eFA 4.0.2 does not boot after grub2/shim security fix
Posted: 01 Aug 2020 11:34
After an update that apparently happened last Thursday, my eFA 4.0.2 appliance on Hyper-V would no longer boot.
This seems to be the cause: https://access.redhat.com/solutions/5272311
After a lot of troubleshooting (downgrading grub2, shim and mokutil) and recreating the grub.cfg file on the EFI partition, I managed to get CentOS 7 booting again.
However, I have two remaining issues:
1. I can only boot by manually choosing the second boot entry in the grub menu (kernel version 3.10.0-1127.13.1.el7). Choosing 3.10.0-1127.18.1.el7 results in a kernel panic about "Unable to mount root fs on unknown-block(0,0).
Also, when booting with 3.10.0-1127.13.1.el7, I need to add "selinux=0" before booting, otherwise it won't work.
2. Once eFA is up & running, mail processing seems to work fine, messages are forwarded to my Exchange server, but they are no longer stored in quarantine on the eFA appliance.
I'm quite surprised nobody else has reported this yet
This seems to be the cause: https://access.redhat.com/solutions/5272311
After a lot of troubleshooting (downgrading grub2, shim and mokutil) and recreating the grub.cfg file on the EFI partition, I managed to get CentOS 7 booting again.
However, I have two remaining issues:
1. I can only boot by manually choosing the second boot entry in the grub menu (kernel version 3.10.0-1127.13.1.el7). Choosing 3.10.0-1127.18.1.el7 results in a kernel panic about "Unable to mount root fs on unknown-block(0,0).
Also, when booting with 3.10.0-1127.13.1.el7, I need to add "selinux=0" before booting, otherwise it won't work.
2. Once eFA is up & running, mail processing seems to work fine, messages are forwarded to my Exchange server, but they are no longer stored in quarantine on the eFA appliance.
I'm quite surprised nobody else has reported this yet