Project

General

Profile

Bug #34532

Disable EFI local chainloading by default

Added by Lukas Zapletal 4 months ago. Updated 4 months ago.

Status:
Closed
Priority:
Normal
Category:
Power management
Target version:
-
Difficulty:
Triaged:
Yes
Bugzilla link:
Fixed in Releases:
Found in Releases:

Description

We see increasing number of problems with EFI chainloading grub script, it is also not supported on SecureBoot. What worked well for BIOS never worked for EFI, therefore I propose to enforce the normal workflow for EFI systems: when EFI host is installed it should boot from local drive. Booting from network will result a warning message and system halt. Users who still want to continue this BIOS-like "always boot from network" workflow will have instructions how to change the configuration value to achieve it.

On some systems, Anaconda fails to configure first boot entry correctly. For this reason, Foreman (and Satellite) ships with efibootmgr_netboot snippet which is enabled by default in kickstart. It can be controlled by efi_bootentry host parameter - when set Anaconda will perform efibootmgr command to override boot entry. Unfortunately full name of boot entry must be entered, this is different for each linux OS (e.g. "CentOS Linux" for CentOS or "Fedora") so there cannot be a single default value for all users.

Associated revisions

Revision dd8ff395 (diff)
Added by Lukas Zapletal 4 months ago

Fixes #34532 - disable EFI local chainloading by default

Signed-off-by: Lukas Zapletal <>

History

#1 Updated by The Foreman Bot 4 months ago

  • Status changed from New to Ready For Testing
  • Pull request https://github.com/theforeman/foreman/pull/9123 added

#2 Updated by The Foreman Bot 4 months ago

  • Fixed in Releases 3.3.0 added

#3 Updated by Lukas Zapletal 4 months ago

  • Status changed from Ready For Testing to Closed

Also available in: Atom PDF