rocky-tools icon indicating copy to clipboard operation
rocky-tools copied to clipboard

Published 20 hours ago verified publisher icon rocky-linux

Error installing required packages: shim-x64 grub2-efi-x64

Open armetiz opened this issue 2 years ago • 11 comments

Hi there.

I'm getting the following errors on two different Centos8 servers.

Here what I'm getting after running ./migrate2rocky.sh -r.

[root@acme ~]# uname -a
Linux acme.com 4.18.0-240.1.1.el8_3.x86_64 #1 SMP Thu Nov 19 17:20:08 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

[root@acme ~]# hostnamectl
   Static hostname: acme.com
         Icon name: computer-vm
           Chassis: vm
        Machine ID: a24308263dca45558d7bf0bb2033c1f3
           Boot ID: 1b40a39843284427951f47f3f763a963
    Virtualization: kvm
  Operating System: Rocky Linux 8.6 (Green Obsidian)
       CPE OS Name: cpe:/o:rocky:rocky:8:GA
            Kernel: Linux 4.18.0-240.1.1.el8_3.x86_64
      Architecture: x86-64

[root@acme ~]# dnf search shim
Last metadata expiration check: 0:10:26 ago on Mon 23 May 2022 10:16:25 AM UTC.
========================================================= Name Matched: shim ==========================================================
rshim.x86_64 : User-space driver for Mellanox BlueField SoC
shim-ia32.x86_64 : First-stage UEFI bootloader

[root@acme ~]# dnf search grub2-efi
Last metadata expiration check: 0:10:23 ago on Mon 23 May 2022 10:16:25 AM UTC.
======================================================= Name Matched: grub2-efi =======================================================
grub2-efi-aa64-modules.noarch : Modules used to build custom grub.efi images
grub2-efi-ia32.x86_64 : GRUB for EFI systems.
grub2-efi-ia32-cdboot.x86_64 : Files used to boot removeable media with EFI
grub2-efi-ia32-modules.noarch : Modules used to build custom grub.efi images
grub2-efi-x64-cdboot.x86_64 : Files used to boot removeable media with EFI

Any clue?

armetiz avatar May 23 '22 10:05 armetiz

As I understand, grub2-efi-x86_64 and shim-x86_64 does not exist on the repository.

Right now, servers are running on an "old" EFI / grub configuration. Servers restarts successfully without any errors.

I don't know well this part of the system. But, as I understand, EFI firmware is not updated, currently configured with the latest Centos8 grub configuration. Is this a problem?

armetiz avatar May 23 '22 10:05 armetiz

Can you attach the /var/log/migrate2rocky.log file from the migration, please?

pajamian avatar May 23 '22 11:05 pajamian

@pajamian https://gist.github.com/armetiz/39ba31aed87c09ee081994347baa0141

armetiz avatar May 23 '22 11:05 armetiz

shim-x64 grub2-efi-x64 do indeed exist in the baseos repo. Check to see that you haven't excluded them: grep -Fe exclude -e includepkgs /etc/dnf/dnf.conf /etc/yum.repos.d/*.repo

pajamian avatar May 24 '22 02:05 pajamian

@pajamian well done !

[centos@acme /]$ grep -Fe exclude -e includepkgs /etc/dnf/dnf.conf /etc/yum.repos.d/*.repo
/etc/dnf/dnf.conf:# Removing this excludepkgs statement may render the instance
/etc/dnf/dnf.conf:excludepkgs=dbxtool,efibootmgr,efi-filesystem,efivar,efivar-libs,grub2-efi-x64,grub2-efi-x64-modules,mokutil,shim-x64,grub2-common,package,grub2-tools,grub2-tools-efi,grub2-tools-minimal,grub2-tools-extra,grub2-pc-modules,grub2-pc,cloud-init

I think this has been configured by our instance provider (scaleway.com). Do you think I have to remove exclusion and try to complete the migration process?

Best regards,

armetiz avatar May 24 '22 07:05 armetiz

I think there's a reason they put that there which has to do with how the instance boots. I would contact your provider and ask for advice. I get the feeling that it's actually not an EFI boot system but presents as such to migrate2rocky, or they're doing something funny with efi boot which means that replacing that could cause issues. I would appreciate hearing back when you find out, issues such as this deserve at least an entry in the "known issues" section of the README file so that others can be forewarned about it.

pajamian avatar May 24 '22 08:05 pajamian

The first answer from the provider.

The reason why GRUB is blocked is because the Centos 8 image does not support UEFI boot by default.

So we are forced to install a specific version and block the packages to make it work.

What we advise you to do is to try to migrate to another instance.

You can make a backup of this one, start a new one on the snapshot, remove the excludepkgs line.

If this other instance works after migration to Rocky Linux, you can then delete the old one.

The second message.

The latest versions of Rocky Linux seem to support UEFI boot and even Secure Boot since 8.5.

Trying to install the latest version of GRUB is likely to work as systems have evolved.

Our GRUB was locked down the day we released CentOS 8 on our instances, so it's a bit dated!

armetiz avatar May 24 '22 14:05 armetiz

I try on a staging server the following.

Remove shim-x64 grub2-efi-x64 grub2-tools-minimal grub2-tools-extra grub2-tools grub2-common grub2-pc grub2-pc-modules from /etc/dnf/dnf.conf.

  • dnf install shim-x64 grub2-efi-x64
  • grub2-mkconfig -o /boot/efi/EFI/rocky/grub.cfg
  • efi_mount=$(findmnt --mountpoint /boot/efi --output SOURCE --noheadings)
  • kname=$(lsblk -dno kname "$efi_mount")
  • efi_disk=("$(lsblk -dno pkname "/dev/$kname")")
  • efi_partition=("$(<"/sys/block/${efi_disk[0]}/$kname/partition")")
  • efibootmgr -c -d "/dev/${efi_disk[0]}" -p "${efi_partition[0]}" -L "Rocky Linux" -l "/EFI/rocky/shimx64.efi"

Note: Before running the final efibootmgr command, I displayed the $efi_disk variable content to check how many disk. echo $efi_mount # /dev/vda1.

Server has been reboot successfully. @pajamian I let you confirm the process.

armetiz avatar May 24 '22 15:05 armetiz

That's a very helpful response and good advice.  Copying the instance before proceeding is also a good idea as it's easy to mess up the uefi steps and end up making the instance unbootable.Once you've got the instance copied you'll want to install the shim and grub packages in question.  Then look at the fix_efi function in migrate2rocky, there are two commands in there you'll need to run and just substitute the boot disk and partition number in.  After that your instance should be properly configured for rocky linux and should boot properly. Good luck and let me know how it goes. Peter Sent from my Galaxy

pajamian avatar May 24 '22 15:05 pajamian

Yep that's pretty much what I was already saying although did you install the new shim-x64 and grub2-efi-x64?Sent from my Galaxy -------- Original message --------From: Thomas Tourlourat @.> Date: 25/05/22 3:00 am (GMT+12:00) To: rocky-linux/rocky-tools @.> Cc: Peter Ajamian @.>, Mention @.> Subject: Re: [rocky-linux/rocky-tools] Error installing required packages: shim-x64 grub2-efi-x64 (Issue #175) I try on a staging server the following. Remove shim-x64 grub2-efi-x64 grub2-tools-minimal grub2-tools-extra grub2-tools grub2-common grub2-pc grub2-pc-modules from /etc/dnf/dnf.conf.

grub2-mkconfig -o /boot/efi/EFI/rocky/grub.cfg efi_mount=$(findmnt --mountpoint /boot/efi --output SOURCE --noheadings) kname=$(lsblk -dno kname "$efi_mount") efi_disk=("$(lsblk -dno pkname "/dev/$kname")") efi_partition=("$(<"/sys/block/${efi_disk[0]}/$kname/partition")") efibootmgr -c -d "/dev/${efi_disk[0]}" -p "${efi_partition[0]}" -L "Rocky Linux" -l "/EFI/rocky/shimx64.efi"

Note: Before running the final efibootmgr command, I displayed the $efi_disk variable content to check how many disk. echo $efi_mount # /dev/vda1. Server has been reboot successfully. @pajamian I let you confirm the process.

—Reply to this email directly, view it on GitHub, or unsubscribe.You are receiving this because you were mentioned.Message ID: @.***>

pajamian avatar May 24 '22 15:05 pajamian

@pajamian previous comment have been edited to add shim-x64 grub2-efi-x64.

Thank you for your support ;)

Regards.

armetiz avatar May 24 '22 16:05 armetiz