I created Rocky 9 aarch64 image by Packer-maas and deployed it to an arm64 machine, but deployment failed with the following error.
Command: ['unshare', '--fork', '--pid', '--', 'chroot', '/tmp/tmpy7xf6hka/target', 'grub2-install', '--target=arm64-efi', '--efi-directory=/boot/efi', '--bootloader-id=rocky', '--recheck']
Exit code: 1
Reason: -
Stdout: ''
Stderr: Installing for arm64-efi platform.
grub2-install: error: This utility should not be used for EFI platforms because it does not support UEFI Secure Boot. If you really wish to proceed, invoke the --force option.
Make sure Secure Boot is disabled before proceeding.
I found a couple of posts and articles about a way to fix this error in rescue mode(see below), but I don’t know what to do with Maas or Packer-Maas to solve this issue.
Although English isn’t my native language, if you read the message carefully, it seems that grub2-install is designed to fail on any EFI platforms unless you add the --force option. The message states, “This utility should not be used for EFI platforms because it does not support UEFI Secure Boot. If you really wish to proceed, invoke the --force option. Make sure Secure Boot is disabled before proceeding.”
To me, the error message indirectly says, “grub2-install isn’t aware of whether or not Secure Boot is enabled. It’s up to you to proceed, but you must add the --force option if you really want to,” which is puzzling to me…
On the other hand, the custom Rocky 9 amd64(not arm64) image that I’ve created by packer-maas works fine on amd64 machines with efi. So the problem seems like a bug of grub2-install being used with “–target=arm64-efi” option, but I’m not so sure…
Is there a way to add “–force” in Curtin or a way to add these three commands before Curtin executes “grub2-install”?
Thanks, @noama, for the comment here. I had actually posted a question for you on the GitHub issue a few weeks ago as I was investigating this. Please visit this link on Github to find out the changes I made.
