Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

EFI install fails on Fedora #104

Open
thias opened this issue May 28, 2023 · 1 comment
Open

EFI install fails on Fedora #104

thias opened this issue May 28, 2023 · 1 comment

Comments

@thias
Copy link
Owner

thias commented May 28, 2023 

Running grub2-install --target=x86_64-efi --efi-directory=/run/media/dude/GLIM --removable --boot-directory=/run/media/dude/GLIM/boot /dev/sdc (with sudo) ...
grub2-install: error: this utility cannot be used for EFI platforms because it does not support UEFI Secure Boot.
ERROR: grub2-install returned with an error exit status.

Reported upstream in January 2021: https://bugzilla.redhat.com/show_bug.cgi?id=1917213

Happening since Fedora 34. The reason is somewhat valid: Users with secure boot enabled will be rendering their OS unbootable if they use grub2-install to reinstall their boot disk EFI files, as the signed efi files will get replaced with grub's unsigned ones.

For my own usage, I have rebuilt Fedora 37 & 38 grub2 packages with the 0144-grub-install-disable-support-for-EFI-platforms.patch excluded: http://dl.marmotte.net/rpms/fedora/
@lamixer
Copy link

lamixer commented Apr 9, 2024
edited

Hello Thias!

I'm am trying glim for the first time today after having looked at Ventoy and deciding the security risk made it not worth using for me.

I ran into this issue. How about using the suggested solution that grub-install suggests?

Running grub2-install --target=x86_64-efi --efi-directory=/run/media/mysuer/GLIM --removable --boot-directory=/run/media/myuser/GLIM/boot /dev/sdb (with sudo) ...
Installing for x86_64-efi platform.
grub2-install: error: This utility should not be used for EFI platforms because it does not support UEFI Secure Boot. If you really wish to proceed, invoke the --force option.
Make sure Secure Boot is disabled before proceeding.
ERROR: grub2-install returned with an error exit status.

So, I do:

sudo grub2-install --force --target=x86_64-efi --efi-directory=/run/media/myuser/GLIM --removable --boot-directory=/run/media/myuser/GLIM/boot /dev/sdb

I am a bit confused, are you stating that doing that will break secure boot on my currently-running Fedora system? Not a problem for me as I'm not using it, but of course you wouldn't want that to happen to anyone trying your software.

Anyway, after the forced grub2-install I can either run the script again and say not to install for EFI or modify the script to skip the grub-install steps, then the script will finish and create the directories.

Other issues I got around on my Fedora system: Probably execution permission is not allowed on USB drives, so instead of ./glim.sh I did bash glim.sh.

Also, my system did not have grub2-efi-x64-modules installed, so I had to install that with dnf which was easy (thanks to your hint!).

Thanks for your time making this tool!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@thias @lamixer