update-grub does not update /boot/efi/EFI/ubuntu/grub.cfg

Question

(EDIT 3: User error. Copied over /boot/efi/EFI/ubuntu/grub.cfg while debugging a boot problem)

After installing recently released Ubuntu 18.04 Server in UEFI Secure Boot mode the installer has put grub.cfg in this location:

/boot/efi/EFI/ubuntu/grub.cfg

This matches the tables created when selecting Filesystem: manual partition, which mounts the boot partion at /boot/efi (/dev/sda1).

However, sudo update-grub and sudo update-grub2 does not overwrite the grub configuration, instead updating /boot/grub/grub.cfg, i.e. a file not on the boot partition.

Question 1: Has update-grub, update-grub2 etc been superseded by some new procedure? Question 2: If not, is this a bug to be filed?

EDIT: Confused++.

Computer 1, actual hardware, manual portioning in installation and minor updates, e.g. sudo apt install tboot, problem can be reproduced.
Computer 2, vmware image: vanilla install, problem cannot be reproduced.

Both computers are UEFI Secure Boot and have same/similar partioning. the different grub.cfg experience the same update behaviour, but on the vmware image, grub respects the file /boot/grub/grub.cfg, on hardware install grub respects the /boot/efi/EFI/ubuntu/grub.cfg.

EDIT 2:

Computer 1 has now been re-installed both with manual filesystem portioning and then again with the original partitioning (250GB disk, 120GB used, rest left free). Neither re-install could reproduce the original problem, so basically now the problem is gone. All three installations on the computer was from the same ISO / USB stick.

score 12 · Answer 1 · answered Jun 20 '18 at 02:36

12

I ran into this as well. To update your EFI grub.cfg, you want to do:

grub-install --efi-directory=/boot/efi

If your EFI is mounted at /boot/efi.

answered Jun 20 '18 at 02:36

dpb

7,209

score 10 · Answer 2 · answered Jun 04 '19 at 12:22

Just to close the loop on this query - I needed updates to /boot/efi/EFI/ubuntu/grub.cfg because I had changed the location of my /boot directory (UUID changed). update-grub doesn't update that file, but

sudo dpkg-reconfigure grub-efi-amd64

will trigger a re-write, after you have answered some questions.

score 3 · Answer 3 · answered Oct 13 '18 at 01:01

blaufish notes that

the original /boot/efi/EFI/ubuntu/grub.cfg had just been a three lines file referring /boot/grub.cfg.

This three line grub.cfg is not used, at least on my grub 2.02-2ubuntu8.6 with btrfs. The 2nd line reads

set prefix=($root)'/@/boot/grub'

There is now no @ on $root, and there wasn't when grub-install was run. (@ was a zesty install that became corrupt, and deleted some time ago.) Instead, the grub path to grub.cfg is written into the grubx64.efi executable. One might see what this is by running

strings grubx64.efi | tail

I mention this because somebody might imagine, as I did once, that changing this grub.cfg to point somewhere else would be useful. I use the --boot-directory option to grub-install to set this. I have the btrfs root mounted (subvolid=5,subvol=/) at /mnt/top, and want to boot to /@grub:

--boot-directory=/mnt/top/@grub/boot

(I'm not sure this has always worked. When I first tried to set up grub independently of any install on btrfs, I had trouble, and ended up using a snapshot that I could boot from to make grub-install write what I wanted. But it's good now.)

score 1 · Accepted Answer · answered Apr 27 '18 at 15:05

root cause: user error.

I accidentally copied /boot/grub/grub.cfg to /boot/efi/EFI/ubuntu/grub.cfg while trying to debug some grub settings didn't take effect. From that point on behaviour was non-standard on my system.

thanks to oldfred for helping me realise the original /boot/efi/EFI/ubuntu/grub.cfg had just been a three lines file referring /boot/grub.cfg.

score 0 · Answer 5 · answered Jun 27 '19 at 15:48

0

I changed /boot/efi/EFI/ubuntu/grub.cfg using vi. There you need change only UID and gpt. Works fine. Be carefull.

answered Jun 27 '19 at 15:48

Borkowski

1

score 0 · Answer 6 · edited Feb 18 '20 at 09:11

0

Please apt remove grub-pc and make sure grub-efi-amd64 is installed.

edited Feb 18 '20 at 09:11

Tejas Lotlikar

2,985

answered Feb 18 '20 at 06:30

kelvin yu

1

score 0 · Answer 7 · answered Feb 13 '24 at 16:15

Using UEFI and full disk encryption (FDE) the grub config below /boot/grub/ is residing on encrypted media. As such being accessible not until after booting from GRUB and unlocking it.

Therefore a working grub config outside /boot/grub is required. This is what the ESP with its EFI/ubuntu/grub.cfg (mounted on /boot/efi) is used for.

To keep both grub.cfg files in sync, you can use the following method:

dpkg-divert --divert /usr/sbin/update-grub.orig --rename /usr/sbin/update-grub
update-alternatives --install /usr/sbin/update-grub update-grub /usr/local/sbin/update-grub 100

This is creating a diversion for /usr/sbin/update-grub, meaning packages updating /usr/sbin/update-grub will be diverted to /usr/sbin/update-grub.orig. Effectively preventing any interference of system updates with this local modification, i.e. updating grub packages will respect the diversion and modify /usr/sbin/update-grub.orig only.

The second step is installing an alternative for /usr/sbin/update-grub pointing to the locally modified file in /usr/local/sbin/update-grub

Lastly, create /usr/local/sbin/update-grub as:

#!/bin/sh
set -e
echo "$0: Updating grub BIOS config.";
/usr/sbin/update-grub.orig "$@"
echo "$0: Updating grub UEFI config.";
exec grub-mkconfig  --output=/boot/efi/EFI/ubuntu/grub.cfg "$@"

This is first updating the BIOS config via update-grub.orig and then updating the real deal, the UEFI config. This way, both config files are kept in sync all the while being transparent to system updates and package management.

update-grub does not update /boot/efi/EFI/ubuntu/grub.cfg

7 Answers7

Linked