Re: anyone booting debian with secure boot enabled? And/or from GPT partitions?
On 15/07/2015, Joel Rees <joel.rees@gmail.com> wrote:
> On Wed, Jul 15, 2015 at 7:54 PM, Bret Busby <bret.busby@gmail.com> wrote:
>> On 15/07/2015, Joel Rees <joel.rees@gmail.com> wrote:
>>> Last I heard, debian was not participating in any of the initiatives
>>> to get officially microsoft-signed signatures for kernels. I've been
>>> out of the community for a few months, so I haven't kept up with this,
>>> but quick searches don't reveal a change in policy.
>>>
>>> (And I am definitely not arguing for a change in policy, for anyone
>>> who might misread me.)
>>>
>>> I have a netbook that allows secure boot to be disabled. As long as I
>>> don't need to boot MSWindows, I just disable secure boot. (I don't
>>> perceive any real advantage in Microsoft's implementation, anyway.)
>>>
>>> But I have some work coming up that requires dual-booting MSWindows,
>>> and I also might want to use debian (rather than Ubuntu or Fedora) as
>>> a host for developing for Android.
>>>
>>> (I am able to boot openbsd from an outboard USB3 drive and keep it
>>> running long enough to build a snapshot release. That's roughly a day,
>>> plus or minus a few hours. So I have one good option. But I'd really
>>> prefer not to spend too much time running the OS itself from an
>>> outboard device whose connection can slip or get noisy from oxidation
>>> so easily.)
>>>
>>> So, I'd like to ask those who for whatever reason dual-boot debian
>>> with MSWindows on a modern MSW8/10 compliant box, what do you do about
>>> keys?
>>>
>>> And I'm also interested in war stories relative to (dual) booting from
>>> GPT partitions.
>>>
>>
>> I suggest that you search the archives regarding this - I believe that
>> it has been extensively discussed, this year.
>
> Well, I have read as recently as the May thread, "laptops, uefi,
> secure boot and debian":
>
> http://marc.info/?t=143236419200001&r=2&w=2
>
> I was kind of hoping to hear from someone who has used the "shim" that
> has been mentioned on occasion.
>
> In other words, I have heard noises as if the linux foundation has
> succeeded in setting up signed boot loader that passes control on to a
> Linux kernel of choice, and I'm interested in what people who have
> used it have to say. I don't see anything like that in the archives.
>
>> On this computer, I have MSWin8 installed via UEFI, and Debian 6 and 7
>> and Ubuntu 12.04 and 14.04 installed via Legacy BIOS. on a GPT system.
>> Each has booted without significant problems, the Linux installations
>> booting using GRUB.
>
> Okay, so if you are saying, "No bumps relative to GPT and some version
> of grub, that would be a datapoint of the type I'm looking for.
>
> Thanks.
>
Regarding your desire to be able to able to boot into either MS
Windows 8.x or Linux, with the UEFI/GPT system, as per the messages
that I previously posted to the list, regarding how I got my system
working, it is a matter of going into the System Setup utility during
the system bootup (this used to be referred to, as "going into BIOS
when booting", but it is now a different level, as this involves
selecting whether to boot using BIOS), and, if you want to boot into
MS Windows, selecting the UEFI boot option, and, to boot into Linux,
using the Legacy (BIOS) boot option, and, if you select the UEFI boot
option, it should then boot directly into MS Win8.x (if that is the
only OS that you have installed into the UEFI environment), and,l if
you select the Legacy (BIOS) option, it should bring up the bootloader
used in the Linux installation (eg, GRUB, if GRUB was used), thence
allowing the system to boot into whichever Linux version you have
installed and choose to boot (in my case, there are the four different
Linux versions, on this system; as previously mentioned, Debian 6 and
7, and Ubuntu 12.04 and 14.04), or any other OS that you might have
chosen to install within the Legacy (BIOS) environment (I am
considering installing DragonflyBSD, as mentioned elsewhere.
In this context, the procedure to boot into Legacy (BIOS) should be
followed, to install Linux into the Legacy (BIOS) envrionment.
As is shown, this involves two levels of bootloaders; the first being
the choice of booting into the UEFI environment or the Legacy (BIOS)
environment, and the second, using the OS bootloader in the applicable
environment; in UEFI/MS Windows, the Windows bootloader, and, in the
Legacy (BIOS) environment, whichever OS bootloader (GRUB, etc) is
installed in that environment.
This process applies to the particular computer that I am using at the
moment; an Acer V3-772G, which, as previously mentioned on the mailing
list, whilst the System Setup utility shows that it should have a
third available environment; the Dual environment, to allow BIOS based
operating systems to boot within the UEFI environment, it does not
have that option (due to the faulty system software that is part of
the computer system), and so has only the two options of the UEFI
environment or the Legacy (BIOS) environment.
Another computer system may have system software that functions
properly, and, if the particluar computer system is supposed to allow
it, allows the Dual option, so the process may be different, on a
computer system that works properly.
This Acer computer does not quite work properly, but, that is an Acer thing.
--
Bret Busby
Armadale
West Australia
..............
"So once you do know what the question actually is,
you'll know what the answer means."
- Deep Thought,
Chapter 28 of Book 1 of
"The Hitchhiker's Guide to the Galaxy:
A Trilogy In Four Parts",
written by Douglas Adams,
published by Pan Books, 1992
....................................................
Reply to: