feat: enable secureboot
This commit is contained in:
Marcos Tischer Vallim
parent
c9709f63c6
commit
61ca760f79
50
README.md
50
README.md
|
|
@ -34,10 +34,9 @@ Install packages we need in the `build system` required by our scripts.
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
sudo apt-get install \
|
sudo apt-get install \
|
||||||
binutils \
|
debootstrap \
|
||||||
debootstrap \
|
squashfs-tools \
|
||||||
squashfs-tools \
|
xorriso
|
||||||
xorriso
|
|
||||||
```
|
```
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
|
|
@ -799,6 +798,7 @@ After everything has been installed and preconfigured in the **chrooted** enviro
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
cd $HOME/live-ubuntu-from-scratch/image
|
cd $HOME/live-ubuntu-from-scratch/image
|
||||||
|
```
|
||||||
|
|
||||||
2. Create iso from the image directory using the command-line
|
2. Create iso from the image directory using the command-line
|
||||||
|
|
||||||
|
|
@ -807,25 +807,26 @@ After everything has been installed and preconfigured in the **chrooted** enviro
|
||||||
-as mkisofs \
|
-as mkisofs \
|
||||||
-iso-level 3 \
|
-iso-level 3 \
|
||||||
-full-iso9660-filenames \
|
-full-iso9660-filenames \
|
||||||
|
-J -J -joliet-long \
|
||||||
-volid "Ubuntu from scratch" \
|
-volid "Ubuntu from scratch" \
|
||||||
-output "../ubuntu-from-scratch.iso" \
|
-output "../ubuntu-from-scratch.iso" \
|
||||||
-eltorito-boot boot/grub/bios.img \
|
-eltorito-boot boot/grub/bios.img \
|
||||||
-no-emul-boot \
|
-no-emul-boot \
|
||||||
-boot-load-size 4 \
|
-boot-load-size 4 \
|
||||||
-boot-info-table \
|
-boot-info-table \
|
||||||
--eltorito-catalog boot/grub/boot.cat \
|
--eltorito-catalog boot/grub/boot.cat \
|
||||||
--grub2-boot-info \
|
--grub2-boot-info \
|
||||||
--grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
|
--grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
|
||||||
-eltorito-alt-boot \
|
-eltorito-alt-boot \
|
||||||
-e EFI/efiboot.img \
|
-e EFI/efiboot.img \
|
||||||
-no-emul-boot \
|
-no-emul-boot \
|
||||||
-append_partition 2 0xef isolinux/efiboot.img \
|
-append_partition 2 0xef isolinux/efiboot.img \
|
||||||
-m "isolinux/efiboot.img" \
|
-m "isolinux/efiboot.img" \
|
||||||
-m "isolinux/bios.img" \
|
-m "isolinux/bios.img" \
|
||||||
-graft-points \
|
-graft-points \
|
||||||
"/EFI/efiboot.img=isolinux/efiboot.img" \
|
"/EFI/efiboot.img=isolinux/efiboot.img" \
|
||||||
"/boot/grub/bios.img=isolinux/bios.img" \
|
"/boot/grub/bios.img=isolinux/bios.img" \
|
||||||
"."
|
"."
|
||||||
```
|
```
|
||||||
|
|
||||||
## Alternative way, if previous one fails, create an Hybrid ISO
|
## Alternative way, if previous one fails, create an Hybrid ISO
|
||||||
|
|
@ -868,17 +869,24 @@ After everything has been installed and preconfigured in the **chrooted** enviro
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
apt install -y syslinux-common && \
|
apt install -y syslinux-common && \
|
||||||
cp /usr/lib/ISOLINUX/isolinux.bin isolinux/ && \
|
cp /usr/lib/ISOLINUX/isolinux.bin image/isolinux/ && \
|
||||||
cp /usr/lib/syslinux/modules/bios/* isolinux/
|
cp /usr/lib/syslinux/modules/bios/* image/isolinux/
|
||||||
```
|
```
|
||||||
|
|
||||||
3. Create iso from the image directory
|
3. Access build directory
|
||||||
|
|
||||||
|
```shell
|
||||||
|
cd $HOME/live-ubuntu-from-scratch/image
|
||||||
|
```
|
||||||
|
|
||||||
|
4. Create iso from the image directory
|
||||||
|
|
||||||
```shell
|
```shell
|
||||||
sudo xorriso \
|
sudo xorriso \
|
||||||
-as mkisofs \
|
-as mkisofs \
|
||||||
-iso-level 3 \
|
-iso-level 3 \
|
||||||
-full-iso9660-filenames \
|
-full-iso9660-filenames \
|
||||||
|
-J -J -joliet-long \
|
||||||
-volid "Ubuntu from scratch" \
|
-volid "Ubuntu from scratch" \
|
||||||
-output "../ubuntu-from-scratch.iso" \
|
-output "../ubuntu-from-scratch.iso" \
|
||||||
-isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \
|
-isohybrid-mbr /usr/lib/ISOLINUX/isohdpfx.bin \
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@
|
||||||
set -e # exit on error
|
set -e # exit on error
|
||||||
set -o pipefail # exit on pipeline error
|
set -o pipefail # exit on pipeline error
|
||||||
set -u # treat unset variable as error
|
set -u # treat unset variable as error
|
||||||
#set -x
|
|
||||||
|
|
||||||
SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
|
SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
|
||||||
|
|
||||||
|
|
@ -99,7 +98,7 @@ function check_config() {
|
||||||
function setup_host() {
|
function setup_host() {
|
||||||
echo "=====> running setup_host ..."
|
echo "=====> running setup_host ..."
|
||||||
sudo apt update
|
sudo apt update
|
||||||
sudo apt install -y binutils debootstrap squashfs-tools xorriso dosfstools unzip
|
sudo apt install -y debootstrap squashfs-tools xorriso
|
||||||
sudo mkdir -p chroot
|
sudo mkdir -p chroot
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -160,25 +159,26 @@ function build_iso() {
|
||||||
-as mkisofs \
|
-as mkisofs \
|
||||||
-iso-level 3 \
|
-iso-level 3 \
|
||||||
-full-iso9660-filenames \
|
-full-iso9660-filenames \
|
||||||
|
-J -J -joliet-long \
|
||||||
-volid "$TARGET_NAME" \
|
-volid "$TARGET_NAME" \
|
||||||
-eltorito-boot boot/grub/bios.img \
|
-output "$SCRIPT_DIR/$TARGET_NAME.iso" \
|
||||||
|
-eltorito-boot boot/grub/bios.img \
|
||||||
-no-emul-boot \
|
-no-emul-boot \
|
||||||
-boot-load-size 4 \
|
-boot-load-size 4 \
|
||||||
-boot-info-table \
|
-boot-info-table \
|
||||||
--eltorito-catalog boot/grub/boot.cat \
|
--eltorito-catalog boot/grub/boot.cat \
|
||||||
--grub2-boot-info \
|
--grub2-boot-info \
|
||||||
--grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
|
--grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
|
||||||
-eltorito-alt-boot \
|
-eltorito-alt-boot \
|
||||||
-e EFI/efiboot.img \
|
-e EFI/efiboot.img \
|
||||||
-no-emul-boot \
|
-no-emul-boot \
|
||||||
-append_partition 2 0xef isolinux/efiboot.img \
|
-append_partition 2 0xef isolinux/efiboot.img \
|
||||||
-output "$SCRIPT_DIR/$TARGET_NAME.iso" \
|
|
||||||
-m "isolinux/efiboot.img" \
|
-m "isolinux/efiboot.img" \
|
||||||
-m "isolinux/bios.img" \
|
-m "isolinux/bios.img" \
|
||||||
-graft-points \
|
-graft-points \
|
||||||
"/EFI/efiboot.img=isolinux/efiboot.img" \
|
"/EFI/efiboot.img=isolinux/efiboot.img" \
|
||||||
"/boot/grub/bios.img=isolinux/bios.img" \
|
"/boot/grub/bios.img=isolinux/bios.img" \
|
||||||
"."
|
"."
|
||||||
|
|
||||||
popd
|
popd
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -3,7 +3,6 @@
|
||||||
set -e # exit on error
|
set -e # exit on error
|
||||||
set -o pipefail # exit on pipeline error
|
set -o pipefail # exit on pipeline error
|
||||||
set -u # treat unset variable as error
|
set -u # treat unset variable as error
|
||||||
#set -x
|
|
||||||
|
|
||||||
SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
|
SCRIPT_DIR="$(dirname "$(readlink -f "$0")")"
|
||||||
|
|
||||||
|
|
@ -107,7 +106,6 @@ function install_pkg() {
|
||||||
laptop-detect \
|
laptop-detect \
|
||||||
os-prober \
|
os-prober \
|
||||||
network-manager \
|
network-manager \
|
||||||
resolvconf \
|
|
||||||
net-tools \
|
net-tools \
|
||||||
wireless-tools \
|
wireless-tools \
|
||||||
wpagui \
|
wpagui \
|
||||||
|
|
@ -150,14 +148,13 @@ function install_pkg() {
|
||||||
|
|
||||||
# final touch
|
# final touch
|
||||||
dpkg-reconfigure locales
|
dpkg-reconfigure locales
|
||||||
dpkg-reconfigure resolvconf
|
|
||||||
|
|
||||||
# network manager
|
# network manager
|
||||||
cat <<EOF > /etc/NetworkManager/NetworkManager.conf
|
cat <<EOF > /etc/NetworkManager/NetworkManager.conf
|
||||||
[main]
|
[main]
|
||||||
rc-manager=resolvconf
|
rc-manager=none
|
||||||
plugins=ifupdown,keyfile
|
plugins=ifupdown,keyfile
|
||||||
dns=dnsmasq
|
dns=systemd-resolved
|
||||||
|
|
||||||
[ifupdown]
|
[ifupdown]
|
||||||
managed=false
|
managed=false
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue