[prev in list] [next in list] [prev in thread] [next in thread]
List: ubuntu-devel
Subject: Re: os-prober is disabled in grub 2.06 and where to go from here
From: Mario Limonciello <superm1 () gmail ! com>
Date: 2021-12-17 16:11:00
Message-ID: CA+EcB1OXsD8yMOU1gVire7xoWM1wmiKjLKu3EPr8PHNxtgu6Ug () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
I think running at install time and caching the output somewhere makes
sense for most cases. You can create some documentation on how to re-run
it at manually to regenerate that output if you have consciously added
another operating system and want to detect it one off.
On Fri, Dec 17, 2021 at 10:03 AM Julian Andres Klode <
julian.klode@canonical.com> wrote:
> Hi ubuntu-devel,
>
> os-prober is disabled with the grub 2.06 upload, which is
> obviously a bit controversial and the outcome is not
> necessarily in the best interest of our users.
>
> # Reasons
>
> os-prober is inherently insecure as it mounts all partitions
> on your disk using grub-mount to check them for other OS,
> which is not a nice thing to do as root as you can exploit
> bugs in the filesystem code easily.
>
> # Outcome
>
> 1. Users on UEFI are unable to boot other Ubuntu installs,
> but can boot other OS via the UEFI bootloader.
>
> Multiple Ubuntu installs are a hack either way, so not
> really a huge priority - any Ubuntu install installs
> grub to the same location, so your grub just switches
> between your Ubuntu installs each time you upgrade it
> in one. Ugh.
>
> 2. Users on BIOS systems cannot boot any other system
>
> This is highly problematic
>
> # Options
>
> 0. Re-enable os-prober
>
> 1. Red Hat only runs os-prober during install time, and
> instead of regenerating grub.cfg when kernels are installed
> writes out drop-in files that are then loaded (it actually
> uses the systemd-boot load entries format, which it has
> patched into grub)
>
> We could run os-prober during install time, store the
> output somewhere and then reuse the cached output in
> grub-mkconfig.
>
> 2. Can we have an "Other Boot options" entry that goes to the
> UEFI boot menu? Or, write a grub module that goes through
> the UEFI boot options and creates a submenu, then sets
> BootNext and resets the machine when you select an item.
>
> 3. Detect the presence of Windows inside grub.cfg and allow
> chainloading that, to handle the major dual-boot use case.
>
> 4. There was some initial code for a basic os-prober reimplementation
> at boot time, which avoids the security issues of running os-prober
> at run-time, but also that's a bit meh.
> --
> debian developer - deb.li/jak | jak-linux.org - free software dev
> ubuntu core developer i speak de, en
>
> --
> ubuntu-devel mailing list
> ubuntu-devel@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>
--
Mario Limonciello
superm1@gmail.com
[Attachment #5 (text/html)]
<div dir="ltr">I think running at install time and caching the output somewhere makes \
sense for most cases. You can create some documentation on how to re-run it at \
manually to regenerate that output if you have consciously added another operating \
system and want to detect it one off.</div><br><div class="gmail_quote"><div \
dir="ltr" class="gmail_attr">On Fri, Dec 17, 2021 at 10:03 AM Julian Andres Klode \
<<a href="mailto:julian.klode@canonical.com">julian.klode@canonical.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px \
0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Hi ubuntu-devel,<br> \
<br> os-prober is disabled with the grub 2.06 upload, which is<br>
obviously a bit controversial and the outcome is not<br>
necessarily in the best interest of our users.<br>
<br>
# Reasons<br>
<br>
os-prober is inherently insecure as it mounts all partitions<br>
on your disk using grub-mount to check them for other OS,<br>
which is not a nice thing to do as root as you can exploit<br>
bugs in the filesystem code easily.<br>
<br>
# Outcome<br>
<br>
1. Users on UEFI are unable to boot other Ubuntu installs,<br>
but can boot other OS via the UEFI bootloader.<br>
<br>
Multiple Ubuntu installs are a hack either way, so not<br>
really a huge priority - any Ubuntu install installs<br>
grub to the same location, so your grub just switches<br>
between your Ubuntu installs each time you upgrade it<br>
in one. Ugh.<br>
<br>
2. Users on BIOS systems cannot boot any other system<br>
<br>
This is highly problematic<br>
<br>
# Options<br>
<br>
0. Re-enable os-prober<br>
<br>
1. Red Hat only runs os-prober during install time, and<br>
instead of regenerating grub.cfg when kernels are installed<br>
writes out drop-in files that are then loaded (it actually<br>
uses the systemd-boot load entries format, which it has<br>
patched into grub)<br>
<br>
We could run os-prober during install time, store the<br>
output somewhere and then reuse the cached output in<br>
grub-mkconfig.<br>
<br>
2. Can we have an "Other Boot options" entry that goes to the<br>
UEFI boot menu? Or, write a grub module that goes through<br>
the UEFI boot options and creates a submenu, then sets<br>
BootNext and resets the machine when you select an item.<br>
<br>
3. Detect the presence of Windows inside grub.cfg and allow<br>
chainloading that, to handle the major dual-boot use case.<br>
<br>
4. There was some initial code for a basic os-prober reimplementation<br>
at boot time, which avoids the security issues of running os-prober<br>
at run-time, but also that's a bit meh.<br>
-- <br>
debian developer - <a href="http://deb.li/jak" rel="noreferrer" \
target="_blank">deb.li/jak</a> | <a href="http://jak-linux.org" rel="noreferrer" \
target="_blank">jak-linux.org</a> - free software dev<br> ubuntu core developer \
i speak de, en<br> <br>
-- <br>
ubuntu-devel mailing list<br>
<a href="mailto:ubuntu-devel@lists.ubuntu.com" \
target="_blank">ubuntu-devel@lists.ubuntu.com</a><br> Modify settings or unsubscribe \
at: <a href="https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel" rel="noreferrer" \
target="_blank">https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel</a><br> \
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" \
class="gmail_signature"><span style="font-size:x-small"><font color="#666666">Mario \
Limonciello<br><a href="mailto:superm1@gmail.com" \
target="_blank">superm1@gmail.com</a></font></span></div>
[Attachment #6 (text/plain)]
--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic