grub2-mkconfig: Prevent mkconfig from overwriting grub cfg stub

Resolves: #RHEL-32099 Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
2024-07-16 11:18:07 +02:00 · 2024-07-16 11:18:07 +02:00 · 0185426fb4
commit 0185426fb4
parent 9d1022b4b4
3 changed files with 47 additions and 2 deletions
--- a/0347-grub2-mkconfig-Ensure-grub-cfg-stub-is-not-overwritt.patch
+++ b/0347-grub2-mkconfig-Ensure-grub-cfg-stub-is-not-overwritt.patch
@ -0,0 +1,40 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Nicolas Frayer <nfrayer@redhat.com>
+Date: Tue, 16 Jul 2024 11:11:43 +0200
+Subject: [PATCH] grub2-mkconfig: Ensure grub cfg stub is not overwritten
+
+/boot/efi/EFI/$os_name/grub.cfg contains a grub cfg stub
+that should not be overwritten by grub2-mkconfig.
+Ensure that we prevent this from happening.
+
+Signed-off-by: Marta Lewandowska <mlewando@redhat.com>
+Signed-off-by: Nicolas Frayer <nfrayer@redhat.com>
+---
+ util/grub-mkconfig.in | 14 ++++++++++++++
+ 1 file changed, 14 insertions(+)
+
+diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
+index 34f7c13fc521..34d0120d0ba2 100644
+--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
+@@ -114,6 +114,20 @@ do
+     esac
+ done
+ 
+os_name=$(grep '^ID=' /etc/os-release | sed 's/ID=//')
+if test "$os_name" = '"rhel"'; then
+  os_name=redhat
+elif test "$os_name" = '"centos"'; then
+  os_name=centos
+fi
+if test "x${grub_cfg}" = "x/boot/efi/EFI/$os_name/grub.cfg" &&\
+        mountpoint -q /boot/efi; then
+  gettext_printf "Running \`grub2-mkconfig -o %s' will overwrite the GRUB wrapper.\n" "$grub_cfg" 1>&2
+  gettext_printf "Please run \`grub2-mkconfig -o /boot/grub2/grub.cfg' instead to update grub.cfg.\n" 1>&2
+  gettext_printf "GRUB configuration file was not updated.\n" 1>&2
+  exit 1
+fi
+
+ if [ "x$EUID" = "x" ] ; then
+   EUID=`id -u`
+ fi
--- a/grub.patches
+++ b/grub.patches
@ -343,4 +343,5 @@ Patch0342: 0342-grub_dl_set_mem_attrs-add-self-check-for-the-tramp-G.patch
 Patch0343: 0343-grub_dl_load_segments-page-align-the-tramp-GOT-areas.patch
 Patch0344: 0344-grub-install-on-EFI-if-forced.patch
 Patch0345: 0345-cmd-search-Rework-of-CVE-2023-4001-fix.patch
-Patch0346: 0346-grub-mkconfig.in-turn-off-executable-owner-bit.patch
+Patch0346: 0346-grub-mkconfig.in-turn-off-executable-owner-bit.patch
+Patch0347: 0347-grub2-mkconfig-Ensure-grub-cfg-stub-is-not-overwritt.patch
--- a/grub2.spec
+++ b/grub2.spec
@ -16,7 +16,7 @@
 Name:		grub2
 Epoch:		1
 Version:	2.06
-Release:	84%{?dist}
+Release:	85%{?dist}
 Summary:	Bootloader with support for Linux, Multiboot and more
 License:	GPLv3+
 URL:		http://www.gnu.org/software/grub/
@ -537,6 +537,10 @@ mv ${EFI_HOME}/grub.cfg.stb ${EFI_HOME}/grub.cfg
 %endif

 %changelog
+* Tue Jul 16 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.06-85
+- grub2-mkconfig: Prevent mkconfig from overwriting grub cfg stub
+- Resolves: #RHEL-32099
+
 * Thu Jul 11 2024 Nicolas Frayer <nfrayer@redhat.com> - 2.06-84
 - install/ppc64le: run grub2-mkconfig regardless of petitboot version
 - Resolves: #RHEL-45161