On Wed, Apr 24, 2019 at 5:35 PM Chris Murphy lists@colorremedies.com wrote:
On Wed, Apr 24, 2019 at 8:02 AM Richard Shaw hobbes1069@gmail.com wrote:
While I had to run it through the shredder I finally sat down and went
through all the passwords I've ever used and figured it out :)
I turned off Secure Boot but it still won't boot Fedora.
I finally figured out I had to use -v to get what I wanted from
efibootmgr:
BootCurrent: 0001 Timeout: 0 seconds BootOrder: 000E,0001,0003,2001,2002,2003
Offhand, this looks like the problem. 000E points to Windows. You need to use `efibootmgr --bootorder 0,E,1` so it boots Fedora first. It's not strictly necessary to list everything in bootorder, you can just have one. The idea of populating it fully is to have exactly the predictable fallback boot behavior the user wants, whatever that is. e.g. if something with the Fedora bootloader gets nerfed then it'd boot Windows.
I'm pressing F12 and manually selecting Fedora, but I did later try to change the boot order, both with efibootmgr and in the BIOS to no avail.
Boot0000* Fedora
HD(1,GPT,b2fa98e2-c3c8-4798-8faa-1e424d313bb1,0x800,0x32000)/File(\EFI\fedora\shimx64.efi)
Offhand, looks valid but I can't vouch for either the partition number or its GUID.
I can confirm it's the correct UUID for the EFI partition. I have also reinstalled Fedora after deleting all the superfluous entries... Looks the same, still doesn't boot.
Boot0001* Linpus lite
HD(1,MBR,0x7c3f77cf,0x1c7e4,0x4df8)/File(\EFI\Boot\grubx64.efi)RC
Boot0002* Unknown Device:
HD(1,GPT,b2fa98e2-c3c8-4798-8faa-1e424d313bb1,0x800,0x32000)/File(\EFI\fedora\shim.efi)RC
Boot0003* Fedora
PciRoot(0x0)/Pci(0x17,0x0)/Sata(0,0,0)/HD(1,GPT,0d7acc81-f083-490b-b47f-a8cce7c591be,0x800,0x32000)/File(\EFI\fedora\grubx64.efi)A01 ..
Boot0004* Unknown Device:
HD(1,GPT,0d7acc81-f083-490b-b47f-a8cce7c591be,0x800,0x32000)/File(\EFI\fedora\shim.efi)RC
I would use efibootmgr to delete these, they look either suboptimal (unknown device) or use old paths to grub rather than shim.
As far as I can tell, these are auto entries from the BIOS boot order. When I press F12 only Fedora and Windows Boot Manager are listed as available (Or Linpus Lite for the F29 Live USB).
If you're not sure you can delete them all, and then do:
# grep efibootmgr /var/log/anaconda/program.log
And you'll see the longest command there is what's used to add the menu entry. You can just use the same command, although you'll need to escape the backslashes with backslashes, so the path becomes \efi\fedora\shimx64.efi
Tried this too, although I used "" instead of escaping, no luck.
Also, firmware password and UEFI Secure Boot are two different things. Secure Boot I don't recommend disabling, it's a feature that cryptographically verifies the bootloaders, the kernel and kernel modules. If you're building out of tree kernel modules, then it's understandable to run without Secure Boot but I would still go through the effort to create your own signing cert, register it in the firmware, and then use it to sign your modules so that you can enable secure boot.
I disabled it to remove it as the problem, still won't boot Fedora. Once I get it working I can mark the efi file (presumably shimx64.efi) as trusted and re-enable.
Thanks, Richard