grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] templates: Properly disable the os-prober by default

From: Daniel Kiper
Subject: Re: [PATCH] templates: Properly disable the os-prober by default
Date: Tue, 9 Mar 2021 17:52:37 +0100
User-agent: NeoMutt/20170113 (1.7.2) 
On Fri, Mar 05, 2021 at 10:15:36PM +0100, Philip Müller wrote:
>  - disable os-prober by default in grub-mkconfig.in by setting
>  GRUB_DISABLE_OS_PROBER to true
>  - fixes logic in 30_os-prober.in
>
> Reason for code shuffle in grub-mkconfig.in:
>
> The default was GRUB_DISABLE_OS_PROBER=false if you don't set
> GRUB_DISABLE_OS_PROBER at all. To prevent os-prober from starting
> we have to set it by default to true and shuffle GRUB_DISABLE_OS_PROBER
> to executed by the script code section, but give the option to the user to

s/to executed/to be executed/?

> overwrite it with false, if he wants to execute os-prober after all.
>
> Everyone who added GRUB_DISABLE_OS_PROBER=true in grub.cfg can remove
> it by now.
>
> Fixes: e3464147  templates: Disable the os-prober by default

Could you add "Signed-off-by: Philip Müller <philm@manjaro.org>" here?

> ---
>  util/grub-mkconfig.in       | 5 ++++-
>  util/grub.d/30_os-prober.in | 2 +-
>  2 files changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
> index d3e879b8e..f8cbb8d7a 100644
> --- a/util/grub-mkconfig.in
> +++ b/util/grub-mkconfig.in
> @@ -140,6 +140,9 @@ GRUB_DEVICE_PARTUUID="`${grub_probe} --device 
> ${GRUB_DEVICE} --target=partuuid 2
>  GRUB_DEVICE_BOOT="`${grub_probe} --target=device /boot`"
>  GRUB_DEVICE_BOOT_UUID="`${grub_probe} --device ${GRUB_DEVICE_BOOT} 
> --target=fs_uuid 2> /dev/null`" || true
>
> +# Disable os-prober by default due to security reasons.
> +GRUB_DISABLE_OS_PROBER="true"
> +
>  # Filesystem for the device containing our userland.  Used for stuff like
>  # choosing Hurd filesystem module.
>  GRUB_FS="`${grub_probe} --device ${GRUB_DEVICE} --target=fs 2> /dev/null || 
> echo unknown`"
> @@ -201,6 +204,7 @@ export GRUB_DEVICE \
>    GRUB_DEVICE_PARTUUID \
>    GRUB_DEVICE_BOOT \
>    GRUB_DEVICE_BOOT_UUID \
> +  GRUB_DISABLE_OS_PROBER \
>    GRUB_FS \
>    GRUB_FONT \
>    GRUB_PRELOAD_MODULES \
> @@ -242,7 +246,6 @@ export GRUB_DEFAULT \
>    GRUB_BACKGROUND \
>    GRUB_THEME \
>    GRUB_GFXPAYLOAD_LINUX \
> -  GRUB_DISABLE_OS_PROBER \
>    GRUB_INIT_TUNE \
>    GRUB_SAVEDEFAULT \
>    GRUB_ENABLE_CRYPTODISK \
> diff --git a/util/grub.d/30_os-prober.in b/util/grub.d/30_os-prober.in
> index 80685b15f..a258ce71d 100644
> --- a/util/grub.d/30_os-prober.in
> +++ b/util/grub.d/30_os-prober.in
> @@ -26,7 +26,7 @@ export TEXTDOMAINDIR="@localedir@"
>
>  . "$pkgdatadir/grub-mkconfig_lib"
>
> -if [ "x${GRUB_DISABLE_OS_PROBER}" = "xfalse" ]; then
> +if [ "x${GRUB_DISABLE_OS_PROBER}" != "xfalse" ]; then

This "if" should be reverted to original form, i.e.,

  if [ "x${GRUB_DISABLE_OS_PROBER}" = "xtrue" ]; then

Additionally, may I ask you to prepare second patch which moves

  grub_warn "$(gettext_printf "os-prober was executed...

before line

  OSPROBED="`os-prober | tr ' ' '^' | paste -s -d ' '`"

and changes grub_warn() to

  grub_warn "$(gettext_printf "os-prober will be executed...

Daniel
reply via email to
[Prev in Thread] Current Thread [Next in Thread]