search

zbm-dev / zfsbootmenu

ZFS Bootloader for root-on-ZFS systems with support for snapshots and native full disk encryption
https://zfsbootmenu.org
MIT License
878 stars 68 forks source link

Unable to mask teardown scripts. #502

Closed geekifan closed 1 year ago

geekifan commented 1 year ago

I set org.zfsbootmenu:commandline="quiet loglevel=4 zbm.hookroot=UUID=XXXX-XXXX//EFI/zfsbootmenu/hooks" and I am sure the UUID (a vfat EFI partition) is correct here. I also put an empty script named 90-xhci-unbind.sh inside hooks/teardown.d. But zbm continues to teardown an USB keyboard before entering kernel.

ahesford commented 1 year ago

This will get easier when https://github.com/zbm-dev/zfsbootmenu/commit/ff5956298ab103b654606f6cfefc7c5343124926 makes it into v2.3.

Is this one of our binary releases? The v2.2 series still installs the hook as xhci-tear down.sh, with no numeric prefix. You can confirm the name by dropping to an emergency shell with Ctrl+R in the menu and looking at the contents of /libexec/teardown.d.

geekifan commented 1 year ago

Yes, I am using the binary release. I've tried to rename the dummy teardown script to the same name as the one in /libexec.teardown.d. But it doesn't work. My machine is a supermicro server and it has a virtual keyboard, which is disabled by zbm before kernel boot. I cannot control my server in IPMI using the virtual keyboard so I have to find a proper way to disable the teardown script.

ahesford commented 1 year ago

I suspect you are unable to mount the EFI system partition from the ZFSBootMenu image because it lacks the necessary modules for FAT filesystem support. Can you drop to a recovery shell and try mount UUID=XXXX-XXXX /tmp or something similar?

geekifan commented 1 year ago

After I installed zbm, I found out the vfat EFI partition /dev/sda1 containing the zbm boot EFI file according to the result of blkid and successfully mounted it using mount /dev/sda1 /boot/efi in the recovery shell. I created the dummy hook script inside the recovery shell, so I don't think that it lacks the necessary modules for FAT fs support.But I haven't tried to mount it using uuid because I cannot reboot my server recently.

The directory structure of my EFI partition is:

|- EFI
    |- ZBM
        |- VMLINUZ.EFI
        |- VMLINUZ_BACKUP.EFI
        |- hooks
            |- early-setup.d
            |- setup.d
            |- teardown.d
                |- xhci-teardown.sh (an empty shell script that does nothing)

Note that I changed the commandline arguments to zbm.hookroot=UUID=XXXX-XXXX//EFI/ZBM/hooks accordingly.

As a workaround, I can drop to the recovery shell and delete the hookscipt/libexec/teardown.d/xhci-teardown.sh in the memory filesystem of zbm temporarily so my server can boot into the system without virtual keyboard failure (but next time I still have to perform the same thing to make my virtual keyboard work).

geekifan commented 1 year ago

I decide to wait for the release of v2.3. The commit you mentioned is awesome! Thanks a lot!!

wehagy commented 1 year ago

I know this issue is closed, but I am using zbm.hookroot=<hookspec> and you need to pass this cmdline option to zfsbootmenu directly or build your own image with that option and not set using org.zfsbootmenu:commandline in the zfs pool.

I use it to run a pre-boot snapshot hook, not used to mask any built-in scripts before, but now I also tested masking the teardown script and works.

\ My EFI partition directory struture:

/efi
├── EFI
│   ├── BOOT
│   │   └── BOOTX64.EFI
│   ├── Linux
│   ├── systemd
│   │   └── systemd-bootx64.efi
│   └── tools
│       ├── netboot.xyz
│       │   └── netboot.xyz.efi
│       └── zfsbootmenu
│           ├── hooks
│           │   └── teardown.d
│           │       └── 80-snapshot-teardown.sh
│           ├── vmlinuz-backup.EFI
│           └── vmlinuz.EFI
└── loader
    ├── entries
    │   ├── 00-example.conf.disable
    │   ├── 01-example.conf.disable
    │   ├── 10-zfsbootmenu_backup.conf
    │   ├── 10-zfsbootmenu.conf
    │   └── 20-netboot.xyz.conf
    ├── entries.srel
    ├── loader.conf
    └── random-seed

\ Using systemd-boot as boot manager and this is my 10-zfsbootmenu.conf for reference:

title      ZFSBootMenu
version    2.2.0-recovery 
options    zbm.hookroot=PARTLABEL=ESP-NVMe_SSD_1TB_XXXX//EFI/tools/zfsbootmenu/hooks
linux      /EFI/tools/zfsbootmenu/vmlinuz.EFI

Note: Recovery version of the zfsbootmenu image

\ My loader.conf

default 10-zfsbootmenu.conf
timeout 3
console-mode max

\ And just to be sure, I checked the name of the teardown script:

$ sudo lsinitrd /efi/EFI/tools/zfsbootmenu/vmlinuz.EFI | grep teardown.sh
-rwxr-xr-x   1 root     root         1285 Nov 17  2021 libexec/teardown.d/xhci-teardown.sh

\ Write a teardown script with this content, save with this name xhci-teardown.sh and copy/move to /efi/EFI/tools/zfsbootmenu/hooks to test:

#!/bin/bash

printf "Do nothing\n"
sleep 5

\ Reboot and you will see on booting the Do nothing printed on the screen for 5 seconds and you will not see any Tearing down USB controller ${DEVICE}... message.

geekifan commented 1 year ago

Thank you so much! I am not so familiar with UEFI boot so I confused kernel parameter with org.zfsbootmenu:commandline. Your solution works like a charm! I added the kernel boot parameter into the zbm boot entry using eifbootmgr and successfully skipped the teardown hook.