1fa7138 Manpage update by job 933435
~nabijaczleweli pushed to ~nabijaczleweli/klapki git
3ec7855 Don't segfault on commit if there are no boot entries
~nabijaczleweli pushed to ~nabijaczleweli/klapki git
#klapki 
EFI boot manager; or, well, an EFI bootorder compiler.
#Manpage (PDF)
#What?
You need to boot Linux somehow, but you don't really need any EFI-side code to do it if you configure your kernel right and have something tell the firmware about it. This is that something.
klapki stores neither code nor data (well, except the kernel and initrds) on the ESP, making it SecureBoot-compatible out-of-box, and instead generates entries for the host's kernels and manages them during their lifetime from the host itself.
Because of this, entries for each host can be trivially placed anywhere in the boot order (in the screenshot they're at {bootpos 1}, preceded by the "zoot" entry).
As seen in the screenshot, additional boot variants (just "graphical" in that case) are also supported, generating another entry for each kernel;
OVMF doesn't show it, but the difference can be seen from this listing of /etc/klapki/cmdline used to generate those entries
(the description is a tad verbose to match convention):
#!/bin/sh
echo root=ZFS=zoot/root
[ "$2" = "graphical" ] || echo console=ttyS0
The second screenshot goes for the radical
#!/bin/sh
echo root=zfs:AUTO intel_iommu=on zfs.zfs_arc_max=85899345920 "$2"
#Building
You'll need libssl-dev, libefi{var,boot}-dev, catch2, libfmt-dev and make should hopefully Just Work™ if you have a C++17-capable compiler.
catch2 and libfmt-dev are searched via pkg-config as catch2/fmt if available, or in $ADDITIONAL_INCLUDE_DIR/$ADDITIONAL_LINK_DIR.
mandoc is required for HTML manpages. Set MANDOC=true when building to remove this dependency.
Note that klapki uses Linux-specific sendfile(), and as such building it will fail on other systems.
Upstream libefivar only supports Linux anyway
(and FreeBSD carries a port, though the usefulness of this within any classic UNIX distribution is doubtful).
#Installation
Copy out/klapki to /sbin and write a /etc/klapki/{description,cmdline}, as seen in the manual.
#From Debian repository
The following line in /etc/apt/sources.list or equivalent:
deb [signed-by=/etc/apt/keyrings/nabijaczleweli.asc] https://debian.nabijaczleweli.xyz sid main
With my PGP key (the two URLs are interchangeable):
sudo wget -O/etc/apt/keyrings/nabijaczleweli.asc https://debian.nabijaczleweli.xyz/nabijaczleweli.gpg.key
sudo wget -O/etc/apt/keyrings/nabijaczleweli.asc https://nabijaczleweli.xyz/pgp.txt
(you may need to create /etc/apt/keyrings on apt <2.4.0 (<=bullseye) manually).
Then the usual
sudo apt update
sudo apt install klapki
will work on amd64, x32, and i386.
See the repository README for more information.
#Uninstallation
Remove the variable corresponding to the host under the klapki GUID (a8a9ad3a-f831-11ea-946d-674ccd7415cc).
For example, on Linux, with host "zoot":
chattr -i /sys/firmware/efi/efivars/zoot-a8a9ad3a-f831-11ea-946d-674ccd7415cc
rm /sys/firmware/efi/efivars/zoot-a8a9ad3a-f831-11ea-946d-674ccd7415cc
This will abandon any previously-managed entries by removing all state, so either run {delkernel ver} for all versions you had registered beforehand,
or remove the entries and files later with efibootmgr(8)/EFI shell/the firmware UI.
#Reporting bugs
There's the tracker, but also see the list below.
#Contributing
Send a patch inline, as an attachment, or a git link and a ref to pull from to the list (~nabijaczleweli/klapki@lists.sr.ht) or me directly. I'm not picky, just please include the repo name in the subject prefix.
#Discussion
Please use the tracker, the list, or Twitter.
#Special thanks
To all who support further development on Patreon, in particular:
- ThePhD
- Embark Studios
- Jasper Bekkers