** Description changed: [Impact] Typically when you install Ubuntu on an EFI system, it installs a new default EFI boot entry that makes the system reboot directly into the OS. During MAAS installs, curtin is careful to disable that behavior. MAAS requires the default boot entry to remain PXE, so that it can direct the system to boot from disk or network as necessary. curtin does this by passing --no-nvram to grub-install when installing the bootloader. - ***However***, this doesn't stop a boot entry from being added after - deploy. If the user installs a grub package update or manually runs - 'grub-install', a boot entry will be added, and MAAS will lose control - of the system. + *Update*: newer curtin releases actually allow the creation of a new + boot entry, but updates the boot menu to make PXE the default. That + change is orthogonal to this bug. + + ***However***, this doesn't stop a new default boot entry from being + added after deploy. If the user installs a grub package update or + manually runs 'grub-install', booting from disk will become the default, + and MAAS will lose control of the system. [Proposed Solution (er... glorified workaround)] The GRUB package in zesty now has support for setting the --no-nvram flag *persistently*. This is implemented via a debconf template (grub2/update_nvram). If curtin sets this flag to "false" during install, post-deploy grub updates will also pass the --no-nvram flag when running grub-install. This isn't a perfect solution - users can still call grub-install manually and omit this flag. [Test Case] - MAAS deploy an EFI system. - After deploy, login and run 'sudo apt --reinstall install grub-efi-$(dpkg --print-architecture) - Reboot and observe that the system does not PXE boot. [Regression Risk] - The GRUB implementation does not change the defaults of the package. The user would need to opt-in to the "grub2/update_nvram=false". This option is also only presented to users who specifically request a low debconf priority (e.g. expert mode installs). - XXX curtin risk XXX
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1642298 Title: UEFI Xenial install sets computer to boot from hard disk To manage notifications about this bug go to: https://bugs.launchpad.net/curtin/+bug/1642298/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
