Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

RHEL 10: bootupd update firmware #5761

Open
wants to merge 2 commits into
base: rhel-10
Choose a base branch
from

Conversation

jkonecny12
Copy link
Member

@jkonecny12 jkonecny12 commented Jul 13, 2024

Enable installation of the EFI entry from the bootupd project.

Backport of the #5508.

Resolves: RHEL-40896

  • Blocked on RHEL-40897 still being in PLANNING

Copy link
Contributor

@M4rtinK M4rtinK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. :)

@jkonecny12
Copy link
Member Author

/kickstart-test --kstest-pr 1260 rpm-ostree-container-bootc

@jkonecny12
Copy link
Member Author

Let's enable this test for RHEL when this will be ready for merge:
rhinstaller/kickstart-tests#1260

@KKoukiou KKoukiou added the blocked Don't merge this pull request! label Aug 15, 2024
Copy link

This PR is stale because it has been open 60 days with no activity.
Remove stale label or comment or this will be closed in 30 days.

@github-actions github-actions bot added the stale label Oct 15, 2024
Copy link

This PR was closed because it has been stalled for 30 days with no activity.

@github-actions github-actions bot closed this Nov 15, 2024
@jkonecny12 jkonecny12 reopened this Nov 19, 2024
AdamWill and others added 2 commits November 19, 2024 12:33
This is required to write an entry to the EFI boot manager,
which we ought to do (anaconda does it when installing the
bootloader itself). Without this, boot of the installed system
will only work if it's configured to try and boot from the
hard disk using the fallback path.

Signed-off-by: Adam Williamson <[email protected]>
(cherry picked from commit 0b2fc13)

Resolves: RHEL-40896
If leavebootorder was specified through kickstart or kernel boot
arguments we won't pass `--update-firmware` to bootupdctl. That will
avoid creation of the UEFI entry for the bootloader and give people
possibility for additional tweaking or debugging.

This was requested by bootloader developers.

Suggested-by: Timothée Ravier <[email protected]>
(cherry picked from commit 28d1aed)

Resolves: RHEL-40896
@jkonecny12 jkonecny12 force-pushed the rhel-10-bootupd-update-firmware branch from 564a832 to c4c7fe2 Compare November 19, 2024 11:33
@jkonecny12 jkonecny12 marked this pull request as ready for review November 19, 2024 11:34
@github-actions github-actions bot removed the stale label Nov 20, 2024
@jkonecny12
Copy link
Member Author

When I'm testing this change on CentOS Stream 10 on Kickstart test, I'm getting this issue:
centos boot

@jkonecny12
Copy link
Member Author

jkonecny12 commented Nov 22, 2024

Hi @cgwalters, could you please take a look if you have any idea what could be cause of this? Is it a bug in bootupd or maybe I'm doing something wrong?

@cgwalters
Copy link
Contributor

"Access Denied" - is this possibly a generic secure boot issue where the firmware isn't trusting the centos signing key?

@jkonecny12
Copy link
Member Author

Hmm, could be. I honestly have issues to run official CentOS ISO on EUFI VM when using virt-manager but it works when running virt-install. May be a secure boot configuration?

@jkonecny12
Copy link
Member Author

I wonder, @cgwalters should the secure boot feature work on CentOS Stream 10?

@jkonecny12
Copy link
Member Author

I was able to find and verify this is known issue on CentOS Stream 10 rhboot/shim-review#454

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
blocked Don't merge this pull request! rhel-10
Development

Successfully merging this pull request may close these issues.

5 participants