Failed to install bootloader on `nixos-rebuild switch`

jonesnoaht · August 22, 2025, 12:34pm

Suddenly when I am trying to run nixos-rebuild switch, the bootloader is unable to install. I tried rolling back to a previous generation, and that had no effect. One suggestion I have seen is that perhaps my /boot partition is full because each time a new boot configuration is generated, it is stored in the boot partition. If so, how do I clear out old boot configurations?

Here is the trace:

$ sudo nixos-rebuild switch
[sudo] password for noahtjones: 
building Nix...
building the system configuration...
Failed to read EFI variable 'LoaderFirmwareType-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderFirmwareInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderImageIdentifier-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI boot order: Input/output error
Failed to determine entries reported by boot loader, ignoring: Input/output error
Failed to read EFI variable "LoaderEntrySelected", ignoring: Input/output error
Traceback (most recent call last):
  File "/nix/store/bnizjrf342cjdc4v2m6n9ab9ycy327g8-systemd-boot/bin/systemd-boot", line 431, in <module>
    main()
  File "/nix/store/bnizjrf342cjdc4v2m6n9ab9ycy327g8-systemd-boot/bin/systemd-boot", line 414, in main
    install_bootloader(args)
  File "/nix/store/bnizjrf342cjdc4v2m6n9ab9ycy327g8-systemd-boot/bin/systemd-boot", line 317, in install_bootloader
    installed_out = run(
                    ^^^^
  File "/nix/store/bnizjrf342cjdc4v2m6n9ab9ycy327g8-systemd-boot/bin/systemd-boot", line 58, in run
    return subprocess.run(cmd, check=True, text=True, stdout=stdout)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/nix/store/bbyp6vkdszn6a14gqnfx8l5j3mhfcnfs-python3-3.12.11/lib/python3.12/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['/nix/store/ksz6ygnl9f1l6jff3mwmjsmw7qyyxa59-systemd-257.7/bin/bootctl', '--esp-path=/boot', 'status']' returned non-zero exit status 1.
Failed to install bootloader
warning: error(s) occurred while switching to the new configuration

Here is what happens when I manually run bootctl:

$ sudo bootctl --esp-path=/boot status
[sudo] password for noahtjones: 
Failed to read EFI variable 'LoaderFirmwareType-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderFirmwareInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderImageIdentifier-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI boot order: Input/output error
Failed to determine entries reported by boot loader, ignoring: Input/output error
Failed to read EFI variable "LoaderEntrySelected", ignoring: Input/output error
System:
      Firmware: n/a (n/a)
 Firmware Arch: x64
   Secure Boot: disabled (unsupported)
  TPM2 Support: yes
  Measured UKI: no
  Boot into FW: failed (Input/output error)

Random Seed:
 System Token: set
       Exists: yes

Available Boot Loaders on ESP:
          ESP: /boot (/dev/disk/by-partuuid/eda8e759-09ee-dc4d-9866-6a6d6c1a7c00)
         File: ├─/EFI/systemd/systemd-bootx64.efi (systemd-boot 257.5)
               └─/EFI/BOOT/BOOTX64.EFI (systemd-boot 257.5)

Boot Loader Entries:
        $BOOT: /boot (/dev/disk/by-partuuid/eda8e759-09ee-dc4d-9866-6a6d6c1a7c00)
        token: nixos

Default Boot Loader Entry:
         type: Boot Loader Specification Type #1 (.conf)
        title: NixOS (Generation 92 NixOS Warbler 25.05.803751.88331c17ba43 (Linux 6.12.32), built on 2025-08-17)
           id: nixos-generation-92.conf
       source: /boot//loader/entries/nixos-generation-92.conf (on the EFI System Partition)
     sort-key: nixos
      version: Generation 92 NixOS Warbler 25.05.803751.88331c17ba43 (Linux 6.12.32), built on 2025-08-17
   machine-id: 19034acf9ea344709edc23c4b2e4c0b9
        linux: /boot//EFI/nixos/h3w4lxpqlgsimj93ajlzakqdxa5khap3-linux-6.12.32-bzImage.efi
       initrd: /boot//EFI/nixos/nps8x8qr2z0n8rw1szrsbpdfj1l03ppa-initrd-linux-6.12.32-initrd.efi
      options: init=/nix/store/mndgdg6697hsjmqkivhval72in0vgpnq-nixos-system-nixos-25.05.803751.88331c17ba43/init loglevel=4 lsm=landlock,yama,bpf

I set boot.loader.efi.canTouchEfiVariables = false in configuration.nix, and the output was as follows on sudo nixos-rebuild switch:

