Home  >  Ubuntu and Debian

APT/DPKG errors for shim-signed package

When running a routine “apt update” on an Ubuntu server, I was getting the following error:

Setting up shim-signed (1.51.4+15.8-0ubuntu1) ...
Installing grub to /boot/efi.
Installing for x86_64-efi platform.
Installation finished. No error reported.
mount: /var/lib/grub/esp: /dev/nvme1n1p1 already mounted or mount point busy.
dpkg: error processing package shim-signed (--configure):
 installed shim-signed package post-installation script subprocess returned error exit status 32
Errors were encountered while processing:
 shim-signed
needrestart is being skipped since dpkg has failed
E: Sub-process /usr/bin/dpkg returned an error code (1)

The bizarre thing here is that the /dev/nvme1n1p1 device is nothing to do with the UEFI ESP, that lives on /dev/sdi1 as this particular server can’t boot from NVMe devices and so uses a small USB stick for /boot/efi and /boot instead.

The /dev/sdi1 device was mounted on /boot/efi as expected, and the UUID listed in /etc/fstab was correct, so initially I wasn’t sure where the reference to /dev/nvme1n1p1 for the UEFI ESP was coming from.
After a bit of digging I found that this was in fact caused by the /var/cache/debconf/config.dat file, which contained the following entry:

Name: grub-efi/install_devices
Template: grub-efi/install_devices
Value: /dev/disk/by-id/usb-SanDisk_Ultra_0401d75aeb6cd405701a2711e62657aae5100e05183ca1b9d69275564cee2e887ef5000000000000000000006c97162200805e188a5581075cac9e0f-0:0-part1, /dev/disk/by-id/nvme-eui.0000000001000000e4d25c49119f5401-part1, /dev/disk/by-id/nvme-eui.0000000001000000e4d25cb9029f5401-part1
Owners: grub-common, grub-efi-amd64, grub-pc
Flags: seen
Variables:
 CHOICES = /dev/nvme1n1p1 (1127 MB; ) on 512110 MB INTEL SSDPEKNU512GZ, /dev/nvme0n1p1 (1127 MB; ) on 512110 MB INTEL SSDPEKNU512GZ, /dev/sdi1 (1127 MB; /boot/efi) on 30765 MB Ultra
 RAW_CHOICES = /dev/disk/by-id/nvme-eui.0000000001000000e4d25c49119f5401-part1, /dev/disk/by-id/nvme-eui.0000000001000000e4d25cb9029f5401-part1, /dev/disk/by-id/usb-SanDisk_Ultra_0401d75aeb6cd405701a2711e62657aae5100e05183ca1b9d69275564cee2e887ef5000000000000000000006c97162200805e188a5581075cac9e0f-0:0-part1

I ran the following command to explicitly set it to the UUID of the filesystem on the /dev/sdi1 device:

echo "grub-efi-amd64 grub-efi/install_devices multiselect /dev/disk/by-uuid/47E1-19C4" | debconf-set-selections

Now the /var/cache/debconf/config.dat file contains:

Name: grub-efi/install_devices
Template: grub-efi/install_devices
Value: /dev/disk/by-uuid/47E1-19C4
Owners: grub-common, grub-efi-amd64, grub-pc
Flags: seen
Variables:
 CHOICES = /dev/nvme1n1p1 (1127 MB; ) on 512110 MB INTEL SSDPEKNU512GZ, /dev/nvme0n1p1 (1127 MB; ) on 512110 MB INTEL SSDPEKNU512GZ, /dev/sdi1 (1127 MB; /boot/efi) on 30765 MB Ultra
 RAW_CHOICES = /dev/disk/by-id/nvme-eui.0000000001000000e4d25c49119f5401-part1, /dev/disk/by-id/nvme-eui.0000000001000000e4d25cb9029f5401-part1, /dev/disk/by-id/usb-SanDisk_Ultra_0401d75aeb6cd405701a2711e62657aae5100e05183ca1b9d69275564cee2e887ef5000000000000000000006c97162200805e188a5581075cac9e0f-0:0-part1

After making this change, APT is happy again:

Setting up shim-signed (1.51.4+15.8-0ubuntu1) ...
Installing grub to /boot/efi.
Installing for x86_64-efi platform.
Installation finished. No error reported.

I think this confusion was ultimately caused by some stray ESP partitions on the NVMe devices leftover from a previous attempt to install Ubuntu on this server.

Categories:Ubuntu and Debian

Tags:

Share

Related Posts