Comment # 31 on bug 1228863 from Marc Thomas 
(In reply to Alberto Planas Dominguez from comment #30)
> Ah my bad, Marc. I got busy with other tasks.
All good, did not want to be pushy - I just thought maybe I can reproduce in TW
so we'd have more information if it's an Aeon only thing.

> I am a bit lost with your issue, so let me retake it thinking out of loud.
> 
> A)
> > localhost:~ # sdbootutil unenroll --method=tpm2
> > dracut-install: ERROR: installing 'grub2-editenv'
> > dracut[E]: FAILED: /usr/lib/dracut/dracut-install -D /var/tmp/dracut.aGwm26/initramfs -a date btrfs awk grub2-editenv
> 
> Dracut should not complain with anything related with GRUB, as should not be
> installed. Can you check that this is the case? (zypper se grub2, or rpm -qa
> | grep grub2)
zypper se grub2 shows no packages with an 'i'.

> # Remove the pcrlock files
> rm -fr /var/lib/pcrlock.d
Done.

> # Take note of the active default boot entry
> sdbootutil list-entries --only-default
localhost:~ # sdbootutil list-entries --only-default
aeon-6.10.3-1-default-10.conf

> # Check the contents.
> # Replace 6.10.3-1-default with the output from last command
> # Take note of the initrd name.  There is a hash at the end.
> sdbootutil show-entry 6.10.3-1-default
OK. Gave me back the expected entry with his hash:
initrd  /aeon/6.10.3-1-default/initrd-a67e4f4c8aca4aa4f1b50919c64448ccb79b13b3

> # Do the unenroll / enroll dancing.
> # No error message should appear when calling dracut.
> # This should generate a new initrd
> sdbootutil unenroll --method=tpm2
Dracut shows an error immediately.
localhost:/var/tmp # sdbootutil unenroll --method=tpm2
dracut-install: ERROR: installing 'grub2-editenv'
dracut[E]: FAILED: /usr/lib/dracut/dracut-install -D
/var/tmp/dracut.vhLGSX/initramfs -a date btrfs awk grub2-editenv
Wiped slot 0.

I checked and the destination directory is not created.
localhost:/var/tmp # ll /var/tmp/dracut.vhLGSX/initramfs 
ls: cannot access '/var/tmp/dracut.vhLGSX/initramfs': No such file or directory

> sdbootutil enroll --ask-pin --method=tpm2
localhost:/var/tmp # sdbootutil enroll --ask-pin --method=tpm2
dracut-install: ERROR: installing 'grub2-editenv'
dracut[E]: FAILED: /usr/lib/dracut/dracut-install -D
/var/tmp/dracut.7ZJw15/initramfs -a date btrfs awk grub2-editenv
Garbage after device path end, ignoring.
Garbage after device path end, ignoring.
Recovery PIN: Garbage after device path end, ignoring.
NVIndex policy created
Enrolling with TPM2 (pcrlock): /dev/nvme0n1p2
No slots to remove selected.
🔐 Please enter current passphrase for disk /dev/nvme0n1p2:
•••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••
New TPM2 token enrolled as key slot 0.

Same issue, but with a different folder name that also is not created. 
I did a reboot after this step.

> # Check again the last initrd
> # Pbly the hash will be different.  Check that the initrd is in place
> sdbootutil show-entry 6.10.3-1-default
The hash has not changed
initrd  /aeon/6.10.3-1-default/initrd-a67e4f4c8aca4aa4f1b50919c64448ccb79b13b3

So probably dracut can't do it's thing as the dir is missing.
I could create the dir and run it again, but I don't understand what it really
does so I would not mess with it.

Thanks for all your help so far, really appreciate it.

You are receiving this mail because: