27a326dafb
As of grub2 >= 2.02-95 on redhat family distros, calling grub2-install on an EFI partition will fail with: "this utility cannot be used for EFI platforms because it does not support UEFI Secure Boot." This version of grub is now in centos8-stream and non-eus repos of RHEL-8. It is not currently possible to build whole-disk UEFI images on these distros, and when this package is promoted this will also affect centos8 and RHEL-8 eus. The grub maintainers made this change because the grub2-install generated /boot/efi/EFI/BOOT/BOOTX64.EFI will never be capable of booting with Secure Boot. This change defines a $EFI_BOOT_DIR for every distro element. When directory /boot/efi/$EFI_BOOT_DIR exists a grub.cfg file in will be generated there. This change also installs the shim package on redhat family distros, which installs a copy of the shim bootloader to /boot/efi/EFI/BOOT/BOOTX64.EFI. Using centos as an example, this allows UEFI to boot the shim /boot/efi/EFI/BOOT/BOOTX64.EFI which then chains to /boot/efi/EFI/centos/grubx64.efi. If /boot/efi/$EFI_BOOT_DIR doesn't exist (such as for Ubuntu, /boot/efi/EFI/ubuntu) the current behaviour of running grub-install to generate /boot/efi/EFI/BOOT/BOOTX64.EFI will continue. For distros such as Ubutnu where packaging does not populate /boot/efi/EFI/ubuntu with .efi files, secure boot can be added in the future by copying .efi files to /boot/efi/EFI/ubuntu and copying the shim file to /boot/efi/EFI/BOOT/BOOTX64.EFI. Change-Id: I90925218ff2aa4c4daffcf86e686b6d98d6b0f21 |
||
---|---|---|
.. | ||
cleanup.d | ||
post-install.d | ||
element-deps | ||
package-installs.yaml | ||
pkg-map | ||
README.rst |
=== iso === Generates a bootable ISO image from the kernel/ramdisk generated by the elements ``baremetal``, ``ironic-python-agent-ramdisk`` (from ironic-python-agent-builder) or ``ramdisk``. It uses isolinux to boot on BIOS machines and grub to boot on EFI machines. This element has been tested on the following distro(s): * ubuntu * fedora * debian **NOTE**: For other distros, please make sure the ``isolinux.bin`` file exists at ``/usr/lib/syslinux/isolinux.bin``. baremetal element ----------------- When used with ``baremetal`` element, this generates a bootable ISO image named ``<image-name>-boot.iso`` booting the generated kernel and ramdisk. It also automatically appends kernel command-line argument 'root=UUID=<uuid-of-the-root-partition>'. Any more kernel command-line arguments required may be provided by specifying them in ``DIB_BOOT_ISO_KERNEL_CMDLINE_ARGS``. **NOTE**: It uses pre-built efiboot.img by default to work for UEFI machines. This is because of a bug in latest version of grub[1]. The user may choose to avoid using pre-built binary and build efiboot.img on their own machine by setting the environment variable DIB\_UEFI\_ISO\_BUILD\_EFIBOOT to 1 (this might work only on certain versions of grub). The current efiboot.img was generated by the method build\_efiboot\_img() in 100-build-iso on Ubuntu 13.10 with grub 2.00-19ubuntu2.1. ramdisk element --------------- When used with ``ramdisk`` element, this generates a bootable ISO image named ``<image-name>.iso`` booting the generated kernel and ramdisk. It also automatically appends kernel command-line argument 'boot\_method=vmedia' which is required for Ironic drivers ``iscsi_ilo``. ironic-python-agent-ramdisk element ----------------------------------- When used with ``ironic-python-agent-ramdisk`` element, this generates a bootable ISO image named ``<image-name>.iso`` which boots the agent kernel and agent ramdisk. **REFERENCES** [1] https://bugs.launchpad.net/ubuntu/+source/grub2/+bug/1378658