Windows has shot bootloader – can not find EFI partition

Dear EndeavourOS community,

with today’s forced Windoze Update, W11 has forced its own bootloader on my system and destroyed my systemdboot bootloader. When switching on my laptop, windows starts automatically and I can not access EOS. Systemdboot has also disappeared from the UEFI menu.

Other forum users have already found a solution that looks simple:

• boot from a bootable USB
• use arch-chroot to access the partition on which EOS is installed
• install systemdboot with bootctl install

So I followed these steps, but have following problem:

[root@EndeavourOS /]# bootctl install
Couldn't find EFI system partition. It is recommended to mount it to /boot or /efi.
Alternatively, use --esp-path= to specify path to mount point.

You need to mount the ESP on /efi after you chroot. Alternatively, you can mount it on /mnt/efi prior to the arch-chroot. It is the same thing either way.

Thank you @dalto for your fast reply! What does ESP stand for?

A post in another forum suggests to enter lsblk -o +FSTYPE into the terminal to find out which partition has has “vfat” as FSTYPE, but I can not see:

[root@EndeavourOS /]# lsblk -o +FSTYPE
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS FSTYPE
loop0         7:0    0   2.4G  1 loop             
sda           8:0    1   3.8G  0 disk             
├─sda1        8:1    1   2.5G  0 part             
└─sda2        8:2    1   155M  0 part             
nvme0n1     259:0    0 476.9G  0 disk             
├─nvme0n1p1 259:1    0   260M  0 part             
├─nvme0n1p2 259:2    0    16M  0 part             
├─nvme0n1p3 259:3    0 133.9G  0 part             
├─nvme0n1p4 259:4    0 156.2G  0 part             
├─nvme0n1p5 259:5    0  1000M  0 part             
├─nvme0n1p6 259:6    0 184.6G  0 part /           
├─nvme0n1p7 259:7    0   800M  0 part             
└─nvme0n1p8 259:8    0   260M  0 part 

EFI System Partition.

Can you share lsblk -o name,type,fstype,size,mountpoint

Unfortunately no details are shown:

[root@EndeavourOS /]# lsblk -o name,type,fstype,size,mountpoint
NAME        TYPE FSTYPE   SIZE MOUNTPOINT
loop0       loop          2.4G 
sda         disk          3.8G 
├─sda1      part          2.5G 
└─sda2      part          155M 
nvme0n1     disk        476.9G 
├─nvme0n1p1 part          260M 
├─nvme0n1p2 part           16M 
├─nvme0n1p3 part        133.9G 
├─nvme0n1p4 part        156.2G 
├─nvme0n1p5 part         1000M 
├─nvme0n1p6 part        184.6G /
├─nvme0n1p7 part          800M 
└─nvme0n1p8 part          260M 

Try running it from outside the chroot. Open a new terminal.

It is probably nvme0n1p5 but I would like to see that filesystem first to confirm.

[liveuser@eos-2024.06.25 ~]$ lsblk -o name,type,fstype,size,mountpoint
NAME        TYPE FSTYPE     SIZE MOUNTPOINT
loop0       loop squashfs   2.4G /run/archiso/airootfs
sda         disk iso9660    3.8G 
├─sda1      part iso9660    2.5G /run/archiso/bootmnt
└─sda2      part vfat       155M 
nvme0n1     disk          476.9G 
├─nvme0n1p1 part vfat       260M 
├─nvme0n1p2 part             16M 
├─nvme0n1p3 part ntfs     133.9G /run/media/liveuser/OS
├─nvme0n1p4 part ntfs     156.2G /run/media/liveuser/DATA
├─nvme0n1p5 part vfat      1000M 
├─nvme0n1p6 part ext4     184.6G /run/media/liveuser/endeavouros
├─nvme0n1p7 part ntfs       800M 
└─nvme0n1p8 part vfat       260M

So there are 3 vfat partitions.

Yeah, it is probably nvme0n1p5. Mount it at /efi in the chroot. You can also check in /etc/fstab and see what is mounted at /efi to verify.

Thank you! The following is written in /etc/fstab

# <file system>                          <mount point>  <type>  <options>  <dump>  <pass>
UUID=28E5-655A                            /efi           vfat    fmask=0137,dmask=0027 0 2
UUID=5204093e-8a85-4af2-a41a-fc768d9d07fd /              ext4    noatime    0 1
tmpfs                                     /tmp           tmpfs   defaults,noatime,mode=1777 0 0
/swapfile                                 none           swap    defaults       0 0

When including UUID into the lsblk command, I can see that indeed nvme0n1p5 must be it.

[liveuser@eos-2024.06.25 ~]$ lsblk -o name,type,fstype,size,UUID
NAME        TYPE FSTYPE     SIZE UUID
...
├─nvme0n1p5 part vfat      1000M 28E5-655A

EDIT: What is the command to mount it? I am failing to find out. Is the following command wrong?

[root@EndeavourOS /]# mount /dev/nvmen1p5 /mnt
mount: /mnt: fsconfig system call failed: /dev/nvmen1p5: Can't lookup blockdev.
       dmesg(1) may have more information after failed mount system call.

mount /dev/nvme0n1p5 /efi

Thank you a lot, @dalto!
It seems to have worked. Are the following warnings of a security hole normal?

[root@EndeavourOS /]# mount /dev/nvme0n1p5 /efi
[root@EndeavourOS /]# bootctl install
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/efi/EFI/systemd/systemd-bootx64.efi".
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/efi/EFI/BOOT/BOOTX64.EFI".
⚠ Mount point '/efi' which backs the random seed file is world accessible, which is a security hole! ⚠
⚠ Random seed file '/efi/loader/random-seed' is world accessible, which is a security hole! ⚠
Random seed file /efi/loader/random-seed successfully refreshed (32 bytes).
Created EFI boot entry "Linux Boot Manager".

Yes, that is because of how it was temporarily mounted in the chroot. In your /etc/fstab, you can see the permissions are restricted more.

Solved! Here I am, writing again from my EOS install on my laptop. It has booted.

And besides, I have found out how to permanently deactivate automatic updates on Windows, so it doesn’t shoot my bootloader again on the evening before an important day on which I really need my laptop to just work

Thank you so much again

EDIT: Thank you very also to @clearmeth for the description of how to get systemdboot back in order.

This thread shows well two of the reasons why I have been staying with EOS as my main OS on all my computers since 2021:

• The great, suppportive and friendly forum
• the possibility to do with my computer what I want/need when I want/need.

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.