os-prober is disabled in grub 2.06 and where to go from here

Mario Limonciello superm1 at gmail.com
Fri Dec 17 16:11:00 UTC 2021 

I think running at install time and caching the output somewhere makes
sense for most cases.  You can create some documentation on how to re-run
it at manually to regenerate that output if you have consciously added
another operating system and want to detect it one off.

On Fri, Dec 17, 2021 at 10:03 AM Julian Andres Klode <
julian.klode at canonical.com> wrote:

> Hi ubuntu-devel,
>
> os-prober is disabled with the grub 2.06 upload, which is
> obviously a bit controversial and the outcome is not
> necessarily in the best interest of our users.
>
> # Reasons
>
> os-prober is inherently insecure as it mounts all partitions
> on your disk using grub-mount to check them for other OS,
> which is not a nice thing to do as root as you can exploit
> bugs in the filesystem code easily.
>
> # Outcome
>
> 1. Users on UEFI are unable to boot other Ubuntu installs,
>    but can boot other OS via the UEFI bootloader.
>
>    Multiple Ubuntu installs are a hack either way, so not
>    really a huge priority - any Ubuntu install installs
>    grub to the same location, so your grub just switches
>    between your Ubuntu installs each time you upgrade it
>    in one. Ugh.
>
> 2. Users on BIOS systems cannot boot any other system
>
>    This is highly problematic
>
> # Options
>
> 0. Re-enable os-prober
>
> 1. Red Hat only runs os-prober during install time, and
>    instead of regenerating grub.cfg when kernels are installed
>    writes out drop-in files that are then loaded (it actually
>    uses the systemd-boot load entries format, which it has
>    patched into grub)
>
>    We could run os-prober during install time, store the
>    output somewhere and then reuse the cached output in
>    grub-mkconfig.
>
> 2. Can we have an "Other Boot options" entry that goes to the
>    UEFI boot menu? Or, write a grub module that goes through
>    the UEFI boot options and creates a submenu, then sets
>    BootNext and resets the machine when you select an item.
>
> 3. Detect the presence of Windows inside grub.cfg and allow
>    chainloading that, to handle the major dual-boot use case.
>
> 4. There was some initial code for a basic os-prober reimplementation
>    at boot time, which avoids the security issues of running os-prober
>    at run-time, but also that's a bit meh.
> --
> debian developer - deb.li/jak | jak-linux.org - free software dev
> ubuntu core developer                              i speak de, en
>
> --
> ubuntu-devel mailing list
> ubuntu-devel at lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-devel
>


-- 
Mario Limonciello
superm1 at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-devel/attachments/20211217/04a29287/attachment.html>

More information about the ubuntu-devel mailing list