fix: Disable secure boot by default (#399)
This commit is contained in:
parent
968602f9bc
commit
1f07402717
|
@ -1,5 +1,5 @@
|
||||||
FROM scratch
|
FROM scratch
|
||||||
COPY --from=qemux/qemu-docker:4.23 / /
|
COPY --from=qemux/qemu-docker:4.24 / /
|
||||||
|
|
||||||
ARG DEBCONF_NOWARNINGS "yes"
|
ARG DEBCONF_NOWARNINGS "yes"
|
||||||
ARG DEBIAN_FRONTEND "noninteractive"
|
ARG DEBIAN_FRONTEND "noninteractive"
|
||||||
|
@ -7,6 +7,7 @@ ARG DEBCONF_NONINTERACTIVE_SEEN "true"
|
||||||
|
|
||||||
RUN apt-get update && \
|
RUN apt-get update && \
|
||||||
apt-get --no-install-recommends -y install \
|
apt-get --no-install-recommends -y install \
|
||||||
|
bc \
|
||||||
curl \
|
curl \
|
||||||
7zip \
|
7zip \
|
||||||
wsdd \
|
wsdd \
|
||||||
|
|
|
@ -250,8 +250,9 @@ finishInstall() {
|
||||||
rm -f "$STORAGE/windows.old"
|
rm -f "$STORAGE/windows.old"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
# Enable secure boot + TPM on manual installs as Win11 requires
|
||||||
if [[ "$MANUAL" == [Yy1]* ]] || [[ "$aborted" == [Yy1]* ]]; then
|
if [[ "$MANUAL" == [Yy1]* ]] || [[ "$aborted" == [Yy1]* ]]; then
|
||||||
[[ "${DETECTED,,}" == "win11"* ]] && TPM="Y"
|
[[ "${DETECTED,,}" == "win11"* ]] && BOOT_MODE="windows_secure"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
rm -rf "$TMP"
|
rm -rf "$TMP"
|
||||||
|
@ -1084,9 +1085,7 @@ buildImage() {
|
||||||
return 0
|
return 0
|
||||||
}
|
}
|
||||||
|
|
||||||
######################################
|
bootWindows() {
|
||||||
|
|
||||||
if ! startInstall; then
|
|
||||||
|
|
||||||
if [ -f "$STORAGE/windows.old" ]; then
|
if [ -f "$STORAGE/windows.old" ]; then
|
||||||
MACHINE=$(<"$STORAGE/windows.old")
|
MACHINE=$(<"$STORAGE/windows.old")
|
||||||
|
@ -1094,7 +1093,39 @@ if ! startInstall; then
|
||||||
BOOT_MODE="windows_legacy"
|
BOOT_MODE="windows_legacy"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
local creation="1.10"
|
||||||
|
local minimal="2.14"
|
||||||
|
|
||||||
|
if [ -f "$STORAGE/windows.ver" ]; then
|
||||||
|
creation=$(<"$STORAGE/windows.ver")
|
||||||
|
[[ "${creation}" != *"."* ]] && creation="$minimal"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Force secure boot on installs created prior to v2.14
|
||||||
|
if (( $(echo "$creation < $minimal" | bc -l) )); then
|
||||||
|
if [[ "${BOOT_MODE,,}" == "windows" ]]; then
|
||||||
|
BOOT_MODE="windows_secure"
|
||||||
|
if [ -f "$STORAGE/windows.rom" ] && [ ! -f "$STORAGE/$BOOT_MODE.rom" ]; then
|
||||||
|
mv "$STORAGE/windows.rom" "$STORAGE/$BOOT_MODE.rom"
|
||||||
|
fi
|
||||||
|
if [ -f "$STORAGE/windows.vars" ] && [ ! -f "$STORAGE/$BOOT_MODE.vars" ]; then
|
||||||
|
mv "$STORAGE/windows.vars" "$STORAGE/$BOOT_MODE.vars"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
rm -rf "$TMP"
|
rm -rf "$TMP"
|
||||||
|
|
||||||
|
return 0
|
||||||
|
}
|
||||||
|
|
||||||
|
######################################
|
||||||
|
|
||||||
|
if ! startInstall; then
|
||||||
|
if ! bootWindows; then
|
||||||
|
error "Failed to boot Windows!"
|
||||||
|
exit 68
|
||||||
|
fi
|
||||||
return 0
|
return 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue