--- /dev/null
+#
+# Menu appearance
+#
+set menu_color_normal=white/blue
+set menu_color_highlight=yellow/red
+
+#
+# Example: imagens stored in the USB stick: just put your images under custom/debian/images.
+#
+menuentry 'Example: Darkstar' {
+ set volume=/dev/sda5
+ set version=3.16.0-4-amd64
+ set target=sda5_crypt
+ set rootfs=darkstar--vg-root
+ set distro=debian
+ bootimg ${volume} ${version} ${source} ${target} ${distro}
+}
+
+#
+# Example: Full Disk Encryption: images are loaded from encrypted partition.
+#
+menuentry 'Example: Darkstar FDE' {
+ set volume=darkstar
+ set version=3.16.0-4-amd64
+ bootfde ${volume} ${version}
+}
--- /dev/null
+#
+# Bootless: evil-maid mitigator.
+#
+
+#
+# Load environment
+#
+if [ -s $prefix/grubenv ]; then
+ load_env
+fi
+
+#
+# Basic config
+#
+set default="0"
+set timeout=5
+
+#
+# Menu appearance
+#
+set menu_color_normal=white/blue
+set menu_color_highlight=yellow/red
+
+#
+# Handles boot from fully encrypted /boot volumes.
+# Usage: bootfde <volume> <kernel-version> [source] [target]
+#
+function bootfde {
+ insmod luks
+ insmod lvm
+
+ set volume=${1}
+
+ if [ "${2}" ]; then
+ set version=${2}
+ else
+ set version=3.16.0-4-amd64
+ fi
+
+ if [ "${3}" ]; then
+ set source=${3}
+ else
+ set source=/dev/mapper/${1}
+ fi
+
+ if [ "${4}" ]; then
+ set target=${4}
+ else
+ set target=root
+ fi
+
+ cryptomount lvm/${volume}
+ set root=(crypto0)
+ echo "Loading ${volume}..."
+ linux /boot/vmlinuz-${version} root=/dev/mapper/${target} cryptopts=target=${target},source=${source} ro quiet
+ echo 'Loading initial ramdisk ...'
+ initrd /boot/initrd.img-${version}
+}
+
+#
+# Handles boot from images stored in the USB stick.
+# Usage: bootfde <volume> <kernel-version> [target] [rootfs] [distro]
+#
+function bootimg {
+ set volume=${1}
+
+ if [ "${2}" ]; then
+ set version=${2}
+ else
+ set version=3.16.0-4-amd64
+ fi
+
+ if [ "${3}" ]; then
+ set target=${3}
+ else
+ set target=root
+ fi
+
+ if [ "${4}" ]; then
+ set rootfs=${4}
+ else
+ set rootfs=${target}
+ fi
+
+ if [ "${5}" ]; then
+ set distro=${5}
+ else
+ set distro=debian
+ fi
+
+ echo "Loading ${1}..."
+ linux /boot/custom/${distro}/vmlinuz-${version} root=/dev/mapper/${rootfs} cryptopts=target=${target},source=${volume} ro quiet apparmor=1 security=apparmor
+ echo 'Loading initial ramdisk ...'
+ initrd /boot/custom/${distro}/initrd.img-${version}
+}
+
+#
+# Default menu entry
+#
+menuentry "Memtest86+" {
+ linux16 /boot/default/memtest/memtest86+.bin
+}
+
+#
+# Custom menu entries
+#
+if [ -e "/boot/custom/custom.cfg" ]; then
+ menuentry "Custom configurations" {
+ configfile /boot/custom/custom.cfg
+ }
+fi
projects / bootless.git / commitdiff