Bug 738977

Summary: grub2 defaults to boot "saved" seems wrong
Product: [Fedora] Fedora Reporter: drago01
Component: grub2Assignee: Peter Jones <pjones>
Status: CLOSED WORKSFORME QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: adel.gadllah, awilliam, dennis, lkundrak, pjones, satellitgo
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard: RejectedBlocker
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-10-01 12:57:01 EDT Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Description drago01 2011-09-16 04:46:18 EDT
Description of problem:

Grub2 defaults to "saved" aka "the last booted entry". This problematic in the following scenario: 

1) User boots, grub saves the current booted kernel as default
2) User updates kernel (security update)
3) User reboots because PackageKit told him to do so
4) Due to 1) user ends running the vulnerable kernel even though he had updated to the one with the security fix.

For grub 1 we always set the new kernel as default and kept the old one as a fallback option. Defaulting to the old kernel like here seems backwards and wrong.
Comment 1 Fedora Admin XMLRPC Client 2011-09-16 15:08:36 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 2 Adam Williamson 2011-09-19 19:54:11 EDT
Can't reproduce this in an f15 to f16 upgrade.

I installed f15 clean, updated to latest f15, upgraded to f16, then updated f16.

The f16 update installed an updated kernel (0.3 vs. 0.0) and on a reboot, the 0.3 kernel was the default, not the 0.0.
Comment 3 Adam Williamson 2011-09-30 14:55:59 EDT
Discussed at 2011-09-30 blocker review meeting. Agreed this would not be a blocker as described as it could be fixed by an update, and additionally, no-one present at the meeting is seeing this bug in their F16 installs. Adel, can you verify this on a clean F16 install? Thanks.
Comment 4 Adel Gadllah 2011-10-01 12:57:01 EDT
(In reply to comment #3)
> Discussed at 2011-09-30 blocker review meeting. Agreed this would not be a
> blocker as described as it could be fixed by an update, and additionally,
> no-one present at the meeting is seeing this bug in their F16 installs. Adel,
> can you verify this on a clean F16 install? Thanks.

Did a fresh install today and it seems to work as expected.