coreos-boot-mount-generator: stop mounting /boot/efi

On RAID systems we're now going to have multiple ESPs, no one of which is the "canonical ESP", so there's nothing we can mount here. Drop the mount unit. Fixes: coreos/fedora-coreos-tracker#694
HuijingHei · Oct 10, 2023 · d90c5be · d90c5be
1 parent 977dc28
commit d90c5be
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 17 deletions.
diff --git a/overlay.d/05core/usr/lib/systemd/system-generators/coreos-boot-mount-generator b/overlay.d/05core/usr/lib/systemd/system-generators/coreos-boot-mount-generator
@@ -72,18 +72,4 @@ EOF
 # the dependency on the underlying device unit.
 if [ ! -f /run/ostree-live ]; then
     mk_mount /boot boot
-
-    # Only mount the EFI System Partition on machines where it exists,
-    # which are 1) machines actually booted through EFI, and 2) x86_64
-    # when booted through BIOS.
-    if [ "$(uname -m)" = "x86_64" -o -d /sys/firmware/efi ]; then
-        mk_mount /boot/efi EFI-SYSTEM
-        # In the general case the ESP might have per-machine or private
-        # data on it.  Let's not make it world readable on general
-        # principle.
-        # https://github.com/coreos/fedora-coreos-tracker/issues/640
-        cat >>${UNIT_DIR}/boot-efi.mount << EOF
-Options=umask=0077
-EOF
-    fi
 fi
diff --git a/tests/kola/misc-ro b/tests/kola/misc-ro
@@ -93,9 +93,6 @@ ok LICENSE
 
 case "$(arch)" in
     x86_64|aarch64)
-        if runuser -u core -- ls /boot/efi &>/dev/null; then
-            fatal "Was able to access /boot/efi as non-root"
-        fi
         # This is just a basic sanity check; at some point we
         # will implement "project-owned tests run in the pipeline"
         # and be able to run the existing bootupd tests: