Bug#966575: same error message here
Dear Debian maintainers, On Fri, 31 Jul 2020 22:39:22 +0200 cacat...@tuxfamily.org wrote: > Package: grub-pc > Version: 2.02+dfsg1-20+deb10u2 > > Dear Maintainers, > > Don't know if it's useful but contributing infos I collected on this, > since I ran into the same error message on a Lenovo Thinkpad T510 > running Debian Stable. The same here. You should be more careful when upgrading or fixing a security issue in the boot loader. It currently breaks a Debian Buster system, which is production. The suggested grub reinstall method did _not_ work for me. I booted from a USB stick into rescue mode and had to downgrade grub-common package (I don’t have grub2 on my system) and reinstall all dependent packages again. After downgrading grub-common/grub2-common to version 2.02+dfsg1-20, my system boots and works fine. Downgrade grub-common/grub2-common: from: 2.02+dfsg1-20+deb10u2 to:2.02+dfsg1-20 and it did work after reboot. See my APT history log for details. “ Start-Date: 2020-07-31 22:52:35 Commandline: apt install grub-common=2.02+dfsg1-20 Downgrade: grub-common:amd64 (2.02+dfsg1-20+deb10u2, 2.02+dfsg1-20) Remove: grub2-common:amd64 (2.02+dfsg1-20+deb10u2), grub-efi-amd64-bin:amd64 (2.02+dfsg1-20+deb10u2), grub-efi-amd64:amd64 (2.02+dfsg1-20+deb10u2), shim-signed:amd64 (1.33+15+1533136590.3beb971-7), grub-efi-amd64-signed:amd64 (1+2.02+dfsg1+20+deb10u2) End-Date: 2020-07-31 22:53:28 Start-Date: 2020-07-31 22:55:36 Commandline: apt install grub2-common=2.02+dfsg1-20 Install: grub2-common:amd64 (2.02+dfsg1-20) End-Date: 2020-07-31 22:55:41 Start-Date: 2020-07-31 22:56:39 Commandline: apt install grub-efi-amd64-bin=2.02+dfsg1-20 Install: grub-efi-amd64-bin:amd64 (2.02+dfsg1-20) End-Date: 2020-07-31 22:56:53 Start-Date: 2020-07-31 22:57:09 Commandline: apt install grub-efi-amd64=2.02+dfsg1-20 Install: grub-efi-amd64:amd64 (2.02+dfsg1-20) End-Date: 2020-07-31 22:57:33 Start-Date: 2020-07-31 22:58:43 Commandline: apt install grub-efi-amd64-signed=1+2.02+dfsg1+20 Install: shim-signed:amd64 (1.33+15+1533136590.3beb971-7, automatic), grub-efi-amd64-signed:amd64 (1+2.02+dfsg1+20) End-Date: 2020-07-31 22:58:50 “ My kernel is: 4.19.0-9-amd64 No grub2. grub-common, grub2-common is now at v2.02+dfsg1-20. Debian Buster latest v10.4. Linux package: linux-image-4.19.0-9-amd64-signed v4.19.118-2+deb10u1 I have working UEFI booting system, w/o secure boot and amd64 grub package UEFI signed by Debian. Kind regards, -- Miklós Quartus q...@foresthacker.hu signature.asc Description: Message signed with OpenPGP
Bug#966575: same error message here
Control: severity -1 grave On Fri, Jul 31, 2020 at 10:40:34PM +0100, Colin Watson wrote: > I'm going to downgrade this to non-release-critical. It is absolutely a > problem that we need to deal with (somehow ... it may be that in some > cases we need to refuse to continue the upgrade instead, which would be > a different kind of bug that would tend to be filed as release-critical > too!), but given that it's a latent problem that would have been exposed > by any change of a similar magnitude, I don't think it makes sense for > it to block migration of this new version to testing. On second thoughts, I'm going to leave this as RC for now. I made some specific suggestions in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=966575#102 that I think could probably be implemented without taking too long, and if we do that before this reaches testing then that would reduce the number of people with unbootable systems. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#966575: same error message here
On Fri, Jul 31, 2020 at 11:27:18PM +0200, Miklós Quartus wrote: > The same here. You should be more careful when upgrading or fixing a > security issue in the boot loader. We do take considerable care - the fact that sometimes problems slip through doesn't mean we weren't careful. (In general, this type of problem relates to oddities of particular people's systems.) > It currently breaks a Debian Buster system, which is production. The > suggested grub reinstall method did _not_ work for me. I booted from a > USB stick into rescue mode and had to downgrade grub-common package (I > don’t have grub2 on my system) and reinstall all dependent packages > again. After downgrading grub-common/grub2-common to version > 2.02+dfsg1-20, my system boots and works fine. Unlike other folks reporting this bug, you seem to be using UEFI. That means that you have a completely different problem, even though it presents with similar symptoms. Could you please file a *separate* bug report with details of the problem you encountered? We're also likely to need to know the disk/partition/filesystem layout of your system, whether you're using UEFI Secure Boot, and anything else that might be interesting about how your machine boots. This isn't the same thing as the other problems in this bug, and we'll need to investigate it separately. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#966575: same error message here
Control: severity -1 important On Fri, Jul 31, 2020 at 10:39:22PM +0200, cacat...@tuxfamily.org wrote: > Don't know if it's useful but contributing infos I collected on this, > since I ran into the same error message on a Lenovo Thinkpad T510 > running Debian Stable. For anyone affected by this bug, the workaround is to run "dpkg-reconfigure grub-pc" as root and follow the instructions in the "GRUB install devices" question. If your system has already failed to boot, you can use a rescue image of some kind to get back in: for example, the Debian installer's rescue mode should be suitable. This is a long-standing problem: we get a scattering of reports of the same general kind with every GRUB upgrade that changes the binary interface between GRUB's core image and modules in some way, although the exact details depend on the upgrade in question. The situation certainly needs to be improved. However, the problem is not with the actual changes made in this version of GRUB. Rather, it's a latent configuration problem on your system (and on the systems of other people affected by this) that is triggered by the act of making *any* change to GRUB that causes new modules in /boot/grub not to be compatible with old core images in the boot sector that your firmware jumps to when booting your machine. This problem happens on systems that are configured to run grub-install to a target device that is not actually the one that your firmware uses to boot your computer. This configuration error is normally the result of something like changing disks around without telling the GRUB packaging about it, so it continues to install to an old device without realising it isn't the one that your firmware is configured to boot from any more. Sometimes it's the result of a bug in some kind of installation or cloning process instead. Unfortunately it is rarely possible to tell exactly what caused it from any information that still exists on the systems in question; sometimes the affected users have an idea what might have happened and sometimes they don't. The packaging tries to detect some problems along these lines - I did considerable work on this way back in 2010 to try to improve the situation - and the volume of reports of this kind is much lower than it used to be as a result, but it still happens sometimes. I'm going to downgrade this to non-release-critical. It is absolutely a problem that we need to deal with (somehow ... it may be that in some cases we need to refuse to continue the upgrade instead, which would be a different kind of bug that would tend to be filed as release-critical too!), but given that it's a latent problem that would have been exposed by any change of a similar magnitude, I don't think it makes sense for it to block migration of this new version to testing. -- Colin Watson (he/him) [cjwat...@debian.org]
Bug#966575: same error message here
