Bug 1217757 - [Build 41.1] openQA test fails in verify_secure_boot_bios - 'bootctl' cmd not found
Summary: [Build 41.1] openQA test fails in verify_secure_boot_bios - 'bootctl' cmd not...
Status: RESOLVED INVALID
Alias: None
Product: PUBLIC SUSE Linux Enterprise Server 15 SP6
Classification: openSUSE
Component: Installation (show other bugs)
Version: unspecified
Hardware: Other SLES 15
: P2 - High : Normal
Target Milestone: ---
Assignee: Steffen Winterfeldt
QA Contact:
URL: https://openqa.suse.de/tests/12958353...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-12-04 05:26 UTC by Lemon Li
Modified: 2023-12-11 11:43 UTC (History)
3 users (show)

See Also:
Found By: openQA
Services Priority:
Business Priority:
Blocker: Yes
Marketing QA Status: ---
IT Deployment: ---

Attachments
y2 log (119.10 KB, application/x-bzip)
2023-12-04 05:26 UTC, Lemon Li 		Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Lemon Li 2023-12-04 05:26:06 UTC 
Created attachment 871119 [details]
y2 log

## Observation

Before installation the test will check Secure Boot status via 'bootctl' cmd, the failure is 'bootctl not found'.

openQA test in scenario sle-15-SP6-Online-x86_64-autoyast_non_secure_boot@uefi fails in
[verify_secure_boot_bios](https://openqa.suse.de/tests/12958353/modules/verify_secure_boot_bios/steps/5)

## Test suite description
Autoyast installation on UEFI mode with non_secure_boot.


## Reproducible

Fails since (at least) Build [41.1](https://openqa.suse.de/tests/12948446)


## Expected result

Last good: [40.1](https://openqa.suse.de/tests/12932954) (or more recent)


## Further details

Always latest result in this scenario: [latest](https://openqa.suse.de/tests/latest?arch=x86_64&distri=sle&flavor=Online&machine=uefi&test=autoyast_non_secure_boot&version=15-SP6)
Comment 1 Stefan Hundhammer 2023-12-04 08:41:23 UTC 
"Before installation" means that the problem clearly cannot be the installer.


> ## Test suite description
> Autoyast installation on UEFI mode with non_secure_boot.

So that test is designed to attempt an UEFI installation in non-UEFI (legacy boot) mode? Or what does that test description mean?

I don't think that can work. You have to select the correct boot mode from the installation medium; the one that matches the boot mode you configured in the hardware's BIOS.

Also, PLEASE select the correct architecture for such bug reports, especially when it's about booting.
Comment 2 Stefan Hundhammer 2023-12-04 11:01:39 UTC 
So AFAICS the inst-sys does not contain the "bootctl" command which is part of package "udev".

From the attached y2logs tarball:

> % grep udev _packages.root 
> btrfsprogs-udev-rules [6.5.1-150600.1.3.noarch] < btrfsprogs
> libgudev-1_0-0 [237-150400.1.6.x86_64] < libwacom9 < libinput10 < xf86-input-> libinput
> libudev1 [254.5-150600.1.2.x86_64]


On my Leap 15.5:

> % rpm -qf `which bootctl`
> udev-249.16-150400.8.35.5.x86_64


I am not sure if the installer infrastructure actually needs that "bootctl" command; probably not. It is possible that it was removed from the inst-sys to save some disk space on the installation media. But it's only 67k (plus the shared libs that it requires).

Reassigning to the inst-sys maintainer.
Comment 3 Radoslav Tzvetkov 2023-12-06 14:10:10 UTC 
Any update?
Comment 4 Stefan Hundhammer 2023-12-06 15:42:57 UTC 
If the goal is just to check if the current system uses secure boot (UEFI) or legacy boot:

I seem to recall that an alternative is checking if the /sys/firmware/efi directory exists: On legacy boot, it doesn't, on secure boot (UEFI), it does.

But please verify this to make sure.
Comment 5 Steffen Winterfeldt 2023-12-11 11:43:04 UTC 
bootctl is (at least in recent systemd releases) part of systemd-boot.

systemd-boot is not used in our installation media; adding it specifically
for a qa test does not make sense.

Please just check the EFI vars as Stefan suggested.