@@ -237,22 +237,22 @@ From this point we will be configuring the `live system`.
237237
238238 ` ` ` shell
239239 apt-get install -y \
240- plymouth-theme-ubuntu-logo \
241- ubuntu-gnome-desktop \
242- ubuntu-gnome-wallpapers
240+ plymouth-themes \
241+ ubuntu-gnome-desktop \
242+ ubuntu-gnome-wallpapers
243243 ` ` `
244244
24524512. ** Install useful applications**
246246
247247 ` ` ` shell
248248 apt-get install -y \
249- clamav-daemon \
250- terminator \
251- apt-transport-https \
252- curl \
253- vim \
254- nano \
255- less
249+ clamav-daemon \
250+ terminator \
251+ apt-transport-https \
252+ curl \
253+ vim \
254+ nano \
255+ less
256256 ` ` `
257257
25825813. ** Install Visual Studio Code (optional)**
@@ -307,13 +307,13 @@ From this point we will be configuring the `live system`.
307307
308308 ` ` ` shell
309309 apt-get purge -y \
310- transmission-gtk \
311- transmission-common \
312- gnome-mahjongg \
313- gnome-mines \
314- gnome-sudoku \
315- aisleriot \
316- hitori
310+ transmission-gtk \
311+ transmission-common \
312+ gnome-mahjongg \
313+ gnome-mines \
314+ gnome-sudoku \
315+ aisleriot \
316+ hitori
317317 ` ` `
318318
31931917. ** Remove unused packages**
@@ -341,7 +341,7 @@ From this point we will be configuring the `live system`.
341341 < /p>
342342
343343 2. Configure network-manager
344-
344+
345345 1. Create config file
346346
347347 ` ` ` shell
@@ -625,7 +625,6 @@ remove packages specified in `filesystem.manifest` that are *not* listed in `fil
625625 GRUB_VERSION=`grub-mkstandalone -V | tr -s ' ' | cut -d' ' -f3 | cut -d' ' -f1`
626626 GRUB_RELEASE=`grub-mkstandalone -V | tr -s ' ' | cut -d' ' -f3`
627627
628- # create SBAT file
629628 cat <<EOF > isolinux/sbat.csv
630629 sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
631630 grub,1,Free Software Foundation,grub,$GRUB_VERSION,https://www.gnu.org/software/grub/
@@ -662,22 +661,29 @@ remove packages specified in `filesystem.manifest` that are *not* listed in `fil
662661 sbsign --key /certificates/db.key --cert /certificates/db.pem --output isolinux/grubx64.efi isolinux/grubx64.efi
663662 ```
664663
665- 6. Create a FAT16 UEFI boot disk image containing the EFI bootloader
664+ 6. Copy Shim and MOK
665+
666+ ```shell
667+ cp /usr/lib/shim/shimx64.efi.signed.previous isolinux/bootx64.efi
668+ cp /usr/lib/shim/mmx64.efi isolinux/mmx64.efi
669+ ```
670+
671+ 7. Create a FAT16 UEFI boot disk image containing the EFI bootloader
666672
667673 ```shell
668674 (
669675 cd isolinux && \
670676 dd if=/dev/zero of=efiboot.img bs=1M count=10 && \
671677 mkfs.vfat -F 16 efiboot.img && \
672678 LC_CTYPE=C mmd -i efiboot.img certificates efi efi/boot && \
673- LC_CTYPE=C mcopy -i efiboot.img /usr/lib/shim/shimx64 .efi.signed.previous ::efi/boot/bootx64.efi && \
674- LC_CTYPE=C mcopy -i efiboot.img /usr/lib/shim/ mmx64.efi ::efi/boot/mmx64.efi && \
675- LC_CTYPE=C mcopy -i efiboot.img /image/isolinux/ grubx64.efi ::efi/boot/grubx64.efi && \