Package: grub-pc Version: 2.02+dfsg1-20+deb10u2 Dear Maintainers, Don't know if it's useful but contributing infos I collected on this, since I ran into the same error message on a Lenovo Thinkpad T510 running Debian Stable. Some specifics are : - I use unattended-upgrades, so it might be I missed something - Install was made with no root password set, but I set one recently. - It has a LUKS partition but it's secondary and not a system mount point. - It runs a kernel from the backports. What happened : Start-Date: 2020-07-30 09:09:13 Commandline: /usr/bin/unattended-upgrade Upgrade: grub-common:amd64 (2.02+dfsg1-20, 2.02+dfsg1-20+deb10u1), grub2-common:amd64 (2.02+dfsg1-20, 2.02+dfsg1-20+deb10u1), grub-pc:amd64 (2.02+dfsg1-20, 2.02+dfsg1-20+deb10u1), grub-pc-bin:amd64 (2.02+dfsg1-20, 2.02+dfsg1-20+deb10u1) End-Date: 2020-07-30 09:09:25 Start-Date: 2020-07-30 09:09:27 Commandline: /usr/bin/unattended-upgrade Upgrade: firefox-esr-l10n-fr:amd64 (68.10.0esr-1~deb10u1, 68.11.0esr-1~deb10u1), firefox-esr:amd64 (68.10.0esr-1~deb10u1, 68.11.0esr-1~deb10u1) End-Date: 2020-07-30 09:09:38 Start-Date: 2020-07-31 10:41:26 Commandline: /usr/bin/unattended-upgrade Upgrade: grub-common:amd64 (2.02+dfsg1-20+deb10u1, 2.02+dfsg1-20+deb10u2), grub2-common:amd64 (2.02+dfsg1-20+deb10u1, 2.02+dfsg1-20+deb10u2), grub-pc:amd64 (2.02+dfsg1-20+deb10u1, 2.02+dfsg1-20+deb10u2), grub-pc-bin:amd64 (2.02+dfsg1-20+deb10u1, 2.02+dfsg1-20+deb10u2) End-Date: 2020-07-31 10:41:36 Reboot on 2020-07-31 @ 22:00:00, then same error message than OP. Fixed situation by rebooting on a USB key with Debian installer, rescue mode, reinstalling grub on /dev/sda. More system infos in attachment. -- Package-specific info: *** BEGIN /proc/mounts /dev/sda1 / ext4 rw,relatime,errors=remount-ro 0 0 /dev/sda8 /mnt/debiantesting ext4 rw,relatime 0 0 /dev/sda6 /home ext4 rw,relatime 0 0 *** END /proc/mounts *** BEGIN /boot/grub/grub.cfg # # DO NOT EDIT THIS FILE # # It is automatically generated by grub-mkconfig using templates # from /etc/grub.d and settings from /etc/default/grub # ### BEGIN /etc/grub.d/00_header ### if [ -s $prefix/grubenv ]; then set have_grubenv=true load_env fi if [ "${next_entry}" ] ; then set default="${next_entry}" set next_entry= save_env next_entry set boot_once=true else set default="0" fi if [ x"${feature_menuentry_id}" = xy ]; then menuentry_id_option="--id" else menuentry_id_option="" fi export menuentry_id_option if [ "${prev_saved_entry}" ]; then set saved_entry="${prev_saved_entry}" save_env saved_entry set prev_saved_entry= save_env prev_saved_entry set boot_once=true fi function savedefault { if [ -z "${boot_once}" ]; then saved_entry="${chosen}" save_env saved_entry fi } function load_video { if [ x$feature_all_video_module = xy ]; then insmod all_video else insmod efi_gop insmod efi_uga insmod ieee1275_fb insmod vbe insmod vga insmod video_bochs insmod video_cirrus fi } if [ x$feature_default_font_path = xy ] ; then font=unicode else insmod part_msdos insmod ext2 set root='hd0,msdos1' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 ad4ff815-580a-4bad-965f-c66dbd806733 else search --no-floppy --fs-uuid --set=root ad4ff815-580a-4bad-965f-c66dbd806733 fi font="/usr/share/grub/unicode.pf2" fi if loadfont $font ; then set gfxmode=auto load_video insmod gfxterm set locale_dir=$prefix/locale set lang=fr_FR insmod gettext fi terminal_output gfxterm if [ "${recordfail}" = 1 ] ; then set timeout=30 else if [ x$feature_timeout_style = xy ] ; then set timeout_style=menu set timeout=1 # Fallback normal timeout code in case the timeout_style feature is # unavailable. else set timeout=1 fi fi ### END /etc/grub.d/00_header ### ### BEGIN /etc/grub.d/05_debian_theme ### insmod part_msdos insmod ext2 set root='hd0,msdos1' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd0,msdos1 --hint-efi=hd0,msdos1 --hint-baremetal=ahci0,msdos1 ad4ff815-580a-4bad-965f-c66dbd806733 else search --no-floppy --fs-uuid --set=root ad4ff815-580a-4bad-965f-c66dbd806733 fi insmod png if background_image /usr/share/desktop-base/futureprototype-theme/grub/grub-4x3.png; then set color_normal=white/black set color_highlight=black/white else set menu_color_normal=cyan/blue set menu_color_highlight=white/blue fi ### END /etc/grub.d/05_debian_theme ### ### BEGIN /etc/grub.d/10_linux ### function gfxmode { set gfxpayload="${1}" } set linux_gfx_mode= export linux_gfx_mode menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-ad4ff815-580a-4bad-965f-c66dbd806733' { load_video