[GH-ISSUE #98] [BUG]: grub-efi-amd64-signed package post-installation script subprocess returned error exit status 32

kerem commented

2026-03-03 13:58:42 +03:00

Owner

Originally created by @GordonSasha on GitHub (Sep 5, 2021).
Original GitHub issue: https://github.com/konstruktoid/hardening/issues/98

Originally assigned to: @konstruktoid on GitHub.

Describe the bug

during installation process the f_aptget() returns error:

Setting up grub-efi-amd64-signed (1.167.2+2.04-1ubuntu44.2) ...
mount: /var/lib/grub/esp: special device /dev/disk/by-id/mmc-S0J58X_0x158869a0-part1 does not exist.
dpkg: error processing package grub-efi-amd64-signed (--configure):
 installed grub-efi-amd64-signed package post-installation script subprocess returned error exit status 32
No apport report written because the error message indicates its a followup error from a previous failure.Setting up linux-generic (5.4.0.81.85) ...
Setting up fwupd-signed (1.27.1ubuntu5+1.5.11-0ubuntu1~20.04.2) ...
dpkg: dependency problems prevent configuration of shim-signed:
 shim-signed depends on grub-efi-amd64-signed | grub-efi-arm64-signed; however:
  Package grub-efi-amd64-signed is not configured yet.
  Package grub-efi-arm64-signed is not installed.

dpkg: error processing package shim-signed (--configure):
 dependency problems - leaving unconfigured

and after

Processing triggers for initramfs-tools (0.136ubuntu6.6) ...
update-initramfs: Generating /boot/initrd.img-5.4.0-81-generic
Errors were encountered while processing:
 grub-efi-amd64-signed
 shim-signed
E: Sub-process /usr/bin/dpkg returned an error code (1)

To Reproduce
The system uses EFI:

$ sudo lsblk
[sudo] password for tfence: 
NAME         MAJ:MIN RM  SIZE RO TYPE MOUNTPOINT
loop0          7:0    0   55M  1 loop /snap/core18/1880
loop1          7:1    0 55.4M  1 loop /snap/core18/2128
loop2          7:2    0 71.3M  1 loop /snap/lxd/16099
loop3          7:3    0 29.9M  1 loop /snap/snapd/8542
loop4          7:4    0 70.3M  1 loop /snap/lxd/21029
loop5          7:5    0 32.3M  1 loop /snap/snapd/12883
mmcblk1      179:0    0 59.3G  0 disk 
├─mmcblk1p1  179:1    0  512M  0 part /boot/efi
├─mmcblk1p2  179:2    0    1G  0 part /boot
├─mmcblk1p3  179:3    0   30G  0 part /
├─mmcblk1p4  179:4    0    5G  0 part /home
├─mmcblk1p5  179:5    0    5G  0 part /var
├─mmcblk1p6  179:6    0    5G  0 part /var/tmp
├─mmcblk1p7  179:7    0    5G  0 part /var/log
├─mmcblk1p8  259:0    0    5G  0 part /var/log/audit
└─mmcblk1p9  259:1    0  2.8G  0 part /srv
mmcblk1boot0 179:8    0 31.5M  1 disk

I run the install script step by step, I mean function by function (f_pre () function always works). Every time I start, I change "ubuntu.sh" something like this:
Run 1:

  f_pre
  SCRIPT_COUNT=1
  f_kernel
  SCRIPT_COUNT=2
#  f_firewall
  SCRIPT_COUNT=3
#  f_disablenet
  SCRIPT_COUNT=4
# ...

Run 2:

 f_pre
  SCRIPT_COUNT=1
 # f_kernel
  SCRIPT_COUNT=2
  f_firewall
  SCRIPT_COUNT=3
#  f_disablenet
  SCRIPT_COUNT=4
# ...

So during the step 'aptget ...' :

  #  f_prelink
# ....
  SCRIPT_COUNT=12
  f_aptget_configure
SCRIPT_COUNT=13
  f_aptget
SCRIPT_COUNT=15
#  f_hosts
# ...

I have an error:
harden_install_error.txt

Expected behavior
A clear and concise description of what you expected to happen.

System (lsb_release -a):
lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 20.04.3 LTS
Release: 20.04
Codename: focal

Additional context
Add any other context about the problem here.

Originally created by @GordonSasha on GitHub (Sep 5, 2021). Original GitHub issue: https://github.com/konstruktoid/hardening/issues/98 Originally assigned to: @konstruktoid on GitHub. **Describe the bug** *during installation process the f_aptget() returns error:* ``` Setting up grub-efi-amd64-signed (1.167.2+2.04-1ubuntu44.2) ... mount: /var/lib/grub/esp: special device /dev/disk/by-id/mmc-S0J58X_0x158869a0-part1 does not exist. dpkg: error processing package grub-efi-amd64-signed (--configure): installed grub-efi-amd64-signed package post-installation script subprocess returned error exit status 32 No apport report written because the error message indicates its a followup error from a previous failure.Setting up linux-generic (5.4.0.81.85) ... Setting up fwupd-signed (1.27.1ubuntu5+1.5.11-0ubuntu1~20.04.2) ... dpkg: dependency problems prevent configuration of shim-signed: shim-signed depends on grub-efi-amd64-signed | grub-efi-arm64-signed; however: Package grub-efi-amd64-signed is not configured yet. Package grub-efi-arm64-signed is not installed. dpkg: error processing package shim-signed (--configure): dependency problems - leaving unconfigured ``` and after ``` Processing triggers for initramfs-tools (0.136ubuntu6.6) ... update-initramfs: Generating /boot/initrd.img-5.4.0-81-generic Errors were encountered while processing: grub-efi-amd64-signed shim-signed E: Sub-process /usr/bin/dpkg returned an error code (1) ``` **To Reproduce** The system uses EFI: ``` $ sudo lsblk [sudo] password for tfence: NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT loop0 7:0 0 55M 1 loop /snap/core18/1880 loop1 7:1 0 55.4M 1 loop /snap/core18/2128 loop2 7:2 0 71.3M 1 loop /snap/lxd/16099 loop3 7:3 0 29.9M 1 loop /snap/snapd/8542 loop4 7:4 0 70.3M 1 loop /snap/lxd/21029 loop5 7:5 0 32.3M 1 loop /snap/snapd/12883 mmcblk1 179:0 0 59.3G 0 disk ├─mmcblk1p1 179:1 0 512M 0 part /boot/efi ├─mmcblk1p2 179:2 0 1G 0 part /boot ├─mmcblk1p3 179:3 0 30G 0 part / ├─mmcblk1p4 179:4 0 5G 0 part /home ├─mmcblk1p5 179:5 0 5G 0 part /var ├─mmcblk1p6 179:6 0 5G 0 part /var/tmp ├─mmcblk1p7 179:7 0 5G 0 part /var/log ├─mmcblk1p8 259:0 0 5G 0 part /var/log/audit └─mmcblk1p9 259:1 0 2.8G 0 part /srv mmcblk1boot0 179:8 0 31.5M 1 disk ``` I run the install script step by step, I mean function by function (f_pre () function always works). Every time I start, I change "ubuntu.sh" something like this: Run 1: ``` f_pre SCRIPT_COUNT=1 f_kernel SCRIPT_COUNT=2 # f_firewall SCRIPT_COUNT=3 # f_disablenet SCRIPT_COUNT=4 # ... ``` Run 2: ``` f_pre SCRIPT_COUNT=1 # f_kernel SCRIPT_COUNT=2 f_firewall SCRIPT_COUNT=3 # f_disablenet SCRIPT_COUNT=4 # ... ``` So during the step 'aptget ...' : ``` # f_prelink # .... SCRIPT_COUNT=12 f_aptget_configure SCRIPT_COUNT=13 f_aptget SCRIPT_COUNT=15 # f_hosts # ... ``` I have an error: [harden_install_error.txt](https://github.com/konstruktoid/hardening/files/7111714/harden_install_error.txt) **Expected behavior** A clear and concise description of what you expected to happen. **System (lsb_release -a):** lsb_release -a No LSB modules are available. Distributor ID: Ubuntu Description: Ubuntu 20.04.3 LTS Release: 20.04 Codename: focal **Additional context** Add any other context about the problem here.

kerem

2026-03-03 13:58:42 +03:00

closed this issue
added the
Stale
label

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@konstruktoid commented on GitHub (Sep 5, 2021):

Thanks for opening this issue.
Is it reproducible on other systems with the same configuration?

@konstruktoid commented on GitHub (Sep 5, 2021): Thanks for opening this issue. Is it reproducible on other systems with the same configuration?

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@GordonSasha commented on GitHub (Sep 12, 2021):

On other OS and Ubuntu versions I have not tested

@GordonSasha commented on GitHub (Sep 12, 2021): On other OS and Ubuntu versions I have not tested

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@GordonSasha commented on GitHub (Sep 12, 2021):

But I saw as people talking about same problem and solution can be:
$APT purge grub*
$APT install grub-efi
$APT autoremove
update-grub
in 10_aptget: f_aptget() . I will checked it

@GordonSasha commented on GitHub (Sep 12, 2021): But I saw as people talking about same problem and solution can be: $APT purge grub\* $APT install grub-efi $APT autoremove update-grub in 10_aptget: f_aptget() . I will checked it

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@GordonSasha commented on GitHub (Sep 13, 2021):

Looks like this solved the problem

@GordonSasha commented on GitHub (Sep 13, 2021): Looks like this solved the problem

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@konstruktoid commented on GitHub (Sep 13, 2021):

This isn't actually an issue with this project but with the specified packages (https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1871963) and the current disk layout (mount: /var/lib/grub/esp: special device /dev/disk/by-id/mmc-S0J58X_0x158869a0-part1 does not exist.

I can't really start guessing about disk layouts, partitions or if grub is to be purged (making systems unbootable), so I believe this issue is out-of-scope.

@konstruktoid commented on GitHub (Sep 13, 2021): This isn't actually an issue with this project but with the specified packages (https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1871963) and the current disk layout (`mount: /var/lib/grub/esp: special device /dev/disk/by-id/mmc-S0J58X_0x158869a0-part1 does not exist.` I can't really start guessing about disk layouts, partitions or if `grub` is to be purged (making systems unbootable), so I believe this issue is out-of-scope.

kerem commented

2026-03-03 13:58:43 +03:00

Author

Owner

@github-actions[bot] commented on GitHub (Oct 14, 2021):

This issue is stale because it has been open 30 days with no activity, without any activity it will be closed in 5 days.

@github-actions[bot] commented on GitHub (Oct 14, 2021): This issue is stale because it has been open 30 days with no activity, without any activity it will be closed in 5 days.

kerem referenced this issue

2026-03-03 14:29:46 +03:00

[PR #51] [MERGED] Actiontesting #122

Rows
Columns

[GH-ISSUE #98] [BUG]: grub-efi-amd64-signed package post-installation script subprocess returned error exit status 32 #50