679+ LC_CTYPE=C mcopy -i efiboot.img ./bootx64 .efi ::efi/boot/ && \
680+ LC_CTYPE=C mcopy -i efiboot.img ./ mmx64.efi ::efi/boot/ && \
681+ LC_CTYPE=C mcopy -i efiboot.img ./ grubx64.efi ::efi/boot/ && \
676682 LC_CTYPE=C mcopy -i efiboot.img /certificates/ca.cer ::certificates/
677683 )
678684 ```
679685
680- 7 . Create a grub BIOS image
686+ 8 . Create a grub BIOS image
681687
682688 ```shell
683689 grub-mkstandalone \
@@ -690,17 +696,17 @@ remove packages specified in `filesystem.manifest` that are *not* listed in `fil
690696 "boot/grub/grub.cfg=isolinux/grub.cfg"
691697 ```
692698
693- 8 . Combine a bootable Grub cdboot.img
699+ 9 . Combine a bootable Grub cdboot.img
694700
695701 ```shell
696702 cat /usr/lib/grub/i386-pc/cdboot.img isolinux/core.img > isolinux/bios.img
697703 ```
698704
699- 9 . Generate md5sum.txt
705+ 10 . Generate md5sum.txt
700706
701- ```shell
702- /bin/bash -c "(find . -type f -print0 | xargs -0 md5sum | grep -v -e ' md5sum.txt' -e ' ' -e ' ' > md5sum.txt)"
703- ```
707+ ```shell
708+ /bin/bash -c "(find . -type f -print0 | xargs -0 md5sum | grep -v -e ' md5sum.txt' -e ' ' -e ' ' > md5sum.txt)"
709+ ```
704710
705711## Cleanup the chroot environment
706712
@@ -802,23 +808,29 @@ After everything has been installed and preconfigured in the **chrooted** enviro
802808 -J -J -joliet-long \
803809 -volid "Ubuntu from scratch" \
804810 -output "../ubuntu-from-scratch.iso" \
805- -eltorito-boot boot/grub/bios.img \
806- -no-emul-boot \
807- -boot-load-size 4 \
808- -boot-info-table \
809- --eltorito-catalog boot/grub/boot.cat \
810- --grub2-boot-info \
811- --grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
812- -eltorito-alt-boot \
813- -e EFI/efiboot.img \
814- -no-emul-boot \
815- -append_partition 2 0xef isolinux/efiboot.img \
816- -m "isolinux/efiboot.img" \
817- -m "isolinux/bios.img" \
818- -graft-points \
819- "/EFI/efiboot.img=isolinux/efiboot.img" \
820- "/boot/grub/bios.img=isolinux/bios.img" \
821- "."
811+ -eltorito-boot isolinux/bios.img \
812+ -no-emul-boot \
813+ -boot-load-size 4 \
814+ -boot-info-table \
815+ --eltorito-catalog boot.catalog \
816+ --grub2-boot-info \
817+ --grub2-mbr ../chroot/usr/lib/grub/i386-pc/boot_hybrid.img \
818+ -eltorito-alt-boot \
819+ -no-emul-boot \
820+ -e isolinux/efiboot.img \
821+ -append_partition 2 0xef isolinux/efiboot.img \
822+ -m "isolinux/efiboot.img" \
823+ -m "isolinux/bios.img" \
824+ -e ' --interval:appended_partition_2:::' \
825+ -exclude isolinux \
826+ -graft-points \
827+ "/EFI/boot/bootx64.efi=isolinux/bootx64.efi" \
828+ "/EFI/boot/mmx64.efi=isolinux/mmx64.efi" \
829+ "/EFI/boot/grubx64.efi=isolinux/grubx64.efi" \
830+ "/boot/grub/grub.cfg=isolinux/grub.cfg" \
831+ "/isolinux/bios.img=isolinux/bios.img" \
832+ "/isolinux/efiboot.img=isolinux/efiboot.img" \
833+ "."
822834 ```
823835
824836## Alternative way, if previous one fails, create an Hybrid ISO
0 commit comments