[Feature request]: "boot firmware mode" fact (BIOS, EFI, DeviceTree, etc) #56
Description
Use Case
Linux systems may be booted from various firmware types (BIOS, EFI, DeviceTree, etc). Different types may require different things. This is particularly true for EFI systems booted in Secure Boot mode. Built in facts that describe the firmware environment would help folks quickly evaluate behaviors.
Describe the solution you would like
A built in structured fact (name unknown) that lists out the firmware environment, its custom settings (Secure Boot enforcing, Secure Boot audit only, Secure Boot disabled, etc), and probably some other bits
Describe alternatives you've considered
https://github.com/simp/pupmod-simp-simplib/blob/master/lib/facter/simplib__efi_enabled.rb
https://github.com/simp/pupmod-simp-simplib/blob/master/lib/facter/simplib__secure_boot_enabled.rb
Additional context
Example usage:
- I want to ensure my efi-esp volume is mounted with
umask=0077 - I want to take action if my Secure Boot status is not what I expect