Ubuntu
grub2 package

Secure boot forbids loading module from (path)/boot/grub/gettext.mod

Bug #1104627 reported by Mario Limonciello
14
This bug affects 3 people
Affects Status Importance Assigned to Milestone
grub2 (Ubuntu)
Fix Released
Medium
Colin Watson

Bug Description

grub-efi-amd64-signed: 1.9~ubuntu12.04.2+1.99-21ubuntu3.7

I noticed something flashing by the screen while booting. I snatched a video of the process and the message happens to be:

error: Secure Boot forbids loading module from (hd0,gpt4)/boot/grub/gettext.mod.

This is with a default grub.cfg which contains a snippet:

if loadfont /usr/share/grub/unicode.pf2 ; then
  set gfxmode=auto
  load_video
  insmod gfxterm
  insmod part_gpt
  insmod ext2
  set root='(hd0,gpt4)'
  search --no-floppy --fs-uuid --set=root 1888d780-1167-48e5-85a7-3bc94c4bc8d4
  set locale_dir=($root)/boot/grub/locale
  set lang=en_US
  insmod gettext
fi

Related branches

lp:debian/grub2
Revision history for this message
Mario Limonciello (superm1) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in grub2-signed (Ubuntu):
status: New → Confirmed
Revision history for this message
Steven Shiau (stevenshiau) wrote :

I created an Ubuntu 12.04 live USB, with the secure boot option on in my uEFI BIOS, and put the Linux Foundation Secure Boot System
http://blog.hansenpartnership.com/linux-foundation-secure-boot-system-released/
on the USB stick. Booting the machine from USB stick, I can see the grub2 boot menu, however, after pressing enter to continue, it gave me this error:
----------------------------------------------------------
error: Secure Boot forbids loading mode from
/EFI/boot//x86-64-efi/linuxefi.mod
error: you need to load the kernel first
----------------------------------------------------------
I believe this is due to this patch (http://pkgs.fedoraproject.org/cgit/grub2.git/tree/grub-2.00-no-insmod-on-sb.patch) was applied in the package grub2 (2.00-7ubuntu11).
Any workaround I can let the boot continue?
Thanks.

Steven.

Revision history for this message
Colin Watson (cjwatson) wrote :

Fix committed in Debian.

affects: grub2-signed (Ubuntu) → grub2 (Ubuntu)
Changed in grub2 (Ubuntu):
assignee: nobody → Colin Watson (cjwatson)
importance: Undecided → Medium
status: Confirmed → Fix Committed
Revision history for this message
Colin Watson (cjwatson) wrote :

Steven: Your problem is unrelated to this bug. It also doesn't make a lot of sense since linuxefi is built into the 2.00-7ubuntu11 images, but would need to be investigated separately ...

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package grub2 - 2.00-18ubuntu1

---------------
grub2 (2.00-18ubuntu1) saucy; urgency=low

  * Resynchronise with Debian. Remaining changes:
    - Default to hiding the menu; holding down Shift at boot will show it.
    - Add crashkernel option.
    - Bypass menu unless other OSes are installed or Shift is pressed.
    - Show the boot menu if the previous boot failed.
    - Check hardware support before using gfxpayload=keep.
    - Set vt.handoff=7 for smooth handoff to kernel graphical mode.
    - In recovery mode, add nomodeset to the Linux kernel arguments, and
      remove the 'set gfxpayload=keep' command.
    - Handle probing striped DM-RAID devices.

grub2 (2.00-18) unstable; urgency=low

  * Add gettext module to signed UEFI images (LP: #1104627).
  * Put the preprocessor definition for quiet-boot in the right place so
    that it actually takes effect.
 -- Colin Watson <email address hidden> Mon, 26 Aug 2013 21:59:39 +0200

Changed in grub2 (Ubuntu):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.