This repository has been archived by the owner on Jan 15, 2024. It is now read-only.
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
implement grub default boot menu entries:
PERSISTENT mode USER (For daily activities.) LIVE mode USER (For daily activities.) PERSISTENT mode ADMIN (For software installation.) PERSISTENT mode SUPERADMIN (Be very cautious!) Recovery PERSISTENT mode SUPERADMIN (Be very cautious!) https://forums.whonix.org/t/multiple-boot-modes-for-better-security-persistent-root-persistent-noroot-live-root-live-noroot/7708/32
- Loading branch information
Patrick Schleizer
committed
Dec 13, 2019
1 parent
55c9984
commit b3817cd
Showing
6 changed files
with
151 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,4 @@ | ||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net> | ||
## See the file COPYING for copying conditions. | ||
|
||
DPkg::Post-Invoke {"/usr/lib/apparmor-profile-everything/grub-cfg";}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,10 @@ | ||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net> | ||
## See the file COPYING for copying conditions. | ||
|
||
## Disable the submenu to get rid of "Advanced options for" since that would | ||
## be too many default grub menu entries. | ||
GRUB_DISABLE_SUBMENU="y" | ||
|
||
## We disable it here and then create our own menu entry so these it can be the | ||
## last grub boot menu entry. | ||
GRUB_DISABLE_RECOVERY="true" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#!/bin/sh | ||
|
||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net> | ||
## See the file COPYING for copying conditions. | ||
|
||
set -e | ||
|
||
## required? | ||
# GRUB_DEVICE="/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" | ||
# unset GRUB_DEVICE_UUID | ||
|
||
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX rootmode" | ||
GRUB_DISTRIBUTOR="PERSISTENT mode ADMIN (For software installation.)" | ||
|
||
export \ | ||
GRUB_DEVICE \ | ||
GRUB_CMDLINE_LINUX \ | ||
GRUB_DISTRIBUTOR \ | ||
GRUB_DISABLE_RECOVERY \ | ||
GRUB_DISABLE_SUBMENU | ||
|
||
if test -x /etc/grub.d/10_linux ; then | ||
/etc/grub.d/10_linux | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#!/bin/sh | ||
|
||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net> | ||
## See the file COPYING for copying conditions. | ||
|
||
set -e | ||
|
||
## required? | ||
# GRUB_DEVICE="/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" | ||
# unset GRUB_DEVICE_UUID | ||
|
||
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX superroot" | ||
GRUB_DISTRIBUTOR="PERSISTENT mode ADMIN (For software installation.)" | ||
|
||
export \ | ||
GRUB_DEVICE \ | ||
GRUB_CMDLINE_LINUX \ | ||
GRUB_DISTRIBUTOR \ | ||
GRUB_DISABLE_RECOVERY \ | ||
GRUB_DISABLE_SUBMENU | ||
|
||
if test -x /etc/grub.d/10_linux ; then | ||
/etc/grub.d/10_linux | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,24 @@ | ||
#!/bin/sh | ||
|
||
## Copyright (C) 2019 - 2019 ENCRYPTED SUPPORT LP <adrelanos@riseup.net> | ||
## See the file COPYING for copying conditions. | ||
|
||
set -e | ||
|
||
## required? | ||
# GRUB_DEVICE="/dev/disk/by-uuid/${GRUB_DEVICE_UUID}" | ||
# unset GRUB_DEVICE_UUID | ||
|
||
GRUB_CMDLINE_LINUX="$GRUB_CMDLINE_LINUX single superroot" | ||
GRUB_DISTRIBUTOR="Recovery PERSISTENT mode SUPERADMIN (Be very cautious!)" | ||
|
||
export \ | ||
GRUB_DEVICE \ | ||
GRUB_CMDLINE_LINUX \ | ||
GRUB_DISTRIBUTOR \ | ||
GRUB_DISABLE_RECOVERY \ | ||
GRUB_DISABLE_SUBMENU | ||
|
||
if test -x /etc/grub.d/10_linux ; then | ||
/etc/grub.d/10_linux | ||
fi |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,65 @@ | ||
#!/bin/bash | ||
|
||
set -x | ||
|
||
shopt -s nullglob | ||
|
||
## Find out variable GRUB_DISTRIBUTOR. | ||
for config_file in /etc/default/grub /etc/default/grub.d/*.cfg ; do | ||
if test -f "$config_file" ; then | ||
source "$config_file" | ||
fi | ||
done | ||
|
||
for file_name in /boot/vmlinuz-* ; do | ||
## example file_name: | ||
## /boot/vmlinuz-4.19.0-6-amd64 | ||
base_name="${file_name##*/}" | ||
## example base_name: | ||
## vmlinuz-4.19.0-6-amd64 | ||
search="vmlinuz-" | ||
replace="" | ||
version="$(echo "$base_name" | str_replace "$search" "$replace")" | ||
## example version: | ||
## 4.19.0-6-amd64" | ||
## Stop after first file. | ||
unset search | ||
unset replace | ||
break | ||
done | ||
|
||
if [ "$version" = "" ]; then | ||
echo "$0: version is empty." | ||
echo "$0: Running 'ls -la /boot/vmlinuz-*'..." | ||
ls -la /boot/vmlinuz-* | ||
exit 0 | ||
fi | ||
|
||
file_replace="/boot/grub/grub.cfg" | ||
|
||
if ! test -w "$file_replace" ; then | ||
exit 0 | ||
fi | ||
|
||
search=" GNU/Linux" | ||
replace="" | ||
str_replace "$search" "$replace" "$file_replace" &>/dev/null || echo "$0: failed" | ||
|
||
search=", with Linux $version" | ||
## example search: ', with Linux 4.19.0-6-amd64' | ||
replace="" | ||
str_replace "$search" "$replace" "$file_replace" &>/dev/null || echo "$0: failed" | ||
|
||
search="menuentry '$GRUB_DISTRIBUTOR'" | ||
## example search: | ||
replace="menuentry 'PERSISTENT mode USER (For daily activities.)'" | ||
|
||
str_replace "$search" "$replace" "$file_replace" &>/dev/null || echo "$0: failed" | ||
|
||
search="menuentry '$GRUB_DISTRIBUTOR (recovery mode)'" | ||
## example search: | ||
replace="menuentry 'Recovery PERSISTENT mode SUPERADMIN (Be very cautious!)'" | ||
|
||
str_replace "$search" "$replace" "$file_replace" &>/dev/null || echo "$0: failed" | ||
|
||
exit 0 |