Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 677352 - sys-apps/fwupd[systemd]: checks for /boot/EFI write permissions cached for too long
Summary: sys-apps/fwupd[systemd]: checks for /boot/EFI write permissions cached for to...
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Marek Szuba
Depends on:
Reported: 2019-02-06 14:07 UTC by Marek Szuba
Modified: 2023-09-07 09:26 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Marek Szuba archtester gentoo-dev 2019-02-06 14:07:30 UTC
On my system I mount the UEFI system partition on /boot (yes, this does mean my kernel images reside on a VFAT file system; nothing seems to mind though) and keep it read-only except for when it is necessary to update something. On the other hand, puts any updates that come in the form of UEFI capsules, as well as the capsule loader itself, in /boot/EFI/gentoo/fw/. Having recently attempted to update IME firmware via fwupd without having first remounted /boot read-write, I found out that the daemon keeps thinking said file system is read-only even if it isn't.

In other words (I am recalling the error messages from memory so they may not be 100% accurate but both the paths and the "read-only filesystem" bit are correct):

# fwupdmgr update
Cannot create directory /boot/EFI/gentoo/fw: Read-only filesystem
# mount /boot -o remount,rw
# fwupdmgr update
Cannot create directory /boot/EFI/gentoo/fw: Read-only filesystem
# mkdir -p /boot/EFI/gentoo/fw
# fwupdmgr update
Cannot create file /boot/EFI/gentoo/fw/fwupd64.efi: Read-only filesystem

The workaround is simple enough, just kill the running fwupd and when it gets restarted by the next invocation of fwupdmgr it will see /boot is read-write now .
Comment 1 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2019-02-06 22:32:22 UTC
Would you mind bringing this to upstream's attention please?
Comment 2 Lars Wendler (Polynomial-C) (RETIRED) gentoo-dev 2019-07-31 11:42:30 UTC
Still an issue with latest fwupd release?
Comment 3 Marek Szuba archtester gentoo-dev 2020-07-01 17:51:59 UTC
1.2.11 still had it, will try 1.3.10 as soon as there are any updates for fwupd to install and notify upstream if the problem persists.
Comment 4 Marek Szuba archtester gentoo-dev 2023-07-30 09:51:23 UTC
Finally managed to correlate me remembering about this issue with there being UEFI capsule-based updates available for one of my systems. Better late than never...
Comment 5 Marek Szuba archtester gentoo-dev 2023-09-07 09:26:19 UTC
Seems this is simply the way file-system name spaces, as used for FS protection in systemd units, work.