From: Stoiko Ivanov <s.ivanov@proxmox.com>
To: pve-devel@lists.proxmox.com
Subject: [pve-devel] [PATCH docs] firmware: adapt to proxmox packaged fwupd
Date: Fri, 19 Apr 2024 20:43:29 +0200 [thread overview]
Message-ID: <20240419184329.429476-1-s.ivanov@proxmox.com> (raw)
We ship our own fwupd package, since it needs to handle the
differently named efi_os_dir (proxmox vs debian).
Due to our experience with `udisks2` causing issues on hypervisors,
our package downgraded the Recommends udisks2, to a Suggests.
The downside is, that users need to explicitly set their ESP
mountpoint in the config file.
Additionally a minor stylistic rephrasing (is an option vs. could be
an option).
Tested this today, while giving our fwupd package a spin.
Suggested-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
Signed-off-by: Stoiko Ivanov <s.ivanov@proxmox.com>
---
firmware-updates.adoc | 21 +++++++++++++++------
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/firmware-updates.adoc b/firmware-updates.adoc
index 279cf11..8354955 100644
--- a/firmware-updates.adoc
+++ b/firmware-updates.adoc
@@ -43,13 +43,22 @@ ConnectX or
https://techdocs.broadcom.com/us/en/storage-and-ethernet-connectivity/ethernet-nic-controllers/bcm957xxx/adapters/software-installation/updating-the-firmware/manually-updating-the-adapter-firmware-on-linuxesx.html['bnxtnvm'/'niccli']
for Broadcom network cards.
-* https://fwupd.org[LVFS] could also be an option if there is a cooperation with
-a https://fwupd.org/lvfs/vendors/[vendor] and
+* https://fwupd.org[LVFS] is also an option if there is a cooperation with
+the https://fwupd.org/lvfs/vendors/[hardware vendor] and
https://fwupd.org/lvfs/devices/[supported hardware] in use. The technical
-requirement for this is that the system was manufactured after 2014, is booted
-via UEFI and the easiest way is to mount the EFI partition from which you boot
-(`mount /dev/disk/by-partuuid/<from efibootmgr -v> /boot/efi`) before installing
-'fwupd'.
+requirement for this is that the system was manufactured after 2014 and is
+booted via UEFI.
+
+Since {pve} ships its own version of the `fwupd` package, for Secure Boot
+Support with the Proxmox signing key, which does not recommend the `udisks2`
+package, due to observed issues with its use on hypervisors setting the mount
+point of the EFI partition in `/etc/fwupd/daemon.conf` is necessary:
+
+.File `/etc/fwupd/daemon.conf`
+----
+# Override the location used for the EFI system partition (ESP) path.
+EspLocation=/boot/efi
+----
TIP: If the update instructions require a host reboot, make sure that it can be
done safely. See also xref:ha_manager_node_maintenance[Node Maintenance].
--
2.39.2
_______________________________________________
pve-devel mailing list
pve-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pve-devel
reply other threads:[~2024-04-19 18:43 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240419184329.429476-1-s.ivanov@proxmox.com \
--to=s.ivanov@proxmox.com \
--cc=pve-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.
Service provided by Proxmox Server Solutions GmbH | Privacy | Legal