bootloader: Use bootupd --with-static-configs

lib/src/bootloader.rs

@@ -6,7 +6,6 @@ use camino::Utf8Path;
 use cap_std::fs::Dir;
 use cap_std::fs::Permissions;
 use cap_std_ext::cap_std;
-use cap_std_ext::cap_std::fs::DirBuilder;
 use cap_std_ext::prelude::*;
 use fn_error_context::context;
 
@@ -15,43 +14,9 @@ use crate::task::Task;
 /// This variable is referenced by our GRUB fragment
 pub(crate) const IGNITION_VARIABLE: &str = "$ignition_firstboot";
 const GRUB_BOOT_UUID_FILE: &str = "bootuuid.cfg";
-const STATIC_GRUB_CFG: &str = include_str!("grub.cfg");
-const STATIC_GRUB_CFG_EFI: &str = include_str!("grub-efi.cfg");
 /// The name of the mountpoint for efi (as a subdirectory of /boot, or at the toplevel)
 pub(crate) const EFI_DIR: &str = "efi";
 
-#[context("Installing grub2 EFI")]
-fn install_grub2_efi(efidir: &Dir, uuid: &str) -> Result<()> {
-    let mut vendordir = None;
-    let efidir = efidir.open_dir("EFI").context("Opening EFI/")?;
-    for child in efidir.entries()? {
-        let child = child?;
-        let name = child.file_name();
-        let name = if let Some(name) = name.to_str() {
-            name
-        } else {
-            continue;
-        };
-        if name == "BOOT" {
-            continue;
-        }
-        if !child.file_type()?.is_dir() {
-            continue;
-        }
-        vendordir = Some(child.open_dir()?);
-        break;
-    }
-    let vendordir = vendordir.ok_or_else(|| anyhow::anyhow!("Failed to find EFI vendor dir"))?;
-    vendordir
-        .atomic_write("grub.cfg", STATIC_GRUB_CFG_EFI)
-        .context("Writing static EFI grub.cfg")?;
-    vendordir
-        .atomic_write(GRUB_BOOT_UUID_FILE, uuid)
-        .with_context(|| format!("Writing {GRUB_BOOT_UUID_FILE}"))?;
-
-    Ok(())
-}
-
 /// Return `true` if the system is booted via EFI
 pub(crate) fn is_efi_booted() -> Result<bool> {
     if !super::install::ARCH_USES_EFI {
@@ -74,19 +39,19 @@ pub(crate) fn install_via_bootupd(
     // to only doing that.  This is only on x86_64 because that's the only arch that has multiple
     // components right now.
     // TODO: Add --component=auto which moves this logic into bootupd
-    let (install_efi, component_args) = if cfg!(target_arch = "x86_64") && is_alongside {
+    let component_args = if cfg!(target_arch = "x86_64") && is_alongside {
         assert!(super::install::ARCH_USES_EFI);
         let install_efi = is_efi_booted()?;
         let component_arg = if install_efi {
             "--component=EFI"
         } else {
             "--component=BIOS"
         };
-        (install_efi, Some(component_arg))
+        Some(component_arg)
     } else {
-        (super::install::ARCH_USES_EFI, None)
+        None
     };
-    let args = ["backend", "install"]
+    let args = ["backend", "install", "--with-static-configs"]
         .into_iter()
         .chain(verbose)
         .chain(component_args)
@@ -104,26 +69,7 @@ pub(crate) fn install_via_bootupd(
     let bootfs = &rootfs.join("boot");
     let bootfs =
         Dir::open_ambient_dir(bootfs, cap_std::ambient_authority()).context("Opening boot")?;
-
-    if super::install::ARCH_USES_EFI && install_efi {
-        let efidir = bootfs.open_dir("efi").context("Opening efi")?;
-        install_grub2_efi(&efidir, &grub2_uuid_contents)?;
-    }
-
-    bootfs
-        .ensure_dir_with("grub2", &DirBuilder::new())
-        .context("Creating boot/grub2")?;
-    let grub2 = bootfs.open_dir("grub2")?;
-
-    // Mode 0700 to support passwords etc.
-    grub2.set_permissions(".", Permissions::from_mode(0o700))?;
-    grub2
-        .atomic_write_with_perms(
-            "grub.cfg",
-            STATIC_GRUB_CFG,
-            cap_std::fs::Permissions::from_mode(0o600),
-        )
-        .context("Writing grub.cfg")?;
+    let grub2 = bootfs.open_dir("grub2").context("Opening boot/grub2")?;
 
     grub2
         .atomic_write_with_perms(

tests/kolainst/install

@@ -10,8 +10,7 @@
 
 set -xeuo pipefail
 
-# See https://github.com/cgwalters/bootc-base-images
-IMAGE=registry.gitlab.com/centos/cloud/sagano/fedora-boot-tier-0:38
+IMAGE=registry.gitlab.com/centos/cloud/sagano/fedora-boot-tier-0:eln
 # TODO: better detect this, e.g. look for an empty device
 DEV=/dev/vda