We see increasing number of problems with EFI chainloading grub script, it is also not supported on SecureBoot. What worked well for BIOS never worked for EFI, therefore I propose to enforce the normal workflow for EFI systems: when EFI host is installed it should boot from local drive. Booting from network will result a warning message and system halt. Users who still want to continue this BIOS-like "always boot from network" workflow will have instructions how to change the configuration value to achieve it.

On some systems, Anaconda fails to configure first boot entry correctly. For this reason, Foreman (and Satellite) ships with efibootmgr_netboot snippet which is enabled by default in kickstart. It can be controlled by efi_bootentry host parameter - when set Anaconda will perform efibootmgr command to override boot entry. Unfortunately full name of boot entry must be entered, this is different for each linux OS (e.g. "CentOS Linux" for CentOS or "Fedora") so there cannot be a single default value for all users.