FOG 1.5 Fresh Windows 10 Pro can't go past PXE menu



  • FOG: 1.5
    OS: CentOS 7.4
    selinux: permissive
    firewalld: off

    Hello,

    We have recently decided to upgrade our PCs from Windows 7 to Windows 10. With FOG 1.4.4 and 1.5 the Windows 7 computers work fine, however, the Windows 10 PCs can not go past the FOG boot menu (this was happening with 1.4.4 too). If the exit type is set to any GRUB option the screen will get stuck on “starting cmain()…”.

    0_1519677469319_e1ac5680-6ff9-40d8-9fa5-2c48cba58143-image.png

    If we use exit type SANBOOT the computers get a blinking cursor in the top left corner. The Windows 7 computers work only with GRUB.

    The PXE kernels are the latest ones, 4.15.2. I have also tried with the earliest kernels too for good measure, 4.1.0.

    One of the very few differences that I noticed is that the Windows 10 partition is GPT where the Windows 7 one is MBR. I have tried using every different exit type and nothing will allow Windows 10 to boot up.

    I have also changed the BIOS from “legacy and UEFI” to strictly UEFI and that had no positive effect either.

    Please let me know what else I can do to try.

    Thank you!



  • @sebastian-roth I forgot to mention, since I only saw it once, but on one of the startups with REFIND_EFI selected and before changing “scan_delay” to 0 the computer attempted to boot into “automatic repair” mode but froze on the screen. After rebooting the PC I wasn’t able to reproduce that.

    @Tom-Elliott, I imagine the situation is “you’re damned if you do and damned if you don’t”. It will fix some and break others. However, having the option in the GUI would be useful.


  • Developer


  • Senior Developer

    Apparently scan_delay is a bad idea, so maybe I should reset to 0 and allow the individuals to make the change as required?

    The only thing I hate about configs built into the core of FOG is if a user edits it, the next upgrade will be reset. It would be great if I could dynamically generate a refind.conf via the GUI. That would be awesome if we could as then I could store the configuration in the db and have it pull the data automatically. (And updates wouldn’t hurt the configuration).



  • @george1421 said in FOG 1.5 Fresh Windows 10 Pro can't go past PXE menu:

    scan_delay 5

    I changed scan_delay 5 to 0 and it seems to have worked. The Windows 10 PCs are booting up now with REFIND_EFI as the exit type. I was able to successfully initiate a capture on the PC. I will be doing a few more tests and will update this if something is amiss.

    I will also be going out of town tomorrow for a week. So I may have to resurrect this post next week.

    Thank you all for your attention to this matter so far.


  • Moderator

    @arainero said in FOG 1.5 Fresh Windows 10 Pro can't go past PXE menu:
    Some people where reporting

    scanfor internal,hdbios
    

    and

    scan_delay 5
    

    Were causing problems. In the Scanfor line, if you don’t have the legacy firmware enabled the hdbios value was causing refind to hang. And others have reported that scan_delay 5 was causing an issue, where setting it to 0 fixed.

    But in either case you are not getting that far, iPXE is giving a chain load failure to launching refind.efi.



  • @george1421 The motherboard is a Gigabyte H97-D3H.

    What should I change in /var/www/html/fog/service/ipxe/refind.conf?

    Here is my current config:

    #
    # refind.conf
    # Configuration file for the rEFInd boot menu
    #
    
    # Timeout in seconds for the main menu screen. Setting the timeout to 0
    # disables automatic booting (i.e., no timeout). Setting it to -1 causes
    # an immediate boot to the default OS *UNLESS* a keypress is in the buffer
    # when rEFInd launches, in which case that keypress is interpreted as a
    # shortcut key. If no matching shortcut is found, rEFInd displays its
    # menu with no timeout.
    #
    timeout -1
    
    # Screen saver timeout; the screen blanks after the specified number of
    # seconds with no keyboard input. The screen returns after most keypresses
    # (unfortunately, not including modifier keys such as Shift, Control, Alt,
    # or Option). Setting a value of "-1" causes rEFInd to start up with its
    # screen saver active. The default is 0, which disables the screen saver.
    #screensaver 300
    
    # Hide user interface elements for personal preference or to increase
    # security:
    #  banner      - the rEFInd title banner (built-in or loaded via "banner")
    #  label       - boot option text label in the menu
    #  singleuser  - remove the submenu options to boot macOS in single-user
    #                or verbose modes; affects ONLY macOS
    #  safemode    - remove the submenu option to boot macOS in "safe mode"
    #  hwtest      - the submenu option to run Apple's hardware test
    #  arrows      - scroll arrows on the OS selection tag line
    #  hints       - brief command summary in the menu
    #  editor      - the options editor (+, F2, or Insert on boot options menu)
    #  badges      - device-type badges for boot options
    #  all         - all of the above
    # Default is none of these (all elements active)
    #
    #hideui singleuser
    #hideui all
    
    # Set the name of a subdirectory in which icons are stored. Icons must
    # have the same names they have in the standard directory. The directory
    # name is specified relative to the main rEFInd binary's directory. If
    # an icon can't be found in the specified directory, an attempt is made
    # to load it from the default directory; thus, you can replace just some
    # icons in your own directory and rely on the default for others.
    # Default is "icons".
    #
    #icons_dir myicons
    #icons_dir icons/snowy
    
    # Use a custom title banner instead of the rEFInd icon and name. The file
    # path is relative to the directory where refind.efi is located. The color
    # in the top left corner of the image is used as the background color
    # for the menu screens. Currently uncompressed BMP images with color
    # depths of 24, 8, 4 or 1 bits are supported, as well as PNG images.
    #
    #banner hostname.bmp
    #banner mybanner.png
    #banner icons/snowy/banner-snowy.png
    
    # Specify how to handle banners that aren't exactly the same as the screen
    # size:
    #  noscale     - Crop if too big, show with border if too small
    #  fillscreen  - Fill the screen
    # Default is noscale
    #
    #banner_scale fillscreen
    
    # Icon sizes. All icons are square, so just one value is specified. The
    # big icons are used for OS selectors in the first row and the small
    # icons are used for tools on the second row. Drive-type badges are 1/4
    # the size of the big icons. Legal values are 32 and above. If the icon
    # files do not hold icons of the proper size, the icons are scaled to
    # the specified size. The default values are 48 and 128 for small and
    # big icons, respectively.
    #
    #small_icon_size 96
    #big_icon_size 256
    
    # Custom images for the selection background. There is a big one (144 x 144)
    # for the OS icons, and a small one (64 x 64) for the function icons in the
    # second row. If only a small image is given, that one is also used for
    # the big icons by stretching it in the middle. If only a big one is given,
    # the built-in default will be used for the small icons.
    #
    # Like the banner option above, these options take a filename of an
    # uncompressed BMP image file with a color depth of 24, 8, 4, or 1 bits,
    # or a PNG image. The PNG format is required if you need transparency
    # support (to let you "see through" to a full-screen banner).
    #
    #selection_big   selection-big.bmp
    #selection_small selection-small.bmp
    
    # Set the font to be used for all textual displays in graphics mode.
    # The font must be a PNG file with alpha channel transparency. It must
    # contain ASCII characters 32-126 (space through tilde), inclusive, plus
    # a glyph to be displayed in place of characters outside of this range,
    # for a total of 96 glyphs. Only monospaced fonts are supported. Fonts
    # may be of any size, although large fonts can produce display
    # irregularities.
    # The default is rEFInd's built-in font, Luxi Mono Regular 12 point.
    #
    #font myfont.png
    
    # Use text mode only. When enabled, this option forces rEFInd into text mode.
    # Passing this option a "0" value causes graphics mode to be used. Pasing
    # it no value or any non-0 value causes text mode to be used.
    # Default is to use graphics mode.
    #
    textonly
    
    # Set the EFI text mode to be used for textual displays. This option
    # takes a single digit that refers to a mode number. Mode 0 is normally
    # 80x25, 1 is sometimes 80x50, and higher numbers are system-specific
    # modes. Mode 1024 is a special code that tells rEFInd to not set the
    # text mode; it uses whatever was in use when the program was launched.
    # If you specify an invalid mode, rEFInd pauses during boot to inform
    # you of valid modes.
    # CAUTION: On VirtualBox, and perhaps on some real computers, specifying
    # a text mode and uncommenting the "textonly" option while NOT specifying
    # a resolution can result in an unusable display in the booted OS.
    # Default is 1024 (no change)
    #
    #textmode 2
    
    # Set the screen's video resolution. Pass this option either:
    #  * two values, corresponding to the X and Y resolutions
    #  * one value, corresponding to a GOP (UEFI) video mode
    # Note that not all resolutions are supported. On UEFI systems, passing
    # an incorrect value results in a message being shown on the screen to
    # that effect, along with a list of supported modes. On EFI 1.x systems
    # (e.g., Macintoshes), setting an incorrect mode silently fails. On both
    # types of systems, setting an incorrect resolution results in the default
    # resolution being used. A resolution of 1024x768 usually works, but higher
    # values often don't.
    # Default is "0 0" (use the system default resolution, usually 800x600).
    #
    #resolution 1024 768
    #resolution 1440 900
    #resolution 3
    
    # Enable touch screen support. If active, this feature enables use of
    # touch screen controls (as on tablets). Note, however, that not all
    # tablets' EFIs provide the necessary underlying support, so this
    # feature may not work for you. If it does work, you should be able
    # to launch an OS or tool by touching it. In a submenu, touching
    # anywhere launches the currently-selection item; there is, at present,
    # no way to select a specific submenu item. This feature is mutually
    # exclusive with the enable_mouse feature. If both are uncommented,
    # the one read most recently takes precedence.
    #
    #enable_touch
    
    # Enable mouse support. If active, this feature enables use of the
    # computer's mouse. Note, however, that not all computers' EFIs
    # provide the necessary underlying support, so this feature may not
    # work for you. If it does work, you should be able to launch an
    # OS or tool by clicking it with the mouse pointer. This feature
    # is mutually exclusive with the enable_touch feature. If both
    # are uncommented, the one read most recently takes precedence.
    #
    #enable_mouse
    
    # Size of the mouse pointer, in pixels, per side.
    # Default is 16
    #
    #mouse_size
    
    # Speed of mouse tracking. Higher numbers equate to faster
    # mouse movement. This option requires that enable_mouse be
    # uncommented.
    # Legal values are between 1 and 32. Default is 4.
    #
    #mouse_speed 4
    
    # Launch specified OSes in graphics mode. By default, rEFInd switches
    # to text mode and displays basic pre-launch information when launching
    # all OSes except macOS. Using graphics mode can produce a more seamless
    # transition, but displays no information, which can make matters
    # difficult if you must debug a problem. Also, on at least one known
    # computer, using graphics mode prevents a crash when using the Linux
    # kernel's EFI stub loader. You can specify an empty list to boot all
    # OSes in text mode.
    # Valid options:
    #   osx     - macOS
    #   linux   - A Linux kernel with EFI stub loader
    #   elilo   - The ELILO boot loader
    #   grub    - The GRUB (Legacy or 2) boot loader
    #   windows - Microsoft Windows
    # Default value: osx
    #
    #use_graphics_for osx,linux
    
    # Which non-bootloader tools to show on the tools line, and in what
    # order to display them:
    #  shell            - the EFI shell (requires external program; see rEFInd
    #                     documentation for details)
    #  memtest          - the memtest86 program, in EFI/tools, EFI/memtest86,
    #                     EFI/memtest, EFI/tools/memtest86, or EFI/tools/memtest
    #  gptsync          - the (dangerous) gptsync.efi utility (requires external
    #                     program; see rEFInd documentation for details)
    #  gdisk            - the gdisk partitioning program
    #  apple_recovery   - boots the Apple Recovery HD partition, if present
    #  windows_recovery - boots an OEM Windows recovery tool, if present
    #                     (see also the windows_recovery_files option)
    #  mok_tool         - makes available the Machine Owner Key (MOK) maintenance
    #                     tool, MokManager.efi, used on Secure Boot systems
    #  csr_rotate       - adjusts Apple System Integrity Protection (SIP)
    #                     policy. Requires "csr_values" to be set.
    #  about            - an "about this program" option
    #  hidden_tags      - manage hidden tags
    #  exit             - a tag to exit from rEFInd
    #  shutdown         - shuts down the computer (a bug causes this to reboot
    #                     many UEFI systems)
    #  reboot           - a tag to reboot the computer
    #  firmware         - a tag to reboot the computer into the firmware's
    #                     user interface (ignored on older computers)
    #  fwupdate         - a tag to update the firmware; launches the fwupx64.efi
    #                     (or similar) program
    #  netboot          - launch the ipxe.efi tool for network (PXE) booting
    # Default is shell,memtest,gdisk,apple_recovery,windows_recovery,mok_tool,about,hidden_tags,shutdown,reboot,firmware,fwupdate
    #
    #showtools shell, gdisk, memtest, mok_tool, apple_recovery, windows_recovery, about, hidden_tags, reboot, exit, firmware, fwupdate
    
    # Tool binaries to be excluded from the tools line, even if the
    # general class is specified in showtools. This enables trimming an
    # overabundance of tools, as when you see multiple mok_tool entries
    # after installing multiple Linux distributions.
    # Just as with dont_scan_files, you can specify a filename alone, a
    # full pathname, or a volume identifier (filesystem label, partition
    # name, or partition GUID) and a full pathname.
    # Default is an empty list (nothing is excluded)
    #
    #dont_scan_tools ESP2:/EFI/ubuntu/mmx64.efi,gptsync_x64.efi
    
    # Boot loaders that can launch a Windows restore or emergency system.
    # These tend to be OEM-specific.
    # Default is LRS_ESP:/EFI/Microsoft/Boot/LrsBootmgr.efi
    #
    #windows_recovery_files LRS_ESP:/EFI/Microsoft/Boot/LrsBootmgr.efi
    
