diff --git a/bootloader-config/bootloader-config b/bootloader-config/bootloader-config deleted file mode 100755 index e15af697..00000000 --- a/bootloader-config/bootloader-config +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/bash - -CHROOT=$(mount | grep proc | grep calamares | awk '{print $3}' | sed -e "s#/proc##g") - -# Set secure permissions for the initramfs if we're configuring -# full-disk-encryption. The initramfs is re-generated later in the -# installation process so we only set the permissions snippet without -# regenerating the initramfs right now: -if [ "$(mount | grep $CHROOT" " | cut -c -16)" = "/dev/mapper/luks" ]; then - echo "UMASK=0077" > $CHROOT/etc/initramfs-tools/conf.d/initramfs-permissions -fi - -echo "Running bootloader-config..." - -if [ -d /sys/firmware/efi/efivars ]; then - echo " * Installing grub-efi (uefi)..." - DEBIAN_FRONTEND=noninteractive chroot $CHROOT apt install -y --no-upgrade -o Acquire::gpgv::Options::=--ignore-time-conflict grub-efi-$(if grep -q 64 /sys/firmware/efi/fw_platform_size; then echo amd64-signed; else echo ia32; fi) - DEBIAN_FRONTEND=noninteractive chroot $CHROOT apt install -y --no-upgrade -o Acquire::gpgv::Options::=--ignore-time-conflict shim-signed -else - echo " * install grub... (bios)" - DEBIAN_FRONTEND=noninteractive chroot $CHROOT apt-get -y install grub-pc cryptsetup keyutils -fi diff --git a/build.sh b/build.sh index 850a0fb8..9534ff40 100755 --- a/build.sh +++ b/build.sh @@ -238,6 +238,10 @@ mkdir -p $build/build/config/includes.chroot/usr/share/desktop-base mkdir -p $build/build/config/includes.chroot/etc/skel/Desktop mkdir -p $build/build/config/includes.chroot/etc/calamares +# Add ubuntu gpg to pool in the iso +mkdir -p $build/build/config/includes.binary/dists/jammy +cp $build/ubuntu-gpg/* $build/build/config/includes.binary/dists/jammy/ + # Copy Configs to the chroot cp $build/userconfig/* $build/build/config/includes.chroot/etc/live/config.conf.d diff --git a/calamares/modules/before_bootloader_context.conf b/calamares/modules/before_bootloader_context.conf new file mode 100644 index 00000000..ee8daebc --- /dev/null +++ b/calamares/modules/before_bootloader_context.conf @@ -0,0 +1,18 @@ +# Make sure the correct bootloader package is installed for EFI. +# Also pull in shim so secureboot has a chance at working. +# Because of edge cases, we ignore BIOS, and do the same +# procedure for all EFI types. +--- +firmwareType: + bios: "-/bin/true" + "*": + - command: apt-cdrom -d=/run/live/medium/ add + timeout: 10 + - command: sed -i '/deb http/d' /etc/apt/sources.list + timeout: 10 + - command: apt-get update + timeout: 120 + - command: apt install -y --no-upgrade -o Acquire::gpgv::Options::=--ignore-time-conflict grub-efi-$(if grep -q 64 /sys/firmware/efi/fw_platform_size; then echo amd64-signed; else echo ia32; fi) + timeout: 300 + - command: apt install -y --no-upgrade -o Acquire::gpgv::Options::=--ignore-time-conflict shim-signed + timeout: 300 diff --git a/calamares/modules/packages.conf b/calamares/modules/packages.conf index 4eb87595..f2ec37ba 100644 --- a/calamares/modules/packages.conf +++ b/calamares/modules/packages.conf @@ -1,15 +1,13 @@ update_db: true backend: apt - operations: - remove: - "^live-*" - - 'hunspell-en-us' - - 'zram-config' - - 'cifs-utils' - - 'calamares-settings-debian' - - 'calamares' - + - calamares-settings-debian + - calamares + - hunspell-en-us + - zram-config + - cifs-utils - try_install: - language-pack-$LOCALE - hunspell-$LOCALE diff --git a/calamares/modules/shellprocess_add386arch.conf b/calamares/modules/shellprocess_add386arch.conf new file mode 100644 index 00000000..3d8e2fac --- /dev/null +++ b/calamares/modules/shellprocess_add386arch.conf @@ -0,0 +1,5 @@ +--- +dontChroot: false +timeout: 30 +script: + - command: "/usr/bin/dpkg --add-architecture i386" diff --git a/calamares/settings.conf b/calamares/settings.conf index 3c96f0e8..d091e2dc 100644 --- a/calamares/settings.conf +++ b/calamares/settings.conf @@ -5,6 +5,14 @@ # "local" is LIBDIR/calamares/modules with settings in SHARE/calamares/modules modules-search: [ local, /usr/lib/calamares/modules ] +instances: +- id: before_bootloader + module: contextualprocess + config: before_bootloader_context.conf +- id: add386arch + module: shellprocess + config: shellprocess_add386arch.conf + # If this is set to true, Calamares refers to itself as a "setup program" # rather than an "installer". Defaults to the value of dont-chroot, but # Calamares will complain if this is not explicitly set. @@ -75,7 +83,9 @@ sequence: - services-systemd - bootloader-config - grubcfg + - contextualprocess@before_bootloader - bootloader + - shellprocess@add386arch - packages - luksbootkeyfile - plymouthcfg diff --git a/hooks/normal/0520-applications.hook.chroot b/hooks/normal/0520-applications.hook.chroot index 8e6651d2..442455f7 100755 --- a/hooks/normal/0520-applications.hook.chroot +++ b/hooks/normal/0520-applications.hook.chroot @@ -13,9 +13,6 @@ update-icon-caches /usr/share/icons/* #add flatpak repo to gnome-software flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo -#add-architecture i386 -dpkg --add-architecture i386 - #fix network-manager install dpkg-reconfigure network-manager diff --git a/ubuntu-gpg/Release.gpg b/ubuntu-gpg/Release.gpg new file mode 100644 index 00000000..029e9c82 --- /dev/null +++ b/ubuntu-gpg/Release.gpg @@ -0,0 +1,16 @@ +-----BEGIN PGP SIGNATURE----- + +iQIzBAABCgAdFiEEhDk43yKNIvezdCvA2Uqj8O/iEJIFAmLyTnMACgkQ2Uqj8O/i +EJLLLxAAhY+9SLaFOXNYb1phnsE6UiPHlUS5vhibUTdJprJWEKRmXB/JaS7wgMdo +1iKApOFAqZ/TTC7wQQmiGWcwDNRcHoFmRZYLXdjDflTzw2hwNnBFBta1OQRlH+6U +VR4+7NpX9SBVZwa/bJozOhnRdf5heVtnuZulFcbBOFUtme7n1vajKyJMgOlic+LW +g2xOmf3iAHrSv7/Bbi3QefBXQ8XcivASxuLdiSZhnpM2l/vVsD33qkjbg2VFZnM6 +FZFkjjO2KHm+TBzRvo9SIY0H9yMDdOWbCYE7hJNVPpkvbfTPJ2RTae8CwvYOaEkv +FLzLCGKtXi+0Vu0Lb/vGqBc0OaAPNEltpMziKHmY2NlFyjl2YScKJhgReVpZwU7Z +PdyAnkKUfXzDyu/fkkdk+V5+6xeVkivIDaxGl+oQpoVb6rwtcM/moB9YXH/7GcfE +qm2hZo9nhqeGMv9cuAGSQzvtTD49EeYqEl28Ac8LGa5R04dIyVHPJIga5zQI0kxU +Cf000yEuzuDn09eSJVuIb7PLK6EyobP+QF/BnjsmyX6lP9zBAp41LwNnpNhdAo2s +EnI6lvKkFpfXqCg63v1fRya2p/KDeRazyoB3GoHy/pQyV01fG1BrPiuZKxrISG46 +29K8JwrheG4ujz8KlPYRZDc1wob/q8rTA3bUw32bLDMXuBkZ4o4= +=BDc1 +-----END PGP SIGNATURE-----