0

I have a protectli vault fw4 mini PC running Untangle NG Firewall. It failed to boot after I had to forcefully power it off when the web UI was unresponsive. I plugged the device in to a monitor and saw the Untangle boot menu start followed by a brief message about failed to read sector <random hex code>. And then a restart.

Thinking the 32GB mSata SSD drive might be failing I switched the UEFI firmware settings to legacy mode and booted a UBCD usb stick. I was able to successfully run a surface (read) scan on the drive without issue.

From that point on, I switched the BIOS back to UEFI mode and it refuses to see the drive’s boot entries.

I created a Linux System Rescue disk and was able to run fsck on all three partitions. It did fix several issues on the main partition. Hopefully this is why it was having reading sector errors (strange for a logical problem).

The disk has 3 partitions.

  1. /dev/sda1 - Linux Filesystem
  2. /dev/sda2 - Linux Swap
  3. /dev/sda3 - EFI System

On /dev/sda3 I see the following folder structure…

/EFI
— debian
—— grubx64.efi
— untangle
—— grubx64.efi

The system is obviously a Debian based system.

I assume the problem is that changing to legacy mode erased the boot entry in the UEFI firmware. What is the proper way to add this boot entry back to the UEFI firmware with Linux tools / commands? I found some info about first listing the entries with efibootmgr but only the bootable USB stick is found.

The UEFI firmware menu itself does not have an option for adding manual entries that I see. Any other information needed?

Improve this question

1 Answer 1

Reset to default
0

I found I was able to use the following command to restore the boot entry.

efibootmgr -c -p 3 -d /dev/sda -L “UEFI: Untangle” -l “\EFI\untangle\grubx64.efi”

Unfortunately, now that it boots I still get the failed to read sector error.

Improve this answer
4
  • You can also generally register/add UEFI boot entries via the Boot tab within the UEFI firmware settings. For the sector issue on an SSD, that would seem to imply either the data on the sector is corrupted (try TestDisk to recover the data) or the sector has reached its end-of-life (check the S.M.A.R.T wear leveling value: smartctl -a /dev/<disk>)
    – JW0914
    Commented Mar 23, 2022 at 4:37
  • @JW0914 thanks. No option in UEFI settings. It turns out a long test failed on the drive. I went ahead and replaced it.
    – Appleoddity
    Commented Mar 23, 2022 at 18:17
  • I wanted to verify, in the UEFI firmware settings, there's no Add option for adding boot entries (that would be highly abnormal if the case, as that function is there to allow registering new boot entries that don't use the built-in EFI boot digital certificate(s) stored in the firmware, as without that signature, you can't Secure Boot)?
    – JW0914
    Commented Mar 24, 2022 at 13:42
  • @JW0914 there is no option. Maybe secure boot was disabled, although I think I remember seeing it enabled. At this point the device is back in service, so I can’t check.
    – Appleoddity
    Commented Mar 24, 2022 at 17:02

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .