UEFI boot order, Re: Tip: Remote FAI install

Andreas Sindermann sinder at thp.uni-koeln.de
Wed Jan 25 17:11:40 CET 2023 

Hi,

this doesn't seem to be a trivial task as the state of the boot medium 
prior to the fai installation as well as the UEFI settings for the 
single network interface both can have all kinds of states, e.g.:

(of course for production I'd disable unneeded UEFI setting, in my case 
all IPv6 and HTTP boot options, so just the IPv4 PXE boot option usually 
would be active leading to the IPv4 PXE having highest boot priority and 
then just installed HD/NVMe medium having the second boot priority)

--------
root at jammysrv:/srv/fai/config# cat hooks/partition.GRUB_EFI
#! /bin/bash

# prior to disk partioning collect the UEFI boot order
efibootmgr
-------
root at jammysrv:/srv/fai/config# less 
/var/log/fai/remote-logs/l65/last/fai.log
---Output----
[...]
Calling hook: partition.GRUB_EFI
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0001,0002,0003,0004,0000,0005
Boot0000* ubuntu
Boot0001* UEFI: PXE IP4 Intel(R) Ethernet Connection (2) I219-V
Boot0002* UEFI: HTTP IP4 Intel(R) Ethernet Connection (2) I219-V
Boot0003* UEFI: HTTP IP6 Intel(R) Ethernet Connection (2) I219-V
Boot0004* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V
Boot0005* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V
partition.GRUB_EFI   OK.
[...]
------------
root at jammysrv:/srv/fai/config# cat 
scripts/GRUB_EFI/01-UEFI-Collect_BootOrder
#! /bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code

efibootmgr -v

exit $error
---Output----
=====   shell: GRUB_EFI/01-UEFI-Collect_BootOrder   =====
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0001,0002,0003,0004,0000,0005
Boot0000* ubuntu 
HD(1,GPT,6205f216-7aa2-4531-8319-d7b77a00514d,0x800,0x10
0000)/File(\EFI\UBUNTU\GRUBX64.EFI)
Boot0001* UEFI: PXE IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci
(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot0002* UEFI: HTTP IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(
0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot0003* UEFI: HTTP IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(
0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)/Uri()..BO
Boot0004* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
Boot0005* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
GRUB_EFI/01-UEFI-Collect_BootOrder OK.
=====   shell: GRUB_EFI/10-setup   =====
ainsl: appending to /target/etc/default/grub: GRUB_DISABLE_OS_PROBER=true
Installing for x86_64-efi platform.
Installation finished. No error reported.
Grub installed on /dev/nvme0n1 = (hostdisk//dev/nvme0n1)
Sourcing file `/etc/default/grub'
Sourcing file `/etc/default/grub.d/init-select.cfg'
Generating grub configuration file ...
Found linux image: /boot/vmlinuz-5.15.0-58-generic
Found initrd image: /boot/initrd.img-5.15.0-58-generic
Memtest86+ needs a 16-bit boot, that is not available on EFI, exiting
Warning: os-prober will not be executed to detect other bootable partitions.
Systems on them will not be added to the GRUB boot configuration.
Check GRUB_DISABLE_OS_PROBER documentation entry.
Adding boot menu entry for UEFI Firmware Settings ...
done
GRUB_EFI/10-setup    OK.

------------
root at jammysrv:/srv/fai/config# cat 
scripts/GRUB_EFI/90_UEFI_Adjust_BootOrder_pre
#! /bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code

efibootmgr -v

exit $error
---Output----
=====   shell: GRUB_EFI/90_UEFI_Adjust_BootOrder_pre   =====
BootCurrent: 0001
Timeout: 1 seconds
BootOrder: 0000,0001,0002,0003,0004,0005
Boot0000* ubuntu 
HD(1,GPT,ac900736-afc3-4b46-8bb5-ce1c1b71c9a8,0x800,0x100000)/File(\EFI\ubuntu\grubx64.efi)
Boot0001* UEFI: PXE IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot0002* UEFI: HTTP IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot0003* UEFI: HTTP IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)/Uri()..BO
Boot0004* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
Boot0005* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
GRUB_EFI/90_UEFI_Adjust_BootOrder_pre OK.

------------
root at jammysrv:/srv/fai/config# cat scripts/GRUB_EFI/91_UEFI_Adjust_BootOrder
#! /bin/bash
error=0; trap 'error=$(($?>$error?$?:$error))' ERR # save maximum error code


#  FAI List 19.01.2023, 21:10h (Thomas Lange)
#Hi,
#
#I found this code that move the first boot entry (which is expected to
#be the new entry after an installation) to the end of the boot list.
#
#https://community.theforeman.org/t/efi-boot-order-with-centos-7-network-boot-vs-local-boot/10529/2

# the EFI boot manager is only installed on UEFI hosts by Anaconda
if [[ -f /usr/bin/efibootmgr ]]; then
     echo "- Changing EFI boot order to preserve network boot ..."
     created_entry=$(efibootmgr | grep "BootOrder" | cut -d " " -f 2 | 
cut -d "," -f 1)
     others=$(efibootmgr | grep "BootOrder" | cut -d " " -f 2 | cut -d 
"," -f 2-)
     new_order="${others},${created_entry}"
     efibootmgr -q -o ${new_order}
     efibootmgr -v
fi

exit $error
---Output---
=====   shell: GRUB_EFI/91_UEFI_Adjust_BootOrder   =====
- Changing EFI boot order to preserve network boot ...
BootCurrent: 0000
Timeout: 1 seconds
BootOrder: 0001,0002,0003,0004,0005,0000,0006
Boot0000* ubuntu 
HD(1,GPT,ac900736-afc3-4b46-8bb5-ce1c1b71c9a8,0x800,0x100000)/File(\EFI\UBUNTU\GRUBX64.EFI)
Boot0001* UEFI: PXE IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot0002* UEFI: HTTP IP4 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot0003* UEFI: HTTP IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)/Uri()..BO
Boot0004* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
Boot0005* UEFI: PXE IP6 Intel(R) Ethernet Connection (2) I219-V 
PciRoot(0x0)/Pci(0x1f,0x6)/MAC(b42e9987238b,0)/IPv6([::]:<->[::]:,0,0)..BO
Boot0006* UEFI OS 
HD(1,GPT,ac900736-afc3-4b46-8bb5-ce1c1b71c9a8,0x800,0x100000)/File(\EFI\BOOT\BOOTX64.EFI)..BO
------------


Andreas

Am 19.01.2023 um 21:10 schrieb Thomas Lange:
> Hi,
> 
> I found this code that move the first boot entry (which is expected to
> be the new entry after an installation) to the end of the boot list.
> 
> https://community.theforeman.org/t/efi-boot-order-with-centos-7-network-boot-vs-local-boot/10529/2
> 
> # the EFI boot manager is only installed on UEFI hosts by Anaconda
> if [[ -f /sbin/efibootmgr ]]; then
>      echo "- Changing EFI boot order to preserve network boot ..."
>      created_entry=$(efibootmgr | grep "BootOrder" | cut -d " " -f 2 | cut -d "," -f 1)
>      others=$(efibootmgr | grep "BootOrder" | cut -d " " -f 2 | cut -d "," -f 2-)
>      new_order="${others},${created_entry}"
>      efibootmgr -q -o ${new_order}
> fi
>

More information about the linux-fai mailing list