Friday 17 December 2021

Re: os-prober is disabled in grub 2.06 and where to go from here

I think running at install time and caching the output somewhere makes sense for most cases.  You can create some documentation on how to re-run it at manually to regenerate that output if you have consciously added another operating system and want to detect it one off.

On Fri, Dec 17, 2021 at 10:03 AM Julian Andres Klode <julian.klode@canonical.com> wrote:
Hi ubuntu-devel,

os-prober is disabled with the grub 2.06 upload, which is
obviously a bit controversial and the outcome is not
necessarily in the best interest of our users.

# Reasons

os-prober is inherently insecure as it mounts all partitions
on your disk using grub-mount to check them for other OS,
which is not a nice thing to do as root as you can exploit
bugs in the filesystem code easily.

# Outcome

1. Users on UEFI are unable to boot other Ubuntu installs,
   but can boot other OS via the UEFI bootloader.

   Multiple Ubuntu installs are a hack either way, so not
   really a huge priority - any Ubuntu install installs
   grub to the same location, so your grub just switches
   between your Ubuntu installs each time you upgrade it
   in one. Ugh.

2. Users on BIOS systems cannot boot any other system

   This is highly problematic

# Options

0. Re-enable os-prober

1. Red Hat only runs os-prober during install time, and
   instead of regenerating grub.cfg when kernels are installed
   writes out drop-in files that are then loaded (it actually
   uses the systemd-boot load entries format, which it has
   patched into grub)

   We could run os-prober during install time, store the
   output somewhere and then reuse the cached output in
   grub-mkconfig.

2. Can we have an "Other Boot options" entry that goes to the
   UEFI boot menu? Or, write a grub module that goes through
   the UEFI boot options and creates a submenu, then sets
   BootNext and resets the machine when you select an item.

3. Detect the presence of Windows inside grub.cfg and allow
   chainloading that, to handle the major dual-boot use case.

4. There was some initial code for a basic os-prober reimplementation
   at boot time, which avoids the security issues of running os-prober
   at run-time, but also that's a bit meh.
--
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

--
ubuntu-devel mailing list
ubuntu-devel@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel


--
Mario Limonciello
superm1@gmail.com
Posted by at