On Thu, Oct 06, 2022 at 10:13:58AM +0200, Hans de Goede wrote: > Hi, > > On 10/5/22 23:07, Chris Murphy wrote: > > > > > > On Wed, Oct 5, 2022, at 3:01 PM, Vít Ondruch wrote: > >> > >> 3. "Boot menu" in GUI? Given that one can reach the GUI, why it should > >> not be possible to choose the boot entry for next boot? Or even choose > >> to open FW setup. > > > > This could solve this other problem too. > > > > https://bugzilla.redhat.com/show_bug.cgi?id=2049849 > > > > The GUI tool can use efibootmgr to set bootnext or even bootorder. > > Right, this is definitely interesting. > > sdboot already offers some nice features for this. > > bootctl --list: shows available boot menu entries > systemctl reboot --boot-loader-entry=ID: select which entry to boot > > And I believe that there are also dbus equivalents of this. > > If we want this we should consider either switching > to sdboot or make grub support: > https://systemd.io/BOOT_LOADER_INTERFACE/ > > And then this is something which could be an upstream GNOME feature > using the systemd DBUS APIs for this. > > The only problem is that this requires someone to make time to > work on this... > > I personally believe that for the Fedora workstation case > it makes sense to just switch to sdboot for EFI installs > giving us nice features like this; while at the same time > offering a much simpler code-base then grub, which is > good from a secureboot POV. Providing an alternative to the use of grub is inevitable IMHO from a SecureBoot and/or Confidential virtualization POV. The way grub has to write its entire grub.conf into the TPM PCRs is totally impractical for anyone wishing to maintain attestation policies to verify the OS boot state from the TPM eventlog. sd-boot's usage of TPM PCRs when combined with unified kernel images is massively simpler & saner to handle. So at very least I'd see sd-boot being an option alongside grub, and there's a decent case to be made for it to even be the default in at least some scenarios. With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :| _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
