SUSE Support

Here When You Need Us

Adding a new UEFI boot partition to the UEFI NVRAM Boot Device List from the SLES Operating System command line

This document (000021098) is provided subject to the disclaimer at the end of this document.

Environment

SUSE Linux Enterprise Server 15
SUSE Linux Enterprise Server 12

Situation

Customer is replacing old boot disk with new boot disk on a UEFI enabled system. UEFI will not try to boot to the new disk's UEFI boot partition unless the new UEFI boot partition is added to the UEFI NVRAM Boot Device List.

While configuring the UEFI NVRAM Boot Device List can be done from the Firmware based configuration utility on most server hardware, sometimes it is simpler to add a new UEFI boot partitonm from the command line from within the SLES Operating System itself.

Resolution

The customer must first determine which disk partition device name represents the new UEFI boot partition (sda1, sda2, sdb1, sdb2, etc.).

Then, check the current UEFI NVRAM Configuration with the command "efibootmgr -v". Note in the example below only network based PXE boot options are currently listed:
 
# efibootmgr -v
BootCurrent: 00B5
Timeout: 1 seconds
BootOrder: 00A5,00AF,00B0,00B1,00B2,00B3,00B4,00A4
Boot00A4  UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(0cc47a96486c,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00A5* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(0cc47a96486c,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00AF* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x1)/Pci(0x0,0x0)/MAC(0cc47a96486d,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B0* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x1)/Pci(0x0,0x0)/MAC(0cc47a96486d,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00B1* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x2)/Pci(0x0,0x0)/MAC(0cc47a96486e,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B2* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x2)/Pci(0x0,0x0)/MAC(0cc47a96486e,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00B3* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x3)/Pci(0x0,0x0)/MAC(0cc47a96486f,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B4* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x3)/Pci(0x0,0x0)/MAC(0cc47a96486f,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Next, list the partition by id directory, and find the uuid for the boot partition. In this case it is sda1 so we are interested in that UUID:
 
# ls -l /dev/disk/by-partuuid/
total 0
lrwxrwxrwx 1 root root 10 Jun  1 10:25 145cbcc1-85e9-4f45-9d91-b565d1737004 -> ../../sda3
lrwxrwxrwx 1 root root 10 Jun  1 10:25 1f198c51-8902-41ba-bc32-1cfb7ed2f4b2 -> ../../sda2
lrwxrwxrwx 1 root root 10 Jun  1 10:25 bb63e0d3-2150-4973-b203-dcbb5e6a5560 -> ../../sda1
Then run the command below to set a new environment variable named uuid to the value of the UUID for the new UEFI boot partition, replacing sda1 with the proper sd* device name for your new UEFI boot partition:
 
# uuid=`ls -l /dev/disk/by-partuuid/ | grep "sda1$" | cut -f10 -d' '`
Double check to make sure the environment variable was set correctly:
 
# echo $uuid
bb63e0d3-2150-4973-b203-dcbb5e6a5560
Finally, run the command below to add the new UEFI boot partition to the UEFI NVRAM Boot Device List and display the new list:
 
# efibootmgr -v -c -P $uuid -l "\EFI\SLES\SHIM.EFI" -L "sles-secureboot"
BootCurrent: 00B5
Timeout: 1 seconds
BootOrder: 0000,00A5,00AF,00B0,00B1,00B2,00B3,00B4,00A4
Boot00A4  UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(0cc47a96486c,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00A5* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x0)/Pci(0x0,0x0)/MAC(0cc47a96486c,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00AF* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x1)/Pci(0x0,0x0)/MAC(0cc47a96486d,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B0* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x1)/Pci(0x0,0x0)/MAC(0cc47a96486d,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00B1* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x2)/Pci(0x0,0x0)/MAC(0cc47a96486e,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B2* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x2)/Pci(0x0,0x0)/MAC(0cc47a96486e,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot00B3* UEFI: Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x3)/Pci(0x0,0x0)/MAC(0cc47a96486f,0)/IPv4(0.0.0.00.0.0.0,0,0)/Uri()..BO
Boot00B4* UEFI: IP4 Intel(R) I210 Gigabit  Network Connection    PciRoot(0x0)/Pci(0x1c,0x3)/Pci(0x0,0x0)/MAC(0cc47a96486f,0)/IPv4(0.0.0.00.0.0.0,0,0)..BO
Boot0000* sles-secureboot    HD(1,GPT,bb63e0d3-2150-4973-b203-dcbb5e6a5560,0x800,0x100000)/File(\EFI\SLES\SHIM.EFI)
Note that the new UEFI boot partition has been added as Boot0000* to the list and that it's Boot number, 0000, has been placed at the beginning of the "BootOrder:" line. The boot number may be different in your system, but whatever the new boot entry's number is should be at the beginning of the "BootOrder:" line. The system should now be able to boot to the new UEFI boot partition.

Cause

UEFI will only attempt to boot from a device that is in its UEFI NVRAM Boot Device List. It is up to the admin to add the information for the new UEFI boot partition to the UEFI NVRAM Boot Device List. This can be done through the hardware CMOS Setup program or via the Linux command line interface using the efibootmgr command.

Additional Information

Depending on the system's configuration, and how the new boot disk and new UEFI boot partition were created, it may also be necessary to perform other steps for the system to be able to boot to the new boot disk. Other possible steps might include:
 

  • Editing the /etc/fstab file to change the mount line for the /boot/efi mount point to use the UUID value of the new UEFI boot partition.
  • Rebuilding the initrd image file via the dracut or mkinitrd commands. See the man pages for mkinitrd(8) and dracut(8) to get more information on recreating the initrd image file.
  • Recreating the grub2 boot menu via the "grub2-mkconfig -o /boot/grub2/grub.cfg" command. See the documentation at the following link to get more information on how to create/recreate the grub2 boot menu:    https://documentation.suse.com/sles/15-SP4/html/SLES-all/cha-grub2.html#sec-grub2-file-structure
  • Installing the grub2 bootloader and UEFI bootloader shim via the "shim-install --config-file=/boot/grub2/grub.cfg" command. See the TID at the following link to get more information on installing the grub2 bootloader for both UEFI and non-UEFI systems: https://www.suse.com/support/kb/doc/?id=000019909

Disclaimer

This Support Knowledgebase provides a valuable tool for SUSE customers and parties interested in our products and solutions to acquire information, ideas and learn from one another. Materials are provided for informational, personal or non-commercial use within your organization and are presented "AS IS" WITHOUT WARRANTY OF ANY KIND.

  • Document ID:000021098
  • Creation Date: 14-Jun-2023
  • Modified Date:16-Jun-2023
    • SUSE Linux Enterprise Server

< Back to Support Search

For questions or concerns with the SUSE Knowledgebase please contact: tidfeedback[at]suse.com

tick icon

SUSE Support Forums

Get your questions answered by experienced Sys Ops or interact with other SUSE community experts.

tick icon

Support Resources

Learn how to get the most from the technical support you receive with your SUSE Subscription, Premium Support, Academic Program, or Partner Program.

tick icon

Open an Incident

Open an incident with SUSE Technical Support, manage your subscriptions, download patches, or manage user access.