Re: 8.2.2004 Latest yum update renders machine unbootable

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 8/2/20 7:06 AM, Robert Heller wrote:
> At Sun, 2 Aug 2020 06:59:06 -0500 CentOS mailing list <centos@xxxxxxxxxx> wrote:
> 
>>
>>
>>
>> On 8/2/20 2:04 AM, Alessandro Baggi wrote:
>>>
>>> Il 01/08/20 22:03, Greg Bailey ha scritto:
>>>> On 8/1/20 6:56 AM, david wrote:
>>>>> At 02:54 AM 8/1/2020, Alessandro Baggi wrote:
>>>>>> Hi Johnny,
>>>>>> thank you very much for clarification.
>>>>>>
>>>>>> You said that in the centos infrastructure only one server got the
>>>>>> problem.
>>>>>> What are the conditions that permit the breakage? There is a particular
>>>>>> configuration (hw/sw) case that match always the problem or it is
>>>>>> random?
>>>>>>
>>>>>> Thank you
>>>>>
>>>>> I have two servers running Centos 7 on apple hardware (one mac-mini
>>>>> and one mac server).  They both failed to reboot a few days ago.  So
>>>>> perhaps whatever anti-boot bug hit Centos 8, also hit Centos 7.  I
>>>>> can't tell what version got updated since the system simply fails to
>>>>> boot.  I don't even get a grub screen. I'll have to rebuild the
>>>>> systems from scratch.
>>>>>
>>>>>
>>>>
>>>> You should be able to boot off of installation media into rescue mode,
>>>> and downgrade the grub2* and/or shim* RPMs.
>>>>
>>>> -Greg
>>>>
>>> I did the downgrade on a fresh install of c8.2 but yum said that all
>>> selected packages (grub2,shim...) are already to the lowest version and
>>> the downgrade is not possibile, ending with "nothing to do".
>>
>> Ok .. We are running through some final testing now for CentOS Linux 8
>> and CentOS Stream .. updates later today for EL8.
>>
>> For CentOS Linux 7 .. I just pushed the latest shim packages (we had to
>> get these signed by Microsoft .. as do all distros that do shim.
>> Microsoft is the official CA for secureboot.
>>
>> So in the next few hours, after the mirrors sync up .. you should be
>> able to fix any EL7 machines.
> 
> Question: is this only a problem for bare metal w/EFI or are VMs affected?  I 
> have a VPS running CentOS 7:
> 
> sharky4.deepsoft.com% uname -a
> Linux sharky4.deepsoft.com 3.10.0-1127.13.1.el7.x86_64 #1 SMP Tue Jun 23 
> 15:46:38 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
> sharky4.deepsoft.com% rpm -qa grub\* shim\*
> grub2-tools-extra-2.02-0.81.el7.centos.x86_64
> grub2-pc-modules-2.02-0.81.el7.centos.noarch
> grub2-tools-minimal-2.02-0.81.el7.centos.x86_64
> grub2-2.02-0.81.el7.centos.x86_64
> grub2-tools-2.02-0.81.el7.centos.x86_64
> grubby-8.28-26.el7.x86_64
> grub2-common-2.02-0.81.el7.centos.noarch
> grub2-pc-2.02-0.81.el7.centos.x86_64
> sharky4.deepsoft.com% 
> 
> I have these (pending) updates:
> 
> sharky4.deepsoft.com% sudo /usr/bin/yum check-update
> Loaded plugins: fastestmirror
> Loading mirror speeds from cached hostfile
>  * base: mirror.es.its.nyu.edu
>   * epel: mirror.math.princeton.edu
>    * extras: mirror.facebook.net
>     * updates: mirror.atlanticmetro.net
>     
> fail2ban.noarch                      0.11.1-9.el7.2                    epel   
> fail2ban-firewalld.noarch            0.11.1-9.el7.2                    epel   
> fail2ban-sendmail.noarch             0.11.1-9.el7.2                    epel   
> fail2ban-server.noarch               0.11.1-9.el7.2                    epel   
> fail2ban-systemd.noarch              0.11.1-9.el7.2                    epel   
> grub2.x86_64                         1:2.02-0.86.el7.centos            updates
> grub2-common.noarch                  1:2.02-0.86.el7.centos            updates
> grub2-pc.x86_64                      1:2.02-0.86.el7.centos            updates
> grub2-pc-modules.noarch              1:2.02-0.86.el7.centos            updates
> grub2-tools.x86_64                   1:2.02-0.86.el7.centos            updates
> grub2-tools-extra.x86_64             1:2.02-0.86.el7.centos            updates
> grub2-tools-minimal.x86_64           1:2.02-0.86.el7.centos            updates
> kernel.x86_64                        3.10.0-1127.18.2.el7              updates
> kernel-headers.x86_64                3.10.0-1127.18.2.el7              updates
> kernel-tools.x86_64                  3.10.0-1127.18.2.el7              updates
> kernel-tools-libs.x86_64             3.10.0-1127.18.2.el7              updates
> python-perf.x86_64                   3.10.0-1127.18.2.el7              updates
> 
> Is it "safe" for me to to do a yum update or should I wait?
> 
> 
> 

This shim issue should only impact cold iron machines with secureboot
enabled.




Attachment: signature.asc
Description: OpenPGP digital signature

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]


  Powered by Linux