Sunday, 5. May 2024 Week 18

Migrate from legacy CSM boot to UEFI boot

Due to a hardware failure I had to replace one of my computers (switching from a 2015 Intel NUC to a Dell OptiPlex Micro 7010).
After moving the disk to the new system, it refused to boot (claimed that no bootable drive was available).

Turns out that the new system only supports UEFI booting and the existing disk was setup for 'legacy'/CSM boot.

I used the following steps to convert the existing disk to UEFI boot (while keeping all data on it available).
They are inspired by the excellent Switch Debian from legacy to UEFI boot mode guide from Jens Getreu.

  1. Disable secure boot in the BIOS to allow booting from an USB stick.
  2. Create a bootable USB stick with a Debian live system (see my previous post)
  3. Boot into the Debian live system
  4. Identify the disk to work on (/dev/nvme0n1 in my case)
  5. Convert the partition table from MBR to GPT:
    # gdisk /dev/nvme0n1
    
    r       recovery and transformation options (experts only)
    f       load MBR and build fresh GPT from it
    w	write table to disk and exit
  6. Install gparted into the Debian live system:
    # apt-get install gparted
  7. Create an UEFI partition and a partition for Grub2:
    # gparted /dev/nvme0n1
    Resize an existing partition to create space (does not need to be at the beginning of the disk, I used the swap partition).
    Create a new 100MB partition for efi (named "Efi partition"), format it as fat32 and flag it bootable.
    Create a new 50MB partition for Grub2 (named "BIOS boot partition"), keep it unformatted.
  8. Use gdisk to set proper partition codes (EF00 for the efi partition and EF02 for the Grub2 partition):
    # gdisk /dev/nvme0n1
    
    p	print the partition table
    t	change a partition's type code
    t	change a partition's type code
    w	write table to disk and exit
  9. Chroot into the on-disk root system:
    # mount -t ext4 /dev/nvme0n1p1 /mnt
    # mkdir /mnt/boot/efi
    # mount /dev/nvme0n1p2 /mnt/boot/efi
    # mount --bind /sys /mnt/sys
    # mount --bind /proc /mnt/proc
    # mount --bind /dev /mnt/dev
    # mount --bind /dev/pts /mnt/dev/pts
    # cp /etc/resolv.conf /mnt/etc/resolv.conf
    # chroot /mnt
  10. Update /etc/fstab:
    # ls -lisa /dev/disk/by-uuid
    Identify the UUID of the EFI partition (usually in the format XXXX-XXXX) and add a corresponding line to /etc/fstab:
    # echo "UUID=XXXX-XXXX /boot/efi vfat defaults 0 2" >> /etc/fstab
  11. Install grub-efi and install Grub2 to the EFI partition:
    # apt-get remove grub-pc
    # apt-get install grub-efi
    # grub-install /dev/nvme0n1
  12. Exit the chroot and reboot the system:
    # exit
    # reboot
  13. Select the Debian bootloader (/EFI/debian/grubx64.efi) in the UEFI BIOS and make it the default :-)

Create a bootable Debian USB stick on macOS

Needed to create a bootable Debian USB stick for some maintenance on one of my computers.
Here are the steps so I won't have to search for them the next time :-)

  1. Download the Debian live CD image
  2. Connect your USB stick and find its device location (/dev/diskX) with:
    sudo diskutil list
  3. If needed unmount your USB stick:
    sudo diskutil unmountdisk /dev/diskX
  4. Write the downloaded image onto the USB stick:
    sudo dd if=./debian-live-12.5.0-amd64-standard.iso of=/dev/diskX bs=1m
Wednesday, 24. April 2024 Week 17
Tuesday, 23. April 2024 Week 17
Monday, 15. April 2024 Week 16
Saturday, 13. April 2024 Week 15
Thursday, 11. April 2024 Week 15

NTP IPs

This post from Rachel, reminded me of my own struggle with a Raspberry Pi and time (and yes, I did run into the same DNSSEC problem).
I first tried a RTC shield, but this didn't fully solve all problems.

My workaround in the end is to use two fixed IP addresses in ntp.conf in additon to the usual pool servers.
Thanks ${previous employer} for not changing the IPs of your public NTP servers so far :-)

Wednesday, 10. April 2024 Week 15

SixSpotting still going on

While browsing through the archives I stumbled upon the SixSpotting post from 2014.
Turns out the game is still working and after some failed attempts I managed to remember my account name and log in.
I guess it must look quite strange to see a burst of new checkins after almost 10 years 😄

My last 5 SixSpotting checkins