On Fr, 21.03.25 07:23, Harry G Coin (hgcoin@xxxxxxxxx) wrote: > > I'm afraid we are not aligned on that - shim exists because hardware > > exists, non-tech-savvy users exist, and distributions exist, and the > > intersection of all three matters. I understand you focus on the VM > > case, which is very important and deserves its time and space, but > > it's only one part of the whole story. The solution for VMs and the > > solution for generalist distributions on end-user consumer hardware do > > not have to be the same, if there are reasons to diverge. > > The overwhelming feedback we got over the years in distros is that if > > users have to go mess with firmware settings in order to run Linux, > > they either give up or just disable secure boot and leave it off > > permanently, neither of which are desirable outcomes for us, hence the > > need for shim. > > +1. The growth future of any distro depends on __ at least the installer > images __ 'just working the first time' whether the laptop, desktop or > widget has secure boot on or off. > > Afterward, once installed, methods used by that installed code can vary, and > have the advantage of being configured by the installer that has data about > the instance. I advise forcing the average desktop/laptop user to deal with > the bios at any point in the process puts that distro on a path to exclusion > from being tried at all by the general user -- who in the years that follows > becomes the developer, specifier in their organization, etc. Nagging the > user that 'it would be better if the bios were set to X' is ok. But > __installer images__ have to 'just work out of the box'. Huh, I mean, I am not against that people do shim if that floats their boat, but I find your reasoning wrong. You seem to believe that users can install distros without interfacing with the system firmware. That's nonsense though: how do you get your firmware to boot from your installer USB stick in the first place? You go to the firmware menu for that. So you *do* interface with the firmware, there is no way around that. Yeah, finding the SecureBoot option in the firmware setup is a bit more involved, but it's certainly not an all or nothing situation at all. In particular as some of the most popular distros never bothered with Microsoft signed SB (notably ArchLinux). But anyway, this is a different topic, let's not continue here. Lennart -- Lennart Poettering, Berlin
Re: shim 16 breaking systemd stub and next steps
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: shim 16 breaking systemd stub and next steps
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Fri, 21 Mar 2025 15:24:28 +0100
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <27cdd07b-c821-4784-affa-6cd3b8675f18@gmail.com>
- References: <CAAfJHtqY0vCy9ORH4fsW_b1H7Z2vtw0Wh9KXO61LtSxJ8td7PA@mail.gmail.com> <CAMw=ZnRpWRhrwuzhNM5qgqALaHr1PqebZL_7_FvmPCZpj29Ngw@mail.gmail.com> <02842bd0-cfb3-4fd0-902b-63ddc27cdf76@amazon.com> <CAMw=ZnQNSX-aGvrnv7HGna9WRdJg5xdmEcpyOU99=C1VFev46w@mail.gmail.com> <27cdd07b-c821-4784-affa-6cd3b8675f18@gmail.com>
- Follow-Ups:
- Re: shim 16 breaking systemd stub and next steps
- From: Luca Boccassi
- Re: shim 16 breaking systemd stub and next steps
- References:
- shim 16 breaking systemd stub and next steps
- From: Mate Kukri
- Re: shim 16 breaking systemd stub and next steps
- From: Luca Boccassi
- Re: shim 16 breaking systemd stub and next steps
- From: Alexander Graf
- Re: shim 16 breaking systemd stub and next steps
- From: Luca Boccassi
- Re: shim 16 breaking systemd stub and next steps
- From: Harry G Coin
- shim 16 breaking systemd stub and next steps
- Prev by Date: Re: shim 16 breaking systemd stub and next steps
- Next by Date: Re: shim 16 breaking systemd stub and next steps
- Previous by thread: Re: shim 16 breaking systemd stub and next steps
- Next by thread: Re: shim 16 breaking systemd stub and next steps
- Index(es):
 |