[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: x86_64: grub-install for secure boot
|
From: |
Zvi Vered |
|
Subject: |
Re: x86_64: grub-install for secure boot |
|
Date: |
Fri, 28 Jul 2023 06:59:19 +0300 |
Hi Randy,
My goal is to install grub2 in sdb1 that will work when secured boot
is enabled.
I don't have any restrictions on the files tree in /dev/sdb1.
Can you please tell me what sequence I should use ?
Especially the grub-install parameters.
I'm running the installation under knoppix 9.1
Thank you,
Zvika
On Fri, Jul 28, 2023 at 6:38 AM Randy Goldenberg
<randy.goldenberg@gmail.com> wrote:
>
> grub is typically installed in /boot, and the efi directory is
> typically mounted at /boot/efi, which is where UEFI firmware looks for
> the EFI executable to load.
>
> Following the same pattern, if grub is being installed in media/sdb1,
> the efi directory would be /media/sdb1/efi.
>
> I don't know if this is relevant in your particular environment, nor
> what your larger goal is, and have only an observation to offer.
>
> On Thu, Jul 27, 2023 at 7:18 PM Zvi Vered <veredz72@gmail.com> wrote:
> >
> > Hi Randy,
> >
> > Thank you for your reply.
> >
> > Did you mean that the grub-install should be:
> > grub-install --boot-directory=/media/sdb1/boot
> > --efi-directory=/media/sdb1/boot --uefi-secure-boot ?
> > This way, /media/sdb1 contains only the boot directory.
> > boot directory contains 'ÉFI' and 'grub'
> >
> > After this install, grub is not booting at all (with and without secure
> > boot)
> >
> > Thank you,
> > Zvika
> >
> > On Fri, Jul 28, 2023 at 2:59 AM Randy Goldenberg
> > <randy.goldenberg@gmail.com> wrote:
> > >
> > > If the boot directory is /media/sdb1/boot, it seems odd for the efi
> > > directory to be the parent directory, rather than
> > > /media/sdb1/boot/efi.
> > >
> > > On Thu, Jul 27, 2023 at 12:54 PM Zvi Vered <veredz72@gmail.com> wrote:
> > > >
> > > > Hello,
> > > >
> > > > I'm trying to install grub 2.x for secure boot .
> > > > I did the following steps under knoppix 9.1 :
> > > >
> > > > mkfs.fat -F32 /dev/sdb1
> > > > mount -t vfat /dev/sdb1 /media/sdb1
> > > > apt-get install grub-efi-amd64-signed
> > > > grub-install --boot-directory=/media/sdb1/boot
> > > > --efi-directory=/media/sdb1
> > > > --uefi-secure-boot
> > > >
> > > > But when I selected this device in the boot menu I got the red message
> > > > telling this partition contains unsecured code.
> > > >
> > > > Can you please advise how I should proceed?
> > > >
> > > > Thank you,
> > > > Zvika
- Re: x86_64: grub-install for secure boot, (continued)
- Re: x86_64: grub-install for secure boot, Zvi Vered, 2023/07/28
- Re: x86_64: grub-install for secure boot, Zvi Vered, 2023/07/28
- Re: x86_64: grub-install for secure boot, Pascal Hambourg, 2023/07/28
- Re: x86_64: grub-install for secure boot, Zvi Vered, 2023/07/29
- Re: x86_64: grub-install for secure boot, Pascal Hambourg, 2023/07/29
- Re: x86_64: grub-install for secure boot, Randy Goldenberg, 2023/07/29
- Re: x86_64: grub-install for secure boot, Andrei Borzenkov, 2023/07/29
Re: x86_64: grub-install for secure boot, Randy Goldenberg, 2023/07/27
Re: x86_64: grub-install for secure boot, Andrei Borzenkov, 2023/07/28