Bug 1159205 - Wrong GRUB default entry when booting snapshot in our KIWI images
Summary: Wrong GRUB default entry when booting snapshot in our KIWI images
Status: IN_PROGRESS
: 1194574 (view as bug list)
Alias: None
Product: openSUSE Tumbleweed
Classification: openSUSE
Component: Basesystem (show other bugs)
Version: Current
Hardware: Other Other
: P5 - None : Critical (vote)
Target Milestone: ---
Assignee: Bootloader Maintainers
QA Contact: E-mail List
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-13 14:15 UTC by Ignaz Forster
Modified: 2023-05-11 06:48 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---
mchang: needinfo? (mchang)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Ignaz Forster 2019-12-13 14:15:21 UTC 
With our KIWI images, when selecting an older snapshot in the GRUB menu ("Start bootloader from a read-only snapshot" -> any entry), then the first entry "Help on bootable snapshot #<num>" will be selected instead of the actual bootable entry.

For regular users this will just be an inconvenience compared to systems installed with YaST, but on automated systems, e.g. when using health-checker to automatically select an older snapshot if the default kernel or initrd did not boot correctly, this will break the boot completely - the system will be stuck in the help text.

On systems installed with YaST, https://github.com/yast/yast-bootloader/blob/53bed387ab933f635fa3c557716131643aa209a5/src/lib/bootloader/sections.rb#L48 will set the default entry by using the entry's name (e.g. "openSUSE MicroOS" or "openSUSE Leap 15.1"). KIWI would need a similar mechanism to get this working.
Comment 1 Ignaz Forster 2019-12-18 16:22:02 UTC 
Digging deeper into the problem I'm meanwhile not convinced that this should be resolved in KIWI any more.

GRUB already contains "grub2-btrfs-08-workaround-snapshot-menu-default-entry.patch", which is supposed to solve exactly this problem: It it supposed to set the default entry to the next entry if the help text is shown. Unfortunately the menu entry title, originally introduced in "grub2-btrfs-05-grub2-mkconfig.patch", is later changed by "grub2-btrfs-help-on-snapper-rollback.patch" - and the code is doing a string comparison against the old string.

The obvious fix would be to change use the new string in the GRUB patch, but maybe we could be using a better mechanism than string comparison? (Would setting a certain class or id for the menuentry work?)
Comment 2 Richard Brown 2022-01-12 10:17:01 UTC 
*** Bug 1194574 has been marked as a duplicate of this bug. ***
Comment 3 Richard Brown 2022-01-12 10:17:42 UTC 
Increasing severity as it blocks core functionality of SLE Micro/openSUSE MicroOS
Comment 4 Michael Chang 2022-01-12 11:01:55 UTC 
Thank you Ignaz and Richard. I will have a look tomorrow and update asap. (Sorry but now is a bit late to work in my timezone).
Comment 5 Michael Chang 2022-01-13 06:55:59 UTC 
Hi Ignaz and Richard

Could you please verify test package in this project works for you or not ?

https://build.opensuse.org/package/show/home:michael-chang:bsc:1159205/grub2

Thanks in advanced.
Comment 6 Richard Brown 2022-01-19 11:55:58 UTC 
Hi Michael, I can confirm it works..now I just need to get my system running secureboot again ;)
Comment 7 Michael Chang 2022-01-20 02:23:55 UTC 
(In reply to Richard Brown from comment #6)
> Hi Michael, I can confirm it works..now I just need to get my system running
> secureboot again ;)

Hi Richard,
Thank you! I will carry it out the submission to openSUSE and SLE maintenance update. Set needinfo to myself.
Comment 10 Swamp Workflow Management 2022-02-18 14:45:27 UTC 
SUSE-RU-2022:0513-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1159205,1190395
CVE References: 
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Server Applications 15-SP3 (src):    grub2-2.04-150300.22.12.2
SUSE Linux Enterprise Module for SUSE Manager Proxy 4.2 (src):    grub2-2.04-150300.22.12.2
SUSE Linux Enterprise Module for Basesystem 15-SP3 (src):    grub2-2.04-150300.22.12.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 11 Swamp Workflow Management 2022-02-18 14:46:37 UTC 
openSUSE-RU-2022:0513-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1159205,1190395
CVE References: 
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    grub2-2.04-150300.22.12.2
Comment 12 Swamp Workflow Management 2022-06-14 13:18:20 UTC 
SUSE-SU-2022:2073-1: An update that solves 7 vulnerabilities and has 14 fixes is now available.

Category: security (important)
Bug References: 1071559,1159205,1179981,1189769,1189874,1191184,1191185,1191186,1191504,1191974,1192522,1192622,1193282,1193532,1195204,1197948,1198460,1198493,1198495,1198496,1198581
CVE References: CVE-2021-3695,CVE-2021-3696,CVE-2021-3697,CVE-2022-28733,CVE-2022-28734,CVE-2022-28735,CVE-2022-28736
JIRA References: 
Sources used:
SUSE Linux Enterprise Micro 5.1 (src):    grub2-2.04-150300.3.5.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 13 Benjamin Brunner 2022-07-28 12:29:14 UTC 
Bulk-re-assigning to the new bootloader-maintainers@suse.de group.