Lxd 3.21: VM EFI boot error

mar · February 24, 2020, 11:26pm

Hi,

Unrelated to the rest of my ceph issues I’ve been trying to deploy debian9 in an LXD VM for pushing to the primary cluster:

I am booting debian9 as such:
mar@madelinews:~$ lxc config device add debian9 iso disk source=/isos/debian-9.12.0-
amd64-netinst.iso
mar@madelinews:~$ lxc start debian9 && lxc console debian9

After startup.nsh runs, this happens (the ISO does not contain a grubx64.efi, but that’s unrelated as this works with stock ubuntu tianocore/ovmf stuff in qemu)

Shell> \efi\boot\grubx64.efi
'\efi\boot\grubx64.efi' is not recognized as an internal or external command, operable 
program, or script file.
[end startup.nsh]
Shell> fs0:
FS0:\> \efi\boot\bootx64.efi
Command Error Status: Access Denied
FS0:\>

I have never before seen an EFI shell tell me “Access Denied” when trying to run an executable.

The same ISO works with OVMF on ubuntu 18.04 with unmodifed QEMU.

stgraber · February 24, 2020, 11:36pm

That’s normal behavior for secure boot if you’re executing an untrusted binary.

Set security.secureboot=false to disable this behavior or if available, install shim-signed so that it is bootable with secureboot enabled.

mar · February 25, 2020, 12:06am

Okay. That’s sorted the boot problem, the new problem is related to the debian installer not detecting any cd-rom or hdd.

What bus is the cd stuff on by default? VirtIO SCSI?

stgraber · February 25, 2020, 12:13pm

Yeah, everything is on virtio-scsi.

We should have Debian builds through distrobuilder pretty soon, I think @monstermunchkin had them mostly working.

An alternative if you want to temporarily use an alternative driver is to pass options directly to qemu through raw.qemu.