diff options
| author | Joerie de Gram <j.de.gram@gmail.com> | 2021-09-26 17:54:36 +0200 |
|---|---|---|
| committer | Joerie de Gram <j.de.gram@gmail.com> | 2021-10-11 15:14:33 +0200 |
| commit | 7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41 (patch) | |
| tree | ed2de0a714a370f2dbe0a421b1e18f388fe4479b | |
| parent | 5e37cc3186de4bdcf57b2320e0132d011a303b8b (diff) | |
| download | nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar.gz nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar.bz2 nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar.lz nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar.xz nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.tar.zst nixpkgs-7bd84b66850100c3ffdec3ee9ef7c27a6a57ce41.zip | |
systemd-boot: add 'graceful' configuration option
On some systems bootctl cannot write the `LoaderSystemToken` EFI variable during installation, which results in a failure to install the boot loader. Upstream provides a flag (--graceful) to ignore such write failures - this change exposes it as a configuration option. As the exact semantics of this option appear to be somewhat volatile it should be used only if systemd-boot otherwise fails to install.
| -rw-r--r-- | nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py | 13 | ||||
| -rw-r--r-- | nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix | 18 |
2 files changed, 26 insertions, 5 deletions
diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py index 7134b432163..6c26b4e0f87 100644 --- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py +++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot-builder.py @@ -208,10 +208,15 @@ def main() -> None: if os.path.exists("@efiSysMountPoint@/loader/loader.conf"): os.unlink("@efiSysMountPoint@/loader/loader.conf") - if "@canTouchEfiVariables@" == "1": - subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@", "install"]) - else: - subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@", "--no-variables", "install"]) + flags = [] + + if "@canTouchEfiVariables@" != "1": + flags.append("--no-variables") + + if "@graceful@" == "1": + flags.append("--graceful") + + subprocess.check_call(["@systemd@/bin/bootctl", "--path=@efiSysMountPoint@"] + flags + ["install"]) else: # Update bootloader to latest if needed systemd_version = subprocess.check_output(["@systemd@/bin/bootctl", "--version"], universal_newlines=True).split()[1] diff --git a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix index ff304f570d3..0f76d7d6b24 100644 --- a/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix +++ b/nixos/modules/system/boot/loader/systemd-boot/systemd-boot.nix @@ -24,7 +24,7 @@ let configurationLimit = if cfg.configurationLimit == null then 0 else cfg.configurationLimit; - inherit (cfg) consoleMode; + inherit (cfg) consoleMode graceful; inherit (efi) efiSysMountPoint canTouchEfiVariables; @@ -126,6 +126,22 @@ in { ''; }; }; + + graceful = mkOption { + default = false; + + type = types.bool; + + description = '' + Invoke <literal>bootctl install</literal> with the <literal>--graceful</literal> option, + which ignores errors when EFI variables cannot be written or when the EFI System Partition + cannot be found. Currently only applies to random seed operations. + + Only enable this option if <literal>systemd-boot</literal> otherwise fails to install, as the + scope or implication of the <literal>--graceful</literal> option may change in the future. + ''; + }; + }; config = mkIf cfg.enable { |