diskimage-builder/diskimage_builder/elements/centos
Steve Baker 27a326dafb Support secure-boot bootloader where possible
As of grub2 >= 2.02-95 on redhat family distros, calling grub2-install
on an EFI partition will fail with: "this utility cannot be used for
EFI platforms because it does not support UEFI Secure Boot."

This version of grub is now in centos8-stream and non-eus repos of
RHEL-8. It is not currently possible to build whole-disk UEFI images
on these distros, and when this package is promoted this will also
affect centos8 and RHEL-8 eus. The grub maintainers made this change
because the grub2-install generated /boot/efi/EFI/BOOT/BOOTX64.EFI
will never be capable of booting with Secure Boot.

This change defines a $EFI_BOOT_DIR for every distro element. When
directory /boot/efi/$EFI_BOOT_DIR exists a grub.cfg file in will be
generated there. This change also installs the shim package on redhat
family distros, which installs a copy of the shim bootloader to
/boot/efi/EFI/BOOT/BOOTX64.EFI. Using centos as an example, this
allows UEFI to boot the shim /boot/efi/EFI/BOOT/BOOTX64.EFI which
then chains to /boot/efi/EFI/centos/grubx64.efi.

If /boot/efi/$EFI_BOOT_DIR doesn't exist (such as for Ubuntu,
/boot/efi/EFI/ubuntu) the current behaviour of running grub-install to
generate /boot/efi/EFI/BOOT/BOOTX64.EFI will continue. For distros
such as Ubutnu where packaging does not populate /boot/efi/EFI/ubuntu
with .efi files, secure boot can be added in the future by copying
.efi files to /boot/efi/EFI/ubuntu and copying the shim file to
/boot/efi/EFI/BOOT/BOOTX64.EFI.

Change-Id: I90925218ff2aa4c4daffcf86e686b6d98d6b0f21
2021-03-11 10:27:59 +13:00
..
environment.d Support secure-boot bootloader where possible 2021-03-11 10:27:59 +13:00
pre-install.d Fix hooks order for CentOS/Fedora when mirror used 2021-03-04 10:54:52 +00:00
root.d Don't use hardcode while override base image file 2021-03-04 10:54:32 +00:00
test-elements Add support for CentOS 8 Stream cloud image 2020-08-10 11:33:38 +02:00
element-deps Add CentOS 8 support 2020-02-19 10:44:56 +01:00
element-provides Add CentOS 8 support 2020-02-19 10:44:56 +01:00
README.rst Add support for CentOS 8 Stream cloud image 2020-08-10 11:33:38 +02:00

======
centos
======

Use CentOS cloud images as the baseline for built disk images.

For further details see the redhat-common README.

Environment Variables
---------------------

DIB_DISTRIBUTION_MIRROR:
   :Required: No
   :Default: None
   :Description: To use a CentOS Yum mirror, set this variable to the mirror URL
                 before running bin/disk-image-create. This URL should point to
                 the directory containing the ``7/8/8-stream`` directories.
   :Example: ``DIB_DISTRIBUTION_MIRROR=http://amirror.com/centos``

DIB_CLOUD_IMAGES:
  :Required: No
  :Description: Set the desired URL to fetch the images from.  ppc64le:
                Currently the CentOS community is working on providing the
                ppc64le images. Until then you'll need to set this to a local
                image file.
  :Example: ``DIB_CLOUD_IMAGES=/path/to/my/centos/8/CentOS-8-GenericCloud-x86_64.qcow2``