curtin-dev team mailing list archive

[Lee Trager <1895067@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

CentOS/RHEL 7+ ship the signed version of grub in the grub2-efi-x64. Its
installed directly to /boot/efi/EFI/centos/grubx64.efi. Running
grub2-install on CentOS builds a new version of grub using the
grub2-efi-x64-modules package. This version is not signed which will
break UEFI secure boot. If the grub2-efi-x64-modules package is missing
this will cause grub2-install to fail which causes the deployment to
fail.

It seems Curtin's logic is current when writing NVRAM however when NVRAM
is disabled this bug occurs. This bug was triggered due to LP:1895044.

** Affects: curtin
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of curtin
developers, which is subscribed to curtin.
https://bugs.launchpad.net/bugs/1895067

Title:
  GRUB shouldn't be installed if found on CentOS/RHEL

Status in curtin:
  New

Bug description:
  CentOS/RHEL 7+ ship the signed version of grub in the grub2-efi-x64.
  Its installed directly to /boot/efi/EFI/centos/grubx64.efi. Running
  grub2-install on CentOS builds a new version of grub using the
  grub2-efi-x64-modules package. This version is not signed which will
  break UEFI secure boot. If the grub2-efi-x64-modules package is
  missing this will cause grub2-install to fail which causes the
  deployment to fail.

  It seems Curtin's logic is current when writing NVRAM however when
  NVRAM is disabled this bug occurs. This bug was triggered due to
  LP:1895044.

To manage notifications about this bug go to:
https://bugs.launchpad.net/curtin/+bug/1895067/+subscriptions