    # Directories in which to search for EFI drivers. These drivers can
    # provide filesystem support, give access to hard disks on plug-in
    # controllers, etc. In most cases none are needed, but if you add
    # EFI drivers and you want rEFInd to automatically load them, you
    # should specify one or more paths here. rEFInd always scans the
    # "drivers" and "drivers_{arch}" subdirectories of its own installation
    # directory (where "{arch}" is your architecture code); this option
    # specifies ADDITIONAL directories to scan.
    # Default is to scan no additional directories for EFI drivers
    #
    #scan_driver_dirs EFI/tools/drivers,drivers
    
    # Which types of boot loaders to search, and in what order to display them:
    #  internal      - internal EFI disk-based boot loaders
    #  external      - external EFI disk-based boot loaders
    #  optical       - EFI optical discs (CD, DVD, etc.)
    #  netboot       - EFI network (PXE) boot options
    #  hdbios        - BIOS disk-based boot loaders
    #  biosexternal  - BIOS external boot loaders (USB, eSATA, etc.)
    #  cd            - BIOS optical-disc boot loaders
    #  manual        - use stanzas later in this configuration file
    # Note that the legacy BIOS options require firmware support, which is
    # not present on all computers.
    # The netboot option is experimental and relies on the ipxe.efi and
    # ipxe_discover.efi program files.
    # On UEFI PCs, default is internal,external,optical,manual
    # On Macs, default is internal,hdbios,external,biosexternal,optical,cd,manual
    #
    #scanfor internal,external,optical,manual
    scanfor internal,hdbios
    
    # By default, rEFInd relies on the UEFI firmware to detect BIOS-mode boot
    # devices. This sometimes doesn't detect all the available devices, though.
    # For these cases, uefi_deep_legacy_scan results in a forced scan and
    # modification of NVRAM variables on each boot. Adding "0", "off", or
    # "false" resets to the default value. This token has no effect on Macs or
    # when no BIOS-mode options are set via scanfor.
    # Default is unset (or "uefi_deep_legacy_scan false")
    #
    #uefi_deep_legacy_scan
    
    # Delay for the specified number of seconds before scanning disks.
    # This can help some users who find that some of their disks
    # (usually external or optical discs) aren't detected initially,
    # but are detected after pressing Esc.
    # The default is 0.
    #
    #scan_delay 5
    scan_delay 5
    
    # When scanning volumes for EFI boot loaders, rEFInd always looks for
    # macOS's and Microsoft Windows' boot loaders in their normal locations,
    # and scans the root directory and every subdirectory of the /EFI directory
    # for additional boot loaders, but it doesn't recurse into these directories.
    # The also_scan_dirs token adds more directories to the scan list.
    # Directories are specified relative to the volume's root directory. This
    # option applies to ALL the volumes that rEFInd scans UNLESS you include
    # a volume name and colon before the directory name, as in "myvol:/somedir"
    # to scan the somedir directory only on the filesystem named myvol. If a
    # specified directory doesn't exist, it's ignored (no error condition
    # results). The default is to scan the "boot" directory in addition to
    # various hard-coded directories.
    #
    #also_scan_dirs boot,ESP2:EFI/linux/kernels
    
    # Partitions (or whole disks, for legacy-mode boots) to omit from scans.
    # For EFI-mode scans, you normally specify a volume by its label, which you
    # can obtain in an EFI shell by typing "vol", from Linux by typing
    # "blkid /dev/{devicename}", or by examining the disk's label in various
    # OSes' file browsers. It's also possible to identify a partition by its
    # unique GUID (aka its "PARTUUID" in Linux parlance). (Note that this is
    # NOT the partition TYPE CODE GUID.) This identifier can be obtained via
    # "blkid" in Linux or "diskutil info {partition-id}" in macOS.
    # For legacy-mode scans, you can specify any subset of the boot loader
    # description shown when you highlight the option in rEFInd.
    # The default is "LRS_ESP".
    #
    #dont_scan_volumes "Recovery HD"
    
    # Directories that should NOT be scanned for boot loaders. By default,
    # rEFInd doesn't scan its own directory, the EFI/tools directory, the
    # EFI/memtest directory, the EFI/memtest86 directory, or the
    # com.apple.recovery.boot directory. Using the dont_scan_dirs option
    # enables you to "blacklist" other directories; but be sure to use "+"
    # as the first element if you want to continue blacklisting existing
    # directories. You might use this token to keep EFI/boot/bootx64.efi out
    # of the menu if that's a duplicate of another boot loader or to exclude
    # a directory that holds drivers or non-bootloader utilities provided by
    # a hardware manufacturer. If a directory is listed both here and in
    # also_scan_dirs, dont_scan_dirs takes precedence. Note that this
    # blacklist applies to ALL the filesystems that rEFInd scans, not just
    # the ESP, unless you precede the directory name by a filesystem name or
    # partition unique GUID, as in "myvol:EFI/somedir" to exclude EFI/somedir
    # from the scan on the myvol volume but not on other volumes.
    #
    #dont_scan_dirs ESP:/EFI/boot,EFI/Dell,EFI/memtest86
    
    # Files that should NOT be included as EFI boot loaders (on the
    # first line of the display). If you're using a boot loader that
    # relies on support programs or drivers that are installed alongside
    # the main binary or if you want to "blacklist" certain loaders by
    # name rather than location, use this option. Note that this will
    # NOT prevent certain binaries from showing up in the second-row
    # set of tools. Most notably, various Secure Boot and recovery
    # tools are present in this list, but may appear as second-row
    # items.
    # The file may be specified as a bare name (e.g., "notme.efi"), as
    # a complete pathname (e.g., "/EFI/somedir/notme.efi"), or as a
    # complete pathname with volume (e.g., "SOMEDISK:/EFI/somedir/notme.efi"
    # or 2C17D5ED-850D-4F76-BA31-47A561740082:/EFI/somedir/notme.efi").
    # OS tags hidden via the Delete or '-' key in the rEFInd menu are
    # added to this list, but stored in NVRAM.
    # The default is shim.efi,shim-fedora.efi,shimx64.efi,PreLoader.efi,
    # TextMode.efi,ebounce.efi,GraphicsConsole.efi,MokManager.efi,HashTool.efi,
    # HashTool-signed.efi,bootmgr.efi,fb{arch}.efi
    # (where "{arch}" is the architecture code, like "x64").
    #
    #dont_scan_files shim.efi,MokManager.efi
    
    # Scan for Linux kernels that lack a ".efi" filename extension. This is
    # useful for better integration with Linux distributions that provide
    # kernels with EFI stub loaders but that don't give those kernels filenames
    # that end in ".efi", particularly if the kernels are stored on a
    # filesystem that the EFI can read. When set to "1", "true", or "on", this
    # option causes all files in scanned directories with names that begin with
    # "vmlinuz" or "bzImage" to be included as loaders, even if they lack ".efi"
    # extensions. Passing this option a "0", "false", or "off" value causes
    # kernels without ".efi" extensions to NOT be scanned.
    # Default is "true" -- to scan for kernels without ".efi" extensions.
    #
    #scan_all_linux_kernels false
    
    # Combine all Linux kernels in a given directory into a single entry.
    # When so set, the kernel with the most recent time stamp will be launched
    # by default, and its filename will appear in the entry's description.
    # To launch other kernels, the user must press F2 or Insert; alternate
    # kernels then appear as options on the sub-menu.
    # Default is "true" -- kernels are "folded" into a single menu entry.
    #
    #fold_linux_kernels false
    
    # Comma-delimited list of strings to treat as if they were numbers for the
    # purpose of kernel version number detection. These strings are matched on a
    # first-found basis; that is, if you want to treat both "linux-lts" and
    # "linux" as version strings, they MUST be specified as "linux-lts,linux",
    # since if you specify it the other way, both vmlinuz-linux and
    # vmlinuz-linux-lts will return with "linux" as the "version string," which
    # is not what you'd want. Also, if the kernel or initrd file includes both a
    # specified string and digits, the "version string" includes both. For
    # instance, "vmlinuz-linux-4.8" would yield a version string of "linux-4.8".
    # This option is intended for Arch and other distributions that don't include
    # version numbers in their kernel filenames, but may provide other uniquely
    # identifying strings for multiple kernels. If this feature causes problems
    # (say, if your kernel filename includes "linux" but the initrd filename
    # doesn't), be sure this is set to an empty string
    # (extra_kernel_version_strings "") or comment out the option to disable it.
    # Default is no extra version strings
    #
    #extra_kernel_version_strings linux-lts,linux
    
    # Set the maximum number of tags that can be displayed on the screen at
    # any time. If more loaders are discovered than this value, rEFInd shows
    # a subset in a scrolling list. If this value is set too high for the
    # screen to handle, it's reduced to the value that the screen can manage.
    # If this value is set to 0 (the default), it's adjusted to the number
    # that the screen can handle.
    #
    #max_tags 0
    
