[arch-general] efivars mounted read-write, but "operation not permitted, "
kyleterrien at gmail.com
Thu Aug 4 00:42:53 UTC 2016
On Wed, 3 Aug 2016 13:03:41 -0700
Zachary Kline <zkline at speedpost.net> wrote:
> Hi All,
> This is admittedly more about Linux in general than Arch
> specifically, but I’m wondering if anybody has insight into why I
> can’t delete EFI variables, when efivarfs is mounted read-write. For
> anybody interested, I am wanting to remove the default boot entry
> created by systemd-boot, but receive an “Operation not permitted,”
> message when trying to do so, even as root.
> Any insight would be appreciated.
> Thanks much,
I remember there were some kernel patches that went in a few months ago.
Brief summary of what happened:
* Someone ran 'rm -rf /' on his system to wipe it. It was hard bricked,
not even able to POST.  (You need an Arch BBS account to view
* All Hell broke loose. Tech blogs had a field day.  A bug was
filed in systemd . For some reason beyond me, systemd requires
that efivars be mounted read-write. (Probably bad design)
* A kernel patch was submitted to try to protect efivars somewhat .
I think you are seeing the direct consequence of this patch.
The computer can't tell you the emotional story. It can give you the
exact mathematical design, but what's missing is the eyebrows.
- Frank Zappa
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 819 bytes
Desc: OpenPGP digital signature
More information about the arch-general