Recently I've had to deal with issues booting using UEFI as outlined in my Linux Boot Failure! Debugging UEFI Boot Issues blog post, where I also go into detail about UEFI and the UEFI boot process.

Been down the rabbit hole lately of UEFI Secure Boot issues, and decided to write an overview of how it works out-of-the-box in the excellent Debian-based Linux Mint LMDE 6.

Have mostly been researching this stuff as I was looking to replace GRUB entirely with systemd-boot on one of my systems. Will likely write a follow-up piece documenting that journey if I think it’d be interesting to some nerds out there.

  • TiffyBelle@feddit.ukOPEnglish
    201·
    2 years ago

    Good question! There’s a few reasons, I guess:

    • There’s a large element of “because I can” to this, just to explore how stupid the scope of systemd is as a suite.
    • There’s a small practical element. GRUB itself is quite a hefty tool to accommodate all kinds of boot setups, and it works well. If you have a simple boot setup though you could probably shave a couple of seconds off of the boot time just by using the simplified sd-boot and loading the kernel via its EFIStub.
    • A learning exercise in self-signing EFI binaries, enrolling a MOK (if I use Shim), and setting up scripts to handle updates.

    All boils down to my enjoyment of doing weird nerdy things though, ultimately. =)

    • cdombroskiEnglish
      1·
      2 years ago

      Using systemd-boot with the shim is definitely doable, you just have to name the systemd-boot loader as grubx64.efi in the EFI/BOOT directory. After that, you just need to sign any dkms modules with a key imported into MOK and register the hash of systemd-boot with MOK

    • henfredemars@infosec.pubEnglish
      45·
      2 years ago

      In the interest of politeness I reserved my initial reaction of absolute horror that this would even be attempted by systemd.