$ sudo nixos-rebuild switch 
building Nix...
building the system configuration...
these 3 derivations will be built:
  /nix/store/dfjhdd2fw8mx2p0ink087vyw6d2jxqlj-systemd-boot.drv
  /nix/store/xs0gs0500fyq0m4l1v3ixk21776jjvjp-install-systemd-boot.sh.drv
  /nix/store/a6w2zhzyrin1p4l23ja83lby478gc51z-nixos-system-nixos-25.05.808519.9cb344e96d5b.drv
building '/nix/store/dfjhdd2fw8mx2p0ink087vyw6d2jxqlj-systemd-boot.drv'...
Running phase: patchPhase
Running phase: updateAutotoolsGnuConfigScriptsPhase
Running phase: configurePhase
no configure script, doing nothing
Running phase: buildPhase
Running phase: checkPhase
Running phase: installPhase
no Makefile or custom installPhase, doing nothing
Running phase: fixupPhase
shrinking RPATHs of ELF executables and libraries in /nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot
checking for references to /build/ in /nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot...
patching script interpreter paths in /nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot
building '/nix/store/xs0gs0500fyq0m4l1v3ixk21776jjvjp-install-systemd-boot.sh.drv'...
building '/nix/store/a6w2zhzyrin1p4l23ja83lby478gc51z-nixos-system-nixos-25.05.808519.9cb344e96d5b.drv'...
Failed to read EFI variable 'LoaderFirmwareType-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderFirmwareInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderInfo-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderImageIdentifier-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI variable 'LoaderEntrySelected-4a67b082-0a4c-41cf-b6c7-440b29bb8c4f', ignoring: Input/output error
Failed to read EFI boot order: Input/output error
Failed to determine entries reported by boot loader, ignoring: Input/output error
Failed to read EFI variable "LoaderEntrySelected", ignoring: Input/output error
Traceback (most recent call last):
  File "/nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot/bin/systemd-boot", line 431, in <module>
    main()
  File "/nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot/bin/systemd-boot", line 414, in main
    install_bootloader(args)
  File "/nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot/bin/systemd-boot", line 317, in install_bootloader
    installed_out = run(
                    ^^^^
  File "/nix/store/yj1pxc9k7h6y7j7i1w012bhxgafgvalw-systemd-boot/bin/systemd-boot", line 58, in run
    return subprocess.run(cmd, check=True, text=True, stdout=stdout)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/nix/store/bbyp6vkdszn6a14gqnfx8l5j3mhfcnfs-python3-3.12.11/lib/python3.12/subprocess.py", line 571, in run
    raise CalledProcessError(retcode, process.args,
subprocess.CalledProcessError: Command '['/nix/store/ksz6ygnl9f1l6jff3mwmjsmw7qyyxa59-systemd-257.7/bin/bootctl', '--esp-path=/boot', 'status']' returned non-zero exit status 1.
Failed to install bootloader
warning: error(s) occurred while switching to the new configuration

jonesnoaht · August 22, 2025, 3:52pm

I removed old generations of the kernel from the boot drive and then rebooted. That solved the problem.

turbotimon · September 2, 2025, 9:40am

Wow, just had to do the same thing. How strange this is not done automatically when older generations are removed… (Having the user to manipulate /boot and remove kernels seems risky and not poorly thought out). Nixos never ceases to surprise me!

jonesnoaht · September 3, 2025, 8:14pm

I just had the same problem again. I wonder if it is an issue since I have started to use hibernate more frequently. This time, I did not clear out the old kernels or anything. I just had to reboot.

bme · September 3, 2025, 8:20pm

It is done automatically, just probably not in the way you imagine.

❯ nh clean all -k3 --nogc --nogcroots
[sudo] password for ben: 
warning: $HOME ('/home/ben') is not owned by you, falling back to the one defined in the 'passwd' file ('/root')
warning: $HOME ('/home/ben') is not owned by you, falling back to the one defined in the 'passwd' file ('/root')

Welcome to nh clean
Keeping 3 generation(s)
Keeping paths newer than 0s

legend:
OK: path to be kept
DEL: path to be removed

/nix/var/nix/profiles/per-user/ben/profile
- OK  /nix/var/nix/profiles/per-user/ben/profile-487-link
- OK  /nix/var/nix/profiles/per-user/ben/profile-486-link
- OK  /nix/var/nix/profiles/per-user/ben/profile-485-link
- DEL /nix/var/nix/profiles/per-user/ben/profile-484-link

/nix/var/nix/profiles/system
- OK  /nix/var/nix/profiles/system-143-link
- OK  /nix/var/nix/profiles/system-142-link
- OK  /nix/var/nix/profiles/system-141-link
- DEL /nix/var/nix/profiles/system-140-link
- DEL /nix/var/nix/profiles/system-139-link

/home/ben/.local/state/nix/profiles/home-manager
- OK  /home/ben/.local/state/nix/profiles/home-manager-924-link
- OK  /home/ben/.local/state/nix/profiles/home-manager-923-link
- OK  /home/ben/.local/state/nix/profiles/home-manager-922-link
- DEL /home/ben/.local/state/nix/profiles/home-manager-921-link
- DEL /home/ben/.local/state/nix/profiles/home-manager-920-link

> Removing /nix/var/nix/profiles/per-user/ben/profile-484-link
> Removing /nix/var/nix/profiles/system-140-link
> Removing /nix/var/nix/profiles/system-139-link
> Removing /home/ben/.local/state/nix/profiles/home-manager-921-link
> Removing /home/ben/.local/state/nix/profiles/home-manager-920-link

~                                                                                     21:16:34
❯ sudo /run/current-system/bin/switch-to-configuration boot

~                                                                                     21:16:49
❯ sudo ls /boot/loader/entries
nixos-generation-141.conf  nixos-generation-142.conf  nixos-generation-143.conf

Forgive the usage of nh, but it is sufficient to remove old system generation links (you don’t even need gc!) then run /run/current-system/bin/switch-to-configuration boot. This happens as part of nixos-rebuild, but only after the generation links are cleaned up, which can sometimes wedge you in a chicken / egg scenario.

waffle8946 · September 4, 2025, 12:17am

Which is something I think NixOS could improve upon.
Having to babysit /boot gets annoying after a while.