
== 0)
1188 static int verb_set_default(int argc
, char *argv
[], void *userdata
) {
1192 if (!is_efi_boot()) {
1193 log_error("Not booted with UEFI.");
1197 if (access("/sys/firmware/efi/efivars/LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f", F_OK
) < 0) {
1198 if (errno
== ENOENT
) {
1199 log_error_errno(errno
, "Not booted with a supported boot loader.");
1203 return log_error_errno(errno
, "Failed to detect whether boot loader supports '%s' operation: %m", argv
[0]);
1206 if (detect_container() > 0) {
1207 log_error("'%s' operation not supported in a container.", argv
[0]);
1211 if (!arg_touch_variables
) {
1212 log_error("'%s' operation cannot be combined with --touch-variables=no.", argv
[0]);
1216 name
= streq(argv
[0], "set-default") ? "LoaderEntryDefault" : "LoaderEntryOneShot";
1218 if (isempty(argv
[1])) {
1219 r
= efi_set_variable(EFI_VENDOR_LOADER
, name
, NULL
, 0);
1220 if (r
< 0 && r
!= -ENOENT
)
1221 return log_error_errno(r
, "Failed to remove EFI variale: %m");
1223 _cleanup_free_ char16_t
*encoded
= NULL
;
1225 encoded
= utf8_to_utf16(argv
[1], strlen(argv
[1]));
1229 r
= efi_set_variable(EFI_VENDOR_LOADER
, name
, encoded
, char16_strlen(encoded
) * 2 + 2);
1231 return log_error_errno(r
, "Failed to update EFI variable: %m");
1237 static int bootctl_main(int argc
, char *argv
[]) {
1239 static const Verb verbs
[] = {
1240 { "help", VERB_ANY
, VERB_ANY
, 0, help
},
1241 { "status", VERB_ANY
, 1, VERB_DEFAULT
, verb_status
},
1242 { "install", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_install
},
1243 { "update", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_install
},
1244 { "remove", VERB_ANY
, 1, VERB_MUST_BE_ROOT
, verb_remove
},
1245 { "list", VERB_ANY
, 1, 0, verb_list
},
1246 { "set-default", 2, 2, VERB_MUST_BE_ROOT
, verb_set_default
},
1247 { "set-oneshot", 2, 2, VERB_MUST_BE_ROOT
, verb_set_default
},
1251 return dispatch_verb(argc
, argv
, verbs
, NULL
);
1254 int main(int argc
, char *argv
[]) {
1257 log_parse_environment();
1260 /* If we run in a container, automatically turn of EFI file system access */
1261 if (detect_container() > 0)
1262 arg_touch_variables
= false;
1264 r
= parse_argv(argc
, argv
);
1268 r
= bootctl_main(argc
, argv
);
1274 return r
< 0 ? EXIT_FAILURE
: EXIT_SUCCESS
;