Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: Ubuntu Switches Back To GRUB2 For SecureBoot

  1. #11

    Default

    randomizer: it may relate to theming. grub2 seems considerably slower to render when themed on some hardware, compared to when un-themed.

  2. #12
    Join Date
    Jan 2011
    Posts
    153

    Default

    Quote Originally Posted by AdamW View Post
    randomizer: it may relate to theming. grub2 seems considerably slower to render when themed on some hardware, compared to when un-themed.
    The theme is really nothing but a purple background. I would hope that this wouldn't be too taxing on the system

    This has me wondering what precisely we are all referring to when talking about how long it takes to render. Are we talking about the time between when the bootloader screen first appears until it has fully rendered or the time between a completed POST sequence and when it has fully rendered? The delay I'm referring to is mostly between the end of the POST and when the bootloader menu first appears, which is a couple of seconds. This delay is much shorter with other distros.

  3. #13
    Join Date
    Oct 2011
    Location
    Seattle, WA, USA
    Posts
    82

    Default

    Quote Originally Posted by Kano View Post
    You dont need grub when you use efi. Did you ever try without?
    So it's baked into Ubuntu kernels now? Must investigate. Since I don't multiboot, I'd love to purge GRUB completely.

  4. #14
    Join Date
    Jan 2009
    Posts
    1,579

    Default

    Quote Originally Posted by steveriley View Post
    So it's baked into Ubuntu kernels now? Must investigate. Since I don't multiboot, I'd love to purge GRUB completely.
    You can still multiboot if your motherboard allows you to have a boot menu (probably does). You just create more entries to it.

  5. #15
    Join Date
    Oct 2011
    Location
    Seattle, WA, USA
    Posts
    82

    Default

    Quote Originally Posted by 89c51 View Post
    You can still multiboot if your motherboard allows you to have a boot menu (probably does). You just create more entries to it.
    Yeah, both my ThinkPads have a crappy boot manager menu, which basically just lists whatever it sees in Bootnnnn NVRAM variables. Right now, my one-and-only entry, called "ubuntu," points to \EFI\ubuntu\grubx64.efi. EFI boot appears to allow me to skip the irrelevant GRUB stuff and directly boot-load the kernel. Just need to spend a couple hours learning how to stitch it all together.

  6. #16
    Join Date
    Aug 2007
    Posts
    6,607

    Default

    That's pretty simple (lets think you use /dev/sda1 for /boot/efi - basically i would not even need -d/p in that case and /dev/sda2 for /), try this
    Code:
    sudo cp /boot/vmlinuz-$(uname -r) /boot/efi/EFI/ubuntu/linux.efi
    sudo efibootmgr -c -d /dev/sda -p 1 -l '\EFI\ubuntu\linux.efi' -L 'Ubuntu direct' -u 'quiet root=/dev/sda2'
    instead of root=/dev/sda2 you could use in the case you have got gpt this:
    Code:
    echo root=PARTUUID=$(blkid -p -s PART_ENTRY_UUID -o value /dev/root)
    Thats usually not needed for only 1 internal hd, but would not hurt of course. A partuuid is the id of the partition and NOT the id of the filesystem, this is not supported without initrd. It is possible to boot with initrd as well, but i think you wanted to boot with max speed.

  7. #17
    Join Date
    Dec 2011
    Posts
    38

    Default

    Quote Originally Posted by Kano View Post
    That's pretty simple (lets think you use /dev/sda1 for /boot/efi - basically i would not even need -d/p in that case and /dev/sda2 for /), try this
    Code:
    sudo cp /boot/vmlinuz-$(uname -r) /boot/efi/EFI/ubuntu/linux.efi
    sudo efibootmgr -c -d /dev/sda -p 1 -l '\EFI\ubuntu\linux.efi' -L 'Ubuntu direct' -u 'quiet root=/dev/sda2'
    instead of root=/dev/sda2 you could use in the case you have got gpt this:
    Code:
    echo root=PARTUUID=$(blkid -p -s PART_ENTRY_UUID -o value /dev/root)
    Thats usually not needed for only 1 internal hd, but would not hurt of course. A partuuid is the id of the partition and NOT the id of the filesystem, this is not supported without initrd. It is possible to boot with initrd as well, but i think you wanted to boot with max speed.
    actually it is not that simple, because initrd may be required.

    my kernel is now a standalone efi bootable which can boot any linux partitions in my PC by:
    1. do not allow module, compile all function builtin
    2. embed initramfs
    3. embed video firmware blob

  8. #18
    Join Date
    Aug 2007
    Posts
    6,607

    Default

    You dont need to embed that, it can be read from the filesystem. You only have to be sure that your hd can be mounted without extra drivers - thats default for ubuntu kernels when you dont use raid. But in the case you want to boot with initrd, thats a piece of cake as well.
    Code:
    sudo cp /boot/initrd.img-$(uname -r) /boot/efi/EFI/ubuntu/initrd.img
    sudo efibootmgr -c -d /dev/sda -p 1 -l '\EFI\ubuntu\linux.efi' -L 'Ubuntu direct with initrd' -u 'quiet root=/dev/sda2 initrd=EFI\ubuntu\initrd.img'
    As you see you have to write the path to the initrd relatively to the efi partition, you can add a \ in front, but that is optional. You have to use \ and not / because that's the UEFI syntax. So whats your problem now? Btw you can use the root=UUID=... statement you usually get by
    Code:
    echo root=UUID=$(blkid -p -s UUID -o value /dev/root)
    if you want when you use an initrd as well, thats the uuid of the filesystem - this would even work when you use mbr partitions - the efi fat partition must be a PRIMARY one in that case!

  9. #19
    Join Date
    Dec 2011
    Posts
    1,987

    Default Fedora approach

    How does Ubuntu's SecureBoot approach now differ from that of Fedora?

  10. #20
    Join Date
    Aug 2007
    Posts
    6,607

    Default

    Well you can reuse the ubuntu shim/grub for all purpose Because it allows boot of unsigned kernels. Basically they use both shim to chainload to grub. shim can be configured to allow only a signed binary (when you build it plain it is just a chainloader). Fedora wants to use signed kernels, somewhere are kernel patches to do that, maybe you find the link. With one working shim/grub combination you can boot every system - well it depends how many features ubuntu allows in the signed grub, if chainloader is possible you can start any other efi binary (signed or not) - and even win.
    Last edited by Kano; 09-22-2012 at 01:17 PM.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •