On Wed, Apr 24, 2019 at 5:35 PM Chris Murphy <lists@xxxxxxxxxxxxxxxxx> wrote:
On Wed, Apr 24, 2019 at 8:02 AM Richard Shaw <hobbes1069@xxxxxxxxx> wrote:
>
> While I had to run it through the shredder I finally sat down and went through all the passwords I've ever used and figured it out :)
>
> I turned off Secure Boot but it still won't boot Fedora.
>
> I finally figured out I had to use -v to get what I wanted from efibootmgr:
>
> BootCurrent: 0001
> Timeout: 0 seconds
> BootOrder: 000E,0001,0003,2001,2002,2003
Offhand, this looks like the problem. 000E points to Windows. You need
to use `efibootmgr --bootorder 0,E,1` so it boots Fedora first. It's
not strictly necessary to list everything in bootorder, you can just
have one. The idea of populating it fully is to have exactly the
predictable fallback boot behavior the user wants, whatever that is.
e.g. if something with the Fedora bootloader gets nerfed then it'd
boot Windows.
I'm pressing F12 and manually selecting Fedora, but I did later try to change the boot order, both with efibootmgr and in the BIOS to no avail.
> Boot0000* Fedora HD(1,GPT,b2fa98e2-c3c8-4798-8faa-1e424d313bb1,0x800,0x32000)/File(\EFI\fedora\shimx64.efi)
Offhand, looks valid but I can't vouch for either the partition number
or its GUID.
I can confirm it's the correct UUID for the EFI partition. I have also reinstalled Fedora after deleting all the superfluous entries... Looks the same, still doesn't boot.
> Boot0001* Linpus lite HD(1,MBR,0x7c3f77cf,0x1c7e4,0x4df8)/File(\EFI\Boot\grubx64.efi)RC
> Boot0002* Unknown Device: HD(1,GPT,b2fa98e2-c3c8-4798-8faa-1e424d313bb1,0x800,0x32000)/File(\EFI\fedora\shim.efi)RC
> Boot0003* Fedora PciRoot(0x0)/Pci(0x17,0x0)/Sata(0,0,0)/HD(1,GPT,0d7acc81-f083-490b-b47f-a8cce7c591be,0x800,0x32000)/File(\EFI\fedora\grubx64.efi)A01 ..
> Boot0004* Unknown Device: HD(1,GPT,0d7acc81-f083-490b-b47f-a8cce7c591be,0x800,0x32000)/File(\EFI\fedora\shim.efi)RC
I would use efibootmgr to delete these, they look either suboptimal
(unknown device) or use old paths to grub rather than shim.
As far as I can tell, these are auto entries from the BIOS boot order. When I press F12 only Fedora and Windows Boot Manager are listed as available (Or Linpus Lite for the F29 Live USB).
If you're not sure you can delete them all, and then do:
# grep efibootmgr /var/log/anaconda/program.log
And you'll see the longest command there is what's used to add the
menu entry. You can just use the same command, although you'll need to
escape the backslashes with backslashes, so the path becomes
\\efi\\fedora\\shimx64.efi
Tried this too, although I used "" instead of escaping, no luck.
Also, firmware password and UEFI Secure Boot are two different things.
Secure Boot I don't recommend disabling, it's a feature that
cryptographically verifies the bootloaders, the kernel and kernel
modules. If you're building out of tree kernel modules, then it's
understandable to run without Secure Boot but I would still go through
the effort to create your own signing cert, register it in the
firmware, and then use it to sign your modules so that you can enable
secure boot.
I disabled it to remove it as the problem, still won't boot Fedora. Once I get it working I can mark the efi file (presumably shimx64.efi) as trusted and re-enable.
Thanks,
Richard
_______________________________________________ users mailing list -- users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to users-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@xxxxxxxxxxxxxxxxxxxxxxx
