:::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : Copyright (c) 2017 Enea AB and others. : : All rights reserved. This program and the accompanying materials : are made available under the terms of the Apache License, Version 2.0 : which accompanies this distribution, and is available at : http://www.apache.org/licenses/LICENSE-2.0 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: From: Alexandru Avadanii Date: Mon, 18 Jul 2016 16:02:20 +0200 Subject: [PATCH] Erase EFI boot entry on EFI systems. On EFI-enabled systemd, grub-install from grub-efi-* package installs a boot entry named "ubuntu". Since this boot entry is saved in board flash memory, erasing the MBR bootloader code and/or partition signature will not clear the ubuntu boot entry, leaving it pointing to a loader on the ESP (EFI System Partition) that will try to load the kernel/initrd from an erased partition. In Fuel 8.0, the whole disk was erased, so the ubuntu EFI boot entry was skipped due to missing ESP, while for Fuel 9.0 and above we have to explicitly remove it to keep the system in a sane state. Note: efibootmgr is installed automatically on EFI systems as a dependency of grub-efi-*. Closes: ARMBAND-47 Signed-off-by: Alexandru Avadanii --- mcagents/erase_node.rb | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/mcagents/erase_node.rb b/mcagents/erase_node.rb index 3eb98e8..3bac36f 100644 --- a/mcagents/erase_node.rb +++ b/mcagents/erase_node.rb @@ -112,6 +112,10 @@ module MCollective File.open('/proc/sys/kernel/panic','w') {|file| file.write("10\n")} begin + # clear out EFI boot entry on EFI-enabled systems + system("(which efibootmgr > /dev/null 2>&1 && efibootmgr | "\ + "grep -oP '(?<=Boot)[0-9]+(?=.*ubuntu)' | "\ + "xargs -I{} efibootmgr --delete-bootnum --bootnum {}) || true") get_devices(type='all').each do |dev| debug_msg("erasing bootstrap code area in MBR of #{dev[:name]}") # clear out the boot code in MBR