    # Set the default menu selection.  The available arguments match the
    # keyboard accelerators available within rEFInd.  You may select the
    # default loader using:
    #  - A digit between 1 and 9, in which case the Nth loader in the menu
    #    will be the default. 
    #  - A "+" symbol at the start of the string, which refers to the most
    #    recently booted loader.
    #  - Any substring that corresponds to a portion of the loader's title
    #    (usually the OS's name, boot loader's path, or a volume or
    #    filesystem title).
    # You may also specify multiple selectors by separating them with commas
    # and enclosing the list in quotes. (The "+" option is only meaningful in
    # this context.)
    # If you follow the selector(s) with two times, in 24-hour format, the
    # default will apply only between those times. The times are in the
    # motherboard's time standard, whether that's UTC or local time, so if
    # you use UTC, you'll need to adjust this from local time manually.
    # Times may span midnight as in "23:30 00:30", which applies to 11:30 PM
    # to 12:30 AM. You may specify multiple default_selection lines, in which
    # case the last one to match takes precedence. Thus, you can set a main
    # option without a time followed by one or more that include times to
    # set different defaults for different times of day.
    # The default behavior is to boot the previously-booted OS.
    #
    #default_selection 1
    #default_selection Microsoft
    #default_selection "+,bzImage,vmlinuz"
    #default_selection Maintenance 23:30 2:00
    #default_selection "Maintenance,macOS" 1:00 2:30
    default_selection 1
    
    # Enable VMX bit and lock the CPU MSR if unlocked.
    # On some Intel Apple computers, the firmware does not lock the MSR 0x3A.
    # The symptom on Windows is Hyper-V not working even if the CPU
    # meets the minimum requirements (HW assisted virtualization and SLAT)
    # DO NOT SET THIS EXCEPT ON INTEL CPUs THAT SUPPORT VMX! See
    # http://www.thomas-krenn.com/en/wiki/Activating_the_Intel_VT_Virtualization_Feature!
    # for more on this subject.
    # The default is false: Don't try to enable and lock the MSR.
    #
    #enable_and_lock_vmx false
    
    # Tell a Mac's EFI that macOS is about to be launched, even when it's not.
    # This option causes some Macs to initialize their hardware differently than
    # when a third-party OS is launched normally. In some cases (particularly on
    # Macs with multiple video cards), using this option can cause hardware to
    # work that would not otherwise work. On the other hand, using this option
    # when it is not necessary can cause hardware (such as keyboards and mice) to
    # become inaccessible. Therefore, you should not enable this option if your
    # non-Apple OSes work correctly; enable it only if you have problems with
    # some hardware devices. When needed, a value of "10.9" usually works, but
    # you can experiment with other values. This feature has no effect on
    # non-Apple computers.
    # The default is inactive (no macOS spoofing is done).
    #
    #spoof_osx_version 10.9
    
    # Set the CSR values for Apple's System Integrity Protection (SIP) feature.
    # Values are one-byte (two-character) hexadecimal numbers. These values
    # define which specific security features are enabled. Below are the codes
    # for what the values mean. Add them up (in hexadecimal!) to set new values.
    # Apple's "csrutil enable" and "csrutil disable" commands set values of 10
    # and 77, respectively.
    #   CSR_ALLOW_UNTRUSTED_KEXTS       0x01
    #   CSR_ALLOW_UNRESTRICTED_FS       0x02
    #   CSR_ALLOW_TASK_FOR_PID          0x04
    #   CSR_ALLOW_KERNEL_DEBUGGER       0x08
    #   CSR_ALLOW_APPLE_INTERNAL        0x10
    #   CSR_ALLOW_UNRESTRICTED_DTRACE   0x20
    #   CSR_ALLOW_UNRESTRICTED_NVRAM    0x40
    #
    #csr_values 10,77
    
    # Include a secondary configuration file within this one. This secondary
    # file is loaded as if its options appeared at the point of the "include"
    # token itself, so if you want to override a setting in the main file,
    # the secondary file must be referenced AFTER the setting you want to
    # override. Note that the secondary file may NOT load a tertiary file.
    #
    #include manual.conf
    
    # Sample manual configuration stanzas. Each begins with the "menuentry"
    # keyword followed by a name that's to appear in the menu (use quotes
    # if you want the name to contain a space) and an open curly brace
    # ("{"). Each entry ends with a close curly brace ("}"). Common
    # keywords within each stanza include:
    #
    #  volume    - identifies the filesystem from which subsequent files
    #              are loaded. You can specify the volume by filesystem
    #              label, by partition label, or by partition GUID number
    #              (but NOT yet by filesystem UUID number).
    #  loader    - identifies the boot loader file
    #  initrd    - Specifies an initial RAM disk file
    #  icon      - specifies a custom boot loader icon
    #  ostype    - OS type code to determine boot options available by
    #              pressing Insert. Valid values are "MacOS", "Linux",
    #              "Windows", and "XOM". Case-sensitive.
    #  graphics  - set to "on" to enable graphics-mode boot (useful
    #              mainly for MacOS) or "off" for text-mode boot.
    #              Default is auto-detected from loader filename.
    #  options   - sets options to be passed to the boot loader; use
    #              quotes if more than one option should be passed or
    #              if any options use characters that might be changed
    #              by rEFInd parsing procedures (=, /, #, or tab).
    #  disabled  - use alone or set to "yes" to disable this entry.
    #
    # Note that you can use either DOS/Windows/EFI-style backslashes (\)
    # or Unix-style forward slashes (/) as directory separators. Either
    # way, all file references are on the ESP from which rEFInd was
    # launched.
    # Use of quotes around parameters causes them to be interpreted as
    # one keyword, and for parsing of special characters (spaces, =, /,
    # and #) to be disabled. This is useful mainly with the "options"
    # keyword. Use of quotes around parameters that specify filenames is
    # permissible, but you must then use backslashes instead of slashes,
    # except when you must pass a forward slash to the loader, as when
    # passing a root= option to a Linux kernel.
    
    # Below are several sample boot stanzas. All are disabled by default.
    # Find one similar to what you need, copy it, remove the "disabled" line,
    # and adjust the entries to suit your needs.
    
    # A sample entry for a Linux 3.13 kernel with EFI boot stub support
    # on a partition with a GUID of 904404F8-B481-440C-A1E3-11A5A954E601.
    # This entry includes Linux-specific boot options and specification
    # of an initial RAM disk. Note uses of Linux-style forward slashes.
    # Also note that a leading slash is optional in file specifications.
    menuentry Linux {
        icon EFI/refind/icons/os_linux.png
        volume 904404F8-B481-440C-A1E3-11A5A954E601
        loader bzImage-3.3.0-rc7
        initrd initrd-3.3.0.img
        options "ro root=UUID=5f96cafa-e0a7-4057-b18f-fa709db5b837"
        disabled
    }
    
    # Below is a more complex Linux example, specifically for Arch Linux.
    # This example MUST be modified for your specific installation; if nothing
    # else, the PARTUUID code must be changed for your disk. Because Arch Linux
    # does not include version numbers in its kernel and initrd filenames, you
    # may need to use manual boot stanzas when using fallback initrds or
    # multiple kernels with Arch. This example is modified from one in the Arch
    # wiki page on rEFInd (https://wiki.archlinux.org/index.php/rEFInd).
    menuentry "Arch Linux" {
        icon     /EFI/refind/icons/os_arch.png
        volume   "Arch Linux"
        loader   /boot/vmlinuz-linux
        initrd   /boot/initramfs-linux.img
        options  "root=PARTUUID=5028fa50-0079-4c40-b240-abfaf28693ea rw add_efi_memmap"
        submenuentry "Boot using fallback initramfs" {
            initrd /boot/initramfs-linux-fallback.img
        }
        submenuentry "Boot to terminal" {
            add_options "systemd.unit=multi-user.target"
        }
        disabled
    }
    
    # A sample entry for loading Ubuntu using its standard name for
    # its GRUB 2 boot loader. Note uses of Linux-style forward slashes
    menuentry Ubuntu {
        loader /EFI/ubuntu/grubx64.efi
        icon /EFI/refind/icons/os_linux.png
        disabled
    }
    
    # A minimal ELILO entry, which probably offers nothing that
    # auto-detection can't accomplish.
    menuentry "ELILO" {
        loader \EFI\elilo\elilo.efi
        disabled
    }
    
    # Like the ELILO entry, this one offers nothing that auto-detection
    # can't do; but you might use it if you want to disable auto-detection
    # but still boot Windows....
    menuentry "Windows 7" {
        loader \EFI\Microsoft\Boot\bootmgfw.efi
        disabled
    }
    
    # EFI shells are programs just like boot loaders, and can be
    # launched in the same way. You can pass a shell the name of a
    # script that it's to run on the "options" line. The script
    # could initialize hardware and then launch an OS, or it could
    # do something entirely different.
    menuentry "Windows via shell script" {
        icon \EFI\refind\icons\os_win.png
        loader \EFI\tools\shell.efi
        options "fs0:\EFI\tools\launch_windows.nsh"
        disabled
    }
    
    # Mac OS is normally detected and run automatically; however,
    # if you want to do something unusual, a manual boot stanza may
    # be the way to do it. This one does nothing very unusual, but
    # it may serve as a starting point. Note that you'll almost
    # certainly need to change the "volume" line for this example
    # to work.
    menuentry "My macOS" {
        icon \EFI\refind\icons\os_mac.png
        volume "macOS boot"
        loader \System\Library\CoreServices\boot.efi
        disabled
    }
    

  • Moderator

    I wanted to know what computer you have, in your case it sounds like a custom job. So you have a gigabyte motherboard. What model.

    The second part is making me scratch my head. That works perfectly. We need to edit the refind.conf file to stop the scan. With the FOG delivered refind.conf file in place you should not get the selection menu. What is confusing the hell out of me is if you set the UEFI exit mode for this computer you get a chain loading error, but if you key in the same exact command as FOG is sending you get the refind menu ( i.e. it works). The question is why, what’s different.???



  • @george1421 What do you want to know about the hardware, anything particular? The computers have gigabyte motherboards, intel CPU, 8 GBs of ram, 2 hard drives; first one is 60 GB SSD for booting OS and second one is a TB mechanical drive for storage.

    With using the exit mode of EXIT and pressing ‘s’ to get into the iPXE shell this is what appears after typing in those commands:

    0_1519847132882_b639e9bc-ee94-47ab-a177-9ef5b663e706-image.png

    if I select “Boot Microsoft EFI boot from EFI system partition” the computer boots into Windows!

    On a side note, this is what appeared when using REFIND_EFI for the exit mode.

    0_1519847066905_4bcb64b5-f6eb-46bd-8b6b-3a2ecd15896a-image.png

    The computer then automatically reboots.


  • Moderator

    @arainero What hardware are we dealing with here? This is really strange response from iPXE.

    I don’t understand why refind doesn’t at least display a message. I would focus on refind for the moment.

    At the moment you see the hit ‘s’ for the iPXE shell. Lets go ahead and hit s so we can try a few things from the iPXE shell.

    specifically

    set fog-ip 192.168.1.3
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    imgfetch ${boot-url}/service/ipxe/refind.conf
    
    chain -ar ${boot-url}/service/ipxe/refind.efi
    


  • @tom-elliott This host is registered. I have been mainly changing the global exit setting, however, I have tried setting the exit setting specifically on the host too with no luck.


  • Senior Developer

    @arainero Is this host registered? Is the exit type the set for this particular host (or model set of hosts)?

    I’m wondering if there’s something funky happening between the defaults to individual hosts.



  • @george1421 Yes you are right. In that first reply the BIOS was still set to legacy. It was changed only after @Tom-Elliott asked.

    The computers are all the same, but are custom build. The motherboard is gigabyte and model h97-d3h.

    Here is a picture with EXIT for the exit mode:

    0_1519761117732_b62dac4f-7a9b-47c4-a61c-95a8ed2e02f1-image.png

    0_1519761065550_5fccccf9-4f8a-4948-b3c9-1b696c41ef85-image.png


  • Moderator

    @arainero In the post where you stated “With REFIND_EFI set it gets stuck on the following:”, That picture is of a bios (legacy) boot not uefi. I can understand why refind may not like that if you don’t have legacy mode enabled in refind.

    Also what hardware are we dealing with here, both manufacturer and model?



  • @george1421 I’m quite sure it was set to EXIT. I can confirm shortly.


  • Moderator

    @arainero I’m not seeing anything in these that would cause a chain boot failure, unless you were enforcing https instead of http protocol for some reason. But if it was http vs https the boot.php would not have downloaded.

    Which exit mode created the last picture with chainloading failed?



  • @george1421 here is the output for GRUB selection:

    #!ipxe
    set fog-ip 192.168.1.3
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    chain -ar ${boot-url}/service/ipxe/grub.exe --config-file="rootnoverify (hd0);chainloader +1"
    

    Here is the output for EXIT selection:

    #!ipxe
    set fog-ip 192.168.1.3
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    exit
    

    Here is the output for REFIND:

    #!ipxe
    set fog-ip 192.168.1.3
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    imgfetch ${boot-url}/service/ipxe/refind.conf
    chain -ar ${boot-url}/service/ipxe/refind.efi
    

    Here is the output for SANBOOT:

    #!ipxe
    set fog-ip 192.168.1.3
    set fog-webroot fog
    set boot-url http://${fog-ip}/${fog-webroot}
    sanboot --no-describe --drive 0x80
    

    This is still using ipxe.efi for the bootfile.


  • Moderator

    @arainero It would be interesting to see the output of the following command. Key this into a browser: http://<fog_server_ip>/fog/service/ipxe/boot.php?mac=fc:aa:14:31:0b:5b

    That will display the ipxe menu. There is something simply not right with the exit mode here.



  • @tom-elliott

    After setting the BIOS to UEFI and enabling the stack, changing the boot device to the UEFI pxeboot, the pxeboot file to ipxe.efi, and the exit type for EFI to exit I get the following:

    0_1519681615524_a5f0e6a8-7404-437b-bb06-ef03a3011e35-image.png

    I tried using REFIND_EFI too and that made a new screen appear that I have not seen before. It said something about scanning for devices and then reboots the PC.

    This change does still work on the Windows 7 PCs.


  • Developer

    @arainero From the new picture you just posted it does not look like the machine is in UEFI mode. I am wondering if you mix up things a bit. maybe the initial image was installed in UEFI but the machine you deploy to is not?!


 

533
Online

41.9k
Users

12.4k
Topics

116.8k